Home » Knowledge Center » Articles » Fraud Tree – Part 2

Another way that we can decide what is the most important data analytics is to prevent human loss.

Here I have a picture of Peter Humphrey, and he was a competitor of mine. He was working in a small consulting company in China, in Shanghai, and we were both over there a few years back. He was helping GlaxoSmithKline with their investigation. 

Play Video



And unfortunately, he actually gave a little bit of money to the police so that he could get some information, which is what everyone else was doing at the time. But he was just really unlucky because at that particular moment, giving a bribe to anyone in China came under the new China anti-corruption law. And poor Peter Humphrey is really in the wrong place at the wrong time, and he ended up going to jail for that. The reason that I’m talking about this is because actually people don’t realise that in countries like China, even like in Vietnam, where I am right now, you get the risk of actually if you do some corruption, say, for example, you pay the local government because you need to put your plant in an oil field somewhere, or you decide that you need to pay someone in local government because you want to put your retail store on the main shopping street. And it’s something that everybody’s doing.



It might be that you pay your distributors commissions, and that’s what everyone in your industry is doing. And then one day the government decides they don’t like that. And then they’re going to put your CEO or your C-level employees, your board of directors, people in jail.

So this is something that’s really important that we think about human loss. So it might be like, OK, maybe the CEO going to jail is not going to break down the company or something. But we are responsible for those people to try and help them to know that they shouldn’t do any corruption, but also to put in place all those data analytics so that they don’t even have the chance to do it.

So sometimes what happens is, and this is a while back in China, I was doing a stock take project. And before we were doing the stock take, there were some interns doing the stock take. So the interns doing the stock take were going to the warehouse and they were counting up all of the stock.

And it was a fast moving consumer goods stock. And they weren’t really looking very hard. They weren’t looking in the boxes.

They weren’t checking for counterfeit products or anything like that. They were just relying on what people were telling them. And that was all fine. 

But then we decided to take our really qualified subcontractor accounting company, who are very good at stock takes, and get them to do the stock take properly. So they went in and they were like, none of this nonsense of like, we can’t look over here, we can’t look over there. They looked inside all the boxes and they checked all the counterfeit things on all of the items. 

And they found a lot of issues and a lot of fraud was going on in that warehouse. And actually, the warehouse staff got very angry and started complaining. And then the CEO of the company, who’s not Chinese, he was a foreign person, got a bit scared and then decided that he should get rid of us.

So but that kind of situation is actually quite dangerous because he’s in a situation where he is risking some issues with the Chinese law. And he might even go to jail for that. So what we want to do is to have in place data analytics whereby we can actually help these people to not be able to do fraud or even their staff and not even able to do fraud. 

So what about the value, the financial impact? So we’ve talked about financial statement fraud. We’ve talked about corruption. But if we are only looking at asset misappropriation and this is the asset misappropriation part of the fraud tree, then what are the most important things? Where’s the biggest risk? We’ve got a heat map on the left.

And you can see that billing has high risk because it’s a lot of the percentages of fraud cases happening to do with billing. And it’s also the mean value of those fraud cases is quite high. All right. 

So we’re up at 100,000 for a fraud case and it’s about 20 percent of the cases. So billing is quite important. And what do we mean by billing? Now, it’s a bit weird because maybe this because it’s done by the Americans.

I’m not American, I’m British, but it might be that this is like the American definition of billing. I normally think of billing as like being to do with customers. You know, your customer billing.

But for them in the fraud tree, it’s more about shell companies, non-accomplice vendors that means like using a vendor to do some fraud without them even knowing and then personal purchases. So I guess a shell company can also be at the same time a customer and a supplier. But all of those things to do with invoicing, whether you’re invoicing that shell company or you’re invoicing a shell company for like as a supplier or a customer, you can you can use that shell company to get free products or very low discounted products with very low invoice values.



Or you could be using that shell company just to invoice you a whole load of stuff that you don’t even receive. Right. So that’s billing scheme.

So billing is really important. So we need to look for shell companies for sure. And we need to look for non-accomplice vendors.

So things that we can do with vendor accounts when the vendor doesn’t even know. And we need to look for purchases of things that maybe the company doesn’t even need. So we just use purchasing to buy stuff that we don’t even need.



Corruption and financial statement fraud then are the things that are really at the top. So they are the main branches, two outer branches of the fraud tree. And they are the things at the top.

So we really do want to look at these things. And often some of our customers, they don’t want to look at journal entries and they say like, you know, that’s for the external auditors. But I don’t know about you.

External auditors, apart from saying that there are journal entries entered on the weekend, don’t really get very far with this. Maybe that’s just my opinion. But even though I left Deloitte 10 years ago, I still feel they haven’t moved along that much. 

So financial statement fraud. We want to, you know, there’s a SAS 99 and stuff like that. That’s a law that says that external auditors should actually look for fraud in the financial statements. 

And they probably should use data analytics to do that. But so far, what they’re doing is basically a little bit of a better sample. And that’s about it.

And you can disagree with me if you think that’s not true. But that’s the impression that I get. So we want to take that on board because financial statement fraud is really, you know, the mean loss rate is much higher, even though it’s rarer.

But when someone’s doing it, it’s going to be a big problem. And it’s like one of our customers, they had a CEO down in Brazil and he was basically lying about the revenue for a few years. And Deloitte happened to be the external auditors for that company.

And they didn’t notice anything. And it wasn’t until internal audit came along and did some journal entry testing that they actually noticed that the CEO was entering journal entries. So CEO should not normally enter journal entries.

That’s quite an easy thing to see straight off. And then they went through and they checked what kind of things he was entering. And there were some really obvious things in there.

And I think Deloitte actually even got a fine for that one for not noticing. So we do want to look at financial statement fraud. And it’s kind of hard and it’s kind of easy at the same time because we don’t need that many SAP tables to do it.

But we do need some accounting knowledge. So it all depends. If you’ve got friends who is really good at accounting and you’re good at data analytics, it’s great to put those two people together for things like financial statement fraud



So we definitely want to look at financial statement fraud. We definitely want to look at corruption. And we definitely want to look at bidding and skipping over non-cash and check and payment tampering because those things, you know, we could look at non-cash because it’s like abuse of fixed assets and stuff like that.

But I’m skipping over them and check and payment tampering, you know, payment tampering. Yeah, we could we kind of going to look at it because we look at how you sort of change payments. So we do look a little bit about that.

And then we’re going to look at payroll things as well a little bit later on. So these are we want to make sure that we’re covering our bases in terms of the top frauds in terms of the financial impact.