Received: 27 September 2018 Revised: 2 April 2019 Accepted: 3 April 2019

DOI: 10.1002/jcaf.22389

BLIND PEER REVIEW

Data-driven auditing: A predictive modeling approach to fraud

detection and classification

Nitin Singh1 | Kee-hung Lai2 | Markus Vejvar2 | T. C. Edwin Cheng2

1
Department of Operations Management,
India Institute of Management Kashipur,
India
2
Department of Logistics and Maritime
Studies, Faculty of Business, The Hong
Kong Polytechnic University, Hung Hom,
Kowloon, Hong Kong
Correspondence
Kee-hung Lai, Faculty of Business, The
Hong Kong Polytechnic University, Hung
Hom, Kowloon, Hong Kong, People's
Republic of China.
Email: mike.lai@polyu.edu.hk
Abstract
This article develops and empirically tests a predictive model for audit of fraud
detection with practical applications for audit operations. By analyzing real-life
accounting data, the proposed model can identify anomalous transactions and
directly focus on exceptions for further investigation in real time, thus offering a
significant reduction in manual intervention and processing time in audit opera-
tions. Our approach is a highly desirable supplement to the existing rule-based
models, given the growing use of information technology for analytics in auditing.
The proposed approach is based on classification. Following the tenets of the prin-
cipal agency theory, we discuss how our approach can help to reduce monitoring
and contracting costs, disincentivize fraud, improve auditor efficiency and indepen-
dence, and increase audit quality. We contribute to the current literature by dis-
cussing the implications of data-driven audit on the moderating role of auditors in
principal-agent relationships and providing practical insights into the operational
aspects of financial reporting and auditing, modeling of fraud-detection classifica-
tion models, and benefits, barriers, and enablers of implementing data driven audit
in companies.

KEYWORDS
accounting, business analytics, data driven audit, fraud detection

1 | INTRODUCTION
Let us first state the purpose and role of audits. Audits are
ways to detect fraudulent behavior within organizations, and
the importance of deploying proper auditing techniques and
tools has significantly increased over the last few years due
to a rise in fraud (e.g., asset misappropriation, corruption, or
financial statement fraud). Association of Certified Fraud
Examiners (ACFE) maintains that corporate fraud has
become a major issue worldwide and is rapidly increasing in
both scale and scope (ACFE, 2016). This is the case for the
auditor's opinion on the annual financial statements, only if
fraud causes accounting numbers not to be found reliable.
However, fraud committed by employees is detected but in
the context of the financial numbers of the company it is not
material, the auditor will still provide a clean opinion on the
financial statements. He/she might make a reference to the
system of internal control. While technological break-
throughs in information technology and data analytics open
up new methods to detect fraud, issues like audit efficiency,
data driven audit and the operational aspects of a data driven
audit process have a potential to be discussed more in the lit-
erature, particularly when it comes to practical applications
with real-life data.
The two critical mechanisms to improve audit efficiency
are technological interventions and audit analytics. Audits
serve the basic purpose of reinforcing trust in financial infor-
mation. An actor is motivated by being monitored if the
benefits exceed the related costs when delegating decision-
making power to one party. Furthermore, audit services are

64 © 2019 Wiley Periodicals, Inc. wileyonlinelibrary.com/journal/jcaf J Corp Acct Fin. 2019;30:64–82.

