Using Computer-Assisted

Auditing Techniques to Detect

Fraud

1
 Using CAATs to Find Fraud
‹ What are CAATs?
‹ Data Analysis Methodology
‹ What is Data Mining?
‹ Fraud Detection
‹ Data Analysis Software & Techniques
‹ Examples of Fraud
‹ A Generic Approach
‹ Benford’s Law
‹ Financial Crime Investigator
‹ Case Studies

2
 What Are CAATs?
‹ Computer-based tools that permit auditors to increase their personal
productivity as well as that of the audit function. [CAATTs & Other
BEASTS for Auditors, by David G. Coderre; 1998, Global Audit
Publications]
‹ Provides, at a minimum, the following benefits:
– Gain insight into the business and operations
– Visibility into the company’s control (failure, operations metrics,
improvements)
– Benchmarking across business units, competitors, etc.
– Testing efficiencies – increase test coverage and assurance
– Regulatory compliance, fraud or litigation analysis
– Saves time (sometimes even in the first year)

3
 What Are CAATs?
‹ The data tells the story! Enables you to quantify the financial
impact of business decisions, accounting practices, and internal
controls
‹ Also known as “Data Analysis”
‹ The power of CAATs: The Georgia Department of Redundancy
Department has 135,000 employees. How long would it take
auditors to manually search payroll records to identify duplicate
payments by finding duplicate social security numbers?

4
 Data Analysis Methodology
1 Define 2 Validate 3 Execute 4 Data Retention

1.1 Define objectives 2.1 Request and 3.1 Execute audit steps 4.1 Document process to
of analysis receive data 3.2 Identify discrepancies reproduce data
1.2 Gain an 2.2 Validate control 3.3 Discuss
understanding of totals discrepancies with
business/ 2.3 Perform data stakeholders and
technical quality assessment validate errors
environment 2.4 Gain 3.3 Assess impact on
1.3 Define data understanding of objectives
requirements data

Document

5
 Types of CAATs
‹ Word processing
‹ Spreadsheet
‹ Database
‹ Statistical sampling
‹ Data mining
‹ Real time testing programs
‹ Integrated audit software
‹ Data analysis
‹ Artificial intelligence/expert systems

6
 Types of CAATs Most Important for
Fraud Detection
‹ Word processing
‹ Spreadsheet
‹ Database
‹ Statistical sampling
‹ Data mining
‹ Real time testing programs
‹ Integrated audit software
‹ Data analysis
‹ Artificial intelligence/expert systems

7
 Using Data Analysis Software
Test Objectives

Identify Data

Request Test Data

Refine Data Run Test CAATS

Request

Test
Results
Poor
Good

Request Full Data

Run CAATS CAAT Reports

8
 What is Data Mining?
‹ The process of discovering meaningful new correlations, patterns,
and trends by sifting through large amounts of data stored in
repositories, using pattern recognition technologies as well as
statistical and pattern recognition techniques [Gartner Group
Interactive: http://gartner6.gartnerweb.com]
‹ Most often used (up until recently) in marketing and customer
analysis

9
 Data Mining in Crime Solving
‹ Software compiles facts, attributes, and characteristics about
various types of crimes
‹ Helps investigators identify crimes with common (or similar)
attributes/characteristics
‹ Linking evidence from similar crimes can lead to identification of
perpetrator(s)
‹ Detective Toolkit (Violent/Serial Crime)
‹ Fraud Investigator (Insurance fraud)
‹ Similarity Search Engine (compares any databases)

10
 Data Mining Crime Solving Example
‹ Insurance companies compile data on claims: incident descriptions,
claimants, witnesses, other individuals involved, time of day,
location, etc.
‹ Data mining software identified cases where the same individual
was involved in several claims, sometimes as witness, sometimes
as passenger, sometimes as driver
‹ Further comparisons and investigation lead to identification of
hundreds of fraudulent claims

11
 Data Mining Crime Solving Example
‹ A series of murders occurred with remarkable regularity (weekly) in a small
town in Maine
‹ Police used data mining techniques to track the similarities and common
characteristics of all of these crimes
‹ They found that every crime had a single common characteristic; one person
was involved in some way with every one of the murders
‹ Although they were unable to prove that this person had committed the
crime, Cabot Cove declared Jessica Fletcher a public menace, banned her
from the town, and the murders stopped

12
 Getting Data

Never!
Never!
Never!
Never!
Give Up!

