interest: • How much is your organi- How much is your organization losing to undetected fraud? zation losing to undetected Fraud? The Association of Certified Fraud Examin- percent of frauds studied, for an average ers (ACFE) estimates that six percent of loss of more than $500,000 per incident. • Six Steps of Detecting organizations’ revenues will be lost this Organizations traditionally have looked to Fraud year as a result of occupational fraud. prevent and detect fraud by implementing Within the United States, this translates appropriate internal controls. Internal audit • ACL Tips of the Month - into losses of approximately $600 billion or typically tests and validates these controls Detecting Corporate Credit Card Abuse! about $4,500 per employee. The ACFE’s during regular audit processes - uncovering 2002 Report to the Nation on Occupa- 18 percent of frauds detected according to • ACL User Feature tional Fraud and Abuse covered 663 occu- the ACFE study - but the role is essentially pational fraud cases that caused more than reactive. Internal controls and external au- • Specialised Training: Fraud $7 billion in losses. More than half of the dit are responsible for uncovering a further Detection Techniques frauds in this study involved losses of at 30 percent of detected fraud, but the bal- Using ACL least $100,000 and nearly one in six re- ance of cases - in fact the majority - come to • Special Indonesia Training sulted in losses in excess of $1 million. light through tips or accident. Rates In addition to the direct dollar costs of In many organizations, both systems and fraud, organizations must cope with a their underlying transactions have become range of indirect costs. Damage to a com- increasingly complex, with data volumes pany’s reputation can have substantial fall- growing at an exponential rate. While out - and lead to punishing market set- strong internal controls and audit proce- backs. Loss of customer confidence trans- dures play a role in preventing and detecting lates directly into reduced revenues and fraud, it is unrealistic to assume that they Inside this issue: profits. And employee morale can suffer, are completely effective. The ACFE study impacting organizational productivity and found that 46 percent of detected frauds the ability to attract and retain qualified occurred because of insufficient number of staff. frauds are simply never detected. Building a better 2 In simple terms, frauds fall into three broad Even when fraud do come to light, many mousetrap thru’: categories: asset misappropriation, corrup- detection methods, such as audit proce- Transactional Analy- tion or fraudulent statements. Based on dures, only occur some time after the fraud sis & Continuous the ACFE study, over 85 percent of the has taken place. The longer frauds go unde- Monitoring occupational frauds reviewed involved as- tected, the larger the financial loss is likely set misappropriation, with cash as the tar- to be and the smaller the chance of recover- ACL Tips of the 2 geted asset 90 percent of the time. Cor- ing the funds or assets from the perpetra- Month ruption schemes accounted for nearly 13 tor. On a Lighter Side 2
Using ACL to Moni- 3
tor Fraud The Six Steps of Detecting Fraud Specialised Training: 3 1. Determine the organization’s risk of fraud by developing an understanding of the op- Fraud Detection erational and control environments Techniques Using ACL 2. Develop a thorough understanding of the symptoms of fraud 3. Develop an alertness to the occurrence of the symptoms of fraud Special Indonesia 4 Training Rates 4. Develop programs to look for the symptoms of fraud 5. Investigate and report instances of fraud ACL Training 4 Schedule 6. Design and implement controls to deter the recurrence of fraudulent activity Issue 2 Page 2
Building a better mousetrap through:
Transactional Analysis and Continuous Monitoring Both the Association of Certified Fraud Ex- possible, ideally even before the trans- aminers and the American Institute of Certi- action has been finalized, and preferably fied Public Accounts refer specifically to the on a continuous monitoring basis use of computerized analysis to assist in ♦ Allow easy comparisons of data and fraud detection techniques. Such analyses transactions from separate business or are particularly effective in detecting frauds operational systems ACL Tips of that fall into the most common fraud cate- ACL Tips of gories—asset misappropriation and fraudu- This last point is of particular relevance. the Month - the Month — lent disbursements. Many suspicious transactions or patterns only come to light when transactional data Detecting Corporate Detecting Corporate Both professional associations detail indica- from one system is compared to that of tors of the most types of fraud and cite ex- Credit Card Credit Card Abuse! Abuse! amples of the kinds of analyses that can be another. In a simple example, this would performed to detect them. However, many involve comparing addresses, to detect organizations use such techniques on an potential “phantom vendor” schemes. Fraud and