SINGH ET AL.
required to reduce information risk for financial statement
recipients. As management is exposed to liability, the ability
to shift the financial responsibility of the reported data to an
auditor reduces the expected losses from litigation and settle-
ments to various stakeholders (Wallace, 1980). Hayes,
Dassen, Schilder, and Wallage (2005) discussed four theo-
ries of auditing, namely the policeman, lending credibility,
inspired confidence, and agency theories. In this regard, the
agency theory is an insightful and powerful theoretical lens
to better understand and analyze audits and audit processes,
as it is most relevant for analyzing situations of information
asymmetry. The typical relationship in the agency theory is
that between a principal (owner) and an agent (manager), in
which the former hires the latter and gives them the authority
to manage decisions. Agents engage in an employment con-
tract with principals who are less/not actively involved in the
company operations, thus trading their management exper-
tise and skills for financial compensation. There is the likeli-
hood of conflicts of interest caused by the separation of
ownership (principal) and control (manager; Eisenhardt,
1989). Both parties are assumed to be inherently self-interest
seeking, and the agency theory postulates that the principals
are unable to perfectly observe the behavior of their agents
(Davis, 1991; Jensen & Meckling, 1976). The agents then
become less interested in protecting the assets of the princi-
pals and lose efficiency in their work at the expense of their
principal. Therefore, it is suggested that in view of informa-
tion asymmetry and self-interest seeking behaviors, the prin-
cipals have little reason to trust their agents.
The principals then attempt to address these issues by
using mechanisms so that the interests of both the principals
and agents parallel and minimize the capacity for informa-
tion asymmetry and self-interest in their relationship. Thus,
audits are placed within this principal-agent relationship as a
mechanism to counter the mistrust, but auditors themselves
are also inherently agents too. Therefore, this arrangement
raises concerns of their objectivity, thus constituting the
need to find other approaches or mechanisms that would
align the interests of the principals and agents involved;
i.e., shareholders (principals), managers/directors (agents),
and auditors (agents). Contractual clauses (e.g., incentives or
penalties [Fama & Jensen, 1983; Gibbons, 2005]) are there-
fore necessary to align interests, and produces the need for
external auditing services for independent assurance and to
govern the conduct of corporate management (Baiman,
1990; Cohen, Krishnamoorthy, & Wright, 2002). While tra-
ditional auditing usually performs this role, the surge in cor-
porate fraud and asset thefts has gradually increased the
importance of forensic auditing techniques (Carnes &
Gierlasinski, 2001). Consequently, the ACFE1 was
established in 1992, and while forensic auditing is still in its
infancy compared to the more traditional auditing methods
65
(Carnes & Gierlasinski, 2001), technological progress and
gradual increasing demand for forensic auditing skills drive
the further development of the field (Bierstaker, Brody, &
Pacini, 2006; Roberts & Whited, 2012). In this regard, a data
driven approach in auditing is a viable way to achieve more
efficiency and increase objectivity of the process. Forensic
auditing is a small subpart of the general audit literature and
also has a very specific purpose. The articles that we refer in
the literature relate to audit, specifically on external auditing.
External audit refers to the audit of financial statements
whereby the external auditor provides an opinion as to
whether the financial statements provide a true and fair view
in accordance with IFRS Standards (Europe) or represent the
situation in a faithful way according to US GAAP (United
States). This type of external or “traditional” audit is not
equal or synonyms to forensic auditing and the focus of the
former is on whether or not the accounting numbers repre-
sent the underlying economic situation in a faithful way. A
forensic audit has the purpose to detect fraud and can be exe-
cuted in the frame of a general external audit. This is the
case only for all US listed companies that need to comply
with Sarbanes-Oxley. For all other companies, being the
large majority of companies in the world, forensic audits are
more likely to be conducted on a regular basis by the man-
agement or the internal control or audit function in a com-
pany to detect fraud committed by top managers as well as
by employees.
The accounting and audit failure at Enron and WorldCom
in the early 2000s witnessed substantial shareholder value
adversely affected due to fraud and loss. As a consequence,
the question remained whether more efficient audit opera-
tions would have prevented such massive economic damage.
While these incidents have aroused increasing practical and
academic interest in finding ways to identify and prevent
management fraud (Benston & Hartgraves, 2002; Shen,
Tong, & Deng, 2007), a comparably small part of the litera-
ture focuses on the operational aspects of the fraud detection
process; or, more specifically, what differentiates a “good”
fraud detection process from a “bad” fraud detection process
(Bonchi, Giannotti, Mainetto, & Pedreschi, 1999; Kirkos,
Spathis, & Manolopoulos, 2007). The implementation of
fraud detection systems opens up a multitude of operational
problems: Based on which criteria should transactions be
flagged as fraudulent? How could loopholes that allow
fraudulent exploitation be detected and closed? How can
principals ensure that their fraud detection systems are
appropriate and efficient? And how would these systems be
implemented without compromising the efficiency of other
operations?
In this regard, an important research stream discusses the
role of audits in fraud detection and prevention (Francis,
2004) with particular attention on the role of audit quality
66
and the implications for audit failure (Chaney & Philipich,
2002; Sikka, 2009). We have also seen considerable practi-
cal efforts to improve the regulatory framework of auditing,
its methodological rigor and the growing efforts of risk man-
agement to detect and prevent fraud (Baesens, Van
Vlasselaer, & Verbeke, 2015; DeFond & Francis, 2005;
Ravisankar, Ravi, Raghava Rao, & Bose, 2011; Xu,
Pinedo, & Xue, 2017). These developments highlight the
potential of auditing in fraud detection over the past years.
New developments in information technology further boost
the availability and efficacy of auditing, and as a result, data
analytics has become an essential tool for auditors (Baesens
et al., 2015; Kumari Tiwari & Debnath, 2017). Data analyt-
ics refers to insights that are taken from operational, finan-
cial and internal or external electronic data sources and used
for analysis. It is increasingly viewed as a definitive “value-
addedness” in auditing (Toon, 2015). To achieve effective
financial reporting and monitoring through data analytics,
both competence and independence are required (Alles &
Gray, 2015; Law, 2008).
Given the growing importance of rigor in auditing and
the increasing availability of data, we examine the applica-
tion of data analysis to audit to better understand the efficacy
of business analytics as a tool to support auditors. By focus-
ing on the operational aspects of auditing, we offer both the-
oretical insights and managerial implications. Practically,
efficient data driven audit methods can support external
auditors in identifying fraudulent transactions and help to
save money and time and enable internal auditors to improve
audit efficiency and quality. Theoretically, discussing the
role of the external auditor as a moderator of the conflicts of
interest in the principal-agent relationship can help to pro-
vide a better understanding of the intricacies of corporate
ownership and contracting costs. As a result, we develop
and demonstrate a predictive model for anomaly detection
by using the collected data of a purchase process, which can
flag anomalous transactions and helps to focus resources on
the detected exceptions (or flags) for further investigation.
Based on our understanding from the agency-theoretic per-
spective, we formulate propositions that highlight the poten-
tial merits of data-driven auditing to alleviate the innate
conflicts of ownership and agency in companies, detect man-
agement fraud in real time, and improve audit quality by
improving the efficiency, independence, and objectivity of
auditors.
This article focuses on the employee-vendor fraud for
which the developed method is an efficient detection tool.
The merits of this developed model go beyond listed firms
in the United States and can be explained in the context of
all firms for reducing fraud risk. There is a cost/benefit
framework at work here as auditor efficiency is increased by
the application of data driven method to audit. We contribute
SINGH ET AL.
to the existing literature by discussing the implications of
data-driven audit on the moderating role of auditors in
principal-agent relationships. We also exhaustively present
and deliberate on data mining papers related to management
fraud detection. In terms of methods, we first compare pre-
dictive modeling techniques (binary logistic regression
[BLR], ensembles, decision trees, neural networks, etc.)
where we can compare and contrast the results of various
models. Next, we present a baseline benchmark that is used
for comparison purposes and allows us to show the benefits
of the BLR approach in the context of our study. We also
discuss the relative benefits of and differences to the rule-
based approach which relies on the definition by experts
who define a set of (if-then) rules. Finally, we provide prac-
tical insights into the operational aspects of financial
reporting and auditing, modeling of fraud-detection classifi-
cation models, and benefits, barriers, and enablers of
implementing data driven audit in firms. To summarize, the
study contributes knowledge in three distinct ways. First, it
examines relevant studies in data driven audit with a focus
toward fraud risk and identifies certain gaps in traditional
fraud identification methods that can be overcome with data
driven techniques. Second, this study demonstrates the
application of classification method into purchasing systems
to identify fraud risk. Third, it provides insights into how
classification-based methods can facilitate firms and auditors
to reduce fraud risk.
2 | L I T E R A T U R E RE V I E W
2.1 | Classification-based models
Fraud schemes keep on changing and are dynamic as some-
body seeking to perpetrate a fraud would find newer
schemes. So, newer rules would have to be developed con-
tinuously to keep track of new fraud schemes. In such a sce-
nario, it is vital to have a classification-based approach
which is able to identify flag-off anomalous transactions. It
is not always possible to rely on rule-based approach. There-
fore, a classification-based approach is highly needed that
can help track anomalous or fraudulent transactions in the
absence of rule. This approach is not necessarily dependent
on rules. Single classification methods (or classifiers)
develop a (single) classification model. Logistic regression,
neural networks, decision trees are single classifiers. Logistic
regression classifies the dependent variable into two catego-
ries (0 or 1) directly based on independent variables which
could be continuous or categorical. A decision tree estimates
class conditional probability which is then converted into
posterior probability by Bayes theorem. A decision tree or
random forests partitions the data recursively to separate
classified variable (into 0 or 1) through certain testing
SINGH ET AL.
conditions (e.g., is purchase quantity ≥ specified threshold)
which are identified and encoded in the model a priori. Like-
wise, there are set of condition or rules that build the trees.
The decision to branch a node is based on minimizing indi-
cators such as the Gini coefficient or if there is a gain in
information (Baesens et al., 2003). Such a scheme depends
on the set of conditions or rules that will build trees recur-
sively. In this study, we, however, attempt to use a classifier
which does not depend on the set of rules or conditions. A
semi-parametric method like neural networks or support vec-
tor machines works similarly while supporting different
functional forms of underlying data. In both the cases,
nonlinear optimization is done to estimate the parameters of
resulting model. They, however, require the selection of one
specification a priori. In the case of this study, the selection
of a specification (“fraud” or “no fraud”) cannot be done a
priori (Baesens et al., 2003). Under such circumstances, we
find that logistic regression is the most appropriate approach
for the problem objective and the dataset under consider-
ation. The outcome is “fraud”’ or “no fraud” (binary depen-
dent variable) that needs to be classified from the underlying
data which is transactional accounting information. In sev-
eral applications, the complexity of ensembles compared to
a single model is a significant limitation (Finlay, 2011).
Some studies suggest that ensemble models perform better
than single classifiers (Zhang, Patuwo, & Hu, 1998). How-
ever, this is not true in all the cases. In some cases, neural
networks or logistic regression can perform better as single
classifiers unlike other single or ensemble classifiers which
are kernel-machines driven. For instance, neural networks
can generalize from data to act as functional approximators
(Zhang et al., 1998).
A single model can have very few variables and parame-
ters to analyze whereas an ensemble may have complex
interactions within parameters and, also, there could be thou-
sands of parameters in an ensemble. Consequently, the
behavior of such systems is very difficult to understand.
Their application in areas like the one which is being studied
in this article is difficult where single explicable model is
required (Finlay, 2011). We do not use ensemble classifiers
in this case as the objective was to test a classifier method in
the context of this study (with reference to transactional data
in accounting) with respect to its applicability, classification
ability, and validity. It is worthwhile to extend this study
with the pooling of classifiers and apply ensembles. At this
stage, it is beyond the scope of current study to do so. Over
the recent years, ensembles have also been used in certain
situations to improve predictive accuracy. In the case of
ensembles, multiple base models are pooled to form ensem-
ble classifiers. It has been shown that pooling of models
may improve predictive accuracy (Finlay, 2011; Paleologo,
Elisseef, & Antonini, 2010). Ensembles can be built
67
independently or in a dependent manner. There are two clas-
ses of algorithms—bagging and boosting—which derive
base models from samples of data. Bagging algorithms build
ensemble by deriving independent base models from the
data samples (Breiman, 1996). On the other hand, boosting
algorithms build ensembles in a dependent manner by
adding base models iteratively such that the current ensem-
ble is improved by adding any base model (Freund &
Schapire, 1996). These algorithms have also been researched
and extended further in various studies and business contexts
(Breiman, 2001; Friedman, 2002).
An ensemble of multivariate logistic regression is applied
on genetic data to classify Alzheimer gene expression. This
method is found to perform better than random forests in
terms of classifying gene expression (Zakharov & Dupont,
2011). In the insurance domain, audit is intended to spot eva-
sions of tax and fraudulent insurance claim. It is critical that
audit strategy is planned well and is supported by
classification-based technique to support audit plan strategy
(Bonchi et al., 1999). A comparison of ensembles and single
classifiers has been done in few other studies in a different
domain. Ensembles of artificial neural network and logistic
regression were applied on patient data. These patients had
reported chest pain and were admitted to emergency depart-
ment. In this case, ensemble was found to have an advantage
over single classifier (Green et al., 2006). However, this was
contextual to healthcare domain and the results could vary in
a different setting. Nevertheless, the question still remains as
to the best methodology for classification. There was a study
done on genetic data to analyze single nucleotide polymor-
phisms in multiple genes. Four methods—random forests,
logic regression, classification tree, and logistics regression—
were applied to compare results for gene interactions. In this
case, random forests and logistic regression performed corpo-
rately better than other classifiers (Yoo, Ference, Cote, &
Schwartz, 2021). Studies also indicate that ensemble models
do not always perform better than single model classifiers. It
is contextual to underlying data. In some cases, single model
classifiers like Logistic Regression (LR) or Neural Network
