Is your audit function going to get replaced by machine learning and automation?
Sometimes I think that we will all soon be out of a job, and then I have a very boring task to do, and I wonder why I can’t just ask a machine to do it…
Do you spend a long time trying to find out how to analyse SAP data?
Over the years, I must have spent on average of about 8 hours a week searching on blogs about SAP data. I remember quitting Deloitte and starting as a freelance consultant for some global corporations that wanted analysis of SAP data…
Luckily they saw it before the external auditors did!
Internal auditors can today have the power to do what external auditors try to do- but much better. This is because they can be experts in their company and their company’s data. Harnessing the power of data analytics, internal auditors can see all of the obvious problem areas in the company…
The five legged sheep that knows data analytics and internal audit
Is it possible to get all the required set of skills in your business area? The reason that most companies are not advancing quickly as they should with data analytics for audit is a human one, rather than a technical one…
Have you ever felt like your boss feels that internal audit is a waste of time?
Internal audit is sometimes seen as a legal necessity rather than a value-added service. However, when auditors get their hands on some data analytics, they can show-up their Big 4 external audit friends and zoom straight into the country, entity, operating unit and transaction that is fraudulent…
Data analytics for dummies
Data analytics is only for IT people right? Wrong! Recently I was working for a CFO of a drinks company who couldn’t master anything to do with data or Excel. Problem was, all of his figures were produced in Excel by his staff…
Did you know that you could go to prison, just for being a C-level employee in your host country?
We were living in Shanghai for four years, and if you have lived in Shanghai, recently you have probably heard this story. A French bakery that all of us expats loved going to suddenly got closed down one day, the management put in prison and the owner fled to England What happened? Well, one of their employees complained on a government website that the flour they were using was out of date by about a week or even longer…
Are your reports really correct?
A CFO friend of ours was losing a lot of sleep recently and sweating a lot at work. Why? Because he had to sign off on his monthly landing that was produced by his team. The only problem was that they didn’t really speak good English and they also appeared to be in their own little world…
Your auditors just don't get it - what about those funny transactions hidden in the totals?
An audit director of a fortune 500 company recently shared with me his frustration because his audit managers could not see the point of doing any data analytics. Those managers said that they didn’t need it because they already had detailed balance sheet reports that they can print out of the system…
How many ghosts are there in your company?
It’s got to be one of the most common fraud schemes in the world. Ghost employees. SO easy to do. And also, thanks to GDPR and privacy, the HR department are pretty much free to “protect” their data and be secretive about it. What’s the average number of Ghost employees in your Fortune 500 Group? Where are they? You might not know the answers to these questions, yet it is surprisingly simple to detect…
Is Bob's wife his best customer?
You’ve got a huge SAP system that is running in different countries. And it has over 10K customers and suppliers in the database. Everything seems to be running fine. You’ve got nothing to worry about – right? But when you visit your entity in South East Asia and run through your standard controls, you have an uneasy feeling…
Get SAP dashboards and train your team at the same time
A lot of you are out there are trying to analyse SAP data and come across some obstacles: you don’t know where to start; if you do know where to start, you don’t know which SAP tables to get the data from; if you do not which SAP tables to get the data from, your IT department is not letting you get it out of the system…
Don't worry, the auditors won't notice...
Have you ever been presenting your audit report and felt that the meeting went really well. The auditors were really happy. They shook your hand, beamed at your with an open smile. Took you out for lunch, and then packed you up in your car mid afternoon so that you could enjoy your weekend back home…
Consultants are a waste of money
How much? Come on! Do you really want to spend over 10K USD on consultants that will roll out for you the same analysis that they have done for many of their other customers? We believe that you deserve better. Let’s face it, not only does it take a long time to do the Call For Tender process, get internal validation etc. but then you also have to meet with the consultants, manage them, correct them, oversee them and much more…
Are your auditors Sophomores in Suits?
