BI Forum 2012 - Continuous Monitoring for Risk & Performance

© 2012 Consider Solutions All rights reserved. Do not distribute without permission

Continuous Monitoring for

Risk & Performance

Finance perspective

Jan Hurda - Consider Solutions

15th November 2012

© 2012 Consider Solutions. All rights reserved. Do not distribute without permission

Agenda • Introduction

• Risk & Control – Prevention & Detection

• Specific Exception Analytic Examples

• Critical Success Factors

• Questions


The CFO Office . . . • World Class Finance

– Leading companies’ finance functions cost approaches 0.5% of revenue

• Stewardship & Reporting • Accounting & Finance Operations • Business & Management Support

• Four Pillars of Financial Management: – Efficiency: continually improve process efficiency, speed, and quality – Effectiveness: deliver expertise in financial stewardship and risk

management – Relevance: provide analytical support that decision-makers need – Influence: proactively drive the business toward superior outcomes

• Risk and Performance

Courtesy: Hackett Group, CIMA/CGMA, CFO magazine


Prevention & Detection


But it’s not ‘Big Brother’ • We live in a complex fast-moving business

world

• We have global processes and organizations

• We have integrated systems

• No one person sees the end to end process in detail

• Mistakes, errors & misunderstandings happen

• Identifying, understanding, diagnosing and improving is what management is about

• Judgement still matters


Exceptions impact risk AND performance

What is supposed to happen?

What actually does happen?

Processes are ignored or circumvented

Policies cannot be cost-effectively enforced

Fraud & Waste

Inappropriate Payments

Inaccurate Financials

Transaction Costs

Unnecessary Risk

Audit/Compliance Costs

Performance Impact


Systems, Controls & Risk

• We invest heavily in commons systems to drive: – Process standardisation – Business efficiency – Economies of scale

• But do we get . . . – A standard business process? OR – A standard data input process?


Standardized process control

1. Truck drops off shipment, but no PO exists

2. Warehouse worker calls up purchasing to create a PO

3. GR is created against PO

ERP is configured to only allow GR if PO exists, however…

“The myth of automated controls in systems”


Multiple Dimensions

• What to Monitor & Why?

• If exceptions are found who needs to know? Who owns it? Who will do something about it?

• What are the exception criteria?

• What information do we need to identify and describe exceptions?

• Any scenarios to exclude?

• How to present and deliver results in meaningful way?

• How often to monitor and what periods to monitor?

• What actions to take?


What to Monitor

• Inputs ... – Finance Management Consultation

• What are finance leadership concerned about in context of financial processes

• Where is there limited visibility? • What data is needed to drive continuous improvement?

– Industry Benchmarks & Best Practice • e.g. error rates ... • Duplicate invoices / duplicate payments – 0.1 to 0.5%

of annual invoice payments – Regulation

• What must / must not happen within our business and processes to ensure compliance with prevailing regulations


What to Monitor

• Compliance – e.g., Suspicious or proscribed payments (FCPA/OFAC)

• Risk – e.g., Unbilled Revenue – Duplicate Payments – Payment to One Time Suppliers

• Performance – Driving simplification & standardisation – e.g., Ensuring agreed payment terms are used –

payment periods / discount terms


Examples ...

Procurement: – Duplicate Payments – Goods delivered without a PO – Non-standard payment terms – Invoice value greater than goods received – Duplicate Invoices

Sales: – Price Reductions – Undelivered orders – Exceptional customer credits/returns – Payment terms

Fixed Assets: – Inappropriate asset depreciation

periods – Misclassified capital equipment

Travel Expenses: – Duplicate claims – Ineligible items claims

General Ledger: – JE postings into prior periods already closed – Unusually large JEs – Manual payments


Exception Criteria? Example

• Example: – Procurement: Non Standard Payment Terms – Business Criteria:

• Identify any Purchase Orders where the Payment Terms used are not the standard payment terms agreed with the vendor.

– Business Rationale: • Purchase orders that do not follow agreed terms can

have an adverse affect on cash outflow and working capital. May also lead to problems with vendor relationships and corporate image and reputation. Excessively short payment terms may indicate potentially inappropriate relationships. Excessively long terms may indicate future period commitments. Lack of standardization impacts cost of finance function



• Example: – Procurement: Invoice greater than Goods Received – Business Criteria:

• Invoice quantity greater than goods receipt quantity means the vendor has over billed which may lead to excess payments and cash flow issues.

– Business Rationale: • Prevent excess inventory carrying cost and reduce 3-

way matching errors by monitoring cases where Goods Receipt quantity is greater than Invoice Receipt quantity.



• Example: – Procurement: Duplicate Invoices – Business Criteria:

• Duplicate invoices may result in inflated purchases or excess payments to vendor. Such invoices may lead to financial losses and affect cash outflow and working capital.

– Business Rationale: • To ensure that Invoice is recorded only once to avoid

duplicate payments or inflated purchases.


Priorities – Value at Stake

16

Europe Americas Asia MEA

Europe Americas Asia

Europe Americas Asia

Europe Americas Asia MEA


Exceptions, Root Causes & Actions

• Is an Exception ... & indicates failure of process or control. Review process / policy/ control / training to address risk. Continue to monitor.

• Is an Exception ... & indicates inappropriate activity. Take remedial action. Continue to monitor.

• Is an Exception ... & indicates human error. Review integrity checks / training needs. Continue ...

• Is NOT a material Exception. Review / modify exception / exclusion criteria to exclude given scenario(s).


CM Best Practices • A clear business objective

• Start simple with a narrow path scope

• Prioritize based on impact and relevance

• Iterative refinement of process and scope. define ... analyze ... learn ... review ... refine ... extend.

• Review current practices at all stages. Is there a better way, can we re-engineer our thinking?

• Take the opportunity to engage & connect to help drive partnership with your business units

• Focus on performance improvement opportunities as well as risk assurance

• Embed exception thinking in the organization


Balanced Skillsets Required • Business process understanding & analysis

• Business risk and performance facilitation

• Data and system process knowledge

• Technical data filtering & analysis skills

• CM technology understanding

• Business rules/filter logical design skills

• Business analysis of exception impact

• Diagnosis & root cause analysis

• Continuous improvement/change management


Critical Success Factors: Speed & Results • Continuous Monitoring and Analytics are receiving

more and more attention from the finance, risk, compliance, audit (and vendor) communities.

• Beware ‘strategic’ a.k.a. ‘slow and costly’

• This is not an IT strategy

• Identifying and managing exceptions should already be a key focus for management

• Rapid results are not only possible, but critical !

• Monitor only what matters – what decisions will we make based on exceptions identified?

© 2012 Consider Solutions All rights reserved. Do not distribute without permission

Continuous Monitoring for

Risk & Performance

Finance perspective

Jan Hurda - Consider Solutions

15th November 2012

Date post:	17-Jan-2015
Category:	Technology
Upload:	oksystem
View:	152 times
Download:	0 times

BI Forum 2012 - Continuous Monitoring for Risk & Performance

Technology