*************************************************** NOTICE *************************************************** This document was converted from Word97 to ASCII Text format. Content from the original version of the document such as headers, footers, footnotes, endnotes, graphics, and page numbers will not show up in this text version. All text attributes such as bold, itallic, underlining, etc. from the original document will not show up in this text version. Features of the orginal document layout such as columns, tables, line and letter spacing, pagination, and margins will not be preserved in the text version. If you need the complete document, download the Word97, or Adobe Acrobat versions, if available. The path and name of the Word97, and Acrobat files will be the same as the ASCII Text file except that they will end with the letters wp, doc, or pdf respectively, instead of the letters txt. **************************************************** OFFICE OF INSPECTOR GENERAL M E M O R A N D U M DATE: January 5, 2001 TO: Inspector General THRU: Thomas Bennett Assistant Inspector General for Audits FROM: Walter Opaska Manager, Information Systems Audit SUBJECT: Survey of Accounts Payable Disbursements As part of the fiscal year (FY) 2001 audit plan, we have completed a survey of accounts payable disbursements at the Federal Communications Commission (`FCC' or `Commission'). The objectives of the survey were to: (1) develop a computer assisted audit technique using advanced audit software; (2) search for indicators of questionable or unusual disbursement attributes with this advanced audit software; and (3) examine any disbursement that displays any indicator of questionable or unusual activities. The purpose of this survey memorandum is to summarize the results of the survey, document significant observations, and identify areas where additional audit work should be performed. REASON FOR SELECTION Disbursements traditionally represent a high risk factor to a business entity. In January, 2000, the Office of Inspector General (OIG) initiated audit activity using advanced software tools to authenticate that disbursements are valid, accurate, and supported by appropriate documentation. The strategic objective of this review is to strengthen the Commission's Financial Management Program. BACKGROUND Improper payments are a major problem in the Federal Government. According to the United States General Accounting Office (GAO), estimates of improper payments by the federal government are reported to total billions of dollars annually . In fiscal year 1998, nine federal agencies reported improper payments totaling $19.1 billion . Improper payments are an inefficient use of taxpayers' funds. Improper payments indicate that agencies are spending more than necessary to meet program goals. Conversely, for programs with fixed funds, any waste of federal funds translates into serving fewer recipients or accomplishing less programmatically than could be expected . The FCC annually expends millions of dollars for the procurement of goods and services. For instance, the balance of the FCC's accounts payable as of September 30, 1999, was $6,122,000 . As a steward of taxpayer dollars, the FCC is accountable for how it spends those funds and is responsible for safeguarding against improper payments--that is, payments made for unauthorized purposes or excessive amounts, such as overpayments to contractors and vendors. With millions of dollars at risk, must will need to continually and closely safeguard those resources entrusted to them and make to reduce fraud, waste, and abuse. The Office of the Managing Director (OMD) is responsible for the disbursement and accounts payable functions. Within OMD, the Chief, Accounts Processing Group, manages this function within OMD. OMD uses the Federal Financial System (FFS) at the Department of Interior, National Business Center, Denver, CO, to manage and account for disbursements. The Office of Inspector General has a key role in safeguarding against improper payments at the FCC. The Inspector General Act of 1978 empowers the OIG to: (1) Conduct and supervise audits and investigations (2) Provide leadership and coordination and recommend policies for activities designed (A) To promote economy, efficiency, and effectiveness (B) To prevent and detect fraud and abuse in, such programs and operations To help in meeting this mandate, the FCC OIG developed this survey of disbursements and accounts payable activity. A major goal of this survey is to increase compliance with these requirements of the Inspector General Act of 1978. SCOPE OF SURVEY WORK PERFORMED This project was conducted as a survey. A survey is the preliminary audit work done before an audit and is not an audit conducted in accordance