The army of auditors are in the audit room again. You give them access to the crappy coffee machine. You turn the heat up a bit so they feel sleepy. You get to assess that their average age is 25.0k, so all of this is good, they won’t bother you too much with any ugly findings. You are in control. But how much more in control would you feel if you were fully aware of all of your company’s issues. If you were 100% sure that you had all your bases covered.
Internal control really can be fun
Your internal control team have to run a lot of surveys with each country, fill in a lot of questionnaires, compile reports, and then you have to consolidate the power points and present them. Some of this work can become a little bit tiresome, let’s be honest! What if you offered your team a new way of working. Let them play with data from your SAP system in a dynamic way…
Using a list of top 10 data analytics reports is like fishing with a badminton racket
Have you ever had the experience where your management says, let’s do a Proof Of Concept and then if that works, we’ll invest. And 9 times out of 10 it doesn’t work. Let me tell you why. Problems in your company could be anywhere. In purchasing, in sales, in payroll…
101 key reports that every internal auditor should know about
If you are new to an internal audit, or if you are experienced in internal audit, but you are feeling the pressure to modernize the audit approach by introducing data analytics, you might be feeling a little under pressure. First of all, you aren’t sure where to begin. What does data analytics mean? Why should you use it? What is it for? What is the outcome? What are the skills required? How do you even start? Who should you hire?
What are the most typical frauds?
What are the top 10 frauds? What are the top 10 frauds in your company? If only you had a framework that would help you scan for all the typical frauds.
Automated dashboards vs room full of Excel data crunchers
One day I was talking to the head of internal audit at one of the world’s leading retail companies. We were walking through the corridor and passed by the internal control department. Inside were rows of about 100 people, busily creating spreadsheets and analysing data. So I said to the head of internal control…
SAP is not as complicated as the consultants make it sound
Your company is investing a lot of money installing SAP around the world. Large teams are deployed. Millions are spent. In internal audit, the budget is smaller, but it seems normal to get quotations for around 100K for SAP audit dashboards –right? Actually, SAP is not as complicated as it sounds.
Is your offshore data analyst team sending you nonsense again
Quite often we hear of customers that are frustrated because they have teams working out in India that are doing their SAP dashboards for them, but the results are not quite what they are looking for. Something is up, the dashboard is showing duplicate payments but for cases that were cancelled…
You need a report but you don't want to explain it to IT
Do you sometimes feel like you get “lost in translation” between your finance department and your IT department? Sometimes you request a report to be created from SAP, but IT can’t really understand what you need, and it takes a few weeks for them to get it right…
These SAP dashboards will save you time and money
So you need some SAP dashboards, but it’s taking ages to define internally what those should be. What’smore, not everyone agrees on the output, how to make them, or who should do them. Should it be the big 4 auditors or that consulting company in India? And why do they want 6 months to do it? Why not just get SAP GRC, although even that takes the likes of Accenture at least 6 months to implement.
How can I quickly see the level of internal control across the entire group ??
Have you ever felt like internal control is actually a bit boring? All those “self-assessment” questionnaires… meetings to discuss / recap on internal control levels… SOX controls, samples, folders… Were you really born for that? What if you had a dynamic way to drill down to the real issues in your entities: forward dated supplier invoices, debit-credit customer balances, massive payments in cash, customer money laundering in Moscow… the exciting stuff.
How can I get alerts on control issues anywhere in the world in real-time
Some legislation is really hanging in the back of your mind… what if your entity in South East Asia gets hit by the FCPA… did you really help them to do everything that they are supposed to prevent getting a heavy fine. Or what about that CEO in China. Are you sure that you are protecting him from a Chinese lawsuit under the China Bribery Act? What if he goes to prison because of some fraud in the entity?
How can I get alerts to individual controllers automatically?
