Presentation is loading. Please wait.

Presentation is loading. Please wait.

Continuous Audit at Insurance Companies

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Continuous Audit at Insurance Companies"— Presentation transcript:

1 Continuous Audit at Insurance Companies
Youngbum Kim, PhD. Student, Rutgers Univ. Sutapat Thiprungsri, PhD. Student, Rutgers Univ.

2 Outline Objectives Scope Methods Research Framework Q&A
A Rule-based model for Anomaly Detection Clustering Q&A

3 Objectives Creating an architecture for a future continuous audit of the systems in question Assisting the audit with analytical support Creating system specific filters of eventually preventive nature

4 Scope Historical disbursements & claims data to develop filters that may detect fraud, discrepancies and internal control weaknesses Maturity Model Automated Continuous Audit Continuous Control Monitoring

5 Methods

6 An evolving continuous audit framework
Data Audit Continuous Risk Monitoring and Assessment Continuous Control Monitoring Automation Sensoring ERP E-Commerce 6 6

7 Steps in the continuous forensic and audit process
Identify system and understand its structure and features Capture relevant data Clean and scrub data Create KPI and extraction models Run models under different scenarios Examine the exceptions found on an interactive basis Decide on profile of risk

8 Cont. Place filters in the entrance of processes
Create an audit by exception mechanism within the internal audit organization Create interfaces between management continuous monitoring and audit by exception Continue the forensic model development process based also on the filtering results Work on external audit reliance on the process

9 Framework

10 A Rule-Based model for Anomaly Detection
10

11 Research Question Prior Research
Focuses on fraud by outsiders such as customers, criminals, and intruders ( external fraud).  Little research on Internal Fraud Highly depends on ‘labeled/classified’ data. Known internal fraud examples are rarely documented and disclosed.  Unsupervised method of profiling Practicability Rarely considers actual implementation by internal auditors  Rule-based indicators and suspicion scoring system How can we develop a rule-based model to detect abnormal (internal fraudulent/erroneous) wire transfers?

12 Obstacles to Anomaly Detection
Anomaly (including internal fraud) detection When anomaly prevention fails (how to know?). Detects in a timely manner (or at least not too late, especially for internal fraud). Too small number of anomaly cases. Continuous Auditing/Monitoring process Unawareness that the anomaly prevention control has failed. Highly adaptive existing fraudsters (=fraud perpetuators) and New comers. Cost of undetected anomaly (esp. internal fraud) is significant.

13 Model Development Process
Information collection Discussion with Internal Auditors for Validation Result Investigation by Internal Auditors Rule Creation (addition/deletion/revision) Model Testing with Data (Re-testing) Note. ( ): After the first round

14 Anomaly Detection Process
A transaction Anomaly detecting model Suspicion Score Calculation Greater than criterion? N No Reports Y Labeled as potential anomaly Final Results Test of detail by internal auditors

15 Indicators Category 21types (38 indicators) of anomaly indicators.
Purport to identify abnormally low or high values, abnormally positive slope, or abnormally different from population norms. Conditional tests Pass/Fail or Yes/No types Some of them are directly related to controls. Statistical tests PI/CI, Frequency test, Correlation test, or Clustering Developed by using either prediction intervals, correlation, or clustering. 15 15

16 Anomaly Indicators: Example (Note. All the examples are fictitious.)
Questions Possible Filtering rules to test The payee transactions payment amount is out of the range of payment amounts. Amount range for each payee (or all payees) & check outliers. The payee transaction payment trend line over time has a positive slope. Correlation between date (or sequence numbers) and payee amounts for each payee The payee is an outlier to payee baseline activity. (Send to a payee that normally do not send to) Payee frequency by each initiator & check the payees that have the least frequencies. The transaction amount is out of range of normal activity from this bank account. The 90, 95, and 99 PI amts for each sending/receiving bank account and check the exceptions. The transaction initiator is not a normal sender from this bank account. First, check the list of sender bank account, then create exception list of initiators by sending bank account. The transaction payee is not a normal receiver from this bank account. A list of payees by sending banks who have least frequency:

17 Suspicion Scores (All the numbers are fictitious.)
Statistical score All wires Last Qtr only Total 197505 52574 81922 32666 1 7943 2092 101384 18227 2 1867 485 17596 2824 3 762 281 5772 1425 4 150 92 1072 266 5 12 10 384 84 6 83 32 7 21 Conditional 8 86613 34472 102686 17787 14063 2183 If Target Flags are between 25 and 30, 5 for Statistical, 6 for Conditional, and 7 for Total scores. 4327 987 402 80 133 22 15

18 Examples of Flagged Wires
wireID amount Statistical score Conditional Total 10 950,000 5 25 22,600,000 1 6 33 4,000 42 11,500,000 2 7 50 8,200,000 52 600,000,000 3 8 63 85,000,000 13

19 Contribution Proposes developing a detection model of internal fraud with unlabeled/unclassified data. Describes the development process of an anomaly detection model that is implementable by internal auditors. Shows that developing process of anomaly detection model can help internal auditors to identify weakly-controlled areas and thus provide additional assurance.