Winston Churchill
13
 Fraud Detection

14
 Fraud Detection
‹ Think “outside the box” … “one plus one equals two” is not
always [Fraud Examination in the Classroom, by Mary-Jo
Kranacher, May / June 2005, FraudMagazine]
‹ Batman once said, “If only they would use their genius for good
instead of evil!”

15
 What is Fraud?
Employee Management
Fraud Fraud
Activity to Activity to
benefit benefit the
himself and company
affect the
company

16
 Fraud Tests

Asset misappropriation
Audit
Fraudulent Statements Program

Corruption FRAUD
Tests

17
 Fraud Detection Plan
‹ Hypothesis Testing
– Develop a fraud hypothesis
– Obtain data
– Design CAAT tests
– Analyze results to determine if there is support for fraud
hypothesis

18
 How Can We Use Data Mining to
Find Financial Statement Fraud?
‹ Compile databases of key ratios, industry characteristics, and other
attributes (risk factors) of discovered financial statement frauds
‹ Use data mining techniques to calculate coefficients of correlation
between known financial statement fraud schemes and the
organization you are planning to audit
‹ Results imply the degree of audit risk (and have corresponding
implications about audit fees)
‹ Better still, results will pinpoint the areas within the financial
statements needing the greatest audit attention
‹ In effect, a more sophisticated type of analytical procedure than we
have done traditionally

19
 Data Analysis Software
‹ Useful for identifying misappropriation of assets and fraudulent
financial reporting
‹ Allows limitless number of analytical relationships to be assessed
– within large databases
– comparing large databases
‹ Identifies anomalies
‹ Further (human) investigation is almost always needed

20
 Data Analysis Software
‹ Access and Excel
‹ Interactive Data Extraction and Analysis (IDEA)
‹ Audit Command Language (ACL)
‹ Windows based and user friendly
‹ Require creativity and imagination
‹ Supplements – but does not replace – intelligent audit work

21
 Data Analysis Techniques
 Filters  Classification
 Sorts  Summarization
 Statistics  Stratification
 Gaps  Join and Define
 Duplicates Relationships
 Aging  Trend Analysis
 Confirmations  Regression Analysis
 Samples  Parallel Simulation
 Digital Analysis

22
 Data Analysis Tools
Analytic
Tools Capacity Ease of use
Capabilities
• 65,536 rows by • Standard, easy to • Data analysis
Microsoft Excel 256 columns use office toolkit
• 255 chars per field application • Built-in functions

• 2 GB database • Training is • Built in functions

Microsoft Access • 255 fields required • Great for joining
(columns) tables

• Unlimited • Requires basic • Complete set of

ACL training preprogrammed
• Menu based analysis

• 1,000,000 input • Training is • Provides basic

Monarch pages required analytic
capabilities

• 1,048,516 • Advanced training • Built in functions

Microsoft SQL Server terabytes required • Great for joining
• 1,024 columns tables

Excellent Good Satisfactory Poor Very poor

23
 CARTA
Composite Application, Right-Time Architecture
(CARTA)

24
 CARTA
Composite Application, Right-Time Architecture
(CARTA)

25
 Examples of Fraud
‹ Fraud Analysis – A simple analysis of data such as payroll,
employee, vendor, accounts payable, accounts receivable, and
much more, can help determine if fraud is occurring
‹ Payroll Fraud
– Duplicates (i.e. payees on same date, same or similar
names, direct deposit account numbers)
– Paychecks being created for employees that have no time
and attendance, no expenses, no vacation, little or scare
personnel records, etc
– Wages inconsistent with job classification
– Pay date precedes employment date
– Terminated employees continuing to be paid