Let me let you into a secret… most people in your office are not aware of what a dashboard is. It is well known but little understood. What’s even less understood is the fact that these days it’s super easy to get dashboards on all your mobile devices…
Dont have time for Excel, now you can get automated dashboarfds on your phone
If you are a CFO, you probably spend a lot of time messing about with Excel. Or your staff spends a lot of time messing about with Excel and then you have to try and work out what they are doing. A CFO friend of mine was showing me his Excels that he is supposed to review. He has over 2000 Excel spreadsheets, each with formulas and inputs that are used to calculate his month-end provisions.
It's not what you know but how you present it and how quickly
I was in my 3rdyear at Deloitte, and my first few months in their Paris office, when I had my worst ever “big 4 moments”. If you’ve been in a Big 4 audit firm you will know what I mean! Since I’m English, the French liked to give me all the crappy small French companies to audit. The ones a few hours of traffic away in some industrial estate. So anyway, I did my report this one time.
Staff are bored creating the same reports every month, upgrade them to analysts
Not many people know this, but most people change jobs, not because they don’t like their boss, or they aren’t paid enough, but because they are bored. They aren’t feeling challenged. And what about those that are bored and that don’t change jobs… those are the ones you want to get to go to anyway!
Not sure your reports are correct, pin them down with these key reconciliations
If your reports about margin per product are wrong, are you investing in the wrong products and making the company lose money? If your reports about sales performance are wrong, are you giving commissions to the wrong salespeople? If your reports about productivity are wrong, are you promoting the wrong operations managers?
Have you seen the cookie jar... it's somewhere in these suspense accounts
It’s kinda like -this year you do good, right, but you aren’t sure what’s going to happen next year. So what we are going to do, is put some Loss in this period, by debiting the loss account and crediting a suspense account. Then next year, if our profits aren’t so great, we can debit that suspense account and credit profit, and hey presto our revenues are looking more consistent!
The CFO was entering transactions again last night, can't believe no one notices that
I mean the auditors, they ask us for the entire general ledger, right, that’s 20 million records… The usual stuff, transactions entered manually, transactions entered at the weekend, transactions after hours
The taxman was coming so they did a data fix - little did they know the controller had a data mining
It’s the document number. It’s a legal requirement. SAP has a document number that gets incremented every time you post something. So if you go and delete, say 10000 documents from your data, you get lots of gaps.
What treasures will the SEC find hiding in your supplier database?
When the SEC comes to control your company’s supplier database, what treasures might they find lurking in there? Do you have any “consulting” companies that you are paying large sums to, without any real services delivered? Who set up those companies?
In China you don't need to record the third-party, just put the bank out against a cost account
Our suppliers are actually usually quite happy when we pay them early, so yeah, that’s something we are proud of here in the China office… Ok, but how do you know you aren’t paying a supplier too much or two times the invoice?
Supplier rebates in my pocket
Not sure, for the moment, I’m waiting to see if anyone notices, but you know what’s it like, everyone worries about customer ageing, but no one “ages” supplier balances. Besides, even if they did, the credits outweigh the debits by far, so from the totals, it looks normal.
There are so many suppliers without tax numbers, no-one will notice the one I created
Well you know, got to grease the hands of the powers that be. I made a consulting company and sent some invoices for it, and then the government gets their payoff and we get our flagship shop.
When you create your friend as a supplier - make sure the tax number at least matches the pattern for the country
Well because there is an automated internal control on the pattern of the tax number. If it is not correct, then the internal control dashboard flags it for review.
You just switch the IBAN just before month-end payments, and then back again
Yeah, but depends on what kind of supplier it is. You don’t expect purchase orders for rent, utilities, accountants, auditors… besides, even our big raw materials suppliers sometimes operate without purchase orders
Do you have OFAC listed suppliers lurking in your database?
Some internal controls are so easy, you’d be fired if you didn’t get them right… am I wrong! And this is one of them. Supplier Due Diligence. It’s so easy right. Each time, you have a new supplier, you have to get whoever it is that has access to your supplier database to check if they exist, check if they are not on any PEP list, OFAC list, check that their VAT number is correct.
