Automated Auditors has created a suite of Accounts Payable Fraud Detection algorithms that have been utilized for several large corporate disbursement audits. Our team of analysts can work with most A/P systems and can accept .csv, .txt, Excel, Access, and other types of data files. Our staff utilizes the most powerful business intelligence and data mining software in the industry – SAS – and is able to process millions of records quickly.
Duplicate payments are often mistakes in payment: perhaps an invoice was paid from both a bill and a statement. But, sometimes duplicate payments can indicate fraud. A fraudulent employee may create a duplicate payment and alter the second check and cash it. The employee may even set up a fictitious vendor to funnel the erroneous payment to. After conducting numerous A/P recovery audits, Automated Auditors has developed finely-tuned duplicate payment detection algorithms using fuzzy matching logic. Fuzzy matching logic is the ability to compare two disparate phrases and claim they are similar if enough of the characters are matching. For example, invoices “12345” and “0012345A” would be considered similar using our fuzzy-matching logic, but would go undetected by system edits. We can also identify duplicate payments to different vendors. Although duplicate payments do not necessarily always indicate fraud, it is a piece of a puzzle that we consider when assessing risk.
This test is very useful for identifying employees who have created a vendor using their personal information. It is very similar to our duplicate vendor check, although we use the employee’s information and cross-reference it with the vendor information. We typically compare the vendor and employee by address, phone, banking information, and weed out false positives such as when an employee may have been a contractor (vendor) prior to joining the company. What distinguishes our tests is that we consistently utilize the power of fuzzy matching logic to identify similar addresses and similar pieces of identifying information.
Fictitious Vendor Search
Using a current version of the Mail Drop File, this algorithm matches your vendor address records against all of the UPS Stores and mail drops in the United States. Fraudsters sometimes rent a mail drop for their fictitious vendor instead of a P.O. Box, because a mail drop address looks like a regular street address, just with a “suite” or “box” number. This Mail Drop File is also available for purchase on our “Purchase” page (link here).
Another test that we use to identify potential fictitious vendors is to find common threads throughout vendor names. After analyzing the Harriette Walters DC Tax fraud case in-depth, we noticed the common thread of names throughout the fraudulent payees. See the table below, copied from the actual Harriette Walters indictment:
|Date||Voucher No||Check No||Payee||Amount|
|1/31/94||VRRE 7821||323620||WALKER-POPE INC||$52,963.00|
|3/02/94||VRRE 8905||349977||POPE AND ASSOCS INC||$46,880.00|
|4/28/94||VRRE 0015||420795||POPE AND ASSOCIATES, INC||$58,020.90|
|5/03/94||VRRE 0721||399175||WALKER-POPE ASSOCIATES||$48,900.00|
|7/08/94||VRRE 0022||459922||POPE-WALKER AND ASSOCS||$48,321.79|
|9/01/94||VRRE 0011||455310||WALKER-POPE & ASSCOS [sic] INC||$55,850.69|
|11/02/94||VRRE 0019||404690||WALKER-POPE & ASSOCS||$58,820.69|
|11/29/94||VRRE 0023||527540||POPE AND ASSOCIATES, INC||$52,642.33|
Notice the common theme of “Pope”, “Walker”, and “Assoc”? Automated Auditors has developed software to parse each name into words and to identify vendors with common names. We can also weed out noise words such as “Inc” or “Corp” – but in this case, the “Assoc” actually is part of the common thread.
Benford’s Law is a hot buzzword in the fraud-detection world. But what does it do? Benford’s Law is a logarithmic phenomenon whereby the first digit of a continuous amount (such as invoice amount) is “1” approximately 30% of the time. We have tested this theory with numerous large datasets and it always holds true. For fraud detection, this means we can identify vendors who are perhaps billing amounts that start with “8” or “9” a lot more frequently than their peer-groups. The graph below illustrates the frequency of the first digit for continuous unbounded numbers:
Another algorithm we use to identify potential fraud is to isolate vendors who are consistently using rounded amount checks (no pennies). Our algorithm calculates the percentage of payments that are rounded amounts, and identifies vendors with the highest percentages. We have found that in conjunction with other algorithms, this is a useful tool for identify A/P fraud.
Above Average Payments
Using this algorithm, we identify above-average payments per vendor by using a ‘z- score’ outlier detection method. The z-score is just a measure of how many standard deviations away from the vendor payment mean that a single payment is. This algorithm is also useful when combining it with some of the other algorithms, such as the Rounded Amount algorithm.
Below Approval Levels
This is the algorithm nick-named “Flying Below the Radar” because that is exactly what the fraudster wants to do. Either by themselves, or via collusion with a manager with approval privileges, an employee may submit invoices that are just below common approval thresholds, such as $5,000, $10,000 and beyond. What are your approval thresholds? We will customize this algorithm to fit your approval thresholds and look for any payments that fall just beneath them.
Sequential Invoice Numbering
Sequential invoice number is an abnormality because it may indicate that the vendor does business with only you. If they are legitimate, they most likely will have other clients. So we use this algorithm to determine if a vendor is billing with sequential invoice numbers, usually they start with “001”, “002” and very low numbers and never have a gap.
Pricing Analysis and Kickback Analysis
Our staff can conduct a comprehensive pricing analysis of your vendors, to try to determine of one vendor is consistently chosen even though their prices are higher. This may indicate a potential kickback situation or a conflict of interest situation whereby an employee has a personal interest in sending business to that particular vendor. We also utilize State Corporation Commission files to determine if an employee is an owner or operator of one of your vendors. This will greatly assist in the fraud risk assessment.