26
 Examples of Fraud
‹ Purchasing Fraud
– Duplicate disbursement amounts
– Duplicate invoice numbers/dates
– Duplicate disbursements on same date
– Disbursement to vendor not in vendor database
– Vendor name/address/phone # same as employee name/address/phone #
– Invoice’s “pay to” address different from address in vendor or contract
database
‹ Refund Fraud
– Refund check “pay to” address different from address in customer database
– Refund check amounts just below higher-level-approval-required threshold
– Refund check “pay to” name and/or address matches to employee name
and/or address

27
 Examples of Fraud
‹ Accounts Payable
– Producing reports of debit balances
– Producing reports of large or old suspense items
– Testing accumulation of payables balances
– Producing reports of balances with no scheduled payment date
– Producing reports of new suppliers
– Search for unrecorded liabilities
» These reports help identify
‹ Inefficient invoice processing
‹ Spend reduction opportunities
‹ Inefficient purchasing organization
‹ Mismanagement of cash flow
‹ Inconsistent payment terms across organizations
‹ Data quality issues within master files

28
 Examples of Fraud
‹ Cash Skimming
– Unrecorded or understated sales or receivables
– Theft of cash receipts
– Lapping
‹ Fraudulent Disbursements
– Fictitious vendors
– Billing schemes
– Over-billing schemes
– Pay and return scheme
– Check kiting
– Theft of company checks and check tampering
– Expense reporting schemes

29
 Examples of Fraud
‹ Inventory
– Theft of inventory
– False sales, write-offs and other adjustments
– Inventory valuation schemes
‹ Fixed Assets
– Theft of fixed assets
– Unauthorized changes in depreciable life
– Unsupported additional / deletions / modifications to fixed asset sub ledger

30
 Detection Techniques: Digitizing
Use of special functions to convert names to digits, and comparison
of digits for phonetic duplicates.

Soun
dex
Code Vnum Vname Addr1 City
A153 68 AVNET P.O. BOX 847722 DALLAS
A153 57 AVNET EMG P.O. BOX 847722 DALLAS
P626 251 PROGRAMMERS PARADISE P.O. BOX 17043 NEWARK
P626 855 THE PROGRAMMER'S SHOP NEWARK

31
 Testing Example: Related Party
Transactions
Match: Addresses, Phone Numbers, SSN-FEDID

Vendor LOC VCODE/ VNAME/ Vendor Address1/ Vendor City/

Employee LOC Employee SSN Employee (fname+lname) Employee Address 1 Employee CITY
DST2017 LES142 LESLIE SMITH WELDING 1420 CHERRY HILL LOOP SPRINGFIELD
2017 333245232 LESLIE SMITH 1420 CHERRY HILL SPRINGFIELD
DST0086 14195 MORRIS COMPUTER SERVICES 4402 CODY AVENUE BELMONT
0086 435443344 GARY MORRIS 4402 CODY AVE BELMONT

VENDORNUM NAME1 STREET c_dummy Zip Phone

SSN NAME ADD1 ADD2
0040006668 T ENTERPRISE RT 2 BOX 8 MENTOR 56736 312-444-4444
232456545 Tischman,Richard C Rt 2 Box 8 Mentor 56736-9703 630/4548976

32
 Testing Example: Corporate
Card Misuse
String Searches

33
 Testing Examples: Ghost
Employees Testing
Non valid SSN:

AH_BUSINES WORK_LOCAT NAME SSN STATUS

Retail Operations 09226 Miami Jones, David 333-24-5555 A
Retail Operations 09453 Clearwater Tap, John 542-44-9999 A
Retail Operations 30507 Irvington Brown, Paul 323-33-2345 A
Retail Operations 32544 Massapequa Hamilton, Gavin 324-54-3456 A

