BIG DATA, MACHINE LEARNING AND CONTINUOUS AUDITING: NEW TRENDS TO IMPROVE THE AUDITING PROCESS

Jonathan Nabor López Espinosa
Works Auditor
Office of the Comptroller General of the Republic of Chile

In these turbulent days of social effervescence, caused in part by the COVID19 pandemic and the just yearning of people for changes in the way we organize our society, the work of SAIs should not be affected by all this turmoil that muddies the waters and facilitates the commission of fraud. Furthermore, it is historical moments like these that demonstrate how the role of SAIs is essential to ensure that resources fulfill their purpose of helping people and do not fall into unscrupulous hands. It is this premise that justifies SAIs having the new information management technologies that provide a clear vision to supervise the actions of the State and its officials.

Everything related to the management of enormously large volumes of data is called big data, so much so, that traditional data management methods -data mining- have become obsolete. But big data is only the spearhead of this information revolution; it was the alert signal for all types of organizations to concern themselves with managing data in a way that is consistent with the dimensions of the big data and not waste this new way of generating information. Data should be considered a corporate asset; those not having data will be left standing on the sidelines

It shouldn’t be so difficult to assess the importance of data management and the value of collecting and recording as much data as possible from different sources, even when it seems today that it is irrelevant information and becomes a cumbersome task hindering the current way in which the organization’s processes are carried out. On the contrary, we must be optimistic and think that, in one way or another, the data collected will be useful in the future as they are small pieces of a big puzzle that will show us the information we need.

Indeed, this futuristic vision is not utopian. The development of artificial intelligence is the second wave of this fourth technological revolution that seeks to take advantage of all the data accumulated over the years, using it to achieve the organizations’ purposes. For this, a branch of artificial intelligence research called machine learning, which helps create software capable of generalizing behaviors from data through guided or automatic learning processes.

On the other hand, if we incorporate the concept of Continuous Auditing, which, in summary, aims to control processes in real time (recommended video: https://www.youtube.com/watch?v=WqfXhDLfm9s&t=1803so), it would be possible to improve the capacity to detect illicit activities if SAIs focus on prioritizing the conjunction between big data, the study of artificial intelligence and the concept of continuous auditing. In this way, the union of these tools will be useful for the purpose of preventing fraud from occurring and evaluating risk through the analysis of patterns, correlations and fluctuations of the models as part of an internal control system.

However, this implies a radical change in the execution of audits since the traditional audit involves a retrospective review of the historical events with a limited selection of samples restricting the coverage of the analysis, while the use of artificial intelligence stands out for the potential to become a predictive system of events, contrary to the traditional way of working, which is reactive, i.e., from the periodic review of a sample of events, to permanent audit tests on all the data.

However, to reach the proposed level of development, it is necessary to overcome different technological and organizational gaps. SAIs are required to promote the development of platforms for data collection and analysis. In the case of the Comptroller General of the Republic of Chile (CGR), the use of IDEA software has already been incorporated to support the execution of audits, in addition to the Integrated Information System of the office of the Comptroller-SIIC, which manages to consolidate a series of the CGR’s own computer platforms, among them, the Integrated Audit Control System (SICA), the State Personnel Administration System (SIAPER), among others, with information platforms of external origin such as ChileCompra and the Civil Registry databases, all to improve the planning of audits with more information.

There are also proposals for the development of a data collection platform for public works contracts, described in the first-place entry in the OLACEFS 2019 competition, called “Use of machine learning techniques for the detection of fraud in public works contracts,” available at https://www.ceacgr.cl/CEA/revista/REVISTA_CEA_2do_SEM_2019.pdf, whose premise is to take advantage of the review of the history of the resolutions affected by the reasoning process to extract a data set from each project that is entered into the Comptroller’s Office and use it as an input for automated learning models that detect irregularities in any of the factors or variables affecting contracts (companies, services, officials, terms, amounts, etc.).

The importance of having a system such as the one mentioned above is that the Office of the Comptroller General is the only entity that has the possibility of having a comprehensive view of the behavior of the factors typical of public works. In effect, the political-administrative organization and the lack of coordination in the transfer of project information among public services, acts to the detriment of the ability to quickly detect if a company is acting irregularly. This is because, unlike public entities, the action of construction companies is not restricted to regional limits or to working only with certain public services.

Along the same lines, a public works control system would allow to know the behavior of construction companies, managing, for example, to generate alerts at the national – and even international – level of fraud risk, simply by having adequate information in an orderly and coordinated manner throughout the country. However, if we add connectivity to this, the proposed system could be available in real time for those who want to use it through web platforms, applications for APP mobile devices or carry out Continuous Auditing.

