Published on February 24, 2014
Continuous Transaction Monitoring Detect and analyze anomalous transactions to address risk control gaps, and improve internal and external compliance Gianni Giacomelli Senior Vice President, Genpact Senthilvel K Vice President, Genpact
A Global Business Process Services Leader: Process Transformation and Outsourcing, Analytics, Technology What we do How we do it We help leaders of some of the largest enterprises transform and run their processes and operations, including the very complex and industry-specific Unbiased, agile combination of process science, related technology and analytics limits upfront costs and enhances future adaptability Right critical mass: • we are large (64,000+ global staff) but our solutions appropriately flexible • our top management is directly involved in our client partnerships Our impact We help enterprises to be more competitive by becoming more intelligent: adaptive, innovative, globally effective and connected… …by enabling tighter management of costs, risks, regulations, and supporting growth The results: US$22B* of impact for 800+ global clients PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 2
THE CHALLENGE PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 3
Huge transaction volumes, exception identification, sub optimal post facto recovery, inconsistent practices are key issues Barriers to effective controls Vendor management Accounts payable Inventory 1. Huge transaction Accounts receivable General ledger volumes and large number of integrity checks 2. Evaluating whether an exception is genuine or not is hard due to a large number of „business as usual‟ exceptions 3. Traditional post facto audit has significant limitations 4. Organization, process and technology Audit analytics Customer management Payroll Causes Excessive reliance on external parties due to lack of internally trained staff Business process breakdowns more frequently due to higher complexity Detection of errors from audits is too late CTM Controls fail to keep pace with the changing landscape drive varying levels of maturity in compliance PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 4
Inability to fix improper financial transactions in near-real time leads to high organizational risk and financial leakages Improper financial transactions are a big issue • Hard to find and fix exhaustively and quickly improper financial transactions in near-time, as well as to address respective inadequate controls and faulty business processes • These misses can lead to 12-17% leakage in P2P and 20-30% in O2C Increased organizational vulnerability because of frauds, errors Increased organizational risk • Increased business complexity increasing volume of transactions Increased regulatory requirements • Greater compliance related obligations Traditional measures are inadequate PROCESS • ANALYTICS • TECHNOLOGY • Inconsistent enterprise IT and data management systems, multiple transaction processing mechanisms in various ERPs • Serious consequences for compliance failures e.g. FCPA Traditional protections against insider fraud, such as segregation of duties or employee authorizations, are no longer adequate © 2014 Copyright Genpact. All Rights Reserved. 5
Moreover traditional post facto recovery audit has also many limitations Limitation Rationale Takes too long Many audits lag at least 18 months behind the transaction, by then companies have missed out on cash flow and suppliers are asked to take a hit Proving claim validity is difficult Lack of documentation coupled with inconsistent and sub-par claim presentations can negatively impact vendor relationships and budgets It is expensive Audits are labor intensive and disruptive to ongoing business operations Compliance failures have consequences Sarbanes Oxley and other regulations mandate the need for better processes and financial oversight PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 6
THE SOLUTIONS PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 7
Companies feel a combination of on-going monitoring, process and technology can help solve their compliance challenges Top 5 compliance related challenges 1. 2. 3. % agrees Identifying and documenting compliance related shortfalls and exposures 64% Allocating budget and resources to compliance 60% % agrees 74% Changes to business processes to improve compliance Top 5 mitigations 1. Sustaining on-going compliance Technology changes required for compliance 42% Better audit procedures and policies 61% 3. Technology for monitoring business processes impacted by compliance 51% Technology for managing authorized access to applications, information and documents 43% External experts in audit and compliance 28% 4. 51% 5. 64% 2. 4. On-going monitoring program 5. Source: Aberdeen Group – Survey of 500 Controllers in US, Europe and Asia across multiple industry verticals • Process diagnostics PROCESS • ANALYTICS • TECHNOLOGY • Process redesign © 2014 Copyright Genpact. All Rights Reserved. 8