Other Tests:
• Test for no Withholdings
• No Vacation or Sick Days
• Invalid address

34
 Testing Examples: Duplicate
Vendors and Payments
‹ Entertainment Company
– 17% duplicate vendors
– $500,000 in recovered duplicate spend
– $750,000 in duplicate spend

‹ Computer Manufacturer
– 5% duplicate vendors
– $16M in potential duplicate spend

‹ Information Services Company

– 9% duplicate vendors
– $1.6M in possible duplicate spend

35
 Testing Examples: Duplicate
Payments

36
 Payroll Fraud
‹ Databases involved
– Payroll
– Personnel
– Time & attendance
– Employee directory
– Terminated employee directory
– Valid SSN listings
– Leave and vacation
– Employee expenses

37
 Possible Tests for Payroll Fraud
‹ Duplicates:
– Payees on same date
– Same or similar names
– SSNs
– Addresses
– Telephone numbers
– Direct deposit account numbers
– Work locations
– Work telephone numbers

38
 Possible Tests for Payroll Fraud
‹ Comparisons: Paycheck, but ...
– no time & attendance
– not in employee directory
– no leave ever taken
– no expenses
– terminated employee
– no pension or other deductions
– no valid SSN
– no, or scarce, personnel data

39
 Possible Tests for Payroll Fraud
‹ Employees with P.O. Box addresses
‹ Wages inconsistent with job classification
‹ Payroll disbursements above certain amounts (by pay period or
cumulative)
‹ Premium pay above certain amounts
‹ Benefit contributions but not on payroll
‹ Pay date precedes employment date
‹ Overtime with other activity indicators

40
 Purchasing Fraud
‹ Databases involved
– Vendor
– Personnel
– Dun & Bradstreet
– Employee directory
– Terminated employee directory
– Employee expenses
– Inventory
– Accounts payable; accounts receivable

41
 Possible Tests for Purchasing
Fraud
‹ Duplicate disbursement amounts
‹ Duplicate invoice numbers/dates
‹ Duplicate disbursements on same date
‹ Disbursement to vendor not in vendor database
‹ Vendor name/address/phone # same as employee
name/address/phone #
‹ Vendor name similar to employee name

42
 Possible Tests for Purchasing
Fraud
‹ Purchases inconsistent with inventory
‹ Missing purchase request (PR) #, purchase order (PO) #,
receiving report (RR) #
‹ Names on PR, PO, or RR missing; or the same; or not in
employee database
‹ Vendor address is P.O. Box
‹ Invoice’s “pay to” address different from address in vendor or
contract database

43
 Possible Tests for Purchasing
Fraud
‹ Vendor with no telephone number or contact name
‹ Invoice numbers from same vendor in unbroken sequence
‹ Invoice amounts just below higher-level-approval-required threshold
‹ Multiple vendors with same address, telephone, contact person
‹ Vendors with similar or similar-sounding names

44
 Possible Tests for Purchasing
Fraud
‹ Unit prices rising rapidly or inconsistent with historical prices
‹ Unit prices for same items inconsistent among different vendors
‹ Matches of item numbers/description being purchased and sold for
scrap
‹ Inventory level fluctuations inconsistent with production or sales
‹ Contract or PO “ship to” address matches employee address
‹ Contract or PO “ship to” address does not match any company site
addresses
‹ ?
‹ ?

