Improving audit risk assessments with AI-driven analysis of Accounts Receivable and Accounts Payable subledger data

Improving audit risk assessment longterm

The cornerstone of well-planned and high-quality audit engagements is a robust risk assessment process. Such a process is critical to identifying risks of material misstatement and their relative significance by providing a fulsome understanding of the entity subject to audit and the environment in which it operates.

The nature and extent of these audit risk assessment procedures will certainly differ from engagement to engagement, reflecting different types of operations, industries, and financial reporting complexities, however preliminary analytical review procedures are a common thread across all audits as a requisite component of the risk assessment process.

Traditional preliminary analytical review procedures

Practically speaking, preliminary analytical review procedures could include any combination of the following (not exhaustive):

  • Comparing actual financial performance to historical trends and balances
  • Reviewing actual financial performance (ratios, key financial metrics) against industry benchmarks
  • Reviewing actual financial performance compared to management forecasts and/or budgets
  • Performing inquiry of management to ascertain operational drivers for certain trends and patterns in the year-over-year results (i.e., “what’s changed?”)
  • Examining any material new contractual agreements executed in the period (leases, customer contracts, debt agreements, etc.)

Traditionally, these types of analytical review procedures take place at the level of how the financial statements aggregate the data by account or class of transactions, or perhaps at more granular levels of the chart of accounts. For example, you may compare how gross margin in the current period compares to historical periods or how increases in inventory year-over-year tracks with corresponding movement in the cost of sales accounts. In any case, it is ultimately the general ledger trial balance data and activity detail that underpins this type of review.

With a view towards a robust risk assessment process and obtaining a deep and operationally relevant understanding of your client’s business environment and financial performance, analysis and interrogation of the AR and AP subledger data as a complement to the traditional preliminary analytical review procedures at the financial statement level could be a source of highly valuable context to the results and empower you to conduct a more focused inquiry of your client’s management.

Accounts Receivable & Accounts Payable as critical inputs to audit risk assessment

Visualizing and interrogating subledger data can provide high-value insights and expose “root causes” behind some of the general ledger variances and patterns identified as part of your traditional preliminary analytical review procedures. This empowers you to better pinpoint an assessed risk and tailor your testing approach to most efficiently respond to that assessed risk.

Some examples of how to best leverage subledger information include:

Understanding how certain vendor and customer aged balances trend throughout the year

The aggregate total values of AR and AP at balance sheet dates might be relatively consistent year-over-year but there may be cause for further investigation and inquiry if, for example, the monthly ending balances demonstrate significant volatility throughout the year or seem out of pace with corresponding monthly sales or purchasing trends.

Understanding operational key performance indicators for customer and vendor “health”, and tracking those over the audit period

Tracking basic operational metrics like Days Outstanding and Turnover ratios, for specific vendors, customers, and in total, provides a lens of relative customer “quality” or vendor settlement patterns that may allow for risk to be identified more granularly. Comparing these ratios for a particular customer against the “aggregate” value allows you to identify specific customers or vendors that lag the overall average and therefore may indicate an existence or valuation risk around those balances or underlying contracts.

Expose the nature and volume of transactions on credit with related-party customers and vendors

Reviewing the subledger detail for transactions with all related entities is information that may not be readily available on the surface of the general ledger data and the relative dollar volume and activity of these transactions could be relevant to how risk is assessed around the accuracy, valuation, and presentation assertions.

Surface invoices or other records in the subledger (debit or credit memos, unapplied payments, etc.) that may be significantly aged

Isolating items in the subledgers that are significantly aged may tie directly to the risk around valuation and existence of these items specifically. Under a more nuanced lens, the existence of these types of stale records (or lack thereof) may be a relevant consideration to corroborating your understanding of the controls framework and how closely the subledgers are being reconciled and actively maintained.

Evaluate the volume and frequency of transactions at the level of a specific customer or vendor to corroborate inquiry of management and your understanding of the entity

Understanding basic data points around volume and frequency of transactions with a particular customer or vendor may help corroborate information learned from inquiry or your knowledge. For example, reviewing transactions with the entity’s landlord to confirm that 12 monthly equal rent payments were posted. Scanning this type of activity (either manually or with automated techniques) can surface invoices or payments for amounts that are potentially unusual for a certain customer or vendor and therefore perhaps may be indicative of risk.

Review for the volume and frequency of manual adjustments directly to the subledger detail

Manual adjustments or entries directly to the subledger, i.e., entries that don’t have a commercial document of record (invoice, cheque, credit memo, etc.) associated to them, may indicate fact patterns or internal processes that warrant further consideration from an audit perspective.

Perform basic statistical and rules-based tests and interrogate the subledger data to inform risk assessment

Certain procedures around data quality that are traditionally associated with journal entry testing, such as the following, may be very relevant to the subledger information. This includes any “hits” that would be relevant to deepen your understanding of your client’s accounting system and internal control framework and also advise the severity of assessed risk:

  • Reviewing descriptions for suspicious keywords
  • Duplicate document IDs
  • Two-digit Benford analysis
  • Other rules-based tests

How MindBridge automates and streamlines AR & AP subledger analysis

MindBridge AI has dedicated AR and AP modules that automatically analyze the subledger data and, without any scripting, provide high-value visualizations of the data and transaction-level analysis. These capabilities empower you to leverage subledger-level insights and anomalies as critical inputs to the audit risk assessment process.

