Innovate or die? Accountants and data analysis in financial auditing
Bachelor thesis
Student: Alwin Lijdsman Student number: 10572546 Date: 29th of June 2016 Word count: 10,834
Counsellor: Prof. Dr. Brendan O’Dwyer
BSc. Economics and Business – Accountancy and Control University of Amsterdam – Faculty of Economics and Business
Statement of originality
I, Alwin Lijdsman, hereby declare that the content of this document is original and that no other sources were used other than referenced in the text.
The faculty of Economics and Business of the University of Amsterdam is only responsible for the counselling of this thesis, the faculty is not responsible for the content of this thesis.
Abstract
According to media and researchers, the accounting profession is one of the most susceptible jobs to be replaced by computers using data analysis. Yet, the exact effects of data analysis in the accounting profession are rarely evaluated. Researchers focus mostly on fraud detection and hypothetical models. The media focus mostly on the broader picture. Concrete analysis techniques are hardly assessed in the light of their practical value for the current accounting profession. Given this lack of detailed research, this study seeks to answer the following question: What are the effects of data analysis techniques on the financial audit process of a Big 4 firm?
In order to assess what the effects of data analysis are, each phase of the financial audit model is assessed by applying the five most discussed data analysis techniques from literature. In order to evaluate what the effects of these data analysis techniques are in practice, interviews are also held with professionals from a Big 4 accountancy firm.
The results found are the following. Affinity grouping is the most effective data analysis technique. This form of analysis is already having a profound impact on the accounting profession. Also, process mining is having an enormous effect on the assessment of inherent controls. However, these techniques are mostly relevant for specific parts of the financial audit process. The other data analysis techniques have little or no effect. Some general notes which are also crucial, are that education and communication within the assessed Big 4 firm are two of the main reasons why data analysis is not used more often in the financial audit process.
Table of Contents
1. Introduction ... 3
2. Theoretical framework ... 6
2.1 The financial audit process ... 6
2.1.1 Assessment of the activities of the organization ... 6
2.1.2 Evaluation of inherent risk ... 7
2.1.3 Assessment of internal controls ... 9
2.1.4 Substantive testing ... 10
2.1.5 Finalisation ... 11
2.1.6 Accountant’s statement issuance ... 11
2.2 Description of possible data analysis techniques ... 12
2.2.1 Journal entry mining ... 12
2.2.2 Text mining ... 14
2.2.3 Process mining ... 15
3. Analysis and discussion ... 17
3.1 Data analysis for the assessment of the activities of the organization ... 17
3.2 Data analysis to detect inherent risk ... 19
3.3 Data analysis applied to the assessment of internal controls ... 21
3.4 Data analysis techniques in substantive testing ... 23
3.5 General remarks on data analysis in the financial audit ... 25
4. Conclusion ... 28
Bibliography ... 31
Appendix ... 32
Interviews ... 32
I1, senior manager IT department ... 32
I2, senior manager IT department ... 34
I3, assistant manager audit, AA champion... 37
I4, senior manager audit, tooling and audit quality management ... 39
I5, senior trainee audit ... 42
I6, audit data analyst ... 43
I7, consultant IT department ... 45
I8, manager forensic department and technical lead AA ... 47
1.
Introduction
“Innovate or die”, is the stark message that professional service firms have to live by (Agnew, 2015, p. 1). The infamous book: The future of employment: How susceptible are jobs to
computerisation? by Frey and Osborne, envisions that the profession of accounting and auditing
is highly susceptible to computerization (Frey & Osborne, 2013, p. 71). The publishing of this book stirred many newspapers to pick up on the subject of automatization of professions. Accounting was no exception. The Dutch Financial Times recently published a long read titled: “The accountant of tomorrow is building an app” (Piersma, 2016, p. 1). In this article, Michael de Ridder, head of auditing at PwC the Netherlands, states that the profession of accounting as referred by Frey and Osborne, actually refers to bookkeepers rather than auditors (Piersma, 2016, p. 1). These effects are already being witnessed: bookkeeping software has no problem at all to form a financial year report swiftly at the lowest possible cost (Piersma, 2016, p. 1). Nevertheless, auditors are also feeling the breath of data analysis and artificial intelligence in their necks: quoted in the Financial Times, Richard Oldfield, head of strategy of PwC UK, explained: “There is no single technological threat to the professional services industry. It’s a tsunami of threats: data analysis, artificial intelligence and cyber security” (Agnew, 2015, p. 1). Technology is reshaping auditing and with that, the firms that provide these services (Agnew, 2015). Fhou Khan Tsang, CEO of a middle large audit firm called Alpha, states the market for auditing work can be reduced by 50% because of data analysis (Piersma, 2016, p. 2). But it is not only work that is replaced. Data analysis also improves the work that accountants perform (Piersma, 2016, p. 2). Old techniques from mathematics and statistics are now more and more applied to the accounting profession, such as Benford’s Law analysis (Craven McGinty, 2014, p. 1). KPMG decided to apply data analysis techniques such as Benford’s Law analysis to detect anomalies in accounting information, identifying more suspicious bookings than before (Craven McGinty, 2014).
