1. Forensic Data Analytics
2015
Big risks requires big data thinking
Forensic data analytics use cases
Vincent Walden
Partner, EY
November 17, 2015
2. Page 2
Agenda
► Key analytics trends in fraud risk management
► “Big data thinking”
► Anti-fraud use case examples:
► Employee and vendor transaction risk scoring
► Payment stream analysis
► Text mining and dashboards to find potentially improper payments
► Social media analytics
► Email analytics, emotive tone and Fraud Triangle Analytics
► Cyber monitoring and events
► Integrating visualization into your risk management
platform
3. Page 3
The forensic data analytics landscape
► The regulators are upping their game
► Be ready - the regulators are investing in advanced monitoring
technology
► Big risks requires “big data” thinking
► New approaches to counter fraud and compliance monitoring,
beyond simple rules-based tests
► Compliance fatigue? Analytics can help
► Analytics can help improve efficiency and program effectiveness to
help compliance functions audit and monitor smarter – saving both
time and valuable resources
4. Page 4
Upping their game: SEC priorities around
forensic data analytics
-U.S. SEC Chair Mary Jo White, prepared testimony
before the Senate Appropriations Subcommittee,
May 14, 2014
5. Page 5
FDA business landscape
Data analytics is continued focus area in guidance
COSO: Internal Controls Integrated
Framework
1. Principal #8: Fraud Risk Assessment (COSO 2013)
2. New guidance coming in December 2015 will have
significant focus on the use of proactive forensics
data analytics
ACFE Report to the Nation on Occupational Fraud
1. For those companies with proactive data analytics in place, the
cost per fraud incident was 59.7% lower (roughly $100,000
lower per incident) than those companies not using proactive
data analytics – more than any other control listed in the
survey.
2. Further, the median duration of fraud based on the presence of
proactive data analytics was half the time at 12 months vs 24
months.
See 2014 ACFE Report the Nations on Occupational Fraud, Figures 37 and 38
6. Page 6
Forensic data analytics maturity model
Beyond traditional “rules-based queries” – consider all four quadrants
False Positive Rate
High Low
Structured
Data
Detection Rate
Low High
Unstructured
Data
“Traditional” rules-Based Queries &
Analytics
Matching, Grouping, Ordering,
Joining, Filtering
Statistical-Based Analysis
Anomaly Detection, Clustering
Risk Ranking
Traditional Keyword Searching
Keyword Search
Data Visualization & Text Mining
Data visualization, drill-down into
data, text mining
8. Page 8
Definition of Big Data
Gartner: Big Data is high volume,
velocity and variety information assets
that demand cost-effective, innovative
forms of information processing for
enhanced insight and
decision making.
9. Page 9
Big data techniques for counter fraud
► Multiple data sources
► Data visualization
► Text analytics
► Payment/transaction risk scoring
► Predictive modeling – technology assisted monitoring
► Pattern & link analysis
► Flexible deployment models
18. Page 18
Email analytics: Fraud triangle analytics
Fraud Triangle Analytics: Pressure/Opportunity/Rationalization
Employee term analysis
Term hit frequency over time
21. Page 21
Surveillance monitoring: management dashboard
Risk ranking summary at the trader (employee) level
► Risk score by personnel ► Interactive dashboards
22. Page 22
Management alert screen
Trader alert initiation
► Create customized
alerts
► Transparency across multiple data sources:
trades, voice, email, chat, entertainment, etc.
23. Page 23
Trader communication review screen – text
analytics using Watson Content Analytics
► Sentiment analysis
highlighted using WCA
► Issue coding
and tagging
25. Page 25
How is fraud detected?
50% by tip or accident demonstrates the need
for improved analytics
2014 ACFE Report to the Nation on Occupational Fraud
26. Page 26
Start with the “Fraud Tree” of schemes
Fraud tree
Cash
larceny
Theft of
other assets
– inventory/
AR/
fixed assets
Revenue
recognition
Non
financial
Conflicts
of
interest
Bribery and
corruption/
FCPA
Illegal
gratuities
Bid-rigging/
procurement
Corruption Fraudulent statements
Asset misappropriation
Fake
vendor
Payroll
fraud
T&E
fraud
Theft of
data
GAAP Reserves
General focus of auditors
General focus of
internal auditors
General focus of the regulators
(opportunity for Auditors and Investigators)
27. Page 27
Today’s biggest forensic data analytics (FDA)
challenges
Source: 2014 EY Global Forensic Data Analytics Survey (www.ey.com/fdasurvey)
2%
3%
3%
4%
5%
5%
6%
6%
8%
9%
10%
10%
15%
15%
26%
0% 5% 10% 15% 20% 25% 30%
Uncertainty about the relevance of FDA in the Company
FDA producing positive results to indicate and prove any fraud or…
FDA is not prevalent to the culture
Huge volume of data to analyze
To identify fraudulent information across large data sets
Lack of human resources or manpower to operate FDA
Spreading the FDA culture across different Business Units
Difficulty in adapting FDA to comply with different regulations in…
Poor quality or lack of accuracy in the data
To prevent fraud rather than discover fraud
FDA is too expensive
Convincing senior management or the company about the benefits of…
Improving the quality of the analysis process
Challenges with combining data across various IT systems
Getting the right tools or expertise for FDA
28. Page 28
Integrating dashboards into an boarder fraud risk
management platform
Visualization: Detect
fraud within a business
process
Case Management: Assign
tasks, flag transactions and
delegate projects for review
Statistical: Apply fraud
insights and automated
alerts to take action in
real or near time –
when it matters
Pattern & Link: Uncover
hidden fraud and
relationships
Detect
Investigate
Respond
Discover
29. Page 29
An enterprise approach, based on solutions
Entity and Social
Network analytics
Predictive
analytics
Behavioral /
Geospatial
Prioritized
Incidents
Business
intelligence
Context / Text
analytics
Decision
management
Content
management
Case
management
Forensic
analysis
Beneficiaries
Legal & compliance
(including M&A)
Internal Audit
Big Data, scalable platform, delivered on desktop or mobile device
► Flexible approaches, reports and
capabilities for each beneficiary
► Changing risks requires flexible tools
► Knowing “who is who” is key to
identifying patterns & opportunities
► Reduced false positives, better ROI
► Cross enterprise view of exposures
► Expedient audits/ investigations
► Data transparency, no “black box”
Data Governance and Collaboration
Shared Services
& Finance
BU Leadership
& Corporate
Internal Sources
External Sources
Other
beneficiaries
Enterprise Platform
Security
intelligence &
Cyber
Social
media feeds
Shared svcs.
data feeds
ERP systems
Sanctions &
watchlists
News feeds &
adverse media
Internal
reports &
communications
Master &
reference data
Embedded
Intelligence
Activity
Monitoring
Dark Web
30. Page 30
Five success factors in deploying FDA
1. Focus on the low hanging fruit, the priority of the first project
matters
2. Go beyond traditional “rules-based” tests – incorporate big data
thinking
3. Communicate: share information on early successes across
departments / business units to gain broad support
4. Leadership gets it funded, but interpretation of the results by
experienced or trained professionals make the program successful
5. Enterprise-wide deployment takes time, don’t expect overnight
adoption