2 oversightsystems.com Introductions Oversight Systems Patrick Taylor, CEO Mark Converse, Director, Sales/Business Development Stephen Barbarisi, Regional Sales Director
3 oversightsystems.com Internal Audit Trends 2009 Cost of Compliance Focus Resource reductions (25%) Outsourcing considered Technology leverage considered… delayed Value Creation/ Continuous Improvement Internal Audit: Fact-based, data-driven IA: Advise the “business” IA: “Enable” the business Increased Board Activity Overall risk exposure Specific risk “initiatives” Automate “Low Value” Tasks “More with less…” Focus on high value, bottom line results Leverage advanced technology 2010
4 oversightsystems.com Compliance Benefits/ Risk Improvement “In-process, real-time” controls Extend existing system controls Replace, automate post transaction audits Gain visibility/accuracy into business Policies Stakeholder behaviors Process improvement Financial accuracy Audit Automation Expanded use of data analytics Detect fraud early Operational Benefits Deliver bottom-line results Automate “lower value” tasks Auditing/QA Account reconciliations Real-time continuous improvements Detect issues early Errors Bottom-line/cash flow improvement opportunities Waste, abuse Establish a “detection adjudication/resolution” capability Why Continuous Transaction Monitoring?
5 oversightsystems.com Fraud Statistics Typical organization loses 5% of revenues to fraud Median loss $160K, 25% of loses >$1M Significantly higher for financial statement fraud, median >$4M Asset misappropriation the most common Recovery is low, only 20% recover significant amounts of losses Controls work: organizations with more robust fraud controls had lower losses 85% of perpetrators have never been charged before 13% of employees will steal if given the opportunity Source: ACFE 2010 Report to the Nation
6 oversightsystems.com Other Relevant Statistics 1.6% of vendor payments have errors Similar for companies with a high degree of automation 3.6% of vendor invoices contain errors Companies average 1.1% error rates in T&E Invoice input error rates – average 15.6% 43% of companies never clean Vendor Master File Leads to other issues: fraud, duplicate payments, missed discounts Duplicate payments are still a problem Approx 20% of companies report duplicate payment rate > 0.1% 39% of companies had check fraud in past two years 70% in large companies (> 5000 employees) % is growing Source: IOMA 2007 Benchmark Study
7 oversightsystems.com What Value Does Oversight Deliver?
8 oversightsystems.com What Value Does Oversight Deliver? Regulations SOX Best practices COSO GRC Program Internal policies/ procedures Audit Automation 100% transaction review Fraud Employee Vendor Policy/procedures Procurement T&E Corporate cards Improper payment- real-time error prevention Errors Fraud/misuse Un-recovered payments Cost of capital (Margin optimization) Resource optimization Error correction Audit fees Internal audit efficiency Reporting reliability Decision support Automated testing/reporting Transaction-level analytics Process improvement
9 oversightsystems.com CCM-T Application Components Example Transaction Process: Revenue Cycle Libraries of Data Analytics Disparate Source Systems Exception Identification Exception Identification Analytics Engine Reporting Exception Resolution Documentation Exception Resolution Documentation Insights/ Reporting Insights/ Reporting Monitors Controls Embeds Audit Best Practices in Process Risk Ranking HR Data Legacy SAP Data Extraction CUSTOMER MAINTENANCE SALES ORDER INVOICE RECEIVING CASH RECEIPT CASH APPLICATION RMA/RETURNS SAP CCM-T Application UI and Workflow
11 oversightsystems.com Introduction to Oversight Systems The Company Leader in continuous transaction monitoring Software company Headquartered in Atlanta, Georgia USA Recognized by Forbes, “Big 4” and industry trade associations Best practices focus and approach Continuous Transaction Monitoring Automated, in-process 100% transaction review & prioritization Extracted from multiple data sources Pre-defined monitors Operational policy Policy adjudication workflow Financial transaction process monitoring General Ledger Order to Cash HR / Payroll Procure to Pay PCard/T&E Custom
12 oversightsystems.com Continuous Monitoring: Emerging Best Practice Oversight Clients: Monitoring $500B+ Transactions
14 oversightsystems.com Procure-to-Pay Monitoring Payment for 0 Payment w/o Voucher Payment Payee Differs from Vendor Payment to Ghost Vendor Payment to Employee Payment Detail Mismatch Payment/PO SOD Invalid Vendor Duplicate Vendor Ghost Vendor Vendor Change/Change- back Vendor Maintenance SOD Receipt/PO SOD Payment Duplicate Payment Line Duplicate Payment Line Exceed Voucher Payment Line w/o Voucher Payment Line/Voucher Mismatch Payment Line for Duplicate Voucher Payment/Voucher SOD Invalid PO PO to Inactive Vendor PO to Invalid Vendor PO to Ghost Vendor Duplicate PO PO/Vendor SOD Invalid Voucher Voucher for 0 Voucher to Invalid Vendor Voucher to Duplicate PO Voucher Duplicate Amount Voucher Duplicate Invoice Voucher/PO SOD Voucher Line with no PO Voucher Line/PO Mismatch Voucher Line/Receipt SOD Voucher Line/Receipt Mismatch Vendor Master Requisitio ns Purchase and Receipts InvoiceVoucherPaymentRecovery