An effective Continuous Transaction Monitoring (CTM) approach A B Control environment setup Platform hosting and data mining • Understand enterprise goals and risks to them Extractor • Assess controls required and monitoring frequency • Identify relevant data • Define, manage and run CTM CoE • Acquires data from relevant data source Mapper • Maps data into normalized databases • Continuously updates data warehouse • Allows for reuse of similar data PROCESS • ANALYTICS • TECHNOLOGY C D Transaction analytics Exception management Management reporting • Facilitated definition of complex analytics • Risk profiling of exceptions • Periodic updates by process, analytics, criticality, vendor • Predictive analytics (e.g. fuzzy logic, pattern recognition, statistical analysis) E • Efficient resolution and follow up of exception cases • Looping and closing of exception cases • Recommendations for process improvement • Continuously improving algorithms © 2014 Copyright Genpact. All Rights Reserved. 9
A Time effective set up of effective control environment after appropriate risk assessment What can be achieved • Risk assessment and quantification, development of mitigation control plan; control environment set up within 3-4 weeks • Continuous assessment and improvement of implemented controls ILLUSTRATIVE Sample deliverable Controls, frequency and ownership • Data cleansing to ensure optimal utilization of available datasets Delivery approach Domain and CTM experts work in collaboration with the client to • Assess the current control environment and the risks to the organizational goals and objectives • Build a complete control environment for the organization • Determine the frequency for monitoring the controls • Identify and capture the data which provide indicators of the health of risk management and related controls PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 10
B Seamless platform hosting and improved data mining to ensure comprehensive issue detection and analysis What can be achieved ILLUSTRATIVE • Manual effort and errors reduced by 30-40% using automation • Pre‐built extraction from major ERP like SAP, Oracle, JDE, PeopleSoft, Amex, Lawson, etc. (used by ~75% of global businesses) • Increased availability of datasets for analysis through error and completeness checks Delivery approach • Pre built data request templates by process/vendor/analysis/ERP system type • Custom scripts to rapidly extract data in an automated manner • Dedicated experts with expertise in gathering data quickly and ensuring accuracy and integrity of data prior to analysis • Collaborative approach with client to ensure contextual understanding of extracted data PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 11
C In depth and near time transaction analytics for early detection of error patterns ILLUSTRATIVE Analytics example What can be achieved • Near real time identification of error patterns improves turnaround time by 20% and recovery % between 3040% compared to post audit • Granular and actionable insights by process and subprocess, IT system type, nature of transaction, etc. Delivery approach • List of analytics performed under each area – sub area with detailed sub analytics by process/vendor/ ERP system, etc. • Heuristic algorithms which learn and improve continuously • Findings are presented graphically using user friendly and configurable GUI • Collaborative approach with client to ensure that the right analytics are performed and corrective action taken PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 12
D Risk profiling of exceptions and follow up till closure of genuine exceptions ILLUSTRATIVE Listing of exceptions What can be achieved • Exception reduction by 20-25% YoY • Detailed listing of exception cases for proactive process improvement • Ideas and initiatives to eliminate exceptions Delivery approach • Risk profiling of exceptions based on type, criticality, etc. • Collaborative approach with client to determine “genuine” exceptions to reduce handling time of false exceptions • Integrated exceptions in instances where exceptions are linked to each other • Follow up of genuine exceptions and recommendations on process, technology fixes, etc. to eliminate them PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 13