with Government Auditing Standards (i.e., GAO "Yellow Book" standards). The purpose of a survey is to gather general working information on important aspects of an entity, activity, or program, such as accounts payable disbursements and to determine the nature and extent of any subsequent audit effort. The purpose of this particular survey was to was to search for indicators of questionable or unusual disbursement attributes using advanced audit software, identify any anomalies, report the results to the Inspector General, and recommend the next course of action. To meet this goal, this survey had a series of milestones. The first milestone is to obtain disbursement data for one fiscal year or four quarters. The second goal was to analyze this data using advanced audit software to search for indicators of questionable or unusual disbursement attributes. Any disbursement meeting this definition would be subject to detailed audit scrutiny. The next step was to follow up on any identified apparent irregularities and report any identified problems to the Inspector General. The final milestone was to determine if any aspects of accounts payable need OIG involvement and review. To accomplish the objectives of this survey, OIG auditors used the following methodology. An auditor obtained Excel spreadsheets of disbursement records for the first three quarters of FY 2000 and data from Quarter 4, FY 1999 from OMD. These records were extracted from the financial data that OMD manages and controls. Then, we searched for indicators of questionable or unusual disbursement attributes using advanced audit software. If we found any unusual or questionable indicators, we then closely reviewed the transaction. This review included an analysis of the record by an auditor, a review of source documents, or other means deemed necessary to verify the validity of the record. The disbursements we reviewed included: ? Purchases of goods and services, ? Employee travel, ? Reimbursement for expenditures on official business, ? Imprest fund replenishments, and ? Refunds. To detect anomalies, we ran a number of tests on disbursements. We reviewed payments to selected vendors for adequacy. Our emphasis was on items with a high dollar value. Another area we inspected were payments to employees. We reviewed these payments to determine correctness of the account charged. For selected quarters, we also compared the list of refund payees to an FCC employee listing. This was done to determine if any employees were receiving refunds of fees. We felt that if any employee who received a fee refund this represented an inconsistency that should be investigated further. A major area that we focused on was a search for duplicate payments. Duplicates are a pair of records where at least one key field value matches in both records. A key value can be also a combination of fields, all of which must be the same in at least two records to represent a questionable item. The more key fields that match, the better likelihood that the record pair may represent a questionable item. Examples of duplicates include two disbursement records with the same invoice number or two records with the same payment number and date . Two payments on the same date, for the same amount with the same invoice or contract amount may indicate duplicates. Although it is by no means proof of an irregularity, the presence of duplicate invoice numbers merits investigation . Duplicate transactions are not necessarily fraudulent transactions. There may be many valid reasons to have duplicate records. For example, a pair of partial payments to a vendor, each coded with the same invoice number, may appear as duplicate transactions. Also, progress payments, payments split across different financial accounts, adjusting entries, or credit transactions may appear as duplicates. Nevertheless, all duplicate transactions should be carefully reviewed and verified . In addition, we used Benford's law to analyze disbursement data. Benford's law is an advanced digital analysis technique that involves examining the actual frequency of the digits in the data. This is a high level statistical technique that examines the frequency of digits in data . Benford's law calculates that numbers in sets of data with low first digits, such as 1, occur with more frequency than numbers with high first digits, like 8 or 9 . Valid, unaltered data, without exceptional transactions, will follow the projected frequencies. Benford's law has been found to apply to many sets of financial data, including corporate disbursements . Auditors have employed digital analyses using Benford's law to identify fraud and other irregularities in accounts payable and disbursement records . Conversely, data that meets the Benford's law