KNOWLEDGE CENTER

Luckily they saw it before the external auditors did! 

By Claire Worledge

KNOWLEDGE CENTER

Luckily they saw it before the external auditors did! 



By Claire Worledge

Internal auditors today can have the power to do what external auditors try to do - but much better. 

This is because they can be experts in their company and their company’s data. Harnessing the power of data analytics, internal auditors can see all of the obvious problem areas in the company.  But external auditors are getting tech-savvy too, so it is important for the internal auditor to set-up the must-have data analytics, to see, at least the most obvious fraud in the company, as our friend in one of the world’s largest retail groups discovered. 

Internal auditors today can have the power to do what external auditors try to do - but much better. 

This is because they can be experts in their company and their company’s data. Harnessing the power of data analytics, internal auditors can see all of the obvious problem areas in the company.  But external auditors are getting tech-savvy too, so it is important for the internal auditor to set-up the must-have data analytics, to see, at least the most obvious fraud in the company, as our friend in one of the world’s largest retail groups discovered. 

A friend of mine is internal audit director for a major retail group. They had a case in South America, whereby the CFO had been entering strange journal entries around closing in order to boost a bit the figures. They had the big 4 auditors there to do the audit for years on end, but no-one ever noticed the needle in the haystack, which, actually, in value terms, was more like an elephant in the teacup.

But the internal auditor had something up his sleeve, he had data analytics. Running the millions of lines of journal entries through his data analytics program, it was actually very easy to list out the users that had been entering journal entries (BKPF_USNAM for SAP… ). It was then very easy to compare this list to the list of people that work in the company and their actual real names (table USR21 in SAP gives the mapping from user ID to personnel name).

From there, it’s really not very difficult to sort the journal entries by value (BSEG_DMBTR) and user in order to see who is entering the journal entries of the highest amount, even if entering rather few transactions. And, being a bit awake, whilst doing the audit, recognising the name of the CFO in the list of users entering journal entries was also not that difficult.

Much to say that the big 4 audit firm did receive a fine for not noticing.

So, there is a lot to do in a big organization in order to really be able to help the company to recognize fraud and avoid fines and prosecution. But often management does not give internal audit the resources that they need.
A friend of mine is internal audit director for a major retail group. They had a case in South America, whereby the CFO had been entering strange journal entries around closing in order to boost a bit the figures. They had the big 4 auditors there to do the audit for years on end, but no-one ever noticed the needle in the haystack, which, actually, in value terms, was more like an elephant in the teacup.

But the internal auditor had something up his sleeve, he had data analytics. Running the millions of lines of journal entries through his data analytics program, it was actually very easy to list out the users that had been entering journal entries (BKPF_USNAM for SAP… ). It was then very easy to compare this list to the list of people that work in the company and their actual real names (table USR21 in SAP gives the mapping from user ID to personnel name).

From there, it’s really not very difficult to sort the journal entries by value (BSEG_DMBTR) and user in order to see who is entering the journal entries of the highest amount, even if entering rather few transactions. And, being a bit awake, whilst doing the audit, recognising the name of the CFO in the list of users entering journal entries was also not that difficult.

Much to say that the big 4 audit firm did receive a fine for not noticing.

So, there is a lot to do in a big organization in order to really be able to help the company to recognize fraud and avoid fines and prosecution. But often management does not give internal audit the resources that they need.

Obviously, you cannot expect people to look through millions of lines of data. Especially if your team is small.

This is why it is essential for internal auditors to be able to automate their work. The data analytics program that detected the fraud in South America can be re-used for all the other entities. Nothing is stopping that audit team from running such controls automatically in the background and setting up alerts when things look strange.

The more experience, the more ideas, and the more tests can be put in place to pick-up on known/ previously seen fraud cases.
This is why at Aufinia we decided to put all of our 20 years’ experience into one platform, called AuditZOOM. The AuditZOOM platform has 300 must-have data-analytics tests for audit. These tests are very simple but powerful. They are straight-forward and they provide a very simple, quick to understand overview of all business processes from financial reporting through to purchasing, sales, inventory, fixed assets, HR and even user access.

Screening your data across entities with these 300 must-have dashboards enables the auditors, that are few in number, to be able to dive-in to the entity, department, transaction that looks very risky and identify the issue in the quickest possible time.

What’s more you can easily add any additional dashboards that you like to our platform, and our data analytics and SAP experts will assist you for an unlimited service.

Obviously, you cannot expect people to look through millions of lines of data. Especially if your team is small.

This is why it is essential for internal auditors to be able to automate their work. The data analytics program that detected the fraud in South America can be re-used for all the other entities. Nothing is stopping that audit team from running such controls automatically in the background and setting up alerts when things look strange.

The more experience, the more ideas, and the more tests can be put in place to pick-up on known/ previously seen fraud cases.
This is why at Aufinia we decided to put all of our 20 years’ experience into one platform, called AuditZOOM. The AuditZOOM platform has 300 must-have data-analytics tests for audit. These tests are very simple but powerful. They are straight-forward and they provide a very simple, quick to understand overview of all business processes from financial reporting through to purchasing, sales, inventory, fixed assets, HR and even user access.

Screening your data across entities with these 300 must-have dashboards enables the auditors, that are few in number, to be able to dive-in to the entity, department, transaction that looks very risky and identify the issue in the quickest possible time.

What’s more you can easily add any additional dashboards that you like to our platform, and our data analytics and SAP experts will assist you for an unlimited service.

Want to know what is really going on in your company? 
Data has a better idea.

The FREE Data Analytics Secrets book for SAP includes 300 must-have data analytics tests and an appendix listing all necessary SAP tables and fields for each test, as well as Ikea-style diagrams on how the SAP tables and fields link together. The book also contains key information to help you identify manual journal entries, calculate currency conversions, understand different date and amount fields, compute user access and much more.
Copyright © 2021 - Aufinia
For more support contact contact@aufinia.com