abuse involving occasional test basis and often only in reac- Individuals intent on fraud seek out organ- corporate credit cards are more tion to suspected problems. In many cases, izational “soft spots” where there is little frequent and more subtle than most managers realise. Typical the tests performed are fairly simplistic and regular cross-system data validation—they schemes for misusing corporate are unlikely to uncover more sophisticated provide a golden opportunity for frauds to cards depend on weak internal fraud schemes. continue undetected. controls, such as accounting systems that collect the telltale Transactional analysis is one of the most A well-designed and implemented fraud clues, but never connect them. detection system, based on transactional Here are some fairly simple powerful ways of detecting fraud within an techniques that will help. organization. To maximize its effectiveness analysis of operational systems, can signifi- The key is to recognize that every as a fraud detection system, the transac- cantly reduce the chances of frauds occur- credit card statement line item tional analysis need to: ring and then remaining undetected. The must first be verified and then sooner indicators of fraud are available, tied to some legitimate Work with a comprehensive set of indica- the greater potential to recover losses and corporate activity. The itemized monthly reports issued by your tors of potential fraud - taking into account address any control weaknesses. The card provider will rarely be the most common fraud schemes as well as timely detection of fraud directly impacts sufficient to accomplish either, those that relate specifically to the unique the bottom line, reducing losses for an but they are the logical place to begin. risks a particular organization may face. organization. And effective detection tech- For example, data can be sorted ♦ Analyse all transactions within a given niques serve as a deterrent to potential by card number, after which the area and test them against the parame- fraudsters; employees who know experts date field can be checked for (a) multiple purchases on the ters that highlight indicators of fraud are present and looking for fraud are less same day (using the Duplicates ♦ Perform the analyses and tests as close likely to commit fraud because of a greater command); (b) purchases on perceived likelihood they will be caught. weekends or statutory holidays to the time of the transaction as (using the CDOW() function); or (c) a trend toward more frequent purchases (using the AGE() function). All this takes just On A Lighter Side moments with a proper batch file in place. This type of testing will also help to identify stolen cards or card numbers being used in widely separated locations, as well as attempts to circumvent spending limits by breaking a large purchase into pieces. However, even if the results of the testing seem to point towards fraudulent activity, the activity could be legitimate, depending on company policies and practices. For example, trucks that are on the road all day may need to fill-up on fuel three times in 24 hours, and traveling salespeople frequently conduct business on Saturdays. In these cases, the filters and conditions can be adjusted to reflect company practices.
Several major issues con- cheaper and great cost sav- and confident to all func- fronting companies in today’s ings can be made. tions in an organization. business is fraud. Some of the frauds are unable to be However, along with all the Dr Bala detected due to several rea- benefits there are also down- Sekar nada- sons. Therefore, it is im- sides and danger. One of the rajan (PhD) perative for companies to main problems with technol- from Malay- examine their exposures and ogy, has been the advance- sia has held to provide an effective way ment of fraud. As soon as several cor- to manage these liabilities. the operators find ways to porate posi- stop one type of fraud, an- tions and worked with sev- One example is that the other is created. One com- eral global consulting firms. more a consumer shops mon limitation that compa- He was responsible for de- online or non-online, the nies encounter is time con- veloping several big large more he is exposed to hack- straint and poor method in companies risk management, ing and misuse. Fraud is a detecting the frauds. corporate governance, fraud problem that has grown detection, internal controls, dramatically over the past Seeking expertise from business improvement, TQM years. proven software like ACL is frameworks and etc. Cur- an essential move. I have rently, he is the CEO of The advancement of technol- personally have used ACL Smart Business Consulting ogy has been largely benefi- software, it is so effective and also heads the Malay- cial to operators and cus- and fast is detecting fraud sian Professional Network- tomers processes become activities which cannot be ing group which consist of quicker and smoother. seen by a ordinary person. It Directors/CEO/Auditors and Hence, hardware becomes gives 100% data satisfaction other professionals.
