6 Vulnerabilities in Travel Expense Management

Monitoring and analyzing the travel and expense transactions across enterprise organizations isn’t easy. However, while working for a company that examines trillions of dollars of expense transactions, trends start to emerge, as well as a few recurring vulnerabilities. By addressing the vulnerabilities and implementing the right strategy—combined with technology—enterprise organizations can easily save between two and five percent of their travel budget due to unintentional waste and premeditated abuse, including outright fraud.

Vulnerabilities to Consider

While the following list isn’t exhaustive, it does include some of the most common vulnerabilities, many that if monitored and changed can deliver greater cost savings while decreasing the amount of waste and fraud:

1. Effectiveness of manager approval – Once an employee submits an expense report in most expense management systems, their manager will receive an email notification that they can quickly process with a single click. In a hectic and time-constrained business environment, it is often easier to take the path of least resistance and click “Approve” rather than take the time to look at the details of a report. But even for the most careful managers, it is not possible for a person to remember everything that has been submitted in the past to detect risky behavioral trends.  Most recognize that manager approval is a very ineffective control.
2. Risks when reviewing and auditing samples – Traditional audit techniques focus on reviewing a sample of expense reports. This sample can be random or based on some high-level rules. Typically, companies are looking at 10 to 20 percent of their expense reports. The purpose of sampling in auditing is to generalize a conclusion about a total population of transactions based on the review of a sample. In travel and expense reimbursement, the goal is to find problems in transactions, not create a generalized conclusion. It’s hard to detect problems using a sample-based approach unless you get lucky and your sample stumbles upon suspicious activity. The odds are 80 to 90 percent you won’t.
3. Risks of reviewing expense reports at a single point in time – When reviewing expense report transactions at a single point in time, you don’t have much context or visibility into an employee’s behavior, and as a result, you’re unable to effectively address the root cause of many violations. You also don’t know what’s normal for this employee or other employees in your organization when it comes to a single instance of unusual spending. In addition, you may not be able to easily access all the previous issues with an employee.
4. Reviewing is labor-intensive – When your review process is based on manually looking at expense reports, it tends to be very labor-intensive, and there’s a good chance you’ll fall victim to the positive confirmation bias—meaning when you’re used to looking at things that seem okay most of the time, it gets harder to spot anomalies and you can easily miss glaring issues. When 98 percent of tens of thousands of transactions are okay, it’s hard to find the needle in the haystack.
5. Spending more time on finding than fixing – Whether you manually review transactions or even have a semi-automated analysis process, I’ve found that most organizations spend quite a bit more time on finding problems than on resolving them—often times at a ratio of 90/10.
6. Lack of process around problem resolution – Because of a focus on finding versus fixing, it’s common to see an absence of a consistent workflow process and resolution infrastructure.

As mentioned above, two to five percent of travel budgets are consumed by waste and abuse. What are some of the things that can help address these vulnerabilities? First and foremost, the most overarching goal for companies is to create a culture of T&E compliance where their employees understand the T&E policies and know that they will be reminded when they inadvertently deviate from them. Based on experience, the following are best practice components of a solution that helps to achieve this goal.

Addressing Vulnerabilities in Travel Expense Management

Automation – Analytical monitoring software should be used to automatically and comprehensively evaluate all expense transactions. The system should automatically assign a priority for each potential irregularity so that analysts can work on the most significant problems first. Automation should be used to take over labor-intensive detection tasks so that analysts can spend more time researching and resolving problems versus finding them.

Process Optimization – Some process-level optimizations to travel and expense management can be made after automated analytical monitoring software is put in place.  For instance, rather than having managers review all expense reports, they can focus on high-dollar or high-risk categories to approve.  This saves time, and automated monitoring provides a much stronger control.  Audit rules within expense management systems can be simplified to identify only the black-and-white issues, which simplifies maintenance of these rules and also streamlines the submission process.  The automated monitoring handles the “gray” areas more effectively since there is behavioral context and deep analytics to again provide a stronger control.

Look Beyond Single Expense Reports – It’s hard to draw conclusions about an employee’s spending behavior and knowledge of expense policies if you only look at one expense report at a time. You can gain a better understanding if you look at past spending to determine if the current problem is a one-off by a good employee or part of a larger pattern of willful abuse. Trend and pattern detection can only be understood by looking at expense reports over a time horizon.

Cross-Employee Analysis – In order to understand the patterns of behavior, it’s important to benchmark each employee against all other employees over an extended time horizon.

Employee Communication – It is very important to proactively communicate with employees and their managers using email regarding potential T&E problems and their subsequent resolution. It’s also important that all analysts use a set of email templates to communicate a consistent message to all employees. All email communication should be stored in a centralized system rather than on each analyst’s PC.

Resolution Workflow – A research and resolution workflow should be used consistently by all analysts. This should include the assignment of stages such as “problem detected,” “under review,” “email sent,” “email received,” “resolved” with a finding and “resolved” with a dismissal. Resolution codes that identify the specific issues identified would be assigned so that root cause analysis can be determined and T&E policy adjustments made or employee training initiated.

Expense Report Data Mine – An automated transaction monitoring system that has the ability to store all current, as well as previous expense transactions, is an important requirement. The data mine will enable the comprehensive expense transaction analysis and case management functions described here.

Comprehensive Centralized System – Traditional methods of expense management error detection and resolution are typically fragmented among separate systems including email and employee hard drives. Using a comprehensive, centralized system enables automation, multidimensional analysis, employee communications, workflow, file attachments, audit trails and records of all activity taken to research and resolve problems.