15 oversightsystems.com Accepted Risk Built into Design Less than ideal segregation of duty to facilitate doing business Quantity & pricing tolerances Manual over-ride of controls Subjective RFP process Fraud Collusion Single individual capitalizing on system weakness Single individual manipulating data to mislead decision makers Check theft / manual check Errors and Inefficiencies Lost payment terms discounts Higher delivery costs Catalog pricing not current Manual processes Multiple touches/parked invoices Research Cash Leakage: Procure to Pay Process Unintended Design Gaps Lost volume discounts/rebates Freight overpayments Duplicate vendor payments Approvals outside design tolerance Over/under payment of S&U tax Start-up and/or new configuration post go-live Orders by-pass procurement Incomplete/inaccurate master data
16 oversightsystems.com Cardholde r Maintenan ce Card Maintenan ce Purchase Substantia te Reconcile Accountin g ApprovalPayment Cardholder Status Change Cardholder Invalid Cardholder Change Cardholder Employee Invalid Transaction Duplicate Transaction Chain Individual Transaction Chain Department/BU Transaction Invalid Transaction Merchant Unauthorized Transaction Merchant Suspicious Transaction Amount Suspicious Transaction Timing Suspicious Transaction Limit Violation Transaction Employee Invalid Transaction Series Merchant Distribution Mismatch Distribution Timing Error Payment without Approval Payment to Ghost Merchant Payment to Employee Card Program Monitoring Cardholder Multiple Cards Card Limit Change Card Excessive Limit Card Invalid Recon SOD Transaction without Recon Transaction without Substantiation Transaction without Approval Approval Override
17 oversightsystems.com Accepted Risk Built into Design Less than ideal segregation of duty to facilitate doing business Quantity & pricing tolerances Manual over-ride of controls Subjective RFP process Fraud Collusion Single individual capitalizing on system weakness Single individual manipulating data to mislead decision makers Check theft / manual check Errors and Inefficiencies Lost payment terms discounts Higher delivery costs Catalog pricing not current Manual processes Multiple touches/parked invoices Research T&E and Cards Programs: Monitoring Objectives Unintended Design Gaps Lost volume discounts/rebates Freight overpayments Duplicate vendor payments Approvals outside design tolerance Over/under payment of S&U tax Start-up and/or new configuration post go-live Orders by-pass procurement Incomplete/inaccurate master data
18 oversightsystems.com Accepted Risk Built into Design Price overrides Approval tolerances Unintended Design Gaps Pricing errors Credit terms Unit of measure Free shipping not in contract Wrong tax codes Rebates Incomplete/inaccurate master data Fraud Collusion Single individual capitalizing on system weakness Single individual manipulating data to mislead decision makers Errors and Inefficiencies Returns Deductions Authorized promotion deductions Chargebacks Penalties Short shipments Late payments Write-offs Slow dispute resolution Profit Leakage: Order to Cash Process
19 oversightsystems.com Access Controls Unintended configuration gaps Super-user access Material transaction approval Incomplete/Inaccurate Master Data Period open – period close Process Controls Intercompany reconciliation Month end close monitoring Improve close efficiency accuracy Fraud Revenue manipulation Overcapitalization Understatement of liabilities Super-user access Errors and Inefficiencies Duplicate entries Entries posted “backwards” Account code misclassification Keying errors Manual entry review Internal/external audit preparation Multiple touches required for multiple “customers” General Ledger: Accuracy, Risk and Compliance
29 oversightsystems.com Why Industry Leaders Choose Oversight Multiple, diverse, systems Normalize data into common model No data volume limitation Low impact on client system/network Reasoning beyond rules Statistical, Behavioral, Temporal, Symbolic Correction detection integrated with workflow Pre-defined + user defined analytics Workflow enabled resolution Consistent across all business processes Supporting documentation in one system Drill-down, , attachments, link analysis User-defined view: workbench & dashboard Ad-hoc reporting + “what if” analysis Flexible deployment configurations Web based administration and configuration Client base Best Practices Group The most successful implementations Diversity in team expertise Proven customer satisfaction Large, diverse data volume Minimize IT on-going support Streamlines advanced analytics Higher ROI faster Discover “what I don’t know” No technical skills required Assurance through visibility Encourages user adoption Direct & pertinent to unique KPI Operationalizing continuous improvement Quick time-to-value Quick, efficient, effective Leverage F500 client experience Key AttributesKey Value Superior Data Acquisition Advanced Analytics Intuitive Configurability Practical Workbench and Dashboard Proven Experience and Results
30 oversightsystems.com Find It. Inspect every transaction. Fix It. Resolve every exception. Prove It. Substantiate every resolution.