Operating in today’s business world is no small task, especially given the seemingly endless onslaught of fraud schemes and scenarios organizations must consider to ensure they are proactively mitigating fraud and corruption risks.
Multi-national organizations battle fraud and corruption risks daily given the size, scale, and complexities of their businesses, increased regulation and enforcement, and challenges preparing for a post-pandemic fraud landscape. Given this challenging and ever-changing environment, no matter how diligently organization combat fraud and corruption risks, corporate investigations are still required to assess allegations of wrongdoing.
However, there is certainly no need to cry over spilt milk, as conducting corporate fraud investigations has become a necessity for all multi-national organizations to manage risk in the current landscape. Fraud investigators are tasked with developing customized, technology-forward work plans, gathering necessary internal and external data, and assessing that data using customized data analytic techniques. This data gathering and analysis allow fraud investigators to be armed with the necessary toolkit to investigate the issues thoroughly and efficiently at hand. However, fraud investigators should be aware of some common data-specific missteps when preparing for their next investigation.
Limiting Data Requests
Every investigation starts with a data request – fraud investigators begin hunting for data sources and data owners to gather relevant facts and information. A common first misstep in an investigation is preemptively limiting the data request. Concerns related to management’s reaction to a creep in scope or related to the perceived volume or complexity of data, often result in data request culling– and thus scope of work reduction – that could negatively impact an investigation from the beginning of the process.
Management may push back on scope, rightly-or-wrongly, irrespective of a data request, but an investigator’s job is to request all potentially relevant data that will inform their workplan and provide assurance to the accuracy and completeness of their work product. An investigator should be ready to articulate the relevance of a particular data request and how the data availability or findings within that data might impact the workplan.
IT or data owners, on the other hand, may push back on data requests based on the “large size” of a requested dataset or difficulty in obtaining the data. Company personnel often will assume that data is “irrelevant” to the investigation and may even eliminate certain data fields within a particular dataset prior to handing it over to the investigators. An investigator needs to correct these errant assumptions and ensure they fully understand each dataset. Larger datasets merely suggest there is more information that needs to be investigated. The complexity in obtaining data may simply suggest that the respective dataset has not been extracted for other requisite compliance testing. Obtaining additional fields that may not be useful for a particular investigation does not impair investigative steps in any matter, as that information can easily be excluded by the investigative team once evaluated.
Given that an investigation, by definition, does not have a known outcome, data relevancy is up to the investigator and can only be determined after it is requested.
Now that you’ve requested – and potentially fought for – all the relevant data the next potential misstep relates to how the investigation team reviews (or does not review) all data that has been gathered.
The background, experiences and skillsets of investigative team determine the different approaches and attention that may be paid to particular datasets. For example, one investigator might focus more on non-financial data, and another might laser in on the structured financial data. However, financial and non-financial data must both be considered to ensure that the investigative team is well informed of all data available to move forward in the investigative process. 
Unfortunately, financial and non-financial datasets are often disparate for a variety of reasons. That said, disparate datasets should not deter investigative teams from conducting any necessary investigative steps, as the power of technology and use of data analytics allows disparate data to be collected, assimilated and analyzed in an extremely efficient and effective manner. The assimilation of these independent datasets can often reveal hidden insights and fact patterns not otherwise apparent. Avoiding these efforts and siloing this data may make it impossible to otherwise find the extent of a fraud or scheme.
Assuming More Data = More Money
Every investigation places an emphasis on collecting, assimilating and analyzing data, so when larger datasets are requested by the investigation team, it is reasonable to assume that the expense just increased for the organization. However, this is another common misstep – assuming more data equates to more time and costs.
Admittedly more data is likely more difficult to analyze than less data, however, that does not necessarily translate into increased costs due to several factors.
First, data analytics scale easily, meaning that once a script or model is built on a dataset, the number of records becomes decreasingly relevant and a heavier reliance is placed on computing power. Today’s average computer can handle millions of transactions easily and – if needed – cloud computing is inexpensive and an easy tool to leverage. So, the time to analyze data only marginally increases with the size of data.
Second, more data can make certain analyses more robust and the results of the investigations potentially more fruitful. Whether it is several disparate datasets, or simply larger sets of a single data source, having more data makes true anomalies relatively more outstanding. More transactions, for example, allows for more vivid trends and the ability to understand how variables, such as seasonality, can impact results.
Last, a successful and data-rich investigation can actually save money. It is true that everyone must justify the amount of time and resources necessary to conduct a thorough corporate investigation. Internal and external investigators provide work plans and timelines to in-house and external counsel, as well as management, regarding their scope of work. The investigative team provides updates to the Audit Committee and/or Board of Directors, as well as other appropriate parties, which may be a combination of company personnel and the investigative team, and update regulators and others, as needed. These processes and procedures, instituted at the beginning of an investigation. control investigation costs and ensure efficient expenditures. However, while investigations can be unexpected expenses, they can actually save organization significant expenditures – monetarily, reputationally and in human capital – down the road, as often critical remedial measures are put in place as the result of an investigation that mitigate the risk of reoccurrence. Fewer issues in the future means saving money down the road on future investigations, fines, or enforcement actions.
Not Recognizing Bias in Investigations
Experienced investigators understand that leveraging data, combining disparate datasets, and performing key data analytics yield more fulsome results in an investigation. But another common footfall relates to letting bias impact the investigative process.
It is important to note that biases are part of any analysis. Eliminating bias is extremely difficult but understanding the common investigative biases can certainly help fraud investigators avoid pitfalls during an investigation.
One common bias is referred to as “confirmation bias,” which is when an investigator narrowly focuses on data analytics results based on preconceived hypotheses and schemes the investigator had prior to conducting the actual analysis. For example, an investigator may uncover certain indicia of fraud that was also previously flagged based on transaction monitoring tools in place at the organization. If the investigator conducted their own analyses and then only focused on these bright lights, it would prevent the investigator from identifying other potential issues. One way to avoid “confirmation bias” is to conduct brainstorming sessions with the entire investigative team and consider multiple perspectives on the various potential fraud scenarios and schemes before conducting analyses of key datasets.
The key is to ensure everyone has an open mind and uses their professional skepticism when assessing relevant data. Otherwise, critical transactions could be overlooked.
Today’s fraud investigative teams need to be well equipped and include multi-disciplinary resources to take advantage of the benefits of technology and the vast amount of data that multi-national organizations have at their fingertips. Data creates opportunities, insights and at times potential missteps. However, missteps are easily avoided as long as investigative teams include professionals that can analyze complex financial, accounting and business data, create dynamic visual models and extract key insights to assist companies with their investigations.
 Financial information may include information from numerous entities across the globe, such as general ledger detail, disbursements and accounts payable data, and sales information. Non-financial information may include internal and external third-party data, such as vendor and customer lists and other data from third-party databases.