Forensics & The Cloud

Cloud software can often be negatively associated with a lack of security and accountability. There is the perception that it’s easy to hide or manipulate data, and that data in the cloud is not secure. However, this is not the case, especially with those more established companies such as Sage, Xero and Intuit (QBO). Drawing a comparison to traditional software packages (which are often held on local servers), most cloud software tends to be stored on purpose built servers with dedicated security measures. As a result, the risk of a data breach or unauthorised access is substantially reduced. Looking specifically at internally driven fraud, cloud software companies often include helpful features to allow their users to identify any unwelcome behaviour, whether this be pattern driven or issues relating to access.

User Activity and Unique User Access

Each user has their own login credentials. This way, their activity can be tracked, including login times and the data that they have accessed.

Not only is the software recording each login, it will also identify unusual elements of each login. This could be an unfamiliar location, new device or strange IP address. A trigger of any of the above will mean that the software can ‘lock’ resulting in forced verification of their account before they proceed any further. To further enhance this, two factor authentication (2FA) is becoming more popular for software companies to introduce, or even require.

Whilst some find 2FA an inconvenience, it’s a clear indication of not only a changing world and increased fraud, but also how seriously software companies now view this.

Transaction Audit History

In most software, each transaction contains a timestamped history of creation, edits and any adjustments. This audit history is permanent, and often remains with the transaction even after this has been deleted.

The audit history ensures that any adjustments to a transaction are recorded. While this won’t necessarily notify you of the actual changes made, you can use this audit history to identify any suspicious activity or patterns of edited transactions.

Audit Information/Exceptions Reports

Some cloud accounting systems have developed reports designed to highlight potential fraudulent behaviour. The reports focus on:

  • Backdated invoices;
  • Suppliers with matching bank details;
  • Bank transactions which have been edited or deleted.

This sort of information ensures that you can identify where there may be some cause for concern, both with fraudulent behaviour or accounting processes.

Transaction Attachments

More cloud software systems are introducing the ability to have documents attached to transactions, either manually, or via an OCR software such as Auto Entry or Receipt Bank. You can attach PDF’s or other files to each transaction.

This allows other users to see the original supporting document behind each transaction. Enforcing this as a business process, significantly reduces the risk of ‘fake’ transactions being processed through the system. Duplication detection from OCR software mentioned above can also mitigate the risk of duplicate entries, regardless of the intention.

In summary, cloud accounting, doesn’t necessarily result in a weaker control environment, rather if configured correctly, it can reduce fraud risk. With the features explained above, it’s evident that strong processes can discourage fraudulent behaviours taking place and the forensic software features, can help identify deviations from this behaviour and allow appropriate action to be taken.

It is the use of the forensic elements of the software that is often overlooked as a monitoring tool in companies’ normal ongoing weekly or monthly accounting procedures. Often, one of the biggest deterrents to internal fraud is the knowledge that someone is checking for anomalies and that forensic style reports are being run that interrogate all aspects of the data.

If you would like to discuss any of the above in further, or have a more general discussion regarding forensic accounting and the cloud, please contact Hannah Farmborough or call on 0207 429 4147 to be put in contact with a member of our Forensic team