EY published their Global Forensic Data Analytics Survey 2014, entitled “Big risks require big data thinking.” It is a comprehensive and compelling report around the use of data analysis to help address some of the most significant risks facing organizations. For a number of you reading this blog, the report may seem to be preaching to the converted. In some ways it does not find anything fundamentally new compared to regular surveys and reports on the topic from the Big Four over the past five years or more. However, it does a particularly good job of setting data analysis in the context of a broad range of risk areas that are (or should be) of high concern to senior management and the board. It also highlights that specialized audit and risk data analysis technology is not just for internal auditors and is now very clearly of importance to those in a number of C-suite positions.
I am not sure of the reasoning behind the focus on the word “forensic” in the report title, which seems to be potentially limiting. The term tends to be used primarily in the context of investigating fraud and crime, a purpose for which data analysis is particularly effective. However, data analysis has a far broader role to play in the overall context of audit, risk and compliance. I do like the way the report uses the “big data” term. This has of course been a hot topic for the past few years or so, but is seldom used to refer to risk, fraud and compliance data analysis—even though this is where big data concepts have been applied in practice for several decades.
The EY report comprises 36 pages—relatively detailed for a Big Four publication—and is well worth a read. It breaks down its findings by both geography and industry, which are useful perspectives to provide. It uses the term forensic data analytics (FDA) to refer to data analysis for audit, risk assessment and compliance purposes.
Here are some of the key takeaways of the report: Data analytics usage
The most significant challenges to implementing an FDA program include:
In terms of how the typical roles of “big data” analysis are seen in an organization, I liked this quote that is included in the report:
“From a European perspective, what we are seeing from big data commentators is a continuous reference to the leveraging of large data volumes for the purposes of customer acquisition and retention. However, what this survey tells us is that the proactive detection of fraud and noncompliance through continuous monitoring and point solutions is very much on the C-suite agenda, and that the exploitation of big data for these purposes is going to be a huge opportunity for organizations to improve risk management.”
–Paul Walker, Forensic Technology & Discovery Services, FIDS UK
I think this is a useful report. If you find it a challenge to get leaders or others in your organization to understand why they should be making specialized analysis technology an integrated part of their risk management and compliance strategy, then I would suggest sharing this report widely.
(Source: ACL Blog)