Digital forensics track schroader-rob when forensics collide
@IIAChicago A Look Ahead: Supply Chain Forensics Seminar Presentations/C2...Senior Manager, Deloitte...
Transcript of @IIAChicago A Look Ahead: Supply Chain Forensics Seminar Presentations/C2...Senior Manager, Deloitte...
IIA Chicago Chapter 53rd Annual SeminarApril 15, 2013, Donald E. Stephens Convention Center
@IIAChicago
#IIACHI
A Look Ahead: Supply Chain Forensics
Combine Data Mining and Forensic Accounting to Combat Financial & Fraud Risks within Supply Chains
Mark PearsonSenior Manager, Deloitte ForensicsDeloitte Financial Advisory Services
Clarke WarrenDirector Forensic InvestigationsJohnson Controls
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 2
Agenda – Supply Chain Forensics
I. The Issue
II. Common Supply Chain Risks and Typical Overspend
III. Use Supply Chain Forensics to Save Money and Reduce Risk
IV. Data Mining Component
V. Forensic Accounting Component
VI. Conclusion
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 4
The Issue
Persistent pressure upon companies to do more with less - Management must produce
increasing profits and return on assets.
To achieve results, organizations increasingly rely upon
business partnerships, which have become
progressively more complex.
The complexity of this reliance can mask
a myriad of financial, regulatory and legal
risks.
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 5
News Headlines
China e-commerce giant Alibaba announced the departure of two executives
after probe showed 2,326 suppliers defrauded online customers.
22 February 2011 Caixin Online, accessed October 12, 2011.
Navy Setting up Contract Fraud Investigation Unit
Alibaba Executives Resign
on Supplier Fraud Scandal
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 7
Common Supply Chain Risks
Lost Revenues
Underreporting of revenue tied to royalties
Missed Cost Savings
Vendor overcharges
Damaged Business Relationship
Over time, a small difference in interpretation can have large impact
Litigation
Reactive alternative that can be very costly and damaging to reputation
Regulatory Inquiries
Supply Chain details may impact financial reporting
Reputational Risks
Transacting business with unsavory entities or people
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 8
Typical Overspend – High Risk Spend Categories
Labor
Overtime rate versus straight-time rate
Labor charged for people not on payroll (ghost employees)
Rates charged are higher than contractually agreed rates
Allocated or Shared Expenses
Facility overhead allocation (or any other allocated expenses)
Shared advertising or marketing costs
Cost Plus Transactions
Vendor is incentivized to go with highest cost provider
Third Party Passthrough's
3rd party pass-through expenses may in fact be for related-party
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 9
Case Study – Supply Chain Fraud: Excerpt from vendor invoice #1095
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 10
Fragments of e-mail messages recovered via computer forensics:
Case Study – e-Discovery and Computer Forensics
From: IT Director
To: Wife
Subject: RE:
ok, XYZ, Co. [employer] is digging deeper
im worried
-----------------------------
From: Wife
To: IT Director
Subject: RE:
how do you know — they call you?
