- Email: [email protected]
Detecting fraud by computer
bribes, kickbacks are by no means unusual and, perhaps the most disturbing of all, many of the people involved and convicted of fraud are prominent and apparently highly respected businessmen, working for highly respected companies.
Updated with new ease studies
It is the intention that the manual will be updated with further case studies and with more leading articles of a practical nature, including check lists. Thus the work is dynamic and should provide ammunition to convince even the most complacent management that fraud and business crime are matters worthy of professional attention. The manual is recommended, unreservedly, as essential reading for any manager, accountant, auditor, computer specialist, security officer or lawyer interested in preventing losses through dishonesty.
DETECTINGFRAUD BY COMPUTER
The ability of a computer to sort, reform, select and compare records is a powerful tool in fraud detection. The process of setting up a fraud detection program is simple but must be tailored to the risks, accounting systems and file structures in the company concerned.
Brainstorming
1.
Determine, in 'brainstorming' sessions, the frauds that could be committed on the organisation concerned, by both internal and external criminals, competitors and opportunities. Think like a criminal.
CataZoguing
2.
Catalogue these frauds showing the most likely methods of concealment, the accounts and budgets that might be inflated or distorted as a result of these concealments and the methods of converting fraudulent accounting entries into some financial gain.
Analysing impact on accounts
3.
Double check this analysis of possible impacts on accounts by going through the lists of general ledger and nominal account headings: - loosely controlled income such as expense accounts, advertising, freight, sales of scrap, company cars etc - accounts relating to inventories that cannot be controlled easily - nuts, bolts, washers, screws, stationery etc - suspense, adjustment, transit and other pipe line accounts - corporate level expense and income accounts that lack clode budgetary supervision
Examining master
4.
fiZes
Examine the purpose and format of master files that have fields or data of financial significance: -
Identifying sensitive 5. fiZes
6
sales pricing; discounts and rebate levels; area or zone price schedules; salary rates; purchase and contract pricing.
Identify transaction files and formats that refer to financially sensitive master files or that have an impact on General Ledger, nominal and budgetary accounts.
CO%PUTEBDWUJD&SECURITYBULLEXINVol 1 No12
Determine tests
Set limits
Report and foZZow-up
6.
Determine the tests, and comparisons of available data, and possibly files, that are not normally related and which are likely to disclose the symptoms of frauds catalogued under 1 to 3 above.
7.
Set exception limits and test parameters so that the checks that can be made by the computer produce discrete results. Thus, the fraud symptoms and distortions should be printed out on an exception basis.
8.
Produce reports in an easily understandable
9.
Follow up exceptions by detailed and thorough investigation.
format.
Example In a brainstorming session on risks it might be decided that the manipulation of returned sales items could be a possible fraud. The concealment of such a fraud would have an impact in the Nominal accounts for "Returns" and the most probable conversion to a profit would be through a customer's account. There would be no interest in the pricing or other master files. The file of customer ledger accounts, however, would be of interest, as would the transaction file of sales, payments and credits. When goods are sold to customers, the transaction files show the date of sale, the quantity and type of goods (by product code), the gross value, rebate, VAT and net amount. When the customers make payment, the transaction files show the date and type of payment (code 01 for cheque or cash, code 02 for returns, code 03 for warantee etc). The computer tests might be: print out, under customer number order, details of return credits (code 02 or 03) amounting to more than x per cent of sales; print out under product code numbers and then customer number all returns of products whose losses are known to be high. The report might show: Customer John Smith and Co Ltd Number 5667777 Gross sales in year f72 000
Credits to account other than cash El8 000
Percentage of returns to sales 25% Analysis of returns Date 1 January 4 January . .. ...
Product Code
Amount
AC 456 AV 145 .. . . ..
E3200 El702 . . . . ..
El8 000 ======
COMPUTEIW~~D&SECURITTB-
Voll No12
7
Total Returns of Products vs Sales Code Number
Return credits
Sales
AC 456 AV 145
E32oC El702
E46OC ENil
. . .
. . .
. . .
El8 Coo
f72 Ooo
From this analysis, source documents, transport and other records can be examined in detail in an effort to determine whether the return credits are genuine. The pattern might indicate internal manipulation of return credits (in collusion with customer Smith) or indicate that, because Smith is buying stolen goods, he has no need to accept genuine orders.
