Using Automation for the Early Detection and Prevention of Fraud

Using Automation for the Early Detection and Prevention of Fraud

Automated tools can assist auditors in processing large amounts of data in an effort to protect the company from would-be thieves.

Edmund C. Weiss, Jr.
Managing Director, Protiviti

During my 25 years as the chief audit executive (CAE) at a large regional bank holding company located in the Northeast, the internal audit group found that fraud losses were increasing. Corporate security was a strictly reactive group when it came to fraud losses and had no interest in becoming proactive in preventing fraud. So we decided to establish a fraud audit group within Internal Audit Services.

Initially set up as a one-person shop with strong support from the financial and IT audit staffs, this senior auditor was charged with early detection and prevention of employee and customer fraud. To do this, the group had to use automation to its fullest and work closely with the company’s security department, particularly when interviewing suspects.

The fraud audit group surveyed audit staff members for their ideas on fraud. They asked them:

  • How would a customer or an employee commit a fraud?
  • How could we detect or prevent a fraud?

The audit staff generated more than 100 ideas for detecting/preventing fraud. Of those, we were able to implement approximately 30 before being acquired by a larger bank. Using automated tools, we were able to develop several types of reports.

One of the first areas in which we focused was Accounts Payable (AP) because of its high susceptibility to fraud. From the fraudulent purchase of supplies and materials and other general expenses, AP can be manipulated in several ways, and paying attention to the vendor is as important as keeping an eye on the actual purchase.

AP Fraud Audit Report #1 
For the first AP report, we created an employee file that gathered all employee Social Security numbers, home phone numbers, and home addresses. After eliminating valid employee travel and expense (T&E) reimbursement accounts from the vendor master file, we compared the employee file we generated to the vendor files, looking for identical tax identification numbers, addresses, and/or phone numbers. It was important to check formatting (e.g., St. vs. Street) in the master file to ensure that we didn’t miss matches because of format errors. Any employee matches in the vendor file were thoroughly investigated, as employees should not be doing business with the company.

AP Fraud Audit Report #2  
The second report we generated was for all new vendors added since our last audit, including their name, address, phone number, and purchase activity by month. We also looked into selected new vendors with large activity. We asked if there was a valid reason for a new vendor to have significant activity, such as better pricing or payment terms and investigated any unusual activity. We also investigated Post Office Boxes in the address field to ensure that they were legitimate because they are commonly used to perpetrate frauds.

AP Fraud Audit Report #3 
The third AP report we created required having captured/saved a vendor master file from our previous audit. We extracted changes to the vendor master file for current vendors to look for changes to name or address and changes in terms. We then determined ifthese changes were legitimate and supported by appropriate documentation.

While no vendor or employee problems were found, we did note a potentially serious weakness in our system of internal controls. As a result, we established the following internal control procedures:

  • To be set up as a vendor required two officer signatures (separation of duties).
  • Dun & Bradstreet (D&B) reports were required to be run on all new vendors.
  • A monthly report of all new vendors and changes in vendor information was created and sent to accounting/finance for review and approval.

To prevent AP fraud you must have strong internal controls over the setup of all new vendors in your system. Even the most loyal employees can be tempted to take advantage of a company when the employee falls on difficult times and the opportunity exists.

In discussing teller discrepancies, it was determined that it would be hard for tellers to steal cash without being detected. One way for them to divert funds would be via credit memos (credit to an employee’s account offset by a debit to an income account), so we looked at this area next.

CM Fraud Audit Report #1 
We created an automated program to identify all credit memos to an employee’s bank account (checking, savings, and CDs). Any credit memos over US $1,000 were immediately investigated, as were employee accounts where two or more credit memos were posted in a month and/or six or more posted in a six-month period.

During the two years we ran this report, more than 100 employees (mostly bank tellers) were found to be diverting bank funds to their personal accounts. When we started this review, the average dollars involved were about US $2,500 per culprit. Later in the process, monies involved were less than US $500 per culprit, as we caught the employees very early into their fraud. The number of frauds decreased significantly while the program was in place.

Part of the problem in hiring trustworthy tellers was human resource’s (HR’s) inability to check references with other banks because of potential lawsuits. We subsequently learned that most of these tellers were terminated for theft at their former employer, but weren’t prosecuted by their prior employer. In speaking with several CAEs, many banks have adopted HR policies of viewing a prospective employee’s Facebook account before hiring the employee. Additionally, several banks have had success using new Internet web pages such as”pipl” and “spokeo” to check backgrounds of prospective employees.

To assist our external auditors annually, internal auditing tested interest posted to time deposit (savings and CDs) accounts by creating a software report to test the accuracy of these calculations. Once we found a problem, we decided to run this report quarterly as a fraud audit report.

Savings Fraud Audit Report #1 
For this area, the automated report we created reviewed actual interest posted to the recalculated interest on all time deposit accounts (savings accounts and CDs) on a quarterly basis. Any differences were researched by sampling during our annual audit. Significant differences were investigated immediately.

We noted that there were an abnormal number of differences found in the government banking area. Further research revealed that account representatives were manually giving certain municipalities additional interest to persuade them to keep and/or increase the balances they kept with the bank. The representatives were compensated on the growth of deposits, without profitability being considered. Several employees were terminated and the plan was changed to include profitability of the overall municipal relationship.

It is very important that you look at all of your company’s incentive compensation plans to make sure they have been designed with the appropriate internal controls. Most plans are designed by compensation consultants who know little to nothing about sound internal controls.

The use of Social Security Account Numbers (SSAN) in AP’s Fraud Reports led to testing employee SSAN’s for errors. As part of our pension audit, we decided to look into whether any deceased former employees were still collection pension checks. 

Social Security Fraud Audit Report #1 
To generate this report, we used software that allowed us to determine if Social Security numbers were valid, if the holder was alive or deceased, and when the number was issued. We reviewed our retired employee database to determine which employees were receiving a pension. When we analyzed the SSAN’s for these employees, we found that 10 employees who were deceased were still being mailed pension checks and they were being cashed. The company was able to recover approximately US $100,000 in overpayments and prevented future overpayments as our HR department ran this software quarterly.

Historically, inflating or falsifying travel and entertainment expenses has been a way for employees to steal money from their companies. Since T&E is highly vulnerable to fraud and abuse, the fraud audit group next focused its attention here.

T&E Fraud Audit Report #1 
Using our automated tool, we collected T&E expense data for each employee, including expense by category (meals, travel, lodging, etc.) and date for each of the expenses. We then collected employee vacation dates from our company’s HR system and compared their vacation dates to their expense dates. All expenses incurred during vacation dates were investigated for propriety.

T&E Fraud Audit Report #2 
Using the same data collected for report #1, we compared dates, type, and amounts for duplicate submissions. This resulted in several chronic offenders being terminated by the company for abusing the T&E system.

Overall, the fraud audit reports created using automated tools were extremely valuable in detecting previously undetected frauds. They also helped us prevent future frauds by identifying areas with weak internal controls and improving and strengthening these areas. Automated tools go a long way in improving the efficiency of audit procedures in detecting fraud.

To comment on this article, please e-mail the FSA Times editor at