infographic: the finance leader's guide to balancing risk & performance
TRANSCRIPT
TOP 11 PROCESS AREAS FOR DETECTIVE CONTROLS
General Ledger
Salaries & Payroll
Accounts Payable
Accounts Receivable
Cash Disbursements
Vendor Management
Assets Management
PO Management
Stock & Inventory
Sales Analysis
Human Resources
LEARN ABOUT 7 PERFORMANCE
HACKSTO IMPROVE RISK MANAGEMENT
DOWNLOAD ACL’S FREE EBOOK, “THE FINANCE LEADER’S GUIDE
TO BALANCING RISK AND PERFORMANCE”
ACL EBOOK
THE FINANCE LEADER’S
GUIDE TO BALANCING RISK
AND PERFORMANCE Understand the gaps in your ERP system controls to maximize performance
ACL OFFERS A SUITE OF PRE-BUILT ANALYSIS APPS TO MONITOR
ERP PROCESS RISK'ACL Essentials’ analysis apps jumpstart the previously
difficult task of uncovering leaks in critical business processes running on ERP systems. To learn more or for a free assessment of how you could improve
oversight of your ERP processes, contact us at
1-866-669-4225 or [email protected].
Visit www.acl.com< Download Now
RISK & CONTROL MONITORINGTECHNOLOGY BUYING
CHECKLIST MODERN, EASY-TO-USE, COLLABORATIVE
PLATFORM & INTERFACE □ Intuitive, user-friendly interface □ Software that your team actually wants to use □ Support for mobile devices
INTEGRATED SUPPORT OF ALL ASPECTS OF RISK, CONTROL & AUDIT PROCESSES
□ Defining and documenting risks and controls □ Assessing and ranking risks □ Assessing and testing control effectiveness □ Analyzing transactions and data □ Investigating results □ Managing exceptions □ Remediation and escalation workflow □ Automated questionnaires and surveys □ Dashboards and reporting □ Standard analytic tests □ Data and test repositories □ Data analysis and monitoring
SPEAKING OF DATA ANALYSIS FOR RISK & CONTROL TESTING, LOOK FOR:
□ Pre-built analytic routines e.g., classification, stratification, duplicate testing, aging, join, match, compare—as well as various forms of statistical analysis, including Benford analysis
□ Data manipulation function capabilities for combining, matching, extracting data
□ Data visualization—to spot unexpected anomalies and provide new insights
□ Ability to perform complex testing and fraud detection
□ Ability to access a broad range of data sources and types
□ Support of full automation and scheduling of analytics
□ Comprehensive logging of all procedures performed (to generate complete trails)
□ Ready access to an online repository of proven analytics
□ Online best practices training
ERP SYSTEMS MAKETERRIBLE WHISTLEBLOWERS
WHO SHOULD POLICE THE POLICE?Don’t let sampling and silos blind you from seeing the big picture. Risk and control analytic tools perform all analysis at the transaction level—not the configuration level like your ERP system—ensuring 100% of transactions across one or many ERP installations are monitored for control violation.
Independence from your ERP platform is necessary for objective oversight of your ERP platform.
BONUS:
WHISTLEBLOWER PROGRAM
Hotlines and other whistleblower reporting systems are among the most effective means for
detecting certain types of fraud and abuse. But this is not a feature of any ERP solution.
Risk and control testing technology with integrated workflow capability enables you to
collect information anonymously through a web hotline, for example, and then connect
reported incidents into your overall risk management program.
This means that individual reports can be linked to an assessment of a
particular type of risk exposure or control effectiveness—and be
included in overall risk status reporting dashboards.
PREVENTATIVE VS DETECTIVECONTROLS CONTROLS
50%(FROM 24 TO 12 MOs)
REDUCTION IN AVERAGE DURATION
OF FRAUD WHEN USING PROACTIVE DATA
MONITORING/ANALYSIS*
$92KAVERAGE LOSS
WITHIN ORGANIZATIONS THAT IMPLEMENTED “PROACTIVE DATA
MONITORING/ANALYSIS”
COMPARED TO $200K AVERAGE LOSS IN
THOSE THAT DID NOT*
*Source: Association of Certified Fraud Examiners,
“Report to the Nation on Occupational Fraud and Abuse”
ERP systems were intended to help deal with risks. The theory was that an enterprise-wide system on a single platform would not only be more efficient, but also could have sufficient built-in, automated controls to minimize the risks of bad things happening.
But the reality has turned out to be different...
Risk analytics and monitoring of transactions can transform the effectiveness of financial control systems without inhibiting workflow—providing a balance between the goals of tight control and maximum performance.
In fact, detective data analysis can provide an additional layer of control over financial processes—enabling ERP systems to be very productive and efficient, while reducing risks such as fraud, error, abuse and regulatory non-compliance.
PROACTIVE DATA MONITORING
WAS ASSOCIATED WITH
54% LOWER LOSSES
+ FRAUDS DETECTED IN HALF
THE TIME*
RISK CONTROL VS PRODUCTIVITY
No system of internal controls is perfect—and they don’t have to be. Controls are designed to reduce the risks of things going wrong that may damage the organization.
BUT CONTROLS COME AT A COST If a system is so highly controlled that risks are reduced to zero, the inevitable result is a cumbersome and slow process that limits the ability of your organization to simply get the job done.
You’ve been forced to choose between running a high performance process...or reducing the risks of fraud, error, abuse and regulatory non-compliance.
ARE YOU AT RISK OF THESE 6 COMMON
ERP SYSTEM VULNERABILITIES?
More than one ERP platform
Multiple individual instances
of ERPs
Application control settings are
not turned on
Implementation deadlines caused some controls to be overlooked
Deliberate attempts to bypass controls
Data entry errors
THE FINANCE LEADER’S GUIDE TO BALANCING RISK & PERFORMANCE
Understand the gaps in your ERP system controls to maximize performance