(NN) classify better then ensembles in terms of classification
rates (Orimoloye, 2017).
Data analytics has been found to be useful in identifica-
tion of factors associated to financial statements which are
fraudulent. A study was conducted to specifically identify if
management fraud is done by analyzing financial statements.
In this case, classification methods like neural networks,
Bayesian networks and decision trees were applied on finan-
cial ratios computed from the financial statements (Kirkos
et al., 2007). Classification models to detect credit card fraud
have also been studied (Shen et al., 2007). In their paper, the
ability to detect fraud is investigated through three
methods—neural networks, decision trees, and logistic
68
regression. This study suggests that selection of a model is
contextual to underlying data. It also provides a framework
to select an appropriate model when there is a risk of credit
card fraud (Shen et al., 2007). This study introduces the con-
cept of fraud analytics by description of descriptive, predic-
tive, and social networking methods. It is prescribed that
analytics is an important tool to detect fraud. It is also dis-
cussed as to how and why analytics complements rule-based
(expert views) fraud detection. Subsequently, a high-level
step-based process to implement fraud detection system is
presented (Baesens et al., 2015).
2.2 | Agency theory and auditing
The agency theory (Adams, 1994; Baiman, 1990; Cohen,
Krishnamoorthy, & Wright, 2008) explains the inherent con-
flict between ownership and control in modern firms, in which
ownership can often belong to many individual shareholders.
Due to this diluted ownership, the shareholders as the princi-
pals need to hire agents to conduct daily business on their
behalf, which gives the latter control (Jensen & Meckling,
1976). However, the separation of ownership and control cau-
ses a dilemma: if both parties act primarily in their own self-
interest, and if both parties have asymmetrical access to infor-
mation, there are strong incentives for the agents in particular
to optimize their business activities for personal gain, rather
than protect the interests of the shareholders (Eisenhardt,
1989). The act of the agents in maximizing their own self-
interests on the cost of the principals is generally referred to as
a “moral hazard” (Holmström, 1979). To protect their interests
and investments and avoid moral hazard, shareholders need to
rely on contractual designs, for example, incentives that align
interests or penalties to disincentivize dissent (Baiman &
Demski, 1980), particularly as the complexity of assigned
tasks increase and measurements become more difficult and
costly (Eisenhardt, 1985). The design of these contracts and
their supervision are usually connected to so-called contracting
costs that reduce the potential pay-outs for both parties
(Fama & Jensen, 1983; Milgrom & Roberts, 1992). The prin-
cipals therefore place audits within the principal-agent relation-
ship as a mechanism to regularly supervise performance and
behavior of their agents so as to minimize opportunity for
fraudulent behavior and maximization of self-interest (Cohen
et al., 2002; Mohd-Sanusi & Mohd-Iskandar, 2007) by hiring
auditors. In this regard, auditors act as reputational intermedi-
aries between principals and agents, and provide important
monitoring and reporting services.
The recent literature offers different solutions to the
principal-agent problem from an auditing perspective. Clive
(2005) discussed moral hazard based on management own-
ership and audit firm size and surmised that while full
management-ownership solves the agency issue, this
SINGH ET AL.
ownership model is simply not suitable for most corpora-
tions. Furthermore, he found that the agency dilemma
increases the demand for high-quality auditors in the market.
Law (2008) discussed the role of auditor independence from
the perspective of the principal-agent theory and concluded
that a high level of competition and the provision of non-
audit services negatively affect auditor independence. Other
studies provide insight into how auditors need to consider
corporate governance factors in their audit strategy (Cohen
et al., 2002), accountability and auditing in multinational
enterprises (Luo, 2005), the effects of contingent monitoring
systems on audit policies (Fagart & Singlair-Desgagné,
2007), and performance incentives in audit processes (Mohd-
Sanusi & Mohd-Iskandar, 2007).
2.3 | Fraud detection and auditing
There is a stream of literature examining different manage-
ment approaches to detect fraud in business auditing. For
instance, there are applications of data mining techniques for
identifying companies susceptible to financial statement fraud
(Ravisankar et al., 2011). To reduce financial loss as a result
of fraudulent transaction, Caldeira, Brandao, Campos, and
Pereira (2012) developed fraud detection models for
predicting fraudulent transactions via the Internet with a spe-
cific focus on credit card operations. Similarly, Sahin, Bulkan,
and Duman (2013) argued that a fraud detection system is
important for prevention particularly for those transactions
related to online credit cards and proposed a cost-decision tree
approach for this purpose. Utilizing network-based features,
Van Vlasseler et al. (2015) develop a system for detecting
fraud in credit card transactions. Their system is capable of
identifying fraud transactions and lessens related crime for
fraudulent business card transactions. More recently, De Sa,
Pereira, and Pappa (2018) design an algorithm to improve
credit card detection with data classification and economic
efficiency considered. In the broader financial institution con-
text, the cause factors, consequences, deterrence as well as the
ways for preventing corporate frauds are investigated (Bonsu,
Dui, Muyun, Asare, & Amankwaa, 2018). They found that
fraud is damaging for corporate financial performance and
advocated the use of fool proof deterrence and prevention
methods for curbing its occurrence. These studies highlight
the growing managerial attention on fraud detection and the
use of the technological approach (e.g., big data analytics) in
auditing research and practice (Gepp, Linnenluecke,
O'Neill, & Smith, 2018).
2.4 | Anomaly detection and data driven audit
Based on the agency theory, we develop a data-driven
approach to data driven audit that helps to address the
SINGH ET AL.
principal-agent problem by reducing the contracting costs
and information asymmetry. Contextual and collective
anomaly detection techniques have been increasingly
applied in several domains (Green & Choi, 1997;
Jayasimhan & Gadge, 2012; Khattree & Naik, 1999; Knorr,
Ng, & Tucakov, 2000; Ravisankar et al., 2011; Singh,
Cheng, & Lai, 2017). In this regard, anomaly detection is
the process of finding patterns that do not conform to expec-
tations (Bolton & Hand, 2002). In the domain of accounting
and auditing, practitioners deal with different types of issues,
such as omission errors, fraud, waste, and abuse (DeBoer,
Eimers, & Elsa, 2014; Hansen, McDonald, Messier, & Bell,
1996). These issues include fraudulent behavior like making
false statements,2 concealing facts, misusing benefits, imper-
sonation, violating standard business conduct, and so forth.
The capability to detect these issues is critical in protecting
shareholder value, yet the quality of traditional audits is
often diminished by shortcomings in skill and technological
resources (Borthick, 2012; Cecchini, Aytug, Koehler, &
Pathak, 2010; Power, 2013). Normally, forensic audits are
performed when there is fraud or alleged fraud. They are
neither regular audits nor firm-wide audits. The agency that
is investigating the crime narrows down the areas of fraud
and an audit is performed in that particular area. The process
is more of one that is collecting evidence. For example, if an
investigating agency suspects the crime of siphoning of
funds, the forensic audit investigation would center around
transfer transactions of high value funds. In a computerized
environment, there is no paper trail and hence auditors need
to have some basis for investigating transactions. This makes
their job very challenging and data related analytics can be
therefore very useful for tracking anomalous transactions. In
conventional manual audits, auditors would examine
vouchers (either all or a sample).
Analytical procedures play a vital role in audit planning
for extracting financial information, anticipating the results,
and identifying relationships among the different variables
of financial data with relevant nonfinancial information.
They also help to provide a better understanding of the busi-
ness of clients and identify risk areas. Evidently, risk and
fraud detection are challenges for auditors, so new audit risk
standards are defined to assess performance and the suitabil-
ity of auditors, and to have control over the risk in misstate-
ments. To implement such risk standards, it is also necessary
to understand the internal control processes, including
proper planning and supervision. An important tool for
accounting reviews is internal control which is used to fol-
low a process and can control risk and detect fraud from the
early onset (Fogarthy, Graham, & Schubert, 2006).
Regulatory institutions like the Public Company
Accounting Oversight Board (PCAOB) have called for
approaches and methods that increase audit rigor and
69
objectivity to reduce fraud risk and alleviate information
asymmetry between executives and investors. The PCAOB
was established to oversee the audits of public companies in
order to safeguard public interest by promoting accurate and
independent audits. The PCAOB audit standards maintain
that financial statements as published by issuers are required
to be accurate and presented in a manner that does not con-
tain incorrect statements. They are also required to study and
report on the extent that off-balance transactions result in
transparent reporting and determine the meaning of any
result with the generally accepted accounting principles for
reporting purposes. Furthermore, data-driven audit can
improve the responsiveness of regulations to current market
requirements by providing information in real time. From
the perspective of firms, compliance with key regulatory and
legal requirements is critical to sustaining business opera-
tions. For example, the “Sarbanes-Oxley” regulations specif-
ically mandate enterprises to certify that financial statements
are free from fraud and material misstatements (DeFond &
Francis, 2005). Simply employing an independent auditor
would hardly fulfill this requirement. This issue therefore
compels top management to add forensic accountants to the
audit team. Titera (2013) discussed the issue of required
revisions to audit standards, whether for public or private
company audits, and showed how certain types of current
audit standards inhibit the use of enhanced data analysis and
continuous auditing techniques by external auditors. Data
analytics is found to be useful in statutory and internal
audits, as well as forensics. Earley (2015) found that auditors
can capitalize on data from the business activities of the
enterprises themselves, as well as external sources. This
helps to generate valuable new insights into internal audits,
provide greater assurance, and achieve a higher degree of
efficiency compared with traditional auditing techniques.
Although it is difficult to manage massive volumes of
data, data analytics holds great promise in auditing practice
and research. Data analytics can be used to more effectively
test transactions, maintain audit quality, and detect fraud
(Earley, 2015). Data analytics techniques help auditors to
understand the business of their clients when there are large
volumes of data, and when it becomes difficult to differenti-
ate financial from nonfinancial data. Data analytics also
helps to create new forms of audit evidence and its methods
are found to be useful in planning and developing proce-
dures to identify risks by analyzing fluctuations and fraud.
For this purpose, skillful and technologically apt auditors are
required (Murphy & Tysiac, 2015), even though evidence
suggests that auditor education might be lagging behind
(Crawford, Helliar, & Monk, 2011; Rezaee & Burton,
1997). Furthermore, data analytics is also recommended by
regulatory bodies as a rigorous auditing tool to detect and
reduce fraud incidents, and the PCAOB has urged auditing
70
companies to leverage data analytics in the audit process
(Elder, Akresh, Glover, Higgs, & Liljegren, 2013).
3 | ME T HODOL OGY
3.1 | Modeling approach
Our modeling approach followed the steps suggested by
Shmueli (2010) of goal definition, data collection, data prep-
aration, exploratory data analysis, variable and method
selection, and model evaluation, validation, and selection.
To apply data analytics for fraud detection and auditor sup-
port, we defined the system that is to be modeled with data
from a procurement process. To properly represent the audit
approach in practice, we design our model to follow a set of
rules that “flag” suspicious transactions for a closer inspec-
tion by an auditor (Dionne, Giuliano, & Picard, 2009;
Green & Choi, 1997), thus reducing manual sampling efforts
while improving the objectivity of the results (Eining,
Jones, & Loebbecke, 1997). Consequently, we need to
employ the same data and rules that an auditor would follow
and consider the indicators that would prompt an auditor to
flag a transaction as possibly fraudulent. This might include
transactions with unusual amounts of items purchased,
unusual types of items purchased, unusual prices, or other
irregularities. In this regard, anomaly detection methods like
unsupervised outlier detection could be considered (Campos
et al., 2016); however, for the course of this study, we
decided to employ more salient indicators as discussed in
the audit literature. Exhibit 1 presents an overview of the
indicators for suspicious transactions and possible underly-
ing management frauds (Singh et al., 2017; Tackett, 2013).
However, it is vital to note that fraud detection rules are
not static and need to be developed dynamically to keep
EXHIBIT 1 Overview of fraud indicators and fraud
risks
Indicator Possible fraud
Unusual quantity Embezzlement, inflated quantities to exhaust
of items budget or accrue vendor kickbacks
Unusual items Embezzlement, items purchased for personal
purchased use or reselling
Unusual vendor Bid rigging, vendor kickbacks, “dummy”
selection vendor to siphon funds
Unusual price Manipulation of costs to fit budget, siphoning
paid per item of funds
Unusual Embezzlement
delivery/order
date
Unusual amount Theft, embezzlement
delivered
SINGH ET AL.
abreast with the new methods of fraud (Ceresney, 2013). A
rule-based modeling approach embedded in data analytics
can help to keep up with new methods of fraud as they are
detected, as the inclusion of new rules in an existing model
is comparably simple.
BLR has the property of classifying and providing out-
come probability. If the classes are linearly separable, we get
useful insights in classification and probabilities. Random
forests are also used on similar data for classifications, but it
requires specification of conditions (or rules) for building
the trees. They perform implicit ensemble among trees on
random subsets of the data. Ensembles of different methods
(BLR, decision trees, neural networks, random forests, etc.)
can provide good predictive accuracy as heterogeneous
models have complementary strengths. In the present study,
explanation of classification is as important as prediction.
The output of BLR is probability and classification which is
very beneficial to the issue we are studying. The results of
BLR could also be utilized as the baseline before using other
methods. As a result, we present a BLR based on historical
data that classifies purchasing transactions as fraudulent or
nonfraudulent, as it has been found to yield accurate results
for classification algorithms (Baesens et al., 2003, 2015;
Ngai, Hu, Wong, Chen, & Sun, 2011; Ravisankar et al.,
2011). A major advantage of BLR is that it does not assume
any specific shape of density in the space of the predictor
variables. The invoices and other accounting data can there-
fore take any shape of density in their variables. The BLR is
based on the maximum likelihood estimation and estimates
the probability of group membership. By its very nature,
logistic regression is an appropriate classification tool if the
underlying objective is to classify the data into two or more
categories. In addition, with no requirement for within-group
covariance matrices of the predictors, the BLR is not as sen-
sitive to outliers as other regression techniques. In the extant
literature, logistic regressions have been used to provide
decision aids to detect management fraud (Bell & Carcello,
2000; Dechow, Ge, Larson, & Sloan, 2011) or other fraudu-
lent behaviors (Summers & Sweeney, 1998), but such appli-
cations are rather limited in scope.
Mathematically, the BLR can be presented as:
p = ProbðY = 1jX = xÞ, ð1Þ
1
1 −p = , ð2Þ
1 + expða + bxÞ
 