Trends and patterns

Ai Auditor provides the ability to visualize how monthly AR and AP balances or net monthly activity tracks over multiple years, at the customer and vendor level and also in aggregate. The visualization is customizable and provides the ability to compare certain customer or vendor trend lines against each other and identify patterns of deviation.

Vendors and customers who are related parties to the entity subject to audit are flagged directly in the summary detail to identify for specific review. 

internal audit tools

Key performance indicators

Days Outstanding and Turnover ratios are calculated at the customer and vendor level and visualized on a monthly basis, allowing you to identify where there are periods of potential distress or deteriorating quality. Similar to the ending balances and activity, you are also able to customize the visualization and compare certain customers or vendors against each other along the lines of these metrics to expose patterns of interest.

internal audit results

Ai Auditor also automatically identifies any new customers or vendors in the audit period, allowing you to identify the related volume of sales or purchasing growth specific to these entities.

Aging

Aging at the customer and vendor level is automatically calculated and captured across respective buckets of days outstanding (0-30 days, 31-60 days, etc.). For certain entries that are significantly aged or stale, you’re able to drill-in to all the transactions with a particular customer or vendor and ascertain which invoice(s) are contributing to those totals.

internal audit and governance

Data interrogation and risk

Navigating and querying the transactional level data via the Data Table in Ai Auditor provides a powerful and effective way to explore and validate the subledger activity. The Filter Builder functionality allows for multiple conditions to be placed on a query, using any element of the transactional record (date, amount, user, entry type, etc.). This allows you to build and save functions that allow you to get a sense of the type, frequency, and volume of transactions with certain vendors or customers.

reasonable assurance audit

Control Points, which are various statistical, rules-based, and machine learning tests, are run against every transaction and the results are summarized on a dashboard that supports interactions like filtering and drill-through.

corporate internal auditor

Combining the query building capabilities of the Data Table with the feature of every transaction being scored against the various Control Point tests, you are empowered to identify relevant populations for sampling and have selections automatically identified on a risk-stratified basis. Approaching the sampling process through the lens of transactional risk ensures that you’re focusing your audit procedures around the entries which appear anomalous.

Take the first step towards unlocking critical subledger-level insights for risk assessment

To learn more about Ai Auditor and subledger analyses, contact sales@mindbridge.ai.

AI in finance: Helping professionals shift from hindsight to insight to foresight

Stopping dominoes with foresight

We are facing an unprecedented time of global uncertainty created by the COVID-19 virus that has unleashed a global healthcare crisis. Humanity is fighting a war against an invisible enemy that is attacking humans around the world and sparing no country. We need not be pessimistic or optimistic but rather realists and learn from the history of humanity. Human ingenuity will prevail, and humanity will survive.

We have entered a new world after COVID-19 with very different assumptions than we had in the old world when the world GDP yielded a record high of $85T. The world GDP has been severely impacted by the lockdown stipulations that were imposed to minimize the spread of the virus within the population. The key pillars of the economy are consumer and companies’ spending. If this slows down, it can lead to a recession and even depression. The lockdown restrictions are being relaxed and governments and central banks around the world are injecting massive amounts of funds into the hands of individuals and companies in an effort to reopen the economy to avoid an economic crisis.

How can artificial intelligence in finance help organizations pull through?

A renewed focus on financial errors

During economic uncertainty, an added vigilance is needed by those responsible to ensure the accuracy and integrity of the financial records that are being relied upon to make decisions about the operations of their organizations. A report by the Association of Certified Fraud Examiners (ACFE) “2020-Report to the Nations”- 2020 Global Study on Occupational Fraud and Abuse estimates that the yearly cost to the world due to fraud and abuse is about $4.5T or 5% of the world GDP. They examined over 2500 cases from 125 countries with combined losses of $3.6B with an average loss by case of $1.5M and a typical case lasting 14 months before being detected.

Whereas corruption was the most common type of fraud, the most costly were financial statements fraud schemes, even though they represented only 10% of the cases.  The breakdown of the detection methods reveals that analytics plays only a small role in the detection of occupational fraud: Human tips; 43%, internal audit; 12%, management reviews; 5%, by accident; 5%, whereas external audit catches only 4%.

A 2019 survey by Blackline provided insights into the concerns by executives with inaccuracies in financial data. With over 1100 C-suite executives and finance professionals from mid- to large-size organizations around the world, the white paper stated that:

“55% are not confident that they can identify financial errors before reporting results, 70% claim that their organizations made a significant business decision based on inaccurate financial data and 26% are concerned over errors that they know must exist but they have no visibility”.