criteria, but fails to follow the expected frequencies, may include fraudulent items . Because human choices are not random, invented numbers are unlikely to follow Benford's law . Thus, Benford's law can be used to spot irregularities, including possible error, fraud, or other anomalies . The primary computer based tools we used to analyze disbursement data were Microsoft Excel, IDEA, and DATAS. Microsoft Excel is a spreadsheet that permitted us to review and manage the disbursement data. IDEA (Interactive Data Extraction & Analysis) is PC based file interrogation package that allowed us to view, sample, and analyze the accounts payable data. IDEA imports, extracts, analyzes, and samples data generated from a variety of computer systems and displays it on the desktop. IDEA was particularly useful in allowing us to identify possible duplicate payments. DATAS (Digital Analysis Tests and Statistics) is an add-on program to IDEA that performs a suite of analytical sub-routines. These included analyses using digit and number patterns to detect fraud, errors, biases, irregularities, and processing inefficiencies. DATAS is an analytical tool that works with IDEA to analyze data for abnormal and repetitive patterns in digits. It uses the mathematical concept of Benford's Law as a benchmark for highlighting transactions that could be fraudulent, as well as identify system inefficiencies and errors . We used an evaluation copy of DATAS to determine if the Commission's disbursement data complied with the rules of Benford's law and to identify any digit patterns that indicated possible invented numbers or other irregularities. Because our goal was to develop and implement an exception reporting system, we limited the scope of our review. This survey was did not review the internal controls for disbursements. Nor did we reconcile totals or perform confirmations. We used records obtained from OMD instead of data extracted directly from the FFS accounts payable database. The information we had obtained was originally extracted from FFS and was an adequate and cost-effective substitute compared to the time consuming process of retrieving records directly from FFS. Finally, although a primary objective was to search for irregularities, including fraud, we cannot make the assertion that no fraud exists in the disbursements system at the FCC. SUMMARY OF OBSERVATIONS As part of the survey process, we evaluated the Commission's disbursements system to identify any anomalies that may exist which may require more comprehensive audit scrutiny. We analyzed over 51,000 disbursements records from Quarters 1 through 3, FY 2000 and Quarter 4, FY 1999. We used Microsoft Excel, IDEA, and DATAS to analyze these transactions. Tests of Disbursements We performed a number of tests on disbursements. We reviewed payments to selected vendors and employees for characteristics such as correctness of the account charged. For two quarters, we compared the list of refund payees to an FCC employee listing to determine if any employees were receiving refunds of fees. We investigated all potential inconsistencies. For example, we found a payee receiving a refund with the same first and last name as that of an FCC employee. Additional investigation disclosed that the refund check for this payee was sent to an address in Oregon, far from the Commission location where this individual worked. Further review disclosed that a person with that same first and last name lived in that Oregon city. Therefore, we concluded that the refund payment was not made to an FCC employee. All items reviewed could either be resolved by an analysis of the transaction. Those items that could not resolved by analysis were traced to source documents. In our review, we did not find any exceptions that needed further review. Duplicate Payments Another test we performed was a search for duplicate payments. We reviewed for duplicate transactions for Quarters 1 through 3, FY 2000. Duplicates occurred in disbursement invoices for accounts payable and employee travel. We matched potential duplicate payments on as many as thirteen of the fourteen available fields in the disbursements database. We reviewed these matches to determine the cause. Many could be resolved simply by analysis. For example, those potential duplicates that differed only by project code often represented invoices where the total cost was split 50-50 between appropriated and Auctions funds. Therefore, different project codes were used. Where we could not easily resolve a duplicate payment match, we reviewed the source documents that supported the payment. Most duplicate items we reviewed could be resolved by an analysis of the transaction. Those items that could not resolved by analysis were traced to source documents. In