What percentage of your suppliers don't actually exist?
It would take you too long to check 40K suppliers, and it’s not something you can ask your team to do. Besides, once you have finished checking them all, you would have to start again, in case there were any new ones or any changes.
Oh don’t work with that supplier, that’s Martin’s favourite one
If you contact that supplier, Martin gets annoyed. Besides, the supplier often asks to only speak to Martin.
The beauty of it is that my wife is both supplier and customer, so we get the products cheap and it's all legal
Yeah, and then her other entity, which is part of the same group, but with a different name, buys the cable back from us, but for 20 million…. Don’t they have margin controls on that?
Ageing balance - that's just for customers isn't it
But let me let you into a little known secret. No-ones checking their supplier ageing balance. Yes, we are, I hear you say… But you aren’t. Most companies only check the balance per supplier. As long as it’s a creditor balance (ie you owe them, and not the other way around), most companies are happy.
How many debit notes do you have hidden in your supplier balance?
During his check, he found some really juicy supplier debit notes, that were outstanding for over 3 years. Some of them worth 10% of the purchasing from those major suppliers… What if you could see the % of unpaid supplier debit notes hiding within your AP ledger?
Are your auditors Sophomores in Suits?
Sure thing. … why do we need to do that?
Auditors are coming.
The auditors are happy as long as you've got the approbation limits policy
Well, if you are going to buy something of a significant value, then management is supposed to approve it first, otherwise, you could get people buying all kinds of things, like their own company car, or company housing, or something, and just using it for non-corporate reasons. You could even get people to buy things and using them for parallel businesses.
You can't overwrite the exchange rate in SAP, can you?
SAP will dutifully propose the exchange rate, the payment terms, the due date, the document type,… all kinds of useful parameters. However, with enough access, you can change these values during your input.
SAP doesn’t let you put more on the invoice than the PO does it?
People often say to me, we don’t have any invoices that exceed the purchase order, because we have SAP, and you can’t do that in SAP. Really… it doesn’t take long to show them otherwise.
But SAP always blocks duplicate invoices, so that they never exist... do they?
It’s a little-known secret that in SAP there is a setting to block or not to block invoices that are entered two times with exactly the same information. How do you know if all of your entities have set that setting to block? What if someone temporarily sets it to not blocked?
If you don't want them to notice the unusual price, why not use the generic material number
I think it’s for when you buy something that you are only going to buy once, so you don’t want to have to go through the internal control process around creating a material number… You would think so… But strangely enough we have a huge number of transactions in there! So don’t worry, no one will notice!
It's not done to do quotations on that, it's just the way we've always done it
Senior management might brush you off concerning an area of purchasing and close the door behind them as they go into their meeting. So you think, well.. they are the boss, so never mind. But that sense of curiosity lingers.
Top 10 tips for slicing your sausage in purchasing
Did you know that in France, split POs are referred to as slicing your sausage? If you don’t want the auditors to see that you are splitting your purchases then here are the top ten tricks that we have noticed over the years…
He input the invoice, we paid the supplier, then they did a return, then we were paid back-But to a different account-genius
Yeah, well, that’s what I mean, as long as the debt is lower than the overall credits for the supplier, most of the time it won’t get noticed. But if he’s worried about it, he could just clear it to a fake invoice: debit loss, credit supplier.
Top 10 tips to proving parallel businesses
A parallel business is also known as a side business. If you are in a catering company, it would be like your colleague ordering 10 cases too many of champagne, and then getting those additional cases delivered to their wife’s restaurant directly.
Everyone does side business in this country, it's legal.. isn't it?
Side-businesses are everywhere. If you are in head office, it can be daunting to know where they are. One tactic can be reconciliations across your entire supply chain, purchasing process and sales operations. Another way is benchmarking of margins per product, salesperson, sales team, etc.