45
 Data Analysis – A Generic
Approach
‹ Identify all available databases
– Internal to the organization
– External to the organization
‹ List record fields in all available databases
‹ Formulate hypotheses about record field relationships
‹ Program analytical tests for each hypothesis
‹ Run tests (output is your “hit list”)
‹ Evaluate initial hit list and refine the tests
‹ Re-run refined test to produce shorter, more meaningful hit list
(repeat steps 5-7, as needed)

46
 Data Analysis – A Generic
Approach
‹ Evaluate (via record analysis, interview, or other technique)
every item on the refined hit list
‹ Dispose of every hit:
– Valid explanation found
– Probable improper transaction – full investigation
needed
‹ Identify control problems and corrective actions needed

47
 Data Analysis
‹ Keep the programs developed and refined over time
‹ Run as batch / script programs as frequently as resources allow
‹ Explore feasibility of real-time tests of transactions

48
 Real-Time Transaction Tests
‹ Add a loop to the existing accounting system transaction
process
‹ Loop goes through the internal or external audit organization
‹ Transactions that fail the audit organization’s [secret] tests get
stopped for further analysis

49
 CAATs in Continuous Monitoring
Identify
‹ Identify data patterns Tests to
detect
indicative of fraud. Anomalies
‹ Develop Fraud Criteria
Short
‹ Scan data at short interval data
Continue to
feeds from IT
intervals. refine tests Data into a secure
‹ Trigger alarms when audit folder
data meets criteria.
‹ Data tests can be Anomalies
continuously refined. No
Yes

E-mail exception
reports

50
 Benford’s Law
‹ A Digital Analysis Technique
‹ The first digits of numbers are not randomly distributed
‹ Distribution of first four digits:
– 1 – 30.1%
– 2 – 17.6%
– 3 – 12.5%
– 4 – 9.7%

51
 Benford’s Law

0.35
0.3
Frequency

0.25
0.2
0.15
0.1
0.05
0
1 2 3 4 5 6 7 8 9

First Digit
52
 Benford’s Law
‹ So what?
‹ Use Benford’s Law to identify anomalous transactions in:
– Accounts payable and expenses
– Accounts receivable and sales
– Refunds
– Payroll
– Estimations in the general ledger

53
 Purchase Order Amounts

0.3

0.25
Frequency

0.2

0.15

0.1

0.05

0
1 2 3 4 5 6 7 8 9

First Digit
54
 Bank Deposit Amounts

0.3

0.25
Frequency

0.2

0.15

0.1

0.05

0
1 2 3 4 5 6 7 8 9

First Digit
55
 Benford’s Law
‹ Invented, contrived, or manipulated numbers do not follow
Benford’s Law
‹ Doesn’t apply to all data sets
– e.g. sets of data with numbers that have imposed ceilings or
floors such as IRA contributions or hourly wage rates
‹ Once again, however, human analysis of anomalies is needed

56
 Financial Crime Investigator
‹ Artificial intelligence or expert system
‹ Relational database containing:
– Fraud indicators
– Fraud schemes
– Fraud statutes and elements of proof
– Investigative steps
– Steps for database queries to detect specific schemes

57
 Financial Crime Investigator
‹ If you have a fraud indicator, FCI will list possible fraud schemes
for that indicator
‹ If you suspect a fraud scheme, FCI will:
– List other indicators to look for
– List fraud statutes under which the scheme can be
prosecuted
‹ If you identify a potential fraud statute violation, FCI will list the
elements of proof needed to prove the crime

58
 Financial Crime Investigator also
has:
‹ Decision trees for opening, conducting, continuing, and
terminating an investigation
‹ Checklists for making decisions at any point in your case
development
‹ Library aids: interviewing techniques, using the case theory
approach, case tactics and strategy
‹ Guidance for writing investigation reports
‹ Glossary of terms (hypertext)
‹ “How-to” guides (e.g. proof of cash; file a complaint/get a case
prosecuted; prove intent; find mail-drop addresses; etc.)
‹ Key sources for additional data such as public records; credit
information; bankruptcy/judgment/lien information; vehicle registrations;
business background information; etc.