p
ln = a + bx, ð3Þ
1 −p
where a is the intercept, b is the slope, exp or e is the expo-
nential function (e = 2.71828…), ln is the natural logarithm
SINGH ET AL.
with ln(e) = 1, p is the probability that the event y occurs
given x ranges between 0 and 1. b and x can be either real
numbers, or vectors of real numbers. 1 −p p is the “odds ratio,”
   
ln 1−p p is the log odds ratio, or “logit,” and ln 1−p p =
a + bx means that as x increases by 1, the natural log of the
odds ratio increases by b. The odds ratio is related to
the probability of the occurrence of an event. For example,
the probability of a transaction being fraudulent is 0.33. The
odds that the transaction will be fraudulent is 1−0:33
0:33 = 1/2 or
2 to 1. There are other techniques for analyzing data with
categorical dependent variables, including probit linear dis-
criminant analysis, and log-linear and logistic regressions,
where the predictors are assumed to follow a multivariate
normal distribution (Darlington, 1990). However, the BLR
is commonly used due to its high classification accuracy
(Lim, Loh, & Shih, 2000) and accessibility compared to
more complex algorithms.
In classification models, correctly predicted flags are
called true positives, while correctly predicted nonflags are
referred to as true negatives. There are two potential errors
for logistic regressions, namely a flag is not flagged appro-
priately (false negative) and a nonflag is falsely flagged
(false positive). Consequently, the overall performance or
percentage classified correctly by a BLR can be evaluated
based on two measures, namely sensitivity, which denotes
the percentage of true positives in the sum of true positives
and false negatives, and specificity, which is calculated as
the number of true negatives divided by the sum of false
positives and true negatives. Thus, sensitivity measures the
performance of the model in predicting flags, whereas speci-
ficity measures the accuracy of the model for predicting non-
flags (Viaene, Derrig, Baesens, & Dedene, 2002), which are
expressed, respectively, as follows:
true positives
Sensitivity = , ð4Þ
true positives + false negatives
true negatives
Specificity = : ð5Þ
true negatives + false positives
Both the sensitivity and specificity of a BLR are heavily
influenced by the cutoff value (or classification threshold) of
the dependent variable, that is, how decimals between 0 and
1 are rounded up or down in the classification. A high cutoff
value generally lowers the number of flags, whereas a low cut-
off value increases both the number of flags and false positives.
Plotting the overall performance in terms of sensitivity and
specificity for different cutoff values yields the receiver operat-
ing characteristic curve of a model, which is a useful tool for
analyzing the performance of a model based on different model
parameters (Provost & Fawcett, 2001; Swets & Pickett, 1982).
71
3.2 | Data description
The next step in modeling entails defining the data set ana-
lyzed and variables used, and how these variables relate to
one another. We consider variables related to accounting
data in purchase processes, namely vendor invoices, vendor
payments, goods receipt notes (GRNs), purchase orders
(POs), purchase requisitions, and general ledgers (GLs). The
data set resides in the enterprise resource planning (ERP)
and transactional systems of enterprises. ERP systems are a
type of business-management software that integrates orga-
nizational applications in order to collect, store, manage, and
interpret data from many business activities, including prod-
uct planning, purchasing, manufacturing, or service delivery
(Dechow & Mouritsen, 2005). ERP systems are vital to sus-
taining the success of large enterprises in particular, as they
can help to continually monitor and improve internal pro-
cesses (Stratman, 2007). For instance, most known ERP sys-
tems handle datasets in financial accounting and controlling
modules, which are extracted through various transaction
codes as defined in standard operating procedures.
Our data set consists of sanitized real-life purchase pro-
cess data of a firm in the telecommunications industry with
an annual turnover that exceeds USD 1 billion. This was part
of the external forensics auditing for the company conducted
by a consulting firm, which provided us with the information
on whether a transaction was found to be fraudulent. The
factual details of the firm have been masked for confidential-
ity. Our data sample includes 32,117 transactions from pur-
chase processes that were directly taken from the firm's ERP
system. Several times, we observed that data imported into
databases from ERP systems have issues with data format,
alignment, and duplication. The data were therefore appro-
priately formatted, and consistent duplicate entries were
removed.
Furthermore, the data were post hoc for analyzing inci-
dents of fraud that was committed in the telecommunications
company. Subsequently, a consulting firm was called in to
conduct forensics auditing to ascertain the quantitative
nature and perpetration of fraud. The company also sought
to find out if there were other collaborators (both employees
and vendors) who were participating in the fraud. The
“flags” which were identified in the data were marked as real
fraudulent transactions. These have been corroborated by the
company. So, the flags are not prima facie but real-life
fraudulent transactions. Specifically, 1,978 (roughly 6% of
the sample) transactions were flagged this way. Exhibit 2
gives an overview of the information provided per transac-
tion, Exhibit 3 shows the descriptive statistics of the scale
variables, and Exhibit 4 gives an overview of the potential
values for the nominal variables. Exhibit 5 provides an
excerpt of the transactional data employed (shows selected
data only).
72 SINGH ET AL.

EXHIBIT 2 Overview of variables

Variable Description Type Format

PO_Number Purchase order (PO) number; PO for a single Nominal 10-Digit unique identifier
transaction
Year The year that a PO is issued Nominal 4-Digit year
Invitem Item number on invoice Nominal Numerical identifier
Vendor invoice quantity Quantity of items per invoice Scale Number
Vendor invoice material Material group of item Nominal Identifier consisting of letters and numbers
Indicator: updated PO Binary indicator whether the PO had been Binary 0/1
changed in the past
Total value Total value of the PO Scale Number
Bill of lading Bill of lading for transaction Nominal 7-Digit unique identifier
POItem Type of item delivered in PO Nominal Numerical identifier
Changed on Date on which PO was modified Nominal Date
Net price Price per item of transaction Scale Number
Net value Net value of single transaction Scale Number
PO quantity Quantity of items delivered in PO Scale Number
Price date Date on which PO was settled Nominal Date
Flag Binary indicator whether transaction had been Binary 0/1
flagged by auditors before

In addition to the variables present in the data sample, we fraudulent. As omitted information could be a strong indica-
defined additional indicators per transaction that could pro- tor for fraudulent behavior, we defined a binary check that is
vide us with further insights into whether a transaction is 1 when the cell values are blank, and 0 otherwise
(CheckCompleteness). To further investigate the degree of
EXHIBIT 3 Descriptive statistics of scale variables data completeness, we created a string variable that counts
Vendor the number of empty cells (DegreeCompleteness). Further-
invoice Total PO more, we created a string variable that counts the number of
quantity value Net value quantity days between our two date variables to check for unusually
Unit Number Local Local Number long or short periods of time (CheckDate). As a result, each
of items currency currency of items
Overall EXHIBIT 4 Potential values for nominal variables
Mean 2.766 21.395.928 26.949 5.399
Variable
Median 900 548.440 6.000 1.200 name Format Possible values
Min 1 547 3 80 PO_Number 10-Digit unique identifier 27 unique POs
Max 150.000 279.347.644 850.000 17.000 Year 4-Digit year 2010, 2011, 2012
Flagged Invitem Numerical identifier 45 unique item
Mean 2.979 29.628.216 13.569 2.714 identifiers
Median 750 1.001.618 7.500 1.500 Vendor Identifier that consists of 7 unique vendor
invoice letters and numbers materials
Min 152 3.082 7.500 1.500
material
Max 90.000 164.102.669 50.000 10.000
Bill of lading 7-Digit unique identifier 21 unique bills of
Nonflagged lading
Mean 2.752 20.966.707 27,827 5.575 PO_Item Numerical identifier 99 unique PO item
Median 900 534.570 5,650 1.130 identifiers
Min 1 547 3 80 Changed on Date 83 unique dates
Max 150.000 279.347.644 850.000 17.000 Price date Date 14 unique dates

Abbreviation: PO, purchase order. Abbreviation: PO, purchase order.

SINGH ET AL. 73

EXHIBIT 5 Snapshot of transactional data

Direct ERP output Auditor

Vendor
invoice PO PO Net
PO number Year quantity Total value item Changed on quantity value Price date Flag
1100000491 2010 192 650,271.29 1,030 July 20, 2010 700 3,500 February 0
23, 2010
1100000567 2011 945 15,862,945.71 470 May 25, 2011 1890 9,450 August 12, 2010 0
1100000567 2011 1890 15,001,429.21 490 May 25, 2011 1890 9,450 August 12, 2010 0
1100000610 2011 2000 15,001,429.21 220 September 5,000 25,000 October 7, 2010 1
23, 2011
1100000642 2011 15,000 130,089,459.4 70 November 5,000 25,000 January 31, 2011 1
21, 2011
1100000645 2011 8,640 28,204,470.4 120 December 7, 2011 1890 9,450 February 3, 2011 1

Abbreviations: ERP, enterprise resource planning; PO, purchase order.

observation in the data sample was described by using
18 variables, that is, the dependent variable “flag,” and
17 independent variables.
We used the Relational Data Base Management Systems
to store, manipulate and manage the data sets (Kriegel,
2011). For statistical analyses, we used the statistical soft-
ware SPSS. To further prepare the data set for the BLR, we
randomly split the data set into two parts, with 21,297 (70%)
and 9,535 (30%) observations each. We split the complete
data in a stratified manner and used the larger data set as the
training data set to train the logistic regression and the
smaller data set as the test set to validate our results.
4 | M O D E L AN D R E S U L T S
4.1 | Model
combine multiple classifiers and the number of classifiers to
be combined.
The objective of the proposed model is to detect anoma-
lous transactions (“flags”) in the auditing process. Each flag
should coincide with a potential fraud, based on accounting
knowledge and following the same set of rules as used by
the auditors. Logistic regression is similar to linear regres-
sion but with two main differences. First, the outcome or
response is categorical, which could be yes/no,
approve/reject, responded/did not respond. Second, the out-
come is expressed as a probability of being in either group.
In our case, if the transaction seems to be “fraudulent,” the
dependent variable will be 1, and 0 if the transaction is
“nonfraudulent.”
Our initial Model 1 includes all the data variables pres-
ented above, and expressed as follows:

There have been studies reviews of classification techniques

in different areas like bankruptcy prediction, default predic-
tion and others. In one such study, exhaustive review of clas-
sification different techniques like logistic regression, by
using neural networks, support vector machines, decision
trees, and so forth. in the context of bankruptcy prediction
(Tsai et al., 2014). In this study, baseline classifiers are used
to compare and contrast the relative differences. In literature,
various classification techniques have been studied by using
single classifier like logistic regression, decision trees and
combining multiple classifiers approach. In majority of stud-
ies, combination of classifiers has been found to outperform
many single classifiers. However, in terms of constructing
classifier ensembles, the context of study (fraud detection,
bankruptcy prediction, behavioral prediction, etc.) can affect
their performance. Also, the affect would also depend on the
classification technique adopted, combination methods to
log odds ratio = intercept + c1 * POnumber + c2 * Year
+ c3 * InvItem + c4 * VendorInvoiceQuantity
+ c5 * VendorInvoiceMaterial
+ c6 * IndicatorUpdatedPO + c7 * TotalValue
+ c8 * BillofLading + c9 * POItem
+ c10 * ChangedOn + c11 * NetPrice
+ c12 * NetValue + c13 * POQuantity
+ c14 * PriceDate + c15 * CheckCompleteness
+ c16 * DegreeCompleteness
+ c17 * CheckDate
ð6Þ
where c1, …, c17 denominate the coefficients that we want
to train. After initial testing, we confirmed that only a
few variables are significant based on Wald test-scores.
74 SINGH ET AL.