I haven’t got time now, just match the payments later
But aren’t you worried we might pay someone twice or pay something that isn’t invoiced yet, or pays more than what got delivered?
What if you paid your suppliers at the correct time?
Sometimes your entities don’t well manage their accounts payable. Some entities are paying immediately, and they may argue that that is how they could negotiate with the supplier. This could be true, but what if your staff are getting the money out, investing it for a while and then paying your suppliers?
Top 5 ways to know if a payment value is too high
If you have thousands of suppliers and payments every month it is not easy to ask your SAP system which supplier you are paying too much to. First of all, SAP does not yet provide you with any comparative data analytics or AI alerts… although that might come in the future.
Top 10 payment frauds and how to hide them
Often us auditors get told, “there’s some payment fraud in that entity, can you check it out”… and that’s all the information we get. This can be daunting because there are a thousand ways to fraud. And you may have millions and millions of lines of data in your SAP system. So where do you start? To lend you a hand we have devised the top 10 payment frauds, and how these tend to be hidden:
Which entities are selling below margin?
Wouldn’t it be great if you could look at a map of the world and pinpoint all the entities that are selling below margin? You could zoom in to that country and see a red dot for all of the entities within the country that are selling below the margin.
Do you have customers getting special treatment?
There are different ways that customers can get “special” treatment. And this special treatment can be considered by the FCPA, the UKBA, the China anti-corruption act, or other laws as being commercial bribery. Commercial bribery can land your C-level employees in the region in jail. So, unless you don’t like your colleagues, let’s see how we can protect them.
It's not illegal to give your customer an extended payment term in return for new business... is it?
I was doing anti-fraud training for a group of CEOs of a major French group in China and the lawyer that was helping me was explaining that they should not grant customers extended payment terms. And they all started laughing. “What’s that got to do with fraud?” “This isn’t relevant”.
Bribery can’t be detected by data analytics
If you want to be the construction company that builds the new TGV railway across Kazakstan, you are going to have to do some lavish visits. So are you going to pay for these payments or gifts yourself? Unless your company is your life, probably not.
Customer credit notes –the bank door to fraudulent disbursements no one looks at
Everyone these days always starts off by asking me to do a “quick win”. Let’s look at purchasing. Because purchasing is where it is happening –right? Purchasing is where the money goes out of the company. Ok, true, but don’t you already have a huge amount of controls around purchasing.
Are your free goods floating around the black market?
Maybe someone in your warehouse switched your real goods with some fake goods (always easy for alcohol). Maybe someone in your warehouse packed a load of empty boxes under the full ones before the physical inventory. Maybe your sales staff added on 100s of free products for those distributors.
How do you know your staff correctly calculated your DSO?
In other words, your outstanding customer debt (what they owe you) is not too high compared to the volume of sales that you are doing. All is well. But management is still having issues with its treasury. So something doesn’t make sense.
The dashboard is the HR lifesaver
Incorporate HQ, we often have to go out and visit and control different subsidiaries. And we often say to them that we will do a comparison between the personnel and payroll databases. The local HR will always say, “there won’t be a problem with that, don’t worry”.
If my supplier database was paper-based you’d think it had been through the tumble dryer
It can be difficult to identify shell companies or fictitious suppliers in your database if it looks like it’s been through the tumble dryer followed by a shredder. If you have missing information, duplicated information, incorrect information, it is harder to spot the fake information from all the surrounding noise.
Messy supplier database, messy accounts payable
What’s more, people in internal control and finance will tell you it doesn’t really matter. It’s not important that you have duplications because you need the same supplier information for different functions. It doesn’t matter that you don’t have tax numbers for European suppliers, because those are the entries that are ordering and not invoicing or being paid.
I let my supplier back-date his invoice to get paid early, and he gave me a trip to Hawaii
Nah, it’s not like we are giving him extra cash or anything and he did a good job of providing the services. It’s good to be able to help out a friend when they are in need of a hand with their cash flow. I’ve known them for years. Always provides a good service.
