When a retail company suspected fraudulent activity
We uncovered it in places they’d never thought to look
Retail Case Study
Risk and Regulatory Analytics: Fraud/Forensic Analytics
Our client, a retail company, was experiencing fraudulent activity resulting in some of their 100 branches reporting poor returns. The company had knowledge of one type of fraud, but recognized there may be other types of fraud that they didn’t know about. They approached Deloitte to see how analytics could help them see where fraud was potentially occurring, ways it could have been carried out, and which areas they needed to monitor more closely.
Our analytics team worked alongside the Forensics team, using the data provided by the client, to identify types of people who were more likely to carry out fraud based on a number of characteristics.
Our findings astonished the client. We found at least four different types of fraud, and were able to tell the client which types of staff members, and which branches, were most likely to be engaging in fraudulent activity on a regular basis.
The client had an internal audit function but could not cover all branches at once. They assumed that finding perpetrators of any fraud would be like ‘finding a needle in a haystack’, but we assured them that our analytics team had a number of tools and techniques that would reveal any anomalies in data. The company wanted to get smart about using analytics to undertake a risk assessment in order to figure out where to place their focus.
The company found that their employees were able to manipulate stock-taking processes and procedures in their systems. This, combined with the ability to provide a discount or refund to the customer and earn commissions on sales, meant that employees had the opportunity to commit a myriad of different types of fraud.
These potential frauds were not detectable because of control weaknesses in their internal systems.
The challenge Deloitte faced was to try and distinguish the different types of potential fraud and figure out how we could analyze the data in order to show where any fraud was taking place, how frequently, by whom, and the costs associated. We also needed to ensure our techniques and results were robust so that innocent people were not labelled as fraudsters.
How we helped
We used a combination of our standard DTect™ facility and statistical techniques to correlate certain types of behaviors displayed by what we understood to be a fraudulent activity. For example, we correlated certain types of products which are easily sold, returned, and refunded. We profiled these types of products, as well as stock-take variances and stock-take adjustments taking place in branches. These tell-tale signs are some of the signatures of fraud, and were used by our team to develop a lens that helped our client see the potential fraud clearly. We looked at who did what by integrating this information with audit logs. We also compared the levels of refunds with the levels of stock write-offs, and looked at the stature of the people processing all these transactions.
The Forensics team provided the genetic code of a fraudster and a description of what types of things we might be looking for. This, coupled with analytics, made it easy to see anomalies in the data and pinpoint the area in which there were issues.
We collated all the information and were able to pinpoint to the client a number of branches and staff connected to anomalous transactions. The client’s normal internal audit process was unable to pick up on these variances.
The accuracy of our analysis and prediction was high, and we were finding things that they could not have found themselves using the systems they had in place.
At the time of writing, further previously unnoticed fraudulent activity was discovered – exactly where our analytics had predicted. The fraudulent activity meant the client was vulnerable in the region of hundreds of thousands of dollars – a substantial amount as this client was in the business of selling an inexpensive product.
Since carrying out the exercise, we are offering the client an ongoing service of our analysis. The client’s internal audit team will be able to feed Deloitte with fresh data on a regular basis. We can then provide them with an updated visual output that will illustrate, based on a range of indicators, a particular branch, or a particular area of the business where they will need to focus.