According to the 2018 Global Economic Crime and Fraud survey conducted across 123 territories by accounting firm PwC, 49% of organizations say that they have been a victim of fraud and economic crime. Of these, 64% further say that losses due to the most disruptive fraud they experienced could reach US$1 million.
Although fraud-related risks have grown to become a core business, many companies do not yet have the processes in place to effectively detect fraud. In the PwC survey, only slightly more than half (52%) of the respondents say that it was corporate controls that detected the most disruptive frauds.
And only 4% of the most disruptive frauds were detected by data analytics, despite its potential to become one of the most effective tools against fraud and economic crime.
There are three key steps in applying data analytics to detecting fraud: (1) data provisioning, (2) use of analytics, and (3) evaluation, investigation, and reporting
As Lawrence Lai and Sidarth Khashu from accounting firm Ernst & Young note, data analytics can provide “insights that drive you to see what you would otherwise never expect to see. It helps organizations scan each data point within enormous data sets in an effective and efficient manner to generate meaningful information, which is easy to comprehend and valuable for decision-making.”
Data analytics involves the use of data, information technology, statistical analysis, quantitative models, and computer-based models to help companies gain insights and make better fact-based decisions. In their article examining the “analytics movement” taking place within organizations, Matthew Liberatore and Luo Wenhong from Villanova University describe data analytics as the “process of transforming data into actions through analysis and insights in the context of organizational decision making and problem solving.”
Certainly, when applied to fraud detection, data analytics allows investigators to effectively analyze voluminous datasets to detect anomalies or patterns that may be indicative of fraudulent activity.
In addition to detecting fraud that has already occurred, data analytics techniques can also identify red flags in areas where fraud has the potential to occur, thus giving organizations the opportunity to prevent fraudulent activity before it even takes place.
With the development of technology, analytical techniques that can be used to detect fraud have become increasingly more sophisticated. However, the effectiveness of these techniques is greatly diminished when the investigator does not possess a good understanding of the business or the industry
There are three key steps in applying data analytics to detecting fraud: (1) data provisioning, (2) use of analytics, and (3) evaluation, investigation, and reporting.
Data provisioning. Before data can be analyzed, it needs to be selected and gathered from various sources and in a variety of formats.
Data used to detect fraud can be structured or unstructured in nature. Structured data is data which has a high degree of organization and is easily ‘read’ by a computer. This can include transactional data such as finance/accounting or operational data.
In contrast, unstructured data lacks organization and is not easily ‘read’ by a computer. This can include free form text like emails and text messages or images.
After they have been acquired, the data then needs to be examined for irregularities, harmonized, and prepared for storage in data structures (such as databases) where they can be used for analysis by various users. This process of making data available to users for analysis is known as data provisioning.
Paying attention to the data provisioning process is important because it ensures that the analysis carried out on data that has been collected is reliable.
Use of analytical techniques. The next step involves applying appropriate analytical techniques to the available data. The analytical process can involve both qualitative and quantitative methodologies to detect fraud.
In her book, Fraud Analytics, Delena Spann lists five common categories of analytical approaches in detecting fraud:
- Rule-based: The detection of fraud based on known behaviors or relationships. This can, for example, involve looking at correlations between variables in order to examine their behavior.
- Anomaly detection: The identification of abnormal behavior in data that doesn’t conform to ‘normal’ behavior. For instance, Benford’s Law, which defines logical patterns in which digits occur in randomly generated numbers, is a commonly used technique to identify abnormal duplications of digits in a set of transactions.
- Predictive modelling: The statistical analysis of current and historical data to make forecasts of future (fraudulent) behavior (using techniques such as regression analysis and time-series analysis).
- Neural networks: Unsupervised learning based on historical data for the purpose of identifying unknown patterns that may be indicative of fraud.
- Visual analytics: Graphical representation of relationships found within data to gain insights into possible fraudulent activity.
Where a high probability of fraud is assessed, the organization should conduct further investigation to determine whether or not fraud has actually occurred. The results of the analysis and investigation should then be disseminated to relevant members of the organization
Evaluation, investigation, and reporting. The evaluation process involves examining the results of analytical techniques that have been applied and making judgments about the probability of fraud.
With the development of technology, analytical techniques that can be used to detect fraud have become increasingly more sophisticated. However, the effectiveness of these techniques is greatly diminished when the investigator does not possess a good understanding of the business or the industry on which the analysis is being carried out.
It is crucial that investigators are equipped with the relevant knowledge to allow them to effectively and accurately interpret the results generated by analytical techniques that have been applied in the fraud detection process.
Where a high probability of fraud is assessed, the organization should conduct further investigation to determine whether or not fraud has actually occurred. The results of the analysis and investigation should then be disseminated to relevant members of the organization.
According to Spann, information that is disseminated should be: (1) easy to understand, (2) clear and concise, (3) easily transferrable to others in the investigation, and (4) accurate.
In the face of the ever-growing threat of fraud, organizations need to develop robust methods of detecting fraudulent activity. With the development of technology, fraudsters have developed increasingly sophisticated methods of perpetuating fraud.
At the same time, however, this advancement in technology has also led to rapid advancements in data analytics techniques that can effectively detect fraud. By harnessing the power of technology, organizations can effectively use data analytics as one of the key tools in their fight against the growing risk of fraud.
About the Author
Clarence Goh is Assistant Professor of Accounting (Practice) and Director, Professional Development at the School of Accountancy, Singapore Management University.