our review, we did not find any exceptions that needed further review. Benford's Law Finally, we also performed a digital analysis using Benford's law on the Commission's disbursements data for Quarters 1 through 3, in FY 2000. We used an evaluation copy of the DATAS tool to analyze the frequency of occurrence of the first digit of the database. Appendix A contains a graphical representation of our Benford's law analysis. The graph in Appendix A highlights an anomaly. The leading digit, 1, occurs with a substantially higher frequency than the Benford's law analysis of the Commission's disbursement data had predicted. In fact, the deviation (excess of actual over the expected results) of the occurrence of the digit 1 was over 38% from its predicted recurrence under Benford's law. To determine why this deviation of the first digit 1 occurred, we analyzed all the FCC disbursement records that began with the digit 1 for Quarters 1 through 3, FY 2000. We found a large number of disbursements for $155. These were identified as refunds for fees. The number of $155 refund disbursements for this period totaled 2775. This represented 39% of the total number of disbursement items analyzed. This percentage nearly equals the 38% deviation of the digit 1 from the expected occurrence under Benford's law and accounts for the `spike' at the digit 1 in the graph in Appendix A. The $155 refund disbursements are payments unique to the FCC. Therefore, we can conclude that all significant exceptions identified by the Benford's law analysis contained in the graph in Appendix A have been explained and reconciled. CONCLUSION Based on the results of this survey, the Office of Inspector General should not perform any additional work on the disbursements data for Quarter 4, FY 1999 and Quarters 1 through 3, FY 2000. All transactions and analyses that identified anomalies and exceptions have either been identified, researched, and reconciled, or verified by tracing the transactions to their original source documents. Instead, the OIG should focus on continuing this program by instituting a reoccurring system that would obtain disbursements data, analyze it using the techniques described in this report, identify exceptions, and research, reconcile, and verify and anomaly. Also, the OIG should refine this periodic review by streamlining and further automating the program. For example, the OIG discontinue the manual match of employee names and recipients. Instead, an automated process should be developed and instituted. The OIG would be strengthening the strategic objective of Commission's Financial Management Program by providing an internal control check that would assist in preventing duplicate payments and fraud. In addition, this program would assist the FCC OIG in meeting the tenets of the Inspector General Act of 1978, which empowers the OIG to: promote economy, efficiency, and effectiveness and to prevent and detect fraud and abuse in, agency programs and operations. U.S General Accounting Office, Increased Attention Needed to Prevent Billions in Improper Payments, AIMD- 00-10, October 1999, p.5. United States General Accounting Office, Abstracts of GAO Testimony, FY00, AIMD-00-10, October 29, 1999, URL: http://www.gao.gov/AINDEXFY00/abstracts/ai00010.htm (December 4,2000). U.S General Accounting Office, Increased Attention Needed to Prevent Billions in Improper Payments, AIMD-00-10, October 1999, p.5. Office of Inspector General, Report on the Federal Communications Commission Fiscal Year 1999 Financial Statement, July 7, 2000, p.14. 5 U.S.C. Appendix, Inspector General Act of 1978, as amended. URL: http://www.oig.lsc.gov/lscpages/igafull.htm (December 6, 2000). Coderre, David G., Fraud Detection, Using Data Analysis Techniques to Detect Fraud. (Vancouver, BC, 1999), p.107. Ibid. p. 87. Ibid. p. 109. Coderre, David G., Fraud Detection Using Digital Analysis, EDPACS, September 1999, URL: http://www.auerbach-publications.com/edpc/coderre.html (December 6, 1999), p. 5. Nigrini, Mark N, I've Got Your Number, Journal of Accountancy, May, 1999, URL:http:/www.aicpa.org/pubs/jofa/may1999/nigrini.htm (December 6, 1999), p.2 Ibid., p.4. Dalal, Chetan Advanced Tools to Tackle Fraud and Collusion: Part 2 - Benford's Law, IT Audit.org, November 1, 2000, URL: http://www.itaudit.org (December 14, 2000), P.1. Coderre, David G., Fraud Detection Using Digital Analysis, p. 6. Nigrini, Mark N., I've Got Your Number, p. 4. Ibid., p. 1. IDEA can be found at http://www.audimation.com. DATAS can be found at http://www.audimation.com/software.html#DATAs. AuditTools, Digital Analysis Tests and Statistics, URL: http://www.audittools.com (December 12, 2000). Digital Analysis Tests and Statistics, URL: http://www.audimation.com/datasad.html (December 12, 2000). 1