Big data

Big risks require big data thinking

By Vincent M. Walden, CFE, CPA, CITP;Beth Junell, CFE, CPA, CFF

An EY survey indicates that companies need to look at a broader set of risks, incorporate more data sources, use better tools and move to real-time or near real-time analysis of increased data volumes. The results? More effective and efficient compliance programs that are highly focused on key fraud risk areas.

A leading global pharmaceutical company, we'll call it Pharminc, sought to use forensic data analytics (FDA) to monitor compliance with policies and procedures designed to govern interactions between their sales representatives (REPs) and the health care professionals (HCPs) they interact with in certain high-risk countries. Many anti-fraud practitioners in the past — using traditional FDA methodologies — would consider only one primary data source for analysis, such as travel and entertainment accounts. Pharminc took a different approach and incorporated "big data" thinking. The company not only used traditional spreadsheet and database applications, it integrated multiple structured and unstructured data sources with more sophisticated visual analytics and text mining applications.

These data sources included speaking events data, travel and entertainment accounts, product samples, sales and customer relationship management data, physician interaction data and even social media data.

Pharminc developed new analytics approaches using these sources to "risk rank" both REPs and HCPs across targeted regulatory and corporate integrity risks, including fraud, corruption and off-label marketing.

To enhance early detection of problems, Pharminc generated interactive monitoring "dashboards," which visualized data in charts and graphs (rather than data dumps to spreadsheets) to assist in-country compliance officers and/or managers with spotting trends and anomalies. Pharminc deployed this FDA program to dozens of countries in approximately 18 months, which helped the company detect rogue employee activities, increase transparency and save significant dollars from improving recoveries and realizing audit-monitoring efficiencies.


Big data techniques and technologies present significant opportunities for business executives in multiple functions working across many industries and geographies. They can capitalize on information contained in disparate data sources that are otherwise difficult to correlate and interpret. For those charged with deterring, detecting and investigating misconduct, mining such data can be a particularly powerful tool in their overall compliance and anti-fraud efforts.

Companies are increasingly seeking market share and revenue growth in markets, which are characterized by higher perceived levels of fraud, bribery and corruption risk. At the same time, regulators and law enforcement bodies are intensifying their cross-border collaborations to ferret out improper business practices and punish violators. The costs associated with noncompliance are growing. Out-of-date risk assessments, undetected frauds and poorly executed investigations — followed by failure to properly remediate internal controls — only exacerbate the risks facing companies. The staggering increase in volume, variety and velocity of business information requires inherent changes in how companies manage their compliance challenges and investigate aberrational behavior.

EY's Fraud Investigation & Dispute Services (FIDS) practice, in an effort to understand how companies in 11 major markets are deploying FDA tools, undertook its first-ever Global Forensic Data Analytics Survey. From November 2013 through January 2014, we interviewed more than 450 executives responsible for their companies' anti-fraud programs. View a full copy of the survey.

Through the survey, we endeavored to discover how companies are leveraging FDA to mine big data. The term big data is often used in the media, but what precisely does it mean, and how can we use it to fight fraud? For the purpose of this survey, we adopted Gartner Research's definition: "Big data is high-volume, high-velocity and high-variety information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decision making." (See Gartner IT Glossary as of publication.)

And we used FDA in the survey to refer to the ability to collect and use data both structured (e.g., general ledger or transaction data) and unstructured (e.g., email communications or free-text fields in databases) to identify potentially improper payments, patterns of behavior and trends. FDA can also include integrating continuous monitoring tools, analyzing data in real- or near-real time and enabling rapid response to prevent suspicious or fraudulent transactions.

The survey found that those companies deploying advanced FDA tools across larger data sets provided better insights, which lead to more focused investigations, better root cause analysis and contributed to more effective fraud risk management.


Of course, companies can deploy such tools against a wider variety of risks, including competitive practices, insider trading or tax controversies. However, for our study, we focused on fraud, bribery and corruption as the risks that management and boards discuss.

Our findings suggest that while companies may be doing some forms of FDA, many are missing important opportunities to leverage more sophisticated anti-fraud tools.

Advanced technologies that incorporate data visualization, statistical analysis and text-mining concepts, as compared to spreadsheets or relational database tools, can be applied to massive data sets from disparate sources.

These technologies enable companies to ask new compliance questions of their data that they might not have been able to ask previously. Fraud examiners can establish important trends in business conduct or identify suspect transactions among millions of records rather than having to rely on smaller samplings that could miss important transactions.

Senior executives and board members, many of whom are already benefiting from less sophisticated FDA efforts, should be interested in the survey results and case studies. We hope that this survey contributes to meaningful conversations within your organization, particularly within the finance, internal audit, compliance and legal functions. Thanks to all the respondents and business leaders for their contributions, observations and insights.

For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.