-----------------------------
From: IT Director
To: Wife
Subject: RE:
No called Al for more stuff
From: Wife
To: IT Director
Subject: RE:
Al can handle it — he's good
------------------------------
From: IT Director
To: Wife
Subject: RE:
They‘re asking for a lot of detail - be
praying
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 11
Photo of recovered document detailing the 3-way split of the payment of
invoice #1095
Case Study – ―Smoking gun‖ document recovered
1
32
1 — IT Director2 — Bank Computer Leasing Mgr.3 — Crooked Vendor
1
2
13
3
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 13
Supply Chain Forensics Goals
• Identify fraud risks &
areas to recover
potential
overpayments or
underpayments
• Identify procedural
inconsistencies that
could help the
company strengthen
processes
• Revise agreements
by identifying and
eliminating
accounting loopholes
• Identify payments
that company is not
obligated to make
• Include the ‗right to
audit‘ in future
agreements
• Perform due
diligence on vendor
track record
• Identify relationships
between vendors and
possible related
entities
Identify &
RecoverOverpayments
Negotiate Terms of Future
Agreements
ControlSupply Chain Performance Criteria and Evaluation
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 14
Supply Chain Forensics Process
Due Diligence
& Risk AnalysisData
Mining
Forensic
Accounting
Control &
Remediation
Step 1 Step 2 Step 3 Step 4
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 15
Due Diligence – Visual Relationship Mapping
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 16
Risk Analysis – Supply Chain Fraud Risk Matrix
Source: ―Procurement Integrity Risk Matrix‖, Fraud Risks in the Supply Chain, 2010. Deloitte and Touche Financial Advisory Services Ltd
Procurement Inventory Production Distribution
Employee
only
• Phantom vendors
• False invoices
• Invoice mark-up / alteration
• Redirection of delivery
• Theft of intellectual property
• Theft of inventory
• Fraudulent or improper
inventory capitalization
• Manipulation of inventory
accounting / inventory counts /
quantity (fictitious inventory)
• Falsified documents (shipping
documents, sales orders,
receiving report)
• Theft of intellectual property
• Inaccurate / falsified forecast of
raw materials, spare parts or
finished goods
• Theft of raw materials, finished
goods or scrap
• Sales of backdoor goods
• Redirection of business to an
undisclosed related party
• Personal use of inventory or
assets
• Theft of finished goods
• Mark up transport costs
• Falsified distribution records
• Grey market distribution
Employee &
External
Party
• Bribery / kickbacks
• Conflict of interest
• Collusion in bidding
• Unnecessary / excess orders
• Duplicate ordering
• Duplicate payments
• Order splitting
• Exclusion of qualified vendors
• Theft of intellectual property
• Bribes from subcontractor
• Invoices for goods not
received
• Inventory write off (lost,
obsolete, scrap)
• Corporate espionage
• Kickbacks / bribes may lead to
bias in selection of suppliers /
vendors, inflate forecasts of raw
materials or finished goods
requirements or sabotage
production (also known as
industrial espionage)
• Theft of intellectual property
• Bribery of government
employees
• Collusion with transporters
• Channel stuffing
• Theft of intellectual property
• Theft of finished goods
• Sales of backdoor goods
• Collusion with distributor /
reseller
• Grey market distribution
External
Party i.e.
Supplier/
Distributor
Competitor
• Bribery of third party
• Improper government
relationship
• False or misstated invoices
• Overstatement of business
experience
• Suppliers misrepresenting
their financial, technical or
ethical position
• Bribery of subcontractors
• Inflated or fictitious invoices
• Short shipments or
substitution of lower quality
goods
• Invoices for goods not
received
• Unqualified consultants
• Misrepresentation of technical
capability and / or capacity by
suppliers / vendors
• Distribution of counterfeit
products by competitors
• Bribery of customers by
competitors
• Theft of finished goods
• Reseller / distributor
misrepresenting technical,
financial or ethical position
• Sabotage of finished goods
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 17
Summary of checks paid for false purchase orders
Case Study – Processing through shared services
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 18
Case Study – Processing through shared services
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 19
Case Study – Processing through shared services
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 20
Case Study – Processing through shared services
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 21
Case Study – Bypassing vendor add process
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 23
Due
Diligence
& Risk
Analysis
Data
Mining
Forensic
AccountingControl &
Remediation
Step 1 Step 2 Step 3 Step 4
Data Mining Component of Supply Chain Forensics
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 24
Supply Chain Forensics - Data Mining Approach
1. Select Supply
Chain and Obtain
Data
2. Transform and
Analyze Data
3. Conduct
Testing4. Report Claims
1. Select vendors for
review
2. Obtain electronic
data – e.g.
