Articles & E-Books


How to design effective anti-fraud tests

Feb 18, 2021

Financial statement schemes, while not the most common, are by far the costliest form of occupational fraud, according to the Association of Certified Fraud Examiners’ (ACFE) biennial Report to the Nations. In ACFE’s study of fraud cases between January 2018 and September 2019, the median loss due to financial statement fraud was $954,000 — nearly $1 million.

Luckily, the report also found a silver lining: 85% of fraudsters displayed at least one behavioral red flag. And with the right people, processes and tools, organizations can detect fraud, waste and abuse in their financial statements and minimize the damages. 

The ACFE report said surprise audits and data monitoring and analytics can help companies detect fraudulent activity 58% faster and cut losses in half (52%). Alone, proactive data monitoring and analytics can potentially cut fraud by a third. 

These ACFE statistics uncover a two-part strategy for stronger fraud prevention:

  • Companies need to proactively look for fraud instead of waiting for an audit. Auditors typically look at a set number of randomly selected transactions, so it’s highly unlikely they’ll uncover potential fraud, waste and abuse. 
  • Financial statements are data collections. With the right tools and an analytical approach, companies can potentially identify illicit activity within their financial statements. Fraud can be hiding in plain sight, if you know where and how to look.

So, where should analysts look for fraud? 


To build a robust fraud response, companies need to connect as much of their available financial data as possible. And they must test every transaction, not just random samples.

Build a good understanding of available data

Fraud analysts need to spend time collecting and profiling data to make sure it’s accurate and complete, and to understand all of the different fields, data types and relationships. They also need to define “normal” behavior between data sources in order to spot fraud. They can perform a range of tests on data, from basic searches for missing fields or duplicates to complex comparative testing and what-if analyses.

By connecting data sources, analysts can spot unusual behavior and test internal controls. Correlations help uncover corruption, even when transactions may look clean on the surface. For example, a large round-dollar amount might not be a red flag in your system, but someone posting the entry at 4 a.m. on a weekend or holiday to a little-known or used account might raise concern and be worth looking into further.  

Think like a fraudster

Not sure what tests to run? Review your internal controls from the perspective of a fraudster. If you find weaknesses or gaps in processes, then figure out which correlated data points could uncover the deception. 

For example, if your AP process doesn’t use positive pay or multi-step verification, an invoice could be paid twice, potentially by a valid vendor as well as a fictitious vendor. Look for duplicate payments in the data or for disbursements with the same dollar amount, invoice number and date — but different vendor numbers or IDs. Another test could compare the vendor master file against the employee master file to look for commonalities like addresses, Social Security numbers and tax IDs to identify potential conflict of interests or fictitious vendors.

Dig into the company’s potential weaknesses. Occupational fraudsters know what controls are in place — and how to bypass them. Think critically and creatively to design data tests that will uncover potential fraud, waste and abuse. As new data sources become available, add them into the data pool or repository for future monitoring and analyses. Email and other unstructured data can potentially enhance testing, as well. 

Make risk a priority  

Auditors run tests all the time. But to proactively find fraud, analysts must test the entire data set that’s available to them. Companies are more likely to spot meaningful, global trends — and fraud — if they examine every transaction, not just a random sample. 

Analysts should run a battery of anti-fraud tests against every line item, too. Then, correlate the results and calculate how many transactions failed each test. By layering the tests against the entire population, analysts can find more meaningful anomalies and identify specific instances of potential fraud, waste and abuse.

Some test failures and “red flags” are riskier than others. Weekend postings or a journal entry with a blank description may be less material to the organization than finding entries made to accounts that aren’t in the chart of accounts, or are infrequently used. Risk-rank each anti-fraud test to help prioritize the testing results and to better correlate the data being analyzed.

Tests need to be refined multiple times before they perform at a high level. It takes patience, persistence and quality data to get meaningful results. Asking the right questions of the data up front and ensuring complete and accurate data is hard work, but it does pay off in the end. 

Continuously test against fraud 

When management is open with their employees about the fact that they’re actively looking for fraud, waste and abuse and take it seriously, it can have a sentinel effect across the organization. Proactive fraud monitoring is an important step toward prevention.

Continuously auditing and investigating the data also lowers the potential for fraud. Luckily, once anti-fraud tests are built, they can be redeployed and run on a recurring basis. Programs, scripts or macros can run regularly, without significant staff commitment. Some tools can even automate testing, with only minor tweaks from analysts, if implemented properly. 

Best practices for data monitoring and analysis 

Despite its effectiveness, proactive data monitoring and analysis isn’t commonly used. It ranked sixteenth among the 18 most-used fraud prevention methods in the ACFE’s report. Only 38% of organizations proactively looked at their data to monitor for fraud. 

Follow these best practices to start testing company data for fraud: 

  • Find a champion for your data analytic efforts — someone in leadership who’s curious about data and has enough organizational authority to connect the right people, processes and technologies 
  • Establish a good working relationship with your IT department to enhance and improve data collection efforts; fraud-prevention is everybody’s job 
  • Start small; focus on asking the right risk- or control-related questions of the analytics with the right anti-fraud mindset
  • Be patient; running analytics is the fun part, but it’s imperative to get the right data in play first 
  • Manage expectations; data testing is an iterative process, so it takes time to minimize false positives; start with small wins to build momentum
  • Build solid processes to support ongoing data monitoring and analyses 

The ACFE report proves that more thorough and more frequent testing leads to better results. With the right data analytics techniques, companies of any size can test their data to stop fraud, waste and abuse. 

Designing your anti-fraud tests

Need help designing an effective anti-fraud test for your organization? Wipfli can help. Contact us to learn more.

Related content:

Employee fraud: Our takeaways from the ACFE Report to the Nations

Combat rising fraud with strong internal controls

Fraud and forensic services


Matthew D. Storlie, CFE, CIDA
Senior Manager, Forensic & Litigation Services
View Profile