20 Limitations and Future Study
False negatives may exist in model development. Some anomaly indicators may not be applicable to the other companies. Future Study Needs more fine-tuning, that is, specification and customization to consider transactional characteristics. Thus, Next step will examine the relevance of relevant attributes. If relevant and effective, they will improve the current model.

21 Clustering For Anomaly Detection
21

22 Insurance Claims Objective
To detect potential fraud or errors in the claims process by using clustering techniques Steps in Cluster Analysis Selecting attributes Selecting distance measurement Selecting cluster techniques Analyzing the resulting clusters Identifying anomaly and/or outliers 22

23 Visualizing combination of attributes, we will be able to see similarity and differences among claims 23

24 Analyzing individual variables, we will be able to see clearly that some claims have rare values
24

25 Contribution Clustering can be used to build a model for anomaly detection when the labeled data are not available. It may help to discover some hidden pattern or clusters in the dataset. 25

26 Limitations and Future Study
Cluster Analysis always generates clusters, regardless of the properties of the data-set. The interpretation of the results might not be clear. How to define anomaly could also be a problem. 26

27 Thank you for your attention!

Download ppt "Continuous Audit at Insurance Companies"

Similar presentations

A business makes payments for what it buys, In return it receives payments for goods it sells or services it provides.

A business makes payments for what it buys, In return it receives payments for goods it sells or services it provides.
1 Continuity Equations: Analytical Monitoring of Business Processes and Anomaly Detection in Continuous Auditing Michael G. Alles Alexander Kogan Miklos.

1 Continuity Equations: Analytical Monitoring of Business Processes and Anomaly Detection in Continuous Auditing Michael G. Alles Alexander Kogan Miklos.
Unemployment Insurance Integrity Conference April 19, 2010 Forensic Techniques And Automated Oversight Brett Baker, PhD, CPA, CISA.

Unemployment Insurance Integrity Conference April 19, 2010 Forensic Techniques And Automated Oversight Brett Baker, PhD, CPA, CISA.
Practical Issues of Implementing Continuous Assurance Systems Presented by John Verver CA, CISA, CMC to the 5 th Continuous Assurance Symposium November.

Practical Issues of Implementing Continuous Assurance Systems Presented by John Verver CA, CISA, CMC to the 5 th Continuous Assurance Symposium November.
[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 10A.1 Audit Sampling.

[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 10A.1 Audit Sampling.
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Cluster Analysis for Anomaly Detection Sutapat Thiprungsri Rutgers Business School July 31 th 2010.

Cluster Analysis for Anomaly Detection Sutapat Thiprungsri Rutgers Business School July 31 th 2010.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Chapter 9 Audit Sampling: An Application to Substantive Tests of Account Balances McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Chapter 9 Audit Sampling: An Application to Substantive Tests of Account Balances McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
September 2003 Fraud Formalization and Detection Bharat Bhargava, Yuhui Zhong, Yunhua Lu Center for Education and Research in Information Assurance and.

September 2003 Fraud Formalization and Detection Bharat Bhargava, Yuhui Zhong, Yunhua Lu Center for Education and Research in Information Assurance and.
1 Software Testing and Quality Assurance Lecture 30 – Testing Systems.

1 Software Testing and Quality Assurance Lecture 30 – Testing Systems.
Purpose of the Standards

Purpose of the Standards
Lecture 8 Understanding entity and its environment

Lecture 8 Understanding entity and its environment
AUDIT PROCEDURES. Commonly used Audit Procedures Analytical Procedures Analytical Procedures Basic Audit Approaches - Basic Audit Approaches - System.

AUDIT PROCEDURES. Commonly used Audit Procedures Analytical Procedures Analytical Procedures Basic Audit Approaches - Basic Audit Approaches - System.
Enterprise systems infrastructure and architecture DT211 4

Enterprise systems infrastructure and architecture DT211 4
Copyright © 2007 Pearson Education Canada 1 Chapter 12: Audit Sampling Concepts.

Copyright © 2007 Pearson Education Canada 1 Chapter 12: Audit Sampling Concepts.
Business Logic Abuse Detection in Cloud Computing Systems Grzegorz Kołaczek 1st International IBM Cloud Academy Conference Research Triangle Park, NC April.

Business Logic Abuse Detection in Cloud Computing Systems Grzegorz Kołaczek 1st International IBM Cloud Academy Conference Research Triangle Park, NC April.
Www.company.com Lab2 CPIT 440 Data Mining and Warehouse.

Lab2 CPIT 440 Data Mining and Warehouse.
Data Mining By Jason Baltazar, Phil Cademas, Jillian Latham, Rachel Peeler & Kamila Singh.

Data Mining By Jason Baltazar, Phil Cademas, Jillian Latham, Rachel Peeler & Kamila Singh.
6-1. 6-2 06 Fraud Detection McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Fraud Detection McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Similar presentations

Ads by Google