Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Peter J. Best
School of Accounting, Economics & Finance
University of Southern Queensland
Toowoomba, Queensland, 4350, Australia
Tel: (+61) 7 4631 1231 / Fax: (+61) 7 4631 5594
Email: bestp@usq.edu.au

Pall Rikhardsson
Financial Intelligence Division
Business Advisory, SAS Institute A/S
Købmagergade 7-9, DK-1150 Copenhagen K, Denmark
Tel: (+45) 7028 2506
Email: pall.rikhardsson@sdk.sas.com

Mark Toleman
School of Information Systems
University of Southern Queensland
Toowoomba, Queensland 4350 Australia
Tel: (+61) 7 4631 5593 / Fax: (+61) 7 4631 5594
Email: markt@usq.edu.au
 

ABSTRACT

Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in enterprise systems. The steps in this process are: (1) threat monitoring-surveillance of security audit logs for ‘red flags’, (2) automated extraction and analysis of data from audit trails, and (3) using forensic investigation techniques to determine whether a fraud has actually occurred. We demonstrate how mySAP, an enterprise system, can be used for audit trail analysis in detecting financial frauds; afterwards we use a case study of a suspected fraud to illustrate how to implement the methodology.

Keywords: Continuous assurance, continuous audit, fraud detection, enterprise system, accounting information systems, mySAP, audit trails.