Consequently, we removed the nonsignificant covariates. EXHIBIT 6 Model selection criteria

We express the revised model as follows:
Model 1 Model 2
df (k) 51 49
log odds ratio = intercept + c1 * POnumber
−2 log likelihood (logl) 6,781.372 7,017.389
+ c6 * IndicatorUpdatedPO
Sample size (n) 32,117 32,117
+ c7 * TotalValue + c9 * POItem
AIC 84.35613 80.28771
+ c13 * POQuantity + c17 * CheckDate:
BIC 511.5903 490.7676
ð7Þ
Abbreviations: AIC, Akaike information criterion; BIC,
However, the second iteration of the model still did a poor Bayesian information criterion.
job of accurately predicting flags in both the test and training
sets. Consequently, we changed the PO_ Number to a cate- criterion balances model flexibility to choose among the dif-
gorical variable, following the rationale that the propensity ferent models. For logistic regression, the AIC is calcu-
for fraud might be correlated with certain PO numbers. Also, lated as:
it could be that certain PO numbers have high values and so
we converted the PO_ Number into a categorical variable to AIC = −2x ln ðlikelihoodÞ + 2k, ð9Þ
specifically identify distinct POs. We included the interac-
tion effects to enhance our understanding of variable rela- where k is the number of covariates included in the model.
tionships and capture such relationships in the model. The Model 2 showed a lower AIC, and thus the information
first interaction included is between the PO_Number and lost in Model 2 is less than that in Model 1. A possible rea-
POItem, which checks for unusual purchases of items in son for this could be that fewer variables are included in
POs. The second interaction included is TotalValue and Model 2. All things being equal, we could comparatively
POQuantity, which looks for problematic relations between select the model which has the smallest value for the AIC.
the value of a PO and the number of items purchased. The The relative likelihood of Model 2 shows that it has less
new Model 2 is given as follows: chance (0.13 times of Model 1) of estimated information
loss, thus Model 2 is favored over Model 1. Also, we noted
log odds ratio = intercept + c1 * POnumber ðcategoricalÞ that Model 2 shows a lower BIC compared to Model 1. The
+ c7 * TotalValue + c9 * POItem difference in the BIC (20.82) is greater than 10, thus affir-
ming that Model 2 has more validity than Model 1. As both
+ c13 * POQuantity + c17 * CheckDate
the AIC and BIC values comparatively favor Model 2, we
+ c18 * POnumber * POItem
considered Model 2 to be the more appropriate model.
+ c19 * Totalvalue * POQuantity:
ð8Þ
4.3 | Model validation
We first tested whether one of the basic assumptions of the
4.2 | Model selection criteria BLR—a linear relationship between predictors and depen-
The predictive power of the model in a BLR can be evaluated dent variables—holds, or whether a polynomial formulation
would improve our model. Following the Box-Tidwell test,
by the model selection criteria. In this case, there are
we assessed the significance of the interaction effects of the
n independent variables (or covariates) with a binary outcome
scale predictors with the natural logarithm of the scale pre-
variable. Covariates are a mix of categorical and continuous
dictors, that is, TotalValue * Ln(Totalvalue), POQuantity *
variables and we wanted to choose the “appropriate” model to
select which covariates to include in the model. An appropri-
EXHIBIT 7 Overview of the models
ate model with minimum information loss could be selected
through the Akaike information criterion (AIC) and Bayesian Model 1 Model 2
information criterion (BIC). The AIC and BIC are presented Chi-square 3,441.943 3,175.926
in Exhibit 6. The model selection criteria (or analytical audit df 51 49
of the models) require a parameter (k) and a likelihood func- Sig. .000 .000
tion (logI) which are taken from Exhibit 7. As the sample size −2 log likelihood 6,781.372 7,017.389
is large, there is no need to apply any correction.
Cox and Snell (R-squared) .141 .132
As we wanted to evaluate the model that is of substantive
Nagelkerke (R-squared) .386 .361
interest to us, we applied the AIC since this information
SINGH ET AL. 75

EXHIBIT 8 Classification accuracy

Ln(POQuantity), and DateCheck * LN(DateCheck). The sig-
nificant results of these interactions indicate that the relation- Model 1 Model 2
ship is nonlinear. Indeed, both POQuantity and DateCheck
Training Test Training Test
show nonlinear relationships, and a quadratic formulation data data data data
(DateCheck^2 and POQuantity^2) fits our data better
True 1,330 606 911 420
(Jaccard & Lewis-Back, 2011; Pardoe, 2008). Second, to
positives
better understand how our covariates relate to each other, we
False 2,310 1,041 2,306 1,040
check our model for multicollinearity. Multicollinearity
positives
refers to close correlations among the predictor variables,
True 18,813 7,939 18,817 7,940
which lead to inflated significance of the independent vari-
negatives
ables, which in turn, causes a skewed or biased model out-
False 17 6 436 192
put. The variable inflation factor (VIF) provides evidence as
negatives
to whether multicollinearity is a concern in a model; gener-
Sensitivity 98.7% 99% 89.1% 88.4%
ally, VIF values of over 2.0 are considered to be problematic
(see, e.g., Hair, Anderson, Tatham, & Black, 2006). Calcu- Specificity 89.1% 88.4% 67.6% 68.6%

lating the VIF for all the independent variables, we find high
VIF values (>20) for POItem and POQuantity. This is not
surprising, as for nonfraudulent transactions, POItem should
be closely related to PO_Number (certain items are usually
purchased in the same PO), while POQuantity is supposed
to be correlated with TotalValue (more items ordered indi-
cate highervalue of the order). As a result, we removed
POQuantity and POItem as we had met the requirement of a
strong theoretical motivation for the elimination of predic-
tors to reduce multicollinearity that is called for in the extant
literature (O'Brien, 2007). After removing POQuantity and
POItem from our model and recalculating the VIF values,
we confirmed that multicollinearity is not a major concern in
our model (VIF < 2.0). We have considered VIF values for
further investigation into multicollinearity. The variables
with VIF values exceeding 5 show signs of serious
multicollinearity. In such cases, the variables were removed
from the consideration set.
The final model is formulated as follows:
log odds ratio ¼ intercept þ c1 * POnumber ðcategorgicalÞ
þ c7 * TotalValue þ c17 * CheckDate^ 2
þ c18 * POnumber * POItem
þ c19 * Totalvalue * POQuantity^ 2:
ð10Þ
Accuracy 89.6% 89.1% 87.8% 87.2%
Lemeshow, & Sturdivant, 2013). Given the size of our sam-
ple and the overall good results on both the test and training
data, we expected our model to be an exception to the rule.
Exhibit 7 provides additional test statistics. While the Cox
and Snell/Nagelkerke R-squared values are comparably low,
they are at an appropriate level for a data sample of our size.
Furthermore, very high R-squared values could indicate
overfitting (Cox & Snell, 1989; Nagelkerke, 1991). Given
that our model retrieves comparable results for both the
training and test data sets, we concluded that overfitting
(or underfitting) is not an issue. Furthermore, the −2log like-
lihood is significantly decreased when compared with the
initial model that includes all the variables, thus implying an
improved fit with our data (see Exhibit 7). When assessing
the significance of the predictors and interaction effects, we
saw that they are all significant at the p < .01 level, with
considerably high Wald test scores (Greene, 2012; see
Exhibit 9).
We considered the issues of model endogeneity, that is,
the correlation of the dependent variable with the error term
(Greene, 2012), but they are not of major concern for this
particular model. The three main issues for endogeneity are
omitted variables, simultaneity issues, and measurement