Your stock not moving, why not switch it between plants and back... virtually
…No –silly, you don’t “actually” send it… it’s “virtual”, you just post stock OUT movements to Germany. Then the next day you post stock IN movements from Germany. And her presto, all your stock is “fresh and new”!
Phew !! The auditors didn't even notice those extra intercompany accounts
Of course, we put a couple of mistakes in there, to keep them happy, you know, because they need something for their report and all.
Those sales will come in soon, I’m sure, but in the meantime, let’s make some accruals
Naah, what the auditors, come on, when did they even know what an accrual was! No seriously, don’t worry about it, lots of sales in the bag, they’ll be through in the new year, then we can close it all off.
Cost is down a bit this year, let's add some ITBRs
Well, you know, sometimes they like to keep the cost up, for tax and …well… ensure you justify next year’s budget and stuff. The beauty of it is, that at the end of the year, the cost stays in the cost account because it is left in the P&L and doesn’t carry over.
Of course, our accounts reconcile to the bank statement, we've got clever adjustments
It’s not really fixing the accounts, it’s just making them match. Besides, you really think someone is going to notice your journal entry, we must have over 20 million journal entries a year! Besides, no one ever said anything to me before, we’ve always done it like that. Keeps them upstairs in the boardroom happy!
Top leaders keep up to date with data dashboarding capabilities this will help you to do the same
…So I realized that actually since I’ve been doing data analytics for 20 years it’s become second nature. We forget actually that people don’t necessarily realize what a “table” is, what’s the difference between a “record” and a “column”. I remember back to my first years’ in data audit when I was trying to figure out what a pivot table is. It sounds silly to me now, but it is not.
Am I too old or experienced to become data literate ??
It’s acrazed. It will go away. Maybe that’s for the junior consultants and you are beyond it now. But actually, it’s easier than you think. Just as my mum learnt how to use her Apple Mac when she was 65, so you too can learn how to read and use data analytics dashboards. It’s actually much easier than those consultants like to make out.
How can I roll out dynamic dashboards if I don't have a data background ??
Dynamic dashboards/ data analytics are well-known terms that are little understood. Let me let you into a secret, there is about a 70% chance that your neighbour in your office doesn’t really know what data analytics is…
How do I get my team to start analysing and stop number-crunching ??
What about if you took away the number crunching from them? Let’s think about that one for a moment. If they didn’t have any numbers to prepare if the numbers were just already prepared. Then they would start to wonder if those numbers were correct. They would start saying things like, how do I know those numbers are correct?
How do I get my team to become data fanatics ??
If they are straight out of school they could be technically savvy, but not wanting to be seen as a “programmer”. If they are extremely experienced, they might struggle even with the concept of pivot tables in Excel. How can you lead them to become data fanatics?
Harnessing SAP data to add value to your board meetings
Wouldn’t it be great if you could navigate around dynamic dashboards during board meetings in order to make the conversations more dynamic? If people have questions for you about your sales on a particular product, or your margins, or your Day Sales Outstanding…
Need data insights but no time to write your Call For Tender
Our customer and my friend said to me one day that she really needed to get some data analytics done but she just didn’t have the time to go through the whole call for tender process, interviewing the consulting companies, doing the contract validation, etc. And that’s when it hit me.
Why does it take 3 weeks to get data, I need it yesterday
Maybe they download some data from here and there and then combine it with some manual reports in Excel and do some calculations. Then they have to put it into Powerpoint. It can take them up to a couple of weeks to create nice Powerpoints that give you clear indicators of sales per person, per product, your gross margins, etc. This time delay can be a bit frustrating.
Your receivables are up the spout - just DC them mate
…Yeah, just post a journal entry for each one, in each journal entry you credit the customer and then debit the customer for the outstanding balance. Then when you print out your AR report for the meeting it will all look rosy.