Deloitte’s Satish Lalchand outlines steps organizations can take to prepare an effective foundation for analytics-driven investigations and fraud monitoring, in the second installment of an article series on the future of forensics.
In recent years, traditional corporate antifraud measures have lost ground against ploys like procurement fraud, employee expense fraud, financial statement fraud, bribery and asset misappropriation. To identify potentially fraudulent transactions, organizations and regulators alike are leveraging integrated, data-driven analytics approaches—which work effectively if the data to be analyzed is top notch.
Data challenges in efforts to monitor fraud and conduct investigations include: vast amounts of data; inadequate data capture and storage; limited data accessibility; gaps in skills required to process and analyze big data; static reporting; and, lack of diverse data to correlate findings.
Organizations can take several steps to prepare an effective foundation for analytics-driven investigations and fraud monitoring by asking the following questions:
- Are the right stakeholders contributing to the data transformation roadmap? Internal audit, legal, compliance, IT and other business leaders should all have roles in the analytics-led investigation efforts. Relevant stakeholder discussions can help identify ways to leverage existing technologies in the organization as well as which high-risk areas warrant forensic investigative focus (e.g., time and expense reporting, vendor management, third-party payments, etc.).
- Is organizational data as centralized as it could be? While having a central repository of all enterprise data would be ideal for the fight against fraud—as well as many other business processes—it won’t be a reality for many organizations today due to disparate data sources, geographic locations and gaps in systems integration. Still, bringing as much data together as possible to maintain data integrity, consistency and control can enhance fraud monitoring, analysis and insight development.
- Is there a secure, structured way to access data for forensic investigation analysis? Compliance departments planning to apply analytics would do well to define early how data will be handled, where it will be stored and who will be permitted access to it. Ensuring needed safeguards against data breaches are in place is key, as is upholding policies and procedures for treatment of intellectual property, personally identifiable information (PII) and other sensitive data.
- Will relevant external data be incorporated into analyses? Often, incorporating external data from industry participants, publicly available social media and elsewhere can help inform internal forensic investigations.
- Can software selected for fraud monitoring do more than just fraud monitoring? To lay a strong technology foundation, look for scalable solutions that can effectively collect and analyze both structured and unstructured data. While the forensic investigations team may aim for something focused on fraud monitoring, many solutions offer capabilities that include that realm as well as offering other uses that would benefit broader groups within an organization.
- Where should analytics-driven forensic investigations teams begin? To demonstrate return on investment for analytics solutions applied in forensic investigations, some teams start by testing a short list of distinct areas, showing the value of the implementation, then scaling up slowly, rather than starting immediately with broad deployment.
Shifting from a more traditional approach to an analytics-driven forensic investigation program can take significant time and effort. However, using insights derived from human and machine intelligence is a next step in the evolution of fraud prevention and detection.