 

The power of AI in finance

Finance professionals that rely on outdated tools and methodologies do not offer the best visibility into finding errors, errors with intent, errors that are considered fraud, and general mismanagement of the financial dataset in their organizations. The world is already witnessing a major trend toward moving to the cloud and becoming digital native and these must be vigorously pursued by organizations that want to be of the forefront of growth post the crisis.

Becoming digital native enables companies to move towards a near real-time view of their financial data and, coupled with AI in finance functions, the ability to fully analyze 100% of transactions. This ensures transparency to key stakeholders such as board members and auditors and aids in the identification of any anomalies in their financial records.

Currently, a company’s financial records are examined by external auditors on a yearly basis and evaluated using a sampling method that leaves the bulk of the dataset untouched. This method of rear view-mirror assessment provides C-suite executives with a hindsight perspective and the fear that decisions are made based on inaccurate and untimely information. Using AI-based tools to review 100% of the financial records in near real-time offers C-level executives with insights into data and, by using the appropriate analytics built into the AI applications, offers foresights into the operations of the company.

The two most important behaviors that companies must have to thrive post COVID-19 are resilience and adaptability. Resilience is defined as the ability to withstand or recover quickly from difficult conditions whereas adaptability is defined as the quality of being able to adjust to new conditions. Companies must build their operations and culture around resilience and adaptability so they can work efficiently during the “new normal” when we emerge out of this dark tunnel will become stronger and better off.

An article published by the Boston Consulting Group titled “The Rise of the AI-Powered Company in the Postcrisis World” highlights the tremendous opportunity for companies that are going to digital native, moving to the cloud, and adopting AI in finance applications to supercharge their operations. Arvind Krishna, in his inaugural speech as IBM’s new CEO, said, “I am predicting today that every company will become an AI company – not because they can, but because they must. Digital transformation means putting artificial intelligence at the center of workflows, and using the insights generated from that process to constantly improve products and services.”

 

The human-AI relationship for CPAs: More, better, and faster

sample size in auditing

Every week I interview entrepreneurs and experts from around the world to share their big idea about new forms of value creation and the potential we can unlock when technology augments the unique strengths of people to deliver remarkable impact.

Transforming financial auditing

I got inspired by the big idea behind MindBridge Ai, hence I invited CTO, Robin Grosset to my podcast. We explored the challenges in the financial auditing practice, and how, even after decades of automation, much of the practice is still very manual and sample based, leaving huge opportunities for fraud. Beyond that, we discussed why a human/machine approach will always provide the optimal combination to create exponential impact.

The thing that triggered me most from my interview with Robin

“The existing ways that we are analyzing or auditing financial transactions are inadequate with the rules based system, you’re only going to find something that you anticipate.

What’s the bigger value here?

If we only find what we anticipate, i.e., the cases that are highlighted based on the rules we have set, then what is the magnitude of what we are NOT catching? Robin addressed this by highlighting recent research from the Association of Certified Fraud Examiners. The number appears to be a number beyond imagination — but to put it in perspective — For every $1 we label as ‘fraud, misconduct, or irregularity,’ we’re missing out on $15. So, with current systems we’re only tracing 6.6%, and missing out on 93.4%! Translated, this is $500 for every person on the planet – every single year. And apparently (until recently) nobody was making a big issue about this, arguing ‘it’s not necessary to do anything different, this is the way we work’. This is a typical example of complacency and inertia in the workplace.

It’s about time the rules-based systems are going to be replaced by self-learning systems that are 24/7 active on finding new patterns, i.e., the +93% we’re missing out on. It’s the only way to win the fight against fraud. Doing nothing is not an option as data volumes and the number of channels we operate in keep increasing with extreme pace.

What significant fraud detection opportunity is raised?

What would be the impact on the economy and on society as a whole if this was solved? From my perspective, this is not only about finding the leaks in our systems, but very much about what we could do with the difference. Just look at the challenges we’re facing in health, education, or for example, public safety, simply because budgets are cut every single year. If these organizations would be able to 10x their ability to find fraud, misconduct, and irregularity — what could they do with that difference?

I would assume that there are many more areas like this to be uncovered — an opportunity and obligation for all of us to be sensitive about. I concur with Robin’s advice to look beyond the established conventions and existing standards. Only then will we be able to disrupt the status quo and increase (competitive) advantage.

On that notion — I concur 100% with Robin’s vision that the way to go about this is human-centric AI. In many industries, ‘black-box’ automation won’t work. Just think about how to explain black-box decisions in court? You’ll always need a person with a high-level understanding of the business context. Therefore, it’s about augmentation, not automation. Augmentation will allow human auditors to take their game to the next level, perform a better service to their clients, and be able to back their decisions up with clearly articulated evidence.

In other words: don’t be afraid that AI will take our jobs. It will not.

That said, doing nothing is not an option either: human auditors using AI will replace auditors who don’t. That’s an idea worth thinking about — also if you’re not an auditor.

Listen to the big idea behind MindBridge Ai, and why it has the potential to transform the way financial auditors deliver value.