While the new model shows a smaller overall percentage EXHIBIT 9 Predictor statistics (categorical variables
classified correctly compared with the original model (see indicated by [cat])
Exhibit 8), we are confident that the results are significantly
more robust, as the model has adequately addressed the Predictor Wald df Sig.
issues of multicollinearity and includes polynomial expres- PO_Number (cat) 249.136 26 .000
sions. We also conducted a Hosmer-Leme show goodness- TotalValue 28.212 1 .000
of-fit test to see whether the model fits our data. This test POItem * PO_Number (cat) 543.083 20 .000
indicates a good fit if the results are not significant. In our CheckDate_squared 369.772 1 .000
particular case, the test yielded significant results; however,
TotalValue * POQuantity_squared 83.786 1 .000
the test might yield significant results for models that have a
Intercept 89.581 1 .000
good fit when applied to a big data set (Hosmer,
76
errors for either the dependent or independent variables
(Roberts & Whited, 2012). Due to the framework of our
research question, omitted variables should be of no con-
cern. While there are certainly predictors that might help to
reach a higher automatic fraud classification, we seek to for-
mulate a model that is working with the same data set as
provided to an auditor—in this case, PO transactions. All of
the data attributes were extracted from the ERP system of
the focal firm and included in the first iteration of the model;
only significant variables were retained. As a result, omitted
variables that cause endogeneity are unlikely to do
so. Simultaneity refers to reverse causality between the inde-
pendent and dependent variables, which is not an issue due
to our approach which uses a BLR. While it can be the case
in nonbinary multiple regressions that the dependent variable
affects the independent variables rather than vice versa, our
dependent variable is a binary flag that is allocated after the
transaction is drawn from the ERP system, that is, transac-
tions are flagged ex post, and reverse causality is thus impos-
sible. Finally, endogeneity can be caused by measurement
errors. Our dependent variable is a binary flag that was allo-
cated by an auditor. Even if the flag was unjustly allocated
(false positive through human error), that should be of no
concern to the actual performance of our model. Similarly,
the independent variables were drawn directly from the
ERP—any measurement or value errors in the ERP itself
were exogenous to our model and, in fact, additional evi-
dence of fraud detection.
5 | DISCUSSI ON OF R E SUL T S
In this section, we discuss the implications of our predictive
model. We used a BLR model to classify PO transactions
into fraudulent and nonfraudulent transactions based on ERP
data. As will be elaborated below, we showed evidence that
data analytics can provide considerable support to both inter-
nal and external auditors. For internal auditors, a major ben-
efit of our approach is that the model is able to predict
whether a transaction is fraudulent in real time. As soon as
the transaction takes place, this model is applied to the data
to determine its authenticity. If the model judges the transac-
tion to be fraudulent, then a flag is raised immediately, and
further steps can be taken. For external auditors, a data-
driven forensic audit approach can greatly reduce manual
labor and improve the objectivity of the findings, as the ini-
tial sample of the transactions to be put under scrutiny
selected by the model is significantly smaller.
5.1 | Modeling implications
In our model, we used a number of explanatory variables
that are either quantitative or categorical or a mixture of
SINGH ET AL.
EXHIBIT 10 Overview of different cutoff values and
results for the test data
Cutoff value 0.1 0.15 0.2 0.25
Nonflag accuracy 88.40% 93.10% 98.50% 99.10%
Flag accuracy 68.60% 30.40% 26% 22.90%
True positive 420 186 157 140
False positive 1,040 616 139 80
True negative 7,940 8,364 8,841 8,900
False negative 192 426 455 472
both. Overall, we found that the classification accuracy of
our model is significantly improved by a series of different
steps as follows. First, deriving additional variables from the
data can help to improve accuracy. In our particular case, the
time difference in days between a change of quantity or
value of a PO and the date it was settled proved to be a
potent predictor regardless of whether fraudulent behavior
was involved. Other derived variables included complete-
ness, sum, and value checks. Second, categorical implemen-
tation is particularly helpful for nominal variables like “item
number” or “purchase order number.” Checking for fraudu-
lent behavior based on these categories helped to signifi-
cantly boost both the specificity and sensitivity of our
proposed approach. Third, a polynomial formulation can
help further improve the model by increasing the fit with the
data; however, higher-degree polynomials should be treated
with caution to avoid overfitting.
Looking at the classification threshold, that is, the “cutoff
value,” of our model, we were able to analyze how a change
in the cutoff values would affect our results. We settled on a
comparably low cutoff value to better reach our goal of fraud
classification, following the rationale that the economic
effects of a false negative (a fraudulent transaction is not
found) significantly outweigh the economic impacts of false
positives (a nonfraudulent transaction needs to be double-
checked by an auditor). We observed through the tests that
there are very few false negatives compared to false posi-
tives (false positives are far more in number). This makes
sense in a fraud context. Indeed, while a cutoff value of 0.1
showed promising results of around 70% specificity and
88% sensitivity, the efficacy of the model quickly dimin-
ished as the cutoff value was increased (see Exhibits 10 and
11). While increasing this value would improve the overall
accuracy of the model, a disproportionate decrease in speci-
ficity would not warrant this change.
5.2 | Auditing and contracting costs
By casting our empirical findings in the agency theory
framework discussed in the literature review, we formulated
propositions on how data-driven auditing can affect the
SINGH ET AL.
EXHIBIT 11 Prediction accuracy of test data for different cutoff values
100.00%
90.00%
80.00%
70.00%
60.00%
50.00%
40.00%
30.00%
20.00%
10.00%
0.00%
0.1 0.15
test data non-flag accuracy
current relationships among the agent, principal, and auditor.
Adams (1994) proposed an agency theory framework for
internal audit functions, and the appointment and perfor-
mance evaluation of external auditors. Audits are highly
complex social processes, and subject to the conflict of
divergence of interests between shareholders and owners,
which might affect auditor performance and independence
(Arya & Glover, 2014; Suddaby, Gendrom, & Lam, 2009).
Singh and Best (2016) demonstrated the technical feasibility
of implementing multiview visualization methods to assist
auditors in reviewing the integrity of high-volume account-
ing transactions. In connection to these findings and our
prior discussion of the principal-agent dilemma and the
underlying risk of moral hazard, we argue that an approach
that helps to analyze, identify, and visualize data in a better
way reduces information asymmetry by making the data
more accessible to both the principal and agent. Indeed, reg-
ulatory institutions (including the PCAOB) make a strong
case for an approach that increases rigor and quality in the
auditing process. It would be useful to explore and adopt an
approach that would make the audit more efficient and thus
help auditors be better agents in this process. An improve-
ment in efficiency in identifying fraudulent transactions
greatly improves a forensic audit process. It clearly reduces
information asymmetry and brings transparency to the prin-
cipal (shareholder in this case). The argument about a more
efficient audit makes sense since perpetration of fraud is
itself a highly costly matter for the principal. A data
analytics-based model detects fraud (and not just the risk of
fraud through flags). To reduce the information risk of inves-
tors, such objective and data-driven tools are appropriate
methods to achieve this aim. However, improved data avail-
ability and monitoring procedures can also benefit a com-
pany in many ways. Internally, it should disincentivize
agents from engaging in self-interest maximization and
77
0.2 0.25
test data flag accuracy
fraudulent activities, as they are aware that all transactions
can be objectively monitored by the system in real time,
which in return should make it easier to align the interests of
the agent and the principal (Hatzakis, Nair, & Pinedo, 2010).
Consequently, we conjecture the following:
Proposition 1 A data-driven approach to auditing can
reduce contracting costs by reducing asymmetric informa-
tion and the incentive of agents toward fraudulent behavior.
5.3 | Auditing and auditor independence
As elaborated earlier, there have been a variety of studies on
various aspects of data-driven approaches to auditing. In par-
ticular, classification techniques like clustering have been
applied to data to find transactions that are anomalous
(Cecchini et al., 2010; Thiprungsri & Vasarhelyi, 2011).
Overall, such techniques can help to identify patterns and
predict future criminal activities (Bagchi, 2016). Objective,
data-driven evidence can also help support auditors in their
judgment and contribute to their position as an independent
monitor (Adams, 1994; Law, 2008). In addition, audit assur-
ance needs periodic reviews to investigate past transactions and
financial statements. Auditors are therefore necessary interme-
diaries between investors and management and providing reli-
able and trusted financial statements to the general public.
However, auditors are still human—and in this role as suscepti-
ble to fraudulent behavior as managers. Therefore, there is an
increasing call for technology-based auditing techniques to
reduce the subjective judgment of auditors (Loughran &
McDonald, 2016). Continuous auditing and measuring provide
a regular framework for positive assurance in audits (Corona &
Randhawa, 2010; Kuenkaikaew & Vasarhelyi, 2013). As our
model shows, data-driven approaches to auditing can reduce
78
manual intervention and avoid subjective judgment. Further-
more, an exhaustive review is possible since the entire data set
can be tested continuously, which leaves out the necessity for
sample vouching. As a result, our findings suggest that auditor
independence and autonomy in reporting are improved by
data-driven auditing, and we correspondingly postulate the
following:
Proposition 2 A data-driven approach to auditing can
improve the independence of auditors by providing objective
data that reduce manual intervention and the need for sub-
jective judgment.
5.4 | Managerial implications
Our findings indicate that data driven auditing techniques
yield significant value for practitioners. Apart from the
potential to ease the conflict between ownership and man-
agement, and improve the efficacy and independence of
auditors, the proposed model offers several additional bene-
fits for managers. First, the model offers a high degree of
flexibility. As new fraud techniques or suspicious behavior
becomes apparent, the algorithm can be easily and quickly
adapted to account for the changed environment. It is also
flexible in terms of the data used; while our presented exam-
ple is based on PO data, other ERP output could also pro-
vide a good base for further fraud detection, for example,
GRNs, GLs, and so on and so forth. Furthermore, the model
can be easily adapted to changes in the regulatory frame-
work and auditing standards as well. Second, the model
offers fraud detection in real time, as transactions can be
checked and flagged as they are processed by the system—
this has significant psychological repercussions for managers
who intend to carry out fraudulent behavior, as they might
have to face immediate consequences when detected. Fur-
thermore, real-time application has the positive side effect of
improved classification accuracy, as more and more data are
added to the model. Third, apart from supporting companies
in fraud detection, the model can help to generate business
insights from the data that it processes; in this way, man-
agers with appropriate data literacy and business acumen
can identify sources of vulnerability and inefficiency, and
improvement potential in their internal system.
However, these benefits cannot be reaped without a cer-
tain degree of investment. Companies need to ensure that
their data are complete and well-maintained, and of high
quality to enable predictive models to work at full efficiency.
Subsequently, the model has to be set up and fine-tuned in
an iterative process to emulate the underlying realities as
closely as possible. After initialization, both the data and
model need to be maintained, improved, and adapted, thus
SINGH ET AL.
requiring continuous investment in data analytics expertise
within the company; this might include the creation of addi-
tional positions within the company that are in charge of
data and model management. Furthermore, managers need
to improve their data literacy to ensure that they can make
full use of the model output and generate appropriate busi-
ness insights accordingly. Similarly, auditors need to
improve their understanding of data analytics (which has
important implications for the training and education of
future auditors), and data analytics experts need to be added
to auditing teams that plan to apply data-driven auditing.
5.5 | Limitations of the study
However, there are a few limitations to our research work.
First, there is a positive correlation between data and predic-
tion accuracy; as the size of the data set increases to a certain
sample size, the prediction accuracy is likely to increase as
well, after which the learning curve will gradually flatten
out. As a result, all models are limited by the availability of
real-life data. While our data set has a sufficient size to make
good predictions, the accuracy could be further improved by
increasing either the size of the data, or enriching accuracy
with further data attributes, for example, from GRNs, GLs,
and so forth. Second, there might be many types of fraud
possible that we are unable to detect with our model. How-
ever, given that we use the same tools and rules as an audi-
tor, and come to similar results, it is highly unlikely that an
auditor would have detected these fraudulent transactions.
Third, our data set is generated from a single company. We
purposely choose to emulate the setting of an external audit
(i.e., ERP output from a single firm) as closely as possible to
investigate the benefits of data-driven auditing. For external
validity, our model could be tested by using the ERP outputs
of different companies. Fourth, while the data are thoroughly
checked to account for any corrupted or faulty entries, we
cannot guarantee that all of the erroneous entries are
removed, particularly minor errors. Furthermore, given that
the data are collected directly from the ERP system of the
focal company, there might be input-related issues affiliated
with the data. However, given the size of the data set and the
robust results, we argue that this is not a major issue. Simi-
larly, the same line of reasoning holds true when it comes to
nonjustified flags in our data set.
Furthermore, it should be noted that, in today's business
where the audited financial information of enterprises is
available in the public domain, other factors also might
affect these relationships, and it is vital to acknowledge that
this is not the only exhaustive theory to explain the auditing
process, as other economic theories can also be relevant for
analyzing audits. A single agency theoretical lens for analyz-
ing audits is unlikely to provide all the answers.
SINGH ET AL.
6 | CONCLUSI ON S
The occurrence of management fraud increases as the sepa-
ration of ownership and control in modern companies pro-
vides strong incentives for managers to act in self-interest.
While fraud techniques are evolving, so are regulatory
frameworks and auditing processes in order to detect and
disincentivize fraud. Information technology is an important
enabler to improve this relation. While agents might use
loopholes in IT systems, and the massive volumes of data
generated and stored to mask their fraudulent behavior, prin-
cipals (and, by extension, auditors) can apply data analytics
to detect fraud in real time. Consequently, there is a strong
need for continued research on data driven analytical
methods in auditing to improve fraud detection capability.
Thus, we present a model for predictive analysis in
auditing, based on real-life accounting data. The proposed
predictive model complements the rule-based approach
while also extending the ambit of detection by using multi-
variate analysis. In the presented case, we find logistic
regression to be a very effective approach that can facilitate
to reduce fraud risk. This approach offers a variety of bene-
fits over traditional auditing techniques. Most importantly, it
