Читать книгу Fraud and Fraud Detection - Gee Sunder - Страница 12

Data anomalies are a fact of life. There will always be inconsistencies, abnormal, or incorrect data residing in databases. This is quite normal. Database anomalies could be the result of missing or unmatched information caused by human error and flaws and limitations in the database. Bugs in the database can occur whenever a record is entered, modified, or deleted.

Insertion anomalies occur when data is being entered into the database. One form of this anomaly is where the information cannot be entered until additional information from another source is entered. A new employee’s shift scheduling cannot be entered until the employee has a payroll number. The payroll number may not be assigned immediately as the new employee’s first pay will not occur until two weeks from starting employment.

Data must be entered in a format that is consistent. The most common insertion errors are missing or incorrectly formatted entries. Well-designed software should have error-checking capabilities that provide an error message and prevent recording of the record if there is a blank entry where data is expected. Error checking or validation should also prevent an entry that does not fall within an acceptable range. For instance, the program would not accept a number outside of 01 to 12 where the field is a numeric month field. It may not accept a single digit for a month if the validation was designed to require a leading zero where the month normally would be a single digit. This helps to reduce errors where the operator meant to enter 12 but entered a 1 instead.

Deletion anomalies occur when the last record for a particular group of information is deleted. Removing that record may remove relevant information associated with the record. The deletion of information or facts about one entity automatically deletes other facts regarding that entity.

Let’s say an employee has left to work for another employer. The former employee shift schedule information is deleted but the associated address information might also be contained in that last record for the employee. Where would the employer send the employee’s last paycheck or accumulated vacation pay?

Modification or update anomalies are where incorrect information needs to be changed that may require many other record changes. This leads to the possibility that some items may be updated incorrectly.

When we analyze data for anomalies for fraud items, we are not interested in insertion, deletion, or modification anomalies caused by the business systems (other than to note poor system designs that lead to internal control problems). What we are interested in are unexpected or strange items, such as outliers or too many inliers. We target suspicious transactions or transactions that are too typical to be natural. We look at the unusual in relationship to the usual.

Anomalies in datasets will be common. Most will be errors and very few, if any, may pertain to fraud. It is unlikely that any fraud can be proven solely based on analyzing data. Analyzing data to identify anomalies or patterns gives the auditor or investigator a starting point of where to do further analyses. One must follow the audit trail to review source documents and supporting factors that lead to the records to review.

It is important to employ professional skepticism at this point by:

• Critically assessing the anomalies without making a conclusion.

• Having no biases caused by being overly suspicious or cynical.

• Not accepting evidence or information gathered at face value.

• Ensuring that all evidence or information is complete.

• Pursuing the facts through the critical review of documents associated with the data anomaly.

• Assessing whether information provided by staff lacks objectivity or there is lack of knowledge.

What is the anomaly for the numbers 1987 and 2013? It took 26 years to pass before the year contained all four different digits again. This anomaly is neither an error nor fraud, but rather just an observation.