Despite this attention, not much has changed in the accounting firms (Piersma, 2016, p. 1). Fhou Khan Tsang suggests that the reason for this is that accountants have not yet figured out how to incorporate this new structure of service providing in their business models (Piersma, 2016, p. 1). Big 4 firms are starting to hire more and more data analysts to gather, analyse and interpret digital information found in systems of clients (Agnew, Auditing: Pitch Battle, 2016, p. 1). However, the effects of these changes are mostly unknown and they are uncharted territory for Big 4 firms (Agnew, Auditing: Pitch Battle, 2016, p. 1). Can accountants work together with the before
mentioned data analysts? If a lot of accountancy work can be automated, are accountancy firms able to change their existing structure, where technology is not the primary concern? Are accounting firms able to innovate?
Not only have the effects of automation in accountancy reached the field of business, also the field of scientific research has been triggered (Liao, Chu, & Hsiao, 2012, p. 11303). According to a study performed by Liao, Chu and Hsiao, data mining research has risen significantly in the years 2000 to 2011 (2012, p. 11304). Even in the scientific field of accounting, data mining research has been picked up (Gray & Debrenecy, 2014, p. 358). Gray and Debrenecy state that while the data analysis techniques are promising, auditors still have to identify which techniques should be included in their financial audit process, because while leading to better work, data analysis techniques now also leads to more work (2014, p. 377).
Following up on this call to research on how to incorporate data analysis in the business model of the accountancy firm, this research attempts to answer the following central question: What are the effects of data analysis techniques on the financial audit procedure of a Big 4 firm? To find an answer to this question, a literature review is performed in both accounting and technical journals. In order to assess whether the techniques found in the literature are applicable to the financial audit processes of a Big 4 firm, employees of the assessed Big 4 firm are interviewed.
Some interesting results are found in these interviews. For example, where in literature a lot of attention is paid to the before mentioned Benford’s Law analysis, in practice it turns out that accountants are not enthusiastic about this form of analysis (I8, 2016). On the other hand, less well known data analysis techniques such as affinity grouping and process mining are already becoming well established in current audit engagements (I3, 2016). Another important finding is that despite an already wide availability of data analysis techniques in the assessed Big 4 firm, accountants do not know that these techniques exist or how to document them in their audit documentation files. This results in data analysis techniques not being used despite being useful and available. What is also interesting is that the main result of data analysis techniques is a better audit quality but not a reduced workload, contrary to what is suggested in newspapers.
This document is structured in the following way: to begin with, the theoretical framework provides a model that is used to describe the financial audit process. Next to that, the theoretical framework provides the most discussed data analysis techniques available for financial auditing. This is succeeded by the analysis. Here, for each step of the financial audit, an assessment is made
as to whether the given data analysis techniques could have an effect on the financial audit process. In order to provide an overview, a table is shown at the end of the analysis summarizing the effect of each data analysis technique in each step of the financial audit. The conclusion summarizes the findings listed in the analysis.
2.
Theoretical framework
This theoretical framework describes the theory required to answer the central question of this research: what are the effects of data analysis techniques on the financial audit procedure of a Big 4 firm? The first part of the theoretical framework provides a model for financial auditing, in order to help assess whether the individual parts of the financial audit process are affected. The second part of the theoretical framework describes the most available possibilities of data analysis techniques.
