Forensic Data Analytics: More than just for fraud detection

SUITS THE C-SUITE By Marvin Perrin L. Pe

Business World (03/28/2016 – p.S1/2)

In the last few years, Forensic Data Analytics (FDA) has grown considerably in terms of technological advancement, enterprise adoption and maturing FDA deployment. FDA refers to the ability to collect and use data, both structured (e.g. general ledger or transaction data) and unstructured (e.g. e-mail, voice or free-text fields in a database), to detect, prevent, monitor or investigate potentially improper transactions, events or patterns of behavior related to misconduct, fraud and non-compliance issues. It is an advanced form of data mining that many of today’s companies are using not only to find patterns in otherwise overwhelmingly large datasets, but also to gain insights into the quantitative and statistical characteristics of their data.

FDA goes beyond traditional data analytics by looking into behavioral patterns and trends not just seeking out exceptions based on static rules defined by the end user. In traditional data analytics, the analytics applies a set of rules based on what it thinks the environment is like. It is like walking inside your bedroom in complete darkness. You know where everything is based on memory but if someone moves the furniture inside, you will end up tripping over it. FDA is like going into the same room but only this time with your eyes wide open and the lights are on.

Given how rapid digital innovation in today’s market has the unfortunate side effect of increasing the risk of cyber breaches and internal threats, more and more companies are coming to understand and appreciate the wide range of value that FDA brings to organizations. These are reported in the recent EY Forensics Data Survey 2016 — Shifting into high gear: mitigating risks and demonstrating returns. Based on interviews with 665 respondents (across 17 countries) from organizations that actively apply FDA, the survey highlights several important observations.


As new and emerging risks continue to appear on an almost regular basis, more and more organizations are seeing the urgent need for FDA, particularly to address the challenges of cybercrime, insider threats and aggressive regulatory demands. Survey respondents indicated that they viewed cyber breaches and insider threats — which include malicious insider stealing, manipulating or destroying data — as the top threat to organizations across nine different industries. This is perhaps unsurprising since cyberattacks have become a fact of life for businesses, especially for large or multinational entities that manage terabytes of data as part of their day-to-day operations.

More and more, what was historically the purview of IT and security departments is becoming a significant area of concern for company boards and senior management because of increasing government and public scrutiny. This is to be expected since the recent spate of high-profile regulatory enforcement actions in mainstream media have indicated huge amounts of fines as well as the prosecution of company executives. The sense of urgency for FDA adoption is increasing for 74% of C-level respondents who were beginning to understand that the cost of getting cyber security wrong is simply too grave to overlook.

On the other side of the coin, regulators such as the United States SEC Financial Reporting and Audit Task Force are also leveraging much more heavily on FDA to mine data for fraud, identify wrongdoers and conduct streamlined investigations that maximize the use of resources. Similar FDA applications are being conducted by regulators in the UK, Germany, Italy, France and China.

In the Philippines, FDA is starting to gain appreciation from companies. Corporations are starting to realize the benefit of using FDA as an early fraud detection and/or fraud investigation tool but it is rarely leveraged to detect cyber threats. In the Philippines, the biggest challenge in cyber breaches and threats is the retention of data itself. Because of the volume of data moving through their network, most companies can only retain a very small fraction of the data, usually on an exception basis alone, and for only for a short period of time.


The survey reports that more organizations are increasing their focus on FDA deployment and have beefed up their spending on advanced tools and proactive monitoring of large volumes of data. The growing organizational demand for FDA is often driven by a greater awareness of the value that FDA can deliver. While it would seem that this trend is likely to continue into the future as data volumes rise, more technology becomes available and regulatory scrutiny increases, it is interesting to note that fewer companies (55% of respondents, compared to 64% in 2014) in this year’s survey feel that they are investing enough in FDA. In fact, three out of five respondents have indicated that they plan to increase FDA investment over the next two years. This is particularly true for companies that analyze very large data sets, i.e. more than 10 million records.

Another point that this year’s survey highlighted is that more companies are focusing on proactive fraud prevention initiatives, with 63% of respondents investing at least half of their FDA spend on proactive monitoring. This emphasis on being proactive (i.e. identifying fraud before they become major issues) is driven by regulatory enforcement concerns and improved surveillance analytics and compliance monitoring offerings in the market. Companies that are investing in proactive measures are also seeing a reduction in the cost of anti-fraud programs (approximately $100,000 lower per incident) as reported in the Association of Certified Fraud Examiners’ latest Report to the Nations on Occupational Fraud and Abuse.

Another point made is the maturation of technology, such as the use of advanced visualization tools, social and web monitoring tools, and statistical analysis and data mining packages. Despite these advances, however, more than half the respondents indicate that their level of technological adoption remains insufficient, with many still dependent on spreadsheet level tools. This could partly be the reason why many companies still outsource FDA either as a project or a managed service, seeing as the benefits of outsourcing frequently outweigh the large capital investment needed to build effective in-house FDA technologies and expertise.

What is interesting to note, however, is that most companies only perceive the value of FDA in terms of fraud detection, e.g. the ability to detect fraud they could not before, early fraud detection, and faster response in investigations, without taking into consideration the cost-reduction benefits of using technology and analytics to focus investigative and compliance monitoring efforts.


To fully leverage on FDA, organizations need to deploy the right technology and develop new skills. But both will require significant investment of resources and extensive management buy-in. This makes it even more critical to articulate a business case that demonstrates the full FDA value chain for the business and its stakeholders, which may benefit areas such as:

· Regulatory and litigation response
· Internal or cyber-breach investigations
· Surveillance analytics
· Internal and external audit support
· Industry-specific fraud and compliance risk management

Another major hurdle is the development of skills and people resources with FDA experience and expertise. Developing the human element of FDA requires three distinct skillsets:

· Technical skills: understanding of the organization’s systems and how they can benefit from additional technology.
· Domain knowledge: familiarity with the relevant risk areas of the business and the ability to interpret analytics results in the context of the organization.
· Data analytics expertise: knowledge of techniques to analyze data, such as pattern recognition, statistical analysis and data visualization.


As new risks and threats crop up every day in the prevailing digital ecosystem, more and more companies are recognizing the need to step up their game in terms of evaluating, managing and mitigating cyber risks and digital fraud. While many companies are applying FDA technology, knowledge and processes to overcome their vulnerabilities, it would seem that there remains a strong perception that companies are still not doing or investing enough in FDA. This leaves companies exposed to the constantly evolving risk of fraud.

As indicated in the report, FDA is gaining momentum and beginning to yield returns on investment. However, companies still need to put their full support behind the entire paradigm and not just piecemeal elements that they think are “just enough” for their current needs. In order to fully benefit from analytics, the science and strategy need to be implemented and embraced as a whole.

This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinion expressed above are those of the author and do not necessarily represent the views of SGV & Co.

Marvin Perrin L. Pe is a partner in SGV & Co.’s Assurance practice under the Fraud Investigation and Dispute Services.