E Frequent and granular management reporting ILLUSTRATIVE What can be achieved • In depth reports at an agreed frequency Example report • Comprehensive view of all relevant exceptions that cause fraud, errors, compliance failures etc. Delivery approach • Granular reporting of exceptions based on process type, ERP system, vendor etc. • Assessing the root cause of the exception and validating the same with the business/process owner • Detailing of initiatives (e.g. process changes, technology improvements, etc.) to eliminate exceptions • User friendly dashboards with slicing and dicing capability PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 14
Significant improvement potential in operating and process metrics through CTM Business process Top 3 leakage points % transaction value at stake % prevented through CTM Procure-to-pay • Data errors and omission • Unauthorized payments • Overpayment 12-17% ~90% Order-to-cash • Delayed collections • Unauthorized changes in masters • Invoice and billing mismatch 20-30% ~97% Travel & living • Policy non-compliance • Overpayment • Unauthorized payments 7-12% ~85% General ledger • SoD conflict • Whole number entries - rounding off • Unusual account pairing analysis 11-17% ~97% FCPA P-Card • Out of country payments • Gift /sponsorships/government payment analysis • Unusual payments • Purchases from approved/ regular vendors • Policy non compliance • Improper/illegal payments PROCESS • ANALYTICS • TECHNOLOGY 6-7% ~80% 10-15% ~80% Operating metric • Decrease in working capital by up to 35% • Increase in cash flow by 2-3% • Bottom line improvement by up to 0.1-0.2% of revenues • Improve revenues up to 1% • DSO reduction by 10-15% Process metric • 10-15% savings from employee recoveries • Prevention of accounts misreporting • Prevention of foreign corrupt practices by up to 80%, reducing probability of penalties © 2014 Copyright Genpact. All Rights Reserved. 15
CONTACT GENPACT TO EXPLORE THE “ART OF THE POSSIBLE” PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 16
About Genpact Genpact Limited (NYSE: G) is a global leader in transforming and running business processes and operations, including those that are complex and industry-specific. Our mission is to help clients become more competitive by making their enterprises more intelligent through becoming more adaptive, innovative, globally effective and connected to their own clients. Genpact stands for Generating Impact – visible in tighter cost management as well as better management of risk, regulations and growth for hundreds of long-term clients including more than 100 of the Fortune Global 500. Our approach is distinctive – we offer an unbiased, agile combination of smarter processes, crystallized in our Smart Enterprise Processes (SEPSM) proprietary framework, along with analytics and technology, which limits upfront investments and enhances future adaptability. We have global critical mass – 62,000+ employees in 24 countries with key management and corporate offices in New York City – while remaining flexible and collaborative, and a management team that drives client partnerships personally. Our history is unique – behind our single-minded passion for process and operational excellence is the Lean and Six Sigma heritage of a former General Electric division that has served GE businesses for more than 15 years. For more information, visit www.genpact.com. Follow Genpact on Twitter, Facebook, and LinkedIn. PROCESS • ANALYTICS • TECHNOLOGY © 2014 Copyright Genpact. All Rights Reserved. 17
Thank You Gianni.giacomelli[at]genpact.com Senthilvel.K[at]axisindia.co.in www.genpact.com/home/solutions/risk-management-services/continuoustransaction-monitoring
Continuous Transaction Monitoring ... Offered Detect and analyze anomalous transactions to address timely risk control gaps and improve compliance, ...
• Continuous Transaction Monitoring ... business risk; monitor internal control effectiveness and performance; and detect and correct controls gaps ...
Continuous Cyber Situational Awareness ... continuously monitoring transactions and controls, ... Continuous Monitoring and the Risk Management Framework ...
Continuous Fraud Monitoring and Detection via ... Internal & External data Transactions ... Insights Risk Monitoring and Control ...
... often in the form of continuous monitoring of transactions ... Automating Fraud Detection: The Essential ... addresses the control gaps that ...
THE INSTITUTE OF INTERNAL ... address risks E. ... identify transactions that are anomalous or potentially fraudulent.
Fraud Awareness, Prevention, and Detection – Techniques ... nearly 9 in 10 rated continuous monitoring ... – Analyze transactions to find out control ...
DATA ANALYTICS & VISUALIZATION FOR MITIGATING FRAUD RISKS ... Circumvention of controls What is Continuous Monitoring? 23 ... compliance risks and detect ...
... critical internal controls. Proper monitoring and ... detect unusual transactions that are ... or compliance expenses, and reputational risk to ...