invoices, contract
data
3. Review data to
confirm validity,
accuracy &
completeness
1. Transform and load
data into the
analytics database
2. Reconcile line items
against A/P
3. Identify gaps
1. Execute analytics
review queries
(incorrect labor
rates, excess
hours, duplicate
charges, invalid
expenses)
2. Create custom
queries (unique
contracted terms,
key word searches)
1. Validate
observations
2. Transition data to
forensic
accountants
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 25
Supply Chain Forensics - Typical Data Required
1. Select Supply Chain
and Obtain Data
2. Transform and
Analyze Data3. Conduct Testing 4. Report Claims
Common to All Invoices
Labor Invoice Detail
Equipment/Consumables Invoice Detail
Worker Expense Detail
Personnel File
Payroll Records
Agreements
Financial
Additional Information
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 26
Common Database Library
CDL
Transform and Analyze Data
Agreements
• Rates and
Terms
Invoice
Support
•Line item
details
Ancillary
• Personnel
and Assets
Financial
• AP, Invoices
and Credits
Conduct Testing - Execute Queries (canned and custom)
Report Claims
Data
Flo
w
Reconcile
Normalize
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 27
Labor
• Duplicate labor charges
• Incorrect labor rate charges
• Position changes
• Excess overtime charged
• Reasonable hours charged
• Ghost Employees charged
• Labor charged after termination or before hire
• Incorrect Consultant charges
Equipment
• Incorrect equipment rate charges
• Duplicate equipment charges
• Equipment invoiced versus
Fixed Asset Register
Conduct Testing - Types of Analytical Queries
Invoice
• Duplicate invoices
• Duplicate 3rd party invoices
Consumables
• Duplicate material charges
• Incorrect material rate charges
Labor Expenses
• Duplicate out of pocket expense
• Invalid Per Diem charges
Subcontractor
• Duplicate subcontractor charges
• Incorrect mark up
Common data mining analytical queries are listed below:
1. Select Supply Chain
and Obtain Data
2. Transform and
Analyze Data3. Conduct Testing 4. Report Claims
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 29
Supply Chain Forensic Accounting Component
Due
Diligence
& Risk
Analysis
Data
Mining &
Analytics
Forensic
AccountingControl &
Remediation
Step 1 Step 2 Step 3 Step 4
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 30
Step 1
• Vendor Interviews
Step 2
• Define Population & Determine Sample
Step 3
• Forensic Accounting Procedures
Step 4
• Vet findings with Vendor
Step 5
• Extrapolate Sample Results
Forensic Accounting Approach
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 31
Supply Chain Forensics – Forensic Accounting Approach
1. Forensic
Interviews & Risk
Analysis
2. Choose
Transactions to
Test
3. Conduct
Testing4. Report Claims
1. Select vendors for
review
2. Obtain background
information on
vendor
3. Interview vendor
personnel to
broaden
intelligence about
processes &
transactions
4. Develop risk-
ranking of
transaction types &
characteristics
1. Combine
transaction risk-
ranking with all
available
information to
create populations
2. Provide input to
forensic data
mining query
structure
3. Determine sample
of transactions for
testing
1. Vet query results to
supporting
documentation
(fixed asset
registers, payroll
reports, etc.)
2. Ensure transactions
show:
1. Authorization
2. Existence
3. Approval
3. Manually test non-
queriable
transactions (sub-
contractor rates tie
to agreement?)
1. Validate
observations with
vendor
2. Bifurcate findings
into those that
have a chance of
recovery, and
those that are
process-oriented.
3. Work with legal
counsel and
vendor to reach
mutually
agreeable
settlement of
findings.
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 32
Supply Chain Forensics – Forensic Example
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 33
Control & Remediation Component
Due
Diligence
& Risk
Analysis
Data
Analytics
Forensic
AccountingControl &
Remediation
Step 1 Step 2 Step 3 Step 4
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 34
Most Supply Chain Forensic examinations can be dealt with in a mutually
agreeable manner.
However, litigation & dispute resolution can help in cases where
commercial settlement becomes necessary.
Litigation & Dispute resolution helps counsel with
challenging financial and economic issues in
complex litigation and other business disputes
relating to supply chain fraud.
Utilize tools, methodologies and technology that
include data mining and mapping, electronic discovery
and computer forensic capabilities.
Supply Chain Litigation & Dispute Resolution
#IIACHI
April 15, 2013 IIA Chicago Chapter 53rd Annual Seminar 35
More efficient,
Supply Chains,
additional profits &
reduced risk
Conclusion - Supply Chain Forensics
Data Mining
Due Diligence & Risk
Analysis
Remediation
Forensic Accounting