59
Case Study: Barings Bank
‹ Nick Leeson was a 27-year-old rogue derivatives trader in Barings’
Singapore office
‹ He single-handedly collapsed the 233-year-old bank by trading with
bank funds
‹ He reported his gains (and got large bonuses as a result); but hid his
losses in a “5-eights” account (account number 88888)
‹ The bank collapsed in Feb. 1996
‹ In Dec. 1995, account 88888 had $512 million in losses hidden in it
‹ Among the means Nick used to conceal the losses in 88888 was
“suppression” of the account in printed reports to London
‹ Could data analysis have saved Barings?

60
Case Study: Barings Bank
‹ Simply totaling – electronically – the debits and credits in the reports to
London would have revealed the “suppression”
‹ Account 88888 was supposed to be a low-balance adjustment account
for minor trading errors; hence, a simple stratification test would have
revealed the anomaly

61
Case Study: The Fool Service Motor
Pool
‹ Whatsamatta University operates a motor pool to service and
maintain its large fleet of vehicles (cars, trucks, and research vessels)
‹ Arthur Fulldodger has managed the motor pool for 25 years, and
everyone agrees he does a terrific job
‹ Anne Alasiss, CPA, is assigned to test motor pool controls and
expenses as part of the annual audit
‹ Anne notes that the manager, Art, seems to be involved in every
aspect of running the motor pool and keeping its service records
‹ Anne downloads the service pool’s database of service records and
conducts a number of tests using IDEA
‹ Anne uses vehicle mileage records and gasoline charge card records
to calculate vehicle miles per gallon

62
Case Study: The Fool Service Motor
Pool
‹ Anne finds that most vehicles appear to be getting very poor gas
mileage--less than 10 miles per gallon
‹ A more detailed, monthly vehicle-by-vehicle analysis reveals that
some vehicles get very good mileage (30+MPG) in some periods
and very poor mileage (<5 MPG) in others
‹ Further investigation (including surveillance) reveals that faculty and
students fill their vehicles at the motor pool
‹ Art charges them $.50/gal; pockets the money; and records the gas
charge against university vehicles
‹ Anne also extracts and plots repair costs by vehicle on a month-by-
month basis
‹ This analysis shows several anomalous results

63
Case Study: The Fool Service Motor
Pool
‹ New vehicles seem to have an unusual number of repairs--even
vehicles still under warranty
‹ Graphs show a peak of repair activity in the two months prior to
the end of each vehicle’s service history
‹ What did Anne’s further investigation reveal?
‹ Art is repairing cars for faculty and students at “deep discount”
rates
‹ Art is refurbishing fully-depreciated, “no-more-useful-life-left”
vehicles just before he “retires” them by selling them to his pal,
Rudolph Mentari, who happens to own “Honest Rudy’s” Used Car
Dealership

64
 • Source: http://www-personal.si.umich.edu/~nsharma/dikw_origin.htm

65
 And now …

66
67
 Using Computer-Assisted
Auditing Techniques to Detect
Fraud

68
 Appendix

Data Analysis Techniques:

Detailed Commands

69
 Filters
‹ Show me only certain transactions that I might be interested in
‹ I.e. filter out the “static” inherent in large databases
‹ E.g. from the database of all invoices paid this month, show me
those with invoice dates more than 30 (or 60, or 90) days prior
to this month

70
 Sorting
‹ Put the data into an order that is easier to analyze
‹ E.g. aged accounts payable
‹ Sort by vendor name;
‹ Or sort by vendor address;
‹ Or sort by vendor telephone number;
‹ Or EFT account number

71
 Statistics
‹ Average value, standard deviation, highest/lowest value, etc.
‹ Show me all vendor payments that are more than two standard
deviations from the mean
‹ Show me every unit price for product A that is more than 1
standard deviation from the mean

72
 Gaps
‹ Used when we have pre-numbered forms or transactions
‹ Show me all missing checks
‹ Show me missing health insurance claims
‹ Show me missing purchase orders
‹ Show me missing vouchers for benefits

