ed tobias, cisa, cia may 12, 2010. expectations background why it works real-world examples how...
TRANSCRIPT
It’s All in the Numbers -Benford’s
LawEd Tobias, CISA, CIA
May 12, 2010
ExpectationsBackgroundWhy it worksReal-world examplesHow do I use it?Questions
Topics
How many have heard of it?◦All over the professional journals
J. of Accountancy – 2003, 2007 J. of Forensic Accounting – 2004 Internal Auditor – 2008 ISACA Journal – 2010 Fraud Magazine - 2010
Expectations
As of 2004, over 150 articles have been written about Benford’s Law
Expectations
1881 – Simon Newcomb, astronomer / mathematician
Noticed that front part of logarithm books was more used
Inferred that scientists were multiplying more #s with lower digits
Background
1938 – Frank Benford, Physicist at GE Research labs
Front part of the log book was more worn out than the back
Analyzed 20 sets of “random numbers” – 20,299 #s in all
Background
Tested random #s and random categoriesAreas of riversBaseball stats#s in magazine articlesStreet addresses - first 342 people listed in “American Men of Science”
Utility Bills in Solomon Islands
Background
Benford’s Law:◦Random #s are not random
◦Lower #s (1-3) occur more frequently as a first digit than higher numbers (7-9)
In a sample of random numbers: #1 occurs 33% #9 occurs 5%
Background
What are “random numbers”?◦Non-manipulated numbersPopulation stats, utility bills,Areas of rivers
◦NOT human-selected #sZip codes, SSN, Employee ID
Background
What’s the practical use?◦1990s – Dr. Mark Nigrini, college professor Tested insurance costs (reim. claims), sales
figures Performed studies detecting under/overstmts
of financial figures Published results in J. of Accountancy (1990)
and ACFE’s The White Paper (1994)
◦Useful for CFEs and auditors
Background
What about financial txns?◦“Random data” = non-manipulated numbers AP txns, company purchases
◦NOT human-selected #s Expense limits (< $25) Approval limits (No sig < $500) Hourly wage rates
Background
How will it help me with non-random data?
◦Aid in detection of unusual patterns
Circumventing controls Potential fraud
Background
You won the lottery – invest $100M in a mutual fund compounding at 10% annually◦First digit is “1”◦Takes 7.3 yr to double your $
◦At $200M, first digit is “2” ...
Why it works
At $500M … First digit is “5”◦Takes 1.9 yr to increase $100MMAlthough time is decreasing, there are more years that start with lower digits
◦Eventually, we will reach $1BFirst digit is “1”
Why it works
Seems reasonable that the lower digits (1-3) occur more frequently
◦These 3 digits make up approx. 60% of naturally-occurring digits
Why it works
Scale invariant◦1961-Roger Pinkham◦If you multiply the numbers by the same non-zero constant (i.e., 22.04 or 0.323) New set of #s still follows Benford’s Law
Works with different currencies
Why it works
$2M Check Fraud in AZ$4.8M Procurement fraud in NC
Examples
Check fraud in AZ◦#s appear random to untrained eyes
◦Suspicious under Benford’s Law◦Counter-intuitive to human nature
Example #1
Wrote 23 checks (approx. $2M)Many amts < $100K
◦Tried to circumvent a control that required a human signature
Mgr tried to conceal fraudHuman choices are not random
Example #1
Avoided common indicators:◦No duplicate amounts◦No round #s – all included cents
Example #1
Mistakes:◦Repeated some digits / digit combinations
◦Tended towards higher digits (7-9) Count of the leading digit showed high
tendency toward larger digits (7-9) Anyone familiar with Benford’s Law would
have recognized the larger digit trend as suspicious
Example #1
Benford’s Law can be extended to first 2 digits◦Allow examiner to focus on specific areas
◦High-level test of data authenticity
Example #2
Procurement fraud in NC◦660 invoices from a vendor◦Years 2002-2005◦Total of $4.8M submitted for payment
Run the 660 txns through Benford’s Law …
Example #2
Example #2
See any suspicious areas?
Example #2
Drilling down in the “51” txns
Example #2
Over a 3-year period, at least $3.8M in fraudulent invoices for school bus and automobile parts were submitted.
The investigation recovered $4.8M from the vendor and former school employees.
Data Analytics software◦ACL / IDEA
Excel◦Add-Ons◦Built-in Excel Functions
How do I use it?
Questions
ExpectationsBackgroundWhy it worksReal-world examplesHow do I use it?
Summary
Benford’s Law Overview. n.d. Retrieved March 10, 2010 from http://www.acl.com/supportcenter/ol/courses/course.aspx?cid=010&ver=9&mod=1&nodeKey=3
Browne, M. Following Benford’s Law, or Looking Out for No. 1. n.d. Retrieved March 10, 2010 from http://www.rexswain.com/benford.html
Durtschi, C., Hillison, W., and Pacini, C. The Effective Use of Benford’s Law to Assist in Detecting Fraud in Accounting Data. 2004. Journal of Forensic Accounting. Vol. V. Retrieved March 10, 2010 from http://www.auditnet.org/articles/JFA-V-1-17-34.pdf
Managing the Business Risk of Fraud. EZ-R Stats, LLC. 2009. Retrieved March 10, 2010 from http://www.ezrstats.com/CS/Case_Studies.htm
Kyd, C. Use Benford’s Law with Excel to Improve Business Planning. 2007. Retrieved March 10, 2010 from http://www.exceluser.com/tools/benford_xl11.htm
References
Lehman, M., Weidenmeier, M, and Jones, T. Here’s how to pump up the detective power of Benford’s Law. Journal of Accountancy. 2007. Retrieved March 10, 2010 from http://www.journalofaccountancy.com/Issues/2007/Jun/FlexingYourSuperFinancialSleuthPower.htm
Lynch, A. and Xiaoyuan, Z. Putting Benford’s Law to Work. 2008. Internal Auditor. Retrieved March 10, 2010 from http://www.theiia.org/intAuditor/itaudit/archives/2008/february/putting-benfords-law-to-work/
Nigrini, M. Adding Value with Digital Analysis. Internal Auditor. 1999. Retrieved March 10, 2010 from http://findarticles.com/p/articles/mi_m4153/is_1_56/ai_54141370/
Nigrini, M. I’ve Got Your Number. Journal of Accountancy. 1999. Retrieved March 10, 2010 from http://www.journalofaccountancy.com/Issues/1999/May/nigrini.htm
Rose, A. and Rose, J. Turn Excel Into a Financial Sleuth. 2003. Journal of Accountancy. Retrieved March 10, 2010 from http://www.systrust.us/pubs/jofa/aug2003/rose.htm
Simkin, M. Using Spreadsheets and Benford’s Law to Test Accounting Data. ISACA Journal. 2010, Vol. 1. Pp. 47-51.
References
Stalcup, K. Benford’s Law. Fraud Magazine. 2010, Jan/Feb. Pp 57-58.
References