2.1 The financial audit process
To determine what the effects of data analysis techniques are on the financial audit process, a model for financial auditing is determined. There is no general financial audit model, but most financial audits follow a form which is similar to the following list from Schilder, Gortemaker and Manen (1995, p. 32). Each separate step of this financial audit process is described in the following paragraphs.
1. Assessment of the activities of the organisation. 2. Evaluation of inherent risk.
3. Assessment of internal controls. 4. Substantive testing.
5. Finalisation.
6. Accountant’s statement issuance.
2.1.1 Assessment of the activities of the organization
The assessment of the activities of the organisation is often the first step the accountant performs in the financial audit. It consists of the following four actions. Firstly, acquiring or updating the knowledge about the client. Secondly, doing some initial analytical procedures in order to determine risk factors. Thirdly, determining the valuation principles of the new client. And lastly, determining what the materiality for the engagement is going to be (Schilder, Gortemaker, & Manen, 1995, p. 35).
First, to acquire and update the current knowledge of the client, the accountant can interview key employees in the company and assess the industry that the client is working in through news and internal documents on strategy (Schilder, Gortemaker, & Manen, 1995, p. 35). An important aspect in this part of the process is the experience that senior accountants have with the client and it’s industry (Schilder, Gortemaker, & Manen, 1995, p. 35).
Second, the initial analytical procedures consist of procedures on cumulative information, in order to get a broad idea of possible risk through numerical analysis by benchmarking (Schilder, Gortemaker, & Manen, 1995, p. 35). For example, it is looked at whether the found profit margins fit the expected profit margin of the company (Schilder, Gortemaker, & Manen, 1995, p. 35). The accountant must determine whether there are unexpected relations or amounts found in these analytical procedures, this helps the accountant direct his research in later stages of the audit (Schilder, Gortemaker, & Manen, 1995, p. 35).
Third, the valuation principles of the firm are assessed (Schilder, Gortemaker, & Manen, 1995, p. 36). This consist of assessing whether leases are, for example, correctly stated as financial or operational leases. A quick assessment is performed in order to determine whether this subject will take up a significant amount of time in later stages of the financial audit (Schilder, Gortemaker, & Manen, 1995, p. 36).
Lastly, the materiality is determined (Schilder, Gortemaker, & Manen, 1995, p. 36). The materiality is fundamental for the efficiency of the financial audit procedure, because it determines the margins to which the accountants allow misstatements to exist (Schilder, Gortemaker, & Manen, 1995, p. 36). The lower the materiality, the less room for mistakes is available (Schilder, Gortemaker, & Manen, 1995, p. 36). At the end of this first phase of the financial audit, the assessment of the activities of the organisation, accountants determine what the overall materiality should be and what the performance materiality for individual ledgers should be (Schilder, Gortemaker, & Manen, 1995, p. 36).
2.1.2 Evaluation of inherent risk
The risk for material misstatements is a combination of inherent risk and control risk (Schilder, Gortemaker, & Manen, 1995, p. 36). Inherent risk is the general risk that a company bears because of the nature of its business and environment (Schilder, Gortemaker, & Manen, 1995, p. 36). The control risk is the risk of having a material misstatement reported in the financial
report because of fraud, despite the controls on the administrative organisation and despite the performed internal audits (Schilder, Gortemaker, & Manen, 1995, p. 36). A way to clarify the relevance of the inherent risk and the control risk, is the audit risk model as described by Arens, Randal and Beasley (2014, p. 277).
𝐼𝑛ℎ𝑒𝑟𝑒𝑛𝑡 𝑟𝑖𝑠𝑘 ∗ 𝐶𝑜𝑛𝑡𝑟𝑜𝑙 𝑟𝑖𝑠𝑘
𝐴𝑐𝑐𝑒𝑝𝑡𝑎𝑏𝑙𝑒 𝑎𝑢𝑑𝑖𝑡 𝑟𝑖𝑠𝑘 = 𝑇𝑒𝑠𝑡𝑖𝑛𝑔 𝑖𝑛𝑡𝑒𝑛𝑠𝑖𝑡𝑦
Figure 1: Audit risk model
The acceptable audit risk is the chance of a material misstatement occurring after the financial audit is performed (Arens, Randal, & Beasley, 2