73
 Duplicates
‹ Used in situations when duplicates should not occur
‹ Show me all payroll transactions in the pay period that have
duplicate:
– Payees
– SSN
– Payment addresses
– EFT transfer destinations

74
 Aging
‹ We all use an aged A/P listing
‹ AGE function can calculate the number of days between two date
fields
‹ Show me the time elapsed from when an item was purchased and
placed in inventory and when it was disposed of as “scrap” or “due to
obsolescence”
‹ Show me the time elapsed between award of a major contract and the
contracting officer’s purchase of a condo in the Bahamas

75
 Expressions and Calculations
‹ Can be used to test for and detect errors in accounting software
‹ But, can also be used to detect outside intervention into an otherwise
okay system
‹ Recalculate units x unit price and show me all cases where the result
does not equal the value in the extended amount field
‹ Recalculate vacation accruals for every payroll transaction and show
me every case where the result differs from what was recorded

76
 Classify
‹ Counts the number of unique values in a selected character
field(s) and the corresponding totals of other numeric fields
‹ Show me how many hysterectomy procedures have been
performed, by sex:
– Female: 127
– Male: 3
– [sex field blank]: 12

77
 Summarize
‹ Similar to CLASSIFY, but sorts data by specified field and
provides a detailed listing of transaction information for all
records in that classification
‹ Show me all transactions for vendor A, B, C
‹ Show me all payroll transactions for employee A, B, C
‹ Show me all employee expenses transactions for employee A,
B, C

78
 Stratify
‹ Groups transactions into specified ranges of values (strata)
‹ Show me numbers of contracts within certain strata
– $0 - $45,000: 27
– $45,001 - $49,000: 12
– $49,001 - $50,000: 425
– $50,001 - $100,000: 5
– $100,001 - $1,000,000: 3

79
 Join and Define Relation
‹ JOIN combines data from two databases into a single database
‹ DEFINE lets you specify the relationship of interest
‹ Show me employee expense claims by employees who were on
vacation/sick/holiday leave on the day the expense was incurred
‹ Show me all instances in which a person made a DNC/RNC
campaign contribution within 60 days of getting a Federally-
guaranteed loan

80
 Trend/Regression Analysis
‹ Trend analysis looks at historical trends that data exhibit
‹ Regression analysis uses historical data to predict what future values
will be
‹ Looking at electricity usage trends will show anomalous changes
‹ Regression analysis of electricity usage will predict what the usage
should be in the current period

81
 Appendix

Where to Get More Information

82
 Where to Get More Information
‹ 101 ACL Applications: A Toolkit for Today’s Auditors, Richard B.
Lanza, CPA, Global Audit Publications, 1999 [604/669-4225; or
www.acl.com]
‹ About Benford’s Law: I’ve Got Your Number, Mark J. Nigrini, Journal
of Accountancy, May 1999
‹ About ACL: www.acl.com
‹ About IDEA: www.audimation.com
‹ About Detective Toolkit, Fraud Investigator, and Similarity Search
Engine: www.infoglide.com

83
 Where to Get More Information
‹ About ViCLAS: www.mtps.on.ca/Year/ViCLAS
‹ About Data Mining:
– www.gartner6.gartnerweb.com
– www.statserv.com/datamining.html
– www.datamining.org/sites.htm
– www.wizsoft.com
‹ About Financial Crime Investigator:
www.cci2.com/fci_prod.htm

84
 Bio – Contact Info
‹ Vinesh R Bulsara
[email protected]

Vinesh is a Director in PricewaterhouseCoopers’ Process

Improvement practice specializing in Data Management (DMG).
He has over nine (9) years experience in performing IT reviews
(security, data mining, project management), and process and
controls review. His experience including auditing Entertainment
and Media, and Consumer Products, and Technology companies.
During the past two years, Vinesh has focused on Data
Management in support of internal and external clients with SAS
99 and other automated testing.

85