makes information more accessible, thus alleviating the con-
flict of interest between owners and managers, as fraud is
more likely to be detected and consequently disincentivized.
Furthermore, the model enables principals to monitor trans-
actions in real time with less manual effort. As a result, mon-
itoring and contracting costs are expected to decrease,
allowing for the design of more efficient contractual devices.
This also enables policy makers and regulatory bodies to
react to new forms of management fraud in a timelier man-
ner as they are detected for better alignment of regulations
with current market requirements.
Our study is relevant for both external and internal audi-
tors. For the former, this approach can help to significantly
reduce the manual effort and time required, as vouching and
sample reviews (that reflect the inspection of documentary
papers supporting or substantiating a transaction by an audi-
tor) can be reduced through a data driven process. For the
latter, data-driven approaches offer a higher degree of objec-
tivity and can help to increase their independence. Both fac-
tors are expected to significantly improve audit quality, both
internally and externally.
7 | D I R E C T I O N S F O R FU T U R E
RESE ARCH
The modeling technique (e.g., classification) adopted in any
fraud detection study would depend on the nature of data
and also the context. The context can be related to procure-
ment, operations, revenue, cyber forensics, and so forth. In
79
all such contexts, there could be variety of modeling tech-
niques that can be applied. As a future research direction, it
would be useful to perform comparative analytics of various
classification techniques that are used for fraud detection.
We have not done a comparative analysis of different classi-
fication techniques but attempted to illustrate how a particu-
lar technique can be applied for fraud detection in a specific
context of accounting data. Since there are limited, relevant
studies examining multiple classifiers and combination
methods in fraud detection, there is an opportunity to do fur-
ther research study of comparing classification techniques
including Logistic Regression, multilayer perceptron, neural
networks, support vector machines, decision trees and
others. As a future research, it would be useful to conduct
exhaustive accuracy tests on the test and data. Prediction
accuracy of test data for different cutoff thresholds can be
checked at different levels. The cutoffs can change, how-
ever, depending on the context of study accounting, cyber
forensics and others.
ENDNOTES
1
URL: https://www.acfe.com/
2
URL: https://pcaobus.org/
REF ER ENC ES
ACFE. (2016). Report to the nation: Occupational fraud and abuse.
Available at http://www.acfe.com/rttn2016.aspx
Adams, M. B. (1994). Agency theory and the internal audit. Manage-
rial Auditing Journal, 9(8), 8–12.
Alles, M., & Gray, G. L. (2015). The pros and cons of using big data in
auditing: A synthesis of the literature and a research agenda. Pro-
ceedings of the 9th Biennial Research Symposium. Toronto,
Ontario: Canada
Arya, A., & Glover, J. (2014). Auditor independence revisited. Journal
of Accounting, Auditing and Finance, 29(2), 188–198.
Baesens, B., Van Gestel, T., Viaene, S., Stepanova, M., Suykens, J., &
Vanthienen, J. (2003). Benchmarking state-of-the-art classification
algorithms for credit scoring. The Journal of the Operational
Research Society, 54(6), 627–635.
Baesens, B., Van Vlasselaer, V., & Verbeke, W. (2015). Fraud analyt-
ics using descriptive, predictive, and social network techniques: A
guide to data science for fraud detection. Hoboken, NJ: John
Wiley & Sons.
Bagchi, S. (2016). How big data can be used to predict crime patterns.
Available at http://www.cxotoday.com/story/how-big-data-can-be-
used-to-predict-crime-patterns
Baiman, S. (1990). Agency research in managerial accounting: A sec-
ond look. Accounting, Organizations and Society, 15(4), 341–371.
Baiman, S., & Demski, J. (1980). Economically optimal performance
evaluation and control systems. Journal of Accounting Research,
18, 184–220.
80
Bell, T. B., & Carcello, J. V. (2000). A decision aid for assessing the
likelihood of fraudulent financial reporting. Auditing: A Journal of
Practice & Theory, 19(1), 169–184.
Benston, G. J., & Hartgraves, A. L. (2002). Enron: What happened and
what we can learn from it. Journal of Accounting and Public Pol-
icy, 21(2), 105–127.
Bierstaker, J. L., Brody, R. G., & Pacini, C. (2006). Accountants' per-
ceptions regarding fraud detection and prevention methods. Mana-
gerial Auditing Journal, 21(5), 520–535.
Bolton, R. J., & Hand, D. J. (2002). Statistical fraud detection: A
review. Statistical Science, 17, 235–249.
Bonchi, F., Giannotti, F., Mainetto, G., & Pedreschi, D. (1999). A
classification-based methodology for planning audit strategies in
fraud detection. Proceedings of the Fifth ACM SIGKDD Interna-
tional Conference on Knowledge Discovery and Data Mining
(pp. 175–184) San Diego, California: USA.
Bonsu, O. M., Dui, L. K., Muyun, Z., Asare, E. K., & Amankwaa, I. A.
(2018). Corporate fraud: Causes, effects, and deterrence on finan-
cial institution in Ghana. European Scientific Journal, 14(28),
315–335.
Borthick, A. F. (2012). Designing continuous auditing for a highly
automated procure-to-pay process. Journal of Information Systems,
26(2), 153–166.
Breiman, L. (1996). Bagging predictors. Machine Learning, 24,
123–140.
Breiman, L. (2001). Random forests. Machine Learning, 45, 5–32.
Caldeira, E., Brandao, G., Campos, H., & Pereira, A. (2012). Charac-
terizing and evaluating fraud in electronic transactions. 2012 Eighth
Latin American Web Congress (pp. 115–122) Cartagena de Indias:
Colombia.
Campos, G. O., Zimek, A., Sander, J., Campello, R. J. G. B.,
Micenkova, B., Schubert, E., … Houle, M. (2016). On the evalua-
tion of unsupervised outlier detection: Measures, datasets, and an
empirical study. Data Mining and Knowledge Discovery, 30(4),
891–927.
Carnes, K. C., & Gierlasinski, N. J. (2001). Forensic accounting skills:
Will supply finally catch up to demand? Managerial Auditing Jour-
nal, 16(6), 378–382.
Cecchini, M., Aytug, H., Koehler, G. J., & Pathak, P. (2010). Detecing
management fraud in public companies. Management Science, 56
(7), 1146–1160.
Ceresney, A. (2013). Fiancial reporting and accounting fraud. Ameri-
can law institute continuing legal education. Washington, DC: US
Securities and Exchange Commission.
Chaney, P. K., & Philipich, K. L. (2002). Shredded reputation: The cost
of audit failure. Journal of Accounting Research, 40(4),
1221–1245.
Clive, L. (2005). Management ownership and audit firm size. Contem-
porary Accounting Research, 22(1), 205–227.
Cohen, J., Krishnamoorthy, G., & Wright, A. M. (2002). Corporate
governance and the audit process. Contemporary Accounting
Research, 19(4), 573–593.
Cohen, J., Krishnamoorthy, G., & Wright, A. M. (2008). Form versus
substance: The implications for auditing practice and research of
alternative perspectives on corporate governance. Auditing: A Jour-
nal of Practice & Theory, 27(2), 181–198.
Corona, C., & Randhawa, R. S. (2010). The auditor's slippery slope:
An analysis of reputational incentives. Management Science, 56(6),
924–937.
SINGH ET AL.
Cox, D. R., & Snell, E. J. (1989). The analysis of binary data (2nd ed.).
London, UK: Chapman and Hall.
Crawford, L., Helliar, C., & Monk, E. A. (2011). Generic skills in audit
education. Accounting Education, 20(2), 115–131.
Darlington, R. B. (1990). Regression and linear models. New York,
NY: McGraw-Hill.
Davis, G. F. (1991). Agents without principles? The spread of the poi-
son pill through the intercorporate network. Administrative Science
Quarterly, 36(4), 583–613.
De Sa, A. G. C., Pereira, A. C. M., & Pappa, G. L. (2018). A custom-
ized classification algorithm for credit card fraud detection. Engi-
neering Applications of Artificial Intelligence, 72, 21–29.
DeBoer, M., Eimers, P., & Elsa, P. (2014). Reengineering the audit in a
digitized environment—Developments in practice, challenges for
auditing standards and opportunities for further research. Interna-
tional Symposium on Audit Research, Maastricht: Netherlands
Dechow, N., & Mouritsen, J. (2005). Enterprise resource planning sys-
tems, management control and the quest for integration. Account-
ing, Organizations and Society, 30(7–8), 691–733.
Dechow, P. M., Ge, W., Larson, C. R., & Sloan, R. G. (2011).
Predicting material accounting misstatements. Contemporary
Accounting Research, 28(1), 17–82.
DeFond, M. L., & Francis, J. R. (2005). Audit research after Sarbanes-
Oxley. Auditing: A Journal of Practice & Theory, 24, 5–30.
Dionne, G., Giuliano, F., & Picard, P. (2009). Optimal auditing with
scoring: Theory and application to insurance fraud. Management
Science, 55(1), 58–70.
Earley, C. E. (2015). Data analytics in auditing: Opportunities and chal-
lenges. Business Horizons, 58, 493–500.
Eining, M. M., Jones, D. R., & Loebbecke, J. K. (1997). Reliance on
decision aids: An examination of auditors' assessment of manage-
ment fraud. Auditing: A Journal of Practice & Theory, 16(2),
16–19.
Eisenhardt, K. (1985). Control: Organizational and economic
approaches. Management Science, 31(2), 134–149.
Eisenhardt, K. (1989). Agency theory: An assessment and review.
Academy of Management Review, 14(1), 57–74.
Elder, R. J., Akresh, A. D., Glover, S. M., Higgs, J. L., & Liljegren, J.
(2013). Audit sampling research: A synthesis and implications for
future research. Auditing: A Journal of Practice & Theory, 32(1),
99–129.
Fagart, M.-C., & Singlair-Desgagné, B. (2007). Ranking contingent
monitoring systems. Management Science, 53(9), 1501–1509.
Fama, E. F., & Jensen, M. (1983). Separation of ownership and control.
The Journal of Law and Economics, 26(2), 301–325.
Finlay, S. (2011). Multiple classifier architectures and their application
to credit risk assessment. European Journal of Operational
Research, 210(2), 368–378.
Fogarthy, J. A., Graham, L., & Schubert, D. R. (2006). Assessing and
responding to risks in a financial statement audit. Journal of
Accountancy, 202(1), 43.
Francis, J. R. (2004). What do we know about audit quality? British
Accounting Review, 36(4), 345–368.
Freund, Y., & Schapire, R. E. (1996). Experiments with a new boosting
algorithm. In Proceedings of the 13th International Conference on
Machine Learning. Bari, Italy: Morgan Kaufmann.
Friedman, J. H. (2002). Stochastic gradient boosting. Computational
Statistics & Data Analysis, 38, 367–378.
SINGH ET AL.
Gepp, A., Linnenluecke, M. K., O'Neill, T. J., & Smith, T. (2018). Big
data techniques in auditing research and practice: Current trends
and future opportunities. Journal of Accounting Literature, 40,
102–115.
Gibbons, R. (2005). Incentives between firms (and within). Manage-
ment Science, 51(1), 2–17.
Green, B. P., & Choi, J. H. (1997). Assessing the risk of management
fraud through neural network technology. Auditing: A Journal of
Practice & Theory, 16(1), 14–28.
Green, M., Björk, J., Forberg, J., Ekelund, U., Edenbrandt, L., &
Ohlsson, M. (2006). Comparison between neural networks and multi-
ple logistic regression to predict acute coronary syndrome in the emer-
gency room. Artificial Intelligence in Medicine, 38(3), 305–318.
Greene, W. H. (2012). Econometric analysis (7th ed.). Boston, MA:
Pearson.
Hair, J. F., Anderson, R., Tatham, R. L., & Black, W. C. (2006). Multi-
variate Data Analysis. Upper Saddle River, NJ: Prentice Hall.
Hansen, J. V., McDonald, J. B., Messier, W. F. J., & Bell, T. B. (1996).
A generalized qualitative-response model and the analysis of man-
agement fraud. Management Science, 42(7), 1022–1032.
Hatzakis, E. D., Nair, S. K., & Pinedo, M. (2010). Operations in finan-
cial services—An overview. Production and Operations Manage-
ment, 19(6), 633–664.
Hayes, R., Dassen, R., Schilder, A., & Wallage, P. (2005). Principles
of auditors: An Introduction to international standards on auditing.
Edinburgh, UK: Pearson Education Limited.
Holmström, B. (1979). Moral hazard and observability. The Bell Jour-
nal of Economics, 10(1), 74–91.
Hosmer, D. W., Lemeshow, S., & Sturdivant, R. X. (2013). Applied
logistic regression (3rd ed.). Hobokon, NJ: John Wiley & Sons.
Jaccard, J., & Lewis-Back, M. (2011). Interaction effects in logistic
regression (1st ed.). Thousand Oaks, CA: SAGE Publications.
Jayasimhan, A., & Gadge, J. (2012). Anomaly detection using a cluster-
ing technique. International Journal of Applied Information Sys-
tems, 2(2), 5–9.
Jensen, M., & Meckling, W. (1976). Theory of the firm: Managerial
behavior, agency costs and ownership structure. Journal of Finan-
cial Economics, 3(4), 306–360.
Khattree, R., & Naik, D. N. (1999). Applied multivariate statistics with
SAS software (2nd ed.). Cary, NC: SAS Institute.
Kirkos, E., Spathis, C., & Manolopoulos, Y. (2007). Data mining tech-
niques for the detection of fraudulent financial statements. Expert
Systems with Applications, 324, 995–1003.
Knorr, E. M., Ng, R. T., & Tucakov, V. (2000). Distance-based out-
liers: Algorithms and applications. The VLDB Journal, 8, 237–253.
Kriegel, A. (2011). Discovering SQL: A hands-on guide for beginners
(1st ed.). Birmingham, UK: Wrox.
Kuenkaikaew, S., & Vasarhelyi, M. A. (2013). The predictive audit
framework. The International Journal of Digital Accounting
Research, 13, 37–71.
Kumari Tiwari, R., & Debnath, J. (2017). Forensic accounting: A blend
of knowledge. Journal of Financial Regulation and Compliance,
25(1), 73–85.
Law, P. (2008). An empirical comparison of non-Big 4 and Big 4 audi-
tors' perceptions of auditor independence. Managerial Auditing
Journal, 23(9), 917–934.
Lim, T., Loh, W., & Shih, Y. (2000). A comparison of prediction accu-
racy, complexity and training time of thirty-three old and new clas-
sification algorithms. Machine Learning, 40(3), 203–229.
81
Loughran, T., & McDonald, B. (2016). Textual analysis in accounting
and finance: A survey. Journal of Accounting Research, 54(4),
1187–1230.
Luo, Y. (2005). How does globalization affect corporate governance
and accountability? A perspective from MNEs. Journal of Interna-
tional Management, 11, 19–41.
Milgrom, P. R., & Roberts, J. D. (1992). Economics, organization and
management. Englewood Cliffs, NJ: Prentice Hall.
Mohd-Sanusi, Z., & Mohd-Iskandar, T. (2007). Audit judgment perfor-
mance: Assessing the effect of performance incentives, effort and
task complexity. Managerial Auditing Journal, 22(1), 34–52.
Murphy, M. L., & Tysiac, K. (2015). Data analytics helps auditors gain
deep insight. Journal of Accountancy, 53(3), 52–58.
Nagelkerke, N. J. (1991). A note on a general definition of the coeffi-
cient of determination. Biometrika, 78, 691–692.
Ngai, E. W. T., Hu, Y., Wong, Y. H., Chen, Y., & Sun, X. (2011). The
application of data mining techniques in financial fraud detection:
A classification framework and an academic review of literature.
Decision Support Systems, 50, 559–569.
O'Brien, R. M. (2007). A caution regarding rules of thumb for variance
inflation factors. Quality & Quantity, 41, 673–690.
Orimoloye, L. (2017). Are ensemble classifiers always better than sin-
gle classifiers? Charlotte (North Carolina), USA: SAS Insitute.
Paleologo, G., Elisseef, A., & Antonini, G. (2010). Subagging for
credit scoring models. European Journal of Operational Research,
201, 490–499.
Pardoe, I. (2008). Modeling home prices using realtor data. Journal of
Statistics Education, 16(2) Available at https://pcaobus.org/
Power, M. (2013). The apparatus of fraud risk. Accounting, Organiza-
tions and Society, 38(6–7), 525–543.
Provost, F., & Fawcett, T. (2001). Robust classification for imprecise
environments. Machine Learning, 42, 203–231.
Ravisankar, P., Ravi, V., Raghava Rao, G., & Bose, I. (2011). Detec-
tion of financial statement fraud and feature selection using data
mining techniques. Decision Support Systems, 50(2), 491–500.
Rezaee, Z., & Burton, E. J. (1997). Forensic accounting education:
Insights from academicians and certified fraud examiner practi-
tioners. Managerial Auditing Journal, 12(9), 479–489.
Roberts, M. R., & Whited, T. M. (2012). Endogeneity in empirical cor-
porate finance (Simon School Working Paper No. FR 11-29).
Sahin, Y., Bulkan, S., & Duman, E. (2013). A cost-sensitive decision
tree approach for fraud detection. Expert Systems with Applications,
40, 5916–5923.
Shen, A., Tong, R., & Deng, Y. (2007). Application of classification
models on credit card fraud detection. International Conference on
Service Systems and Service Management (pp. 1–4) Chengdu:
China.
Shmueli, G. (2010). To explain or to predict? Statistical Science, 25(3),
289–310.
Sikka, P. (2009). Financial crisis and the silence of the auditors.
Accounting, Organizations and Society, 34(6–7), 868–873.
Singh, K., & Best, P. (2016). Interactive visual analysis of anomalous
accounts payable transactions in SAP enterprise systems. Manage-
rial Auditing Journal, 31, 35–63.
Singh, N., Cheng, T. C. E., & Lai, K.-H. (2017). A data analytics-based
approach to auditing. Internal Auditing, (July/August), 1–9.
Stratman, J. K. (2007). Realizing benefits from enterprise resource
planning: Does strategic focus matter? Production and Operations
Management, 16(2), 203–216.
82 SINGH ET AL.