Finally, it should be mentioned that the mere incorporation of new technologies is not enough to detect fraud; for example, it is not enough to just load databases in a program such as IDEA, but it is also necessary to analyze and parameterize warning signals to generate metrics that define the scope of the audits. This is to define what we are looking for, what we expect the program to show us, and we as auditors can see what a fraud looks like through mathematical and statistical indicators. A matter that acquires relevance if we think that the auditor is not only in a perpetual fight with the fraudster, but it must also be considered that, during the judicial process, the fraudster will have the support of lawyers to establish his or her defense and dismiss the facts; therefore, having irrefutable evidence is of utmost importance.

As an example, some indications to detect fraud in public works contracts are listed below:

Mechanism Definition Red Flags
Corruption, bribery and kickbacks It consists of giving or receiving something of value to influence an administrative act or decision.

The contractor pays part of the bribes on each invoice. The amounts are increased or the quality of the work is reduced to compensate

  • Favorable treatment lacking explanation
  • Close social relationship between an official and the contractor
  • Increase in the public official wealth
  • The public official has an undercover outside business
  • Unjustified, undocumented, or frequent changes to contracts
Covert conflict of interest The official owns a company that benefits from the public contract
  • Unexplained favoritism by a certain contractor
  • The most expensive offer is awarded
  • Poor quality work accepted
2. Collusive tendering Contractors from a given region conspire to beat the competition, affecting contract values
  • The winning bid is too high or low compared to the amount available
  • A rotation of winners is observed
  • Certain companies compete with each other and others do not
  • The other bidders do not submit claims
Agreed specifications The calls present technical specifications adapted to a single bidder, excessively restrictive to exclude other bidders, avoiding competition
  • Only one bidder is always presented
  • Claims from other contractors are filed
  • Stricter technical specifications than in other similar projects
Data Leakage Personnel in charge of the design, tender, or evaluation of bids leak information to assist a bidder
  • The deadlines of the proposed tender processes are not respected
  • Reduction in the term granted for the study of the proposal
  • All offers are rejected, declared void without justification
Bid rigging In a tender, an official may alter a bid to benefit a certain bidder
  • Offers are invalidated for making mistakes
  • Offers are off base for questionable reasons
Unjustified purchases from a single bidder Highly associated with corruption, direct deals or split contracts are made to evade reviews. Extensions of previous contracts without calling a new tender
  • Contracts assigned by direct deal for amounts lower than the thresholds of reasoning
  • Some contractors are informed of the tenders
Division of purchases or projects by stages The contract is divided into stages to avoid competition
  • Consecutive contract acquisitions from a contractor
  • Unjustified division of projects
Phantom service providers Fictitious services are paid to embezzle funds. Shell companies are created to generate false invoices
  • There is only one official in charge of reception, inspection and payment
  • The company’s plant is very limited or does not have its own physical resources

 

Examples of analyses that could be carried out when having a control system for public works contracts:

Question Description / analysis Data / indicator
Which utility has the highest rate of overrun on your projects?
  • Compare between different public services within the same region
  • Compare the performance of different regional directorates of the same service
  • Economic management of the contract
  • Efficiency of the service in estimating the amount of work (cost overrun)
Which construction company has the most projects with excessive cost overruns?
  • There is a relationship of that company with a particular service

 

About the author:

Jonathan Nabor López Espinosa (39 years old), a native of the Puente Alto community, Metropolitan Region, Chile. In 2010, he graduated as a Construction Engineer at Pontificia Universidad Católica. That same year, he was in charge of supervising the post-earthquake construction of 60 houses in the town of Paine. Then he joined the Ministry of Education, this time, to work on the reconstruction of schools in the School Infrastructure Unit. In 2012, he moved to the Directorate of Works of the Community of Pedro Aguirre Cerda, serving as Technical Inspector, where he was for a short time before applying in 2013 to the Office of the Comptroller General of the Republic of Chile, being assigned as Works Auditor in the Seventh Maule Region. In 2018, he participated in the OLACEFS Good Governance competition obtaining 4th Place with the work “Administrative control of public works through the use of big data tools.” The year 2019 repeats the experience, now winning First place with the work “Use of machine learning techniques to detect fraud in public works contracts.” He has publications in numbers 1 and 2 of the Chilean Journal of State Administration – CEA (https://www.ceacgr.cl/CEA/) and the OLACEFS Auditing Magazine. Diploma in “Specialization in fraud detection techniques” from Universidad de Chile and Online Program – “Machine learning technology in decision making” from MIT. In addition, he is a black belt in judo, a discipline he has practiced since 2003. He has run the Talca Judo Club since 2015; he is an aspiring blues guitarist and happily married.

https://www.linkedin.com/in/jonathan-l%C3%B3pez-espinosa-6b393658/

Compartir en redes