The type of tests that can be made by computer include the following:
Computer tests for
1. Tests on sales and incomes
fraud Print out from master files
Tests on sales income
and
customers with the lowest prices or highest discounts customers with no master pricing information (their invoices will be rejected for manual processing) current sales vs last year's sales to notice unusual trends) customers in excess of credit limits collection periods greater than x months high ratio of account credits other than cash Print out from transaction files - invoice vs despatch note sequences - high invoice cancellation rates/returns etc
2. Tests on purchases and expenses Select and print out
Tests on purchases and expenses
all new accounts accounts with unusual growth patterns credits other than goods received and debits other than cash regular round amount purchases below the central authority limits all purchases of 'high risk' goods credit card purchases by employees duplicate payments
3. Tests on stock and asset files (including remote stocks) Select and print out Tests on stock and asset files
- 12 slowest turnover lines (by supplier) - buying price greater than selling by x per cent - adjustments to book stocks as a result of physical stock checks
COWPUTEB~~~~D&SECURITYBDLlETM Voll No12
- all assets written to zero - disposal of all assets and scrap (by buyer's name and address)
4. Tests on payroll Select and print out
Tests on payroll
-
new employees in year expenses (by branch) for casual labour salaries greater than fx increases greater than x per cent employees over x years old pensioners over x years old income tax vs total salaries
5. Tests on statistical records Select and print out
Tests on statistical, records
- unusual trading patterns in suppliers, customers, departmental -
and other accounts all excess of departmental/branch budgets all 'cost plus' contract overruns branches ratio of cash vs credit sales branches ratio of bad debts vs sales branches ratio of bad debts vs recoveries
6. Tests on transaction entry codes Select and print out all uses of transaction entry codes which
Tests on transaction en try codes
ARE SYSTEMS PROGRAMMERS PERSONS?
EVIL
- adjust stock with no debit to personal account - write off goods, debts or stock - give special pricing or fixed prices - allow free issues, guarantee claims - relate to free offers, promotional samples or incentive schemes
John Lamb reporting in the UK -journal Computer Talk (19 September 1979) reported a strange lecture by Tom Barnard, an auditor from Blue Circle, at a conference arranged by Pansophic, the US software house. Barnard said, "Systems programmers are the men most likely to commit fraud", and continued, "the systems programmer is the guy who can get into the box. You've got to control the systems programmer and make sure he is very carefully supervised. They are very powerful and they are the ones who could pull a fraud on you". Barnard warned that unused areas in programs were dangerous: "a systems programmer or some other evil minded person could take advantage of [the unused areas] and use them for himself". In a remarkably restrained response, David Bridges, a systems programmer speaking at the same conference, said "in our installation the relation between the DP department and the auditors is friendly without being cosy. I don't run the k.ind of systems Tom Barnard describes. In the work employees do they are controlled".
COMPUTERV~IQ~~&SECURITYBULLgFW Voll
No 12
9
Updated with new ease studies
It is the intention that the manual will be updated with further case studies and with more leading articles of a practical nature, including check lists. Thus the work is dynamic and should provide ammunition to convince even the most complacent management that fraud and business crime are matters worthy of professional attention. The manual is recommended, unreservedly, as essential reading for any manager, accountant, auditor, computer specialist, security officer or lawyer interested in preventing losses through dishonesty.
DETECTINGFRAUD BY COMPUTER
The ability of a computer to sort, reform, select and compare records is a powerful tool in fraud detection. The process of setting up a fraud detection program is simple but must be tailored to the risks, accounting systems and file structures in the company concerned.
Brainstorming
1.
Determine, in 'brainstorming' sessions, the frauds that could be committed on the organisation concerned, by both internal and external criminals, competitors and opportunities. Think like a criminal.
CataZoguing
2.
Catalogue these frauds showing the most likely methods of concealment, the accounts and budgets that might be inflated or distorted as a result of these concealments and the methods of converting fraudulent accounting entries into some financial gain.
Analysing impact on accounts
3.
Double check this analysis of possible impacts on accounts by going through the lists of general ledger and nominal account headings: - loosely controlled income such as expense accounts, advertising, freight, sales of scrap, company cars etc - accounts relating to inventories that cannot be controlled easily - nuts, bolts, washers, screws, stationery etc - suspense, adjustment, transit and other pipe line accounts - corporate level expense and income accounts that lack clode budgetary supervision
Examining master
4.
fiZes
Examine the purpose and format of master files that have fields or data of financial significance: -
Identifying sensitive 5. fiZes
6
sales pricing; discounts and rebate levels; area or zone price schedules; salary rates; purchase and contract pricing.
Identify transaction files and formats that refer to financially sensitive master files or that have an impact on General Ledger, nominal and budgetary accounts.
CO%PUTEBDWUJD&SECURITYBULLEXINVol 1 No12
Determine tests
Set limits
Report and foZZow-up
6.
Determine the tests, and comparisons of available data, and possibly files, that are not normally related and which are likely to disclose the symptoms of frauds catalogued under 1 to 3 above.
7.
Set exception limits and test parameters so that the checks that can be made by the computer produce discrete results. Thus, the fraud symptoms and distortions should be printed out on an exception basis.