ACL SPECIALISED FRAUD COURSE
ACL Specialised Training: Are you Fraud Detection Techniques Using ACL getting the most out of data analysis In this 2-day session, participants will gain further insight on the most effi- software? cient and effective techniques of using ACL for Windows to detect fraud. Prodigy Data ACL users should leave the course with the skills to combat against abuse Solution can and fraud. help you acquire the skills you The professionals for whom this course has been developed need to have a knowledge of standard Windows operations (opening/closing files, naviga- need to realize tion). Participants must have a fundamental understanding of ACL for Win- the full value of dows by attending Introductory ACL for Windows training. ACL
You will learn...
♦ Basic Concepts of Fraud ♦ Fraud Schemes 12-13 May 2003 PRODIGY DATA SOLUTION PTE LTD ♦ Fraud Detection Techniques Singapore 201B NEW BRIDGE ROAD SINGAPORE 059428 TEL: (65) 6221 2810 FAX: (65) 6221 2813 EMAIL: We urge you to sign up early to confirm your enrolment. For more information, INFO@PRODIGY.COM.SG please contact us at +65 6221-2810 or info@prodigy.com.sg ACL FOR WINDOWS TRAINING IN INDONESIA
PRODIGY DATA SOLUTION
PTE LTD Special Indonesia Rate Open Enrolment On-Site Duration 201B NEW BRIDGE ROAD Per Participant (US$) Per Class (US$) SINGAPORE 059428 ACL – Introductory $ 333 $ 3,000 3 days TEL: (65) 6221 2810 FAX: (65) 6221 2813 ACL – Intermediate Workshop $ 278 $ 2,500 2 days EMAIL: INFO@PRODIGY.COM.SG ACL – Developing Applications $ 333 $ 3,000 2 days
ACL – Functions $ 167 $ 1,500 1 day
ACL – Data Access $ 167 $ 1,500 1 day
visit us at ACL – Refresher $ 167 $ 1,500 1 day www.prodigy.com.sg Indonesia Open Enrolment Training Schedule — Feb to Apr 2003 COURSE NAME DATES February 18 to 20; 25 to 27 ACL for Windows - Introductory March 5 to 7; 11 to 13; 17 to 19 April 7 to 9; 15 to 17; 21 to 23; 28 to 30 ACL for Windows - Intermediate Workshop April 3 to 4 February 21; 28 ACL for Windows - Data Access March 21; 31 April 14 March 3; 10; 24 ACL for Windows - Refresher April 1; 25 ACL for Windows - Functions April 11 Coming Up in the Next Issue of Prodigy Newsbyte ACL Open Enrolment Training Schedule — Feb to Apr 2003 VENUE COURSE NAME MONTH DAY ♦ More Useful ACL Singapore ACL for windows - Introductory February 05 - 07 Tips March 10 - 12 ♦ Articles on Risk April 01 - 03 Management ACL for windows - Intermediate Workshop February 20 - 21 ♦ ACL User Feature April 14 - 15 ♦ And many other ACL for windows - Data Access April 16 useful industries ACL for windows - Functions April 17 information ACL for windows - Developing Applications March 13 - 14 ACL for windows - Refresher April 18 Kuala Lumpur, ACL for windows - Introductory February 04 - 06 Malaysia 17 - 19 March 04 - 06 18 - 20 April 07 - 09 28 - 30 ACL for windows - Intermediate Workshop April 10 - 11 ACL for windows - Data Access March 21
Feel free to write us April 17
any questions, ACL for windows - Developing Applications March 06 - 07
comments or Bangkok, Thailand ACL for windows - Introductory March 24 - 26 feedbacks on Prodigy ACL for windows - Developing Applications March 27 - 28 Newsbyte via email at India ACL for windows - Introductory April 21 - 23 info@prodigy.com.sg ACL for windows - Developing Applications April 24 - 25 Philippines ACL for windows - Introductory February 24 - 26 ACL for windows - Intermediate Workshop February 27 - 28
For training dates beyond April 2003, please contact us at info@prodigy.com.sg