Suddaby, R., Gendrom, Y., & Lam, H. (2009). The organizational con- and random forests to identify effective gene-gene and gene-
text of professionalism in accounting. Accounting, Organizations environmental interactions. International Journal of Applied Sci-
and Society, 34(3–4), 409–427. ence and Technology, 2(7), 268–280.
Summers, S. L., & Sweeney, J. T. (1998). Fraudulently misstated finan- Zakharov, R., & Dupont, P. (2011). Ensemble logistic regression for
cial statements and insider trading: An empirical analysis. The feature selection. IAPR International Conference on Pattern Recog-
Accounting Review, 73(1), 131–146. nition in Bioinformatics (pp. 133–144). Delft: The Netherlands.
Swets, J. A., & Pickett, R. M. (1982). Evaluation of diagnostic systems: Zhang, G., Patuwo, B. E., & Hu, M. Y. (1998). Forecasting with artifi-
Methods from signal detection theory. New York, NY: Academic cial neural networks: The state of the art. International Journal of
Press. Forecasting, 14, 35–62.
Tackett, J. A. (2013). Association rules for fraud detection. Journal of
Corporate Accounting & Finance, 24(4), 15–22.
Tsai, C. F. (2014). Feature selection in bankruptcy prediction. Knowl- A U T H O R B I O G R A P HI E S
edge-based Systems, 22(2), 120–127.
Thiprungsri, S., & Vasarhelyi, M. A. (2011). Cluster analysis for
anomaly detection in accounting data: An audit approach. The
Nitin Singh is a chair—business analytics at IIM
International Journal of Digital Accounting Research, 11, Kashipur and an advisor at KPMG, India.
69–84.
Titera, W. R. (2013). Updating audit standard-enabling audit data anal-
Kee-hung Lai is a professor at Faculty of Business, The
ysis. Journal of Information Systems, 27(1), 325–331. Hong Kong Polytechnic University.
Toon, M. (2015). Going beyond the data: Achieving actionable insights
Markus Vejvar is a PhD graduate at Faculty of Busi-
with data and analytics. KPMG Capital.
Van Vlasseler, V., Bravo, C., Caelen, O., Eliassi-Rad, T., Akoglu, L., ness, The Hong Kong Polytechnic University.
Snoeck, M., & Baesens, B. (2015). APATE: A novel approach for
T. C. E. Cheng is a chair professor of management and
automated credit card transaction fraud detection using network-
based extensions. Decision Support Systems, 75, 38–48.
dean at Faculty of Business, The Hong Kong Polytechnic
Viaene, S., Derrig, R. A., Baesens, B., & Dedene, G. (2002). A com- University.
parison of state-of-the-art classification techniques for expert auto-
mobile insurance claim fraud detection. The Journal of Risk and
Insurance, 69(3), 373–421.
Wallace, W. (1980). The economic role of the audit in free and regu- How to cite this article: Singh N, Lai K, Vejvar M,
lated markets. New York, NY: Macmillan Publishing.
Cheng TCE. Data-driven auditing: A predictive
Xu, Y., Pinedo, M., & Xue, M. (2017). Operational risk in financial
services: A review and new research opportunities. Production and
modeling approach to fraud detection and
Operations Management, 26(3), 426–445. classification. J Corp Acct Fin. 2019;30:64–82.
Yoo, W., Ference, B. A., Cote, M. L., & Schwartz, A. (2021). A com- https://doi.org/10.1002/jcaf.22389
parison of logistic regression, logic regression, classification tree,