8.
Produce reports in an easily understandable
9.
Follow up exceptions by detailed and thorough investigation.
format.
Example In a brainstorming session on risks it might be decided that the manipulation of returned sales items could be a possible fraud. The concealment of such a fraud would have an impact in the Nominal accounts for "Returns" and the most probable conversion to a profit would be through a customer's account. There would be no interest in the pricing or other master files. The file of customer ledger accounts, however, would be of interest, as would the transaction file of sales, payments and credits. When goods are sold to customers, the transaction files show the date of sale, the quantity and type of goods (by product code), the gross value, rebate, VAT and net amount. When the customers make payment, the transaction files show the date and type of payment (code 01 for cheque or cash, code 02 for returns, code 03 for warantee etc). The computer tests might be: print out, under customer number order, details of return credits (code 02 or 03) amounting to more than x per cent of sales; print out under product code numbers and then customer number all returns of products whose losses are known to be high. The report might show: Customer John Smith and Co Ltd Number 5667777 Gross sales in year f72 000
Credits to account other than cash El8 000
Percentage of returns to sales 25% Analysis of returns Date 1 January 4 January . .. ...
Product Code
Amount
AC 456 AV 145 .. . . ..
E3200 El702 . . . . ..
El8 000 ======
COMPUTEIW~~D&SECURITTB-
Voll No12
7
Total Returns of Products vs Sales Code Number
Return credits
Sales
AC 456 AV 145
E32oC El702
E46OC ENil
. . .
. . .
. . .
El8 Coo
f72 Ooo
From this analysis, source documents, transport and other records can be examined in detail in an effort to determine whether the return credits are genuine. The pattern might indicate internal manipulation of return credits (in collusion with customer Smith) or indicate that, because Smith is buying stolen goods, he has no need to accept genuine orders.
The type of tests that can be made by computer include the following:
Computer tests for
1. Tests on sales and incomes
fraud Print out from master files
Tests on sales income
and
customers with the lowest prices or highest discounts customers with no master pricing information (their invoices will be rejected for manual processing) current sales vs last year's sales to notice unusual trends) customers in excess of credit limits collection periods greater than x months high ratio of account credits other than cash Print out from transaction files - invoice vs despatch note sequences - high invoice cancellation rates/returns etc
2. Tests on purchases and expenses Select and print out
Tests on purchases and expenses
all new accounts accounts with unusual growth patterns credits other than goods received and debits other than cash regular round amount purchases below the central authority limits all purchases of 'high risk' goods credit card purchases by employees duplicate payments
3. Tests on stock and asset files (including remote stocks) Select and print out Tests on stock and asset files
- 12 slowest turnover lines (by supplier) - buying price greater than selling by x per cent - adjustments to book stocks as a result of physical stock checks
COWPUTEB~~~~D&SECURITYBDLlETM Voll No12
- all assets written to zero - disposal of all assets and scrap (by buyer's name and address)
4. Tests on payroll Select and print out
Tests on payroll
-
new employees in year expenses (by branch) for casual labour salaries greater than fx increases greater than x per cent employees over x years old pensioners over x years old income tax vs total salaries
5. Tests on statistical records Select and print out
Tests on statistical, records
- unusual trading patterns in suppliers, customers, departmental -
and other accounts all excess of departmental/branch budgets all 'cost plus' contract overruns branches ratio of cash vs credit sales branches ratio of bad debts vs sales branches ratio of bad debts vs recoveries
6. Tests on transaction entry codes Select and print out all uses of transaction entry codes which
Tests on transaction en try codes
ARE SYSTEMS PROGRAMMERS PERSONS?
EVIL
- adjust stock with no debit to personal account - write off goods, debts or stock - give special pricing or fixed prices - allow free issues, guarantee claims - relate to free offers, promotional samples or incentive schemes
John Lamb reporting in the UK -journal Computer Talk (19 September 1979) reported a strange lecture by Tom Barnard, an auditor from Blue Circle, at a conference arranged by Pansophic, the US software house. Barnard said, "Systems programmers are the men most likely to commit fraud", and continued, "the systems programmer is the guy who can get into the box. You've got to control the systems programmer and make sure he is very carefully supervised. They are very powerful and they are the ones who could pull a fraud on you". Barnard warned that unused areas in programs were dangerous: "a systems programmer or some other evil minded person could take advantage of [the unused areas] and use them for himself". In a remarkably restrained response, David Bridges, a systems programmer speaking at the same conference, said "in our installation the relation between the DP department and the auditors is friendly without being cosy. I don't run the k.ind of systems Tom Barnard describes. In the work employees do they are controlled".
COMPUTERV~IQ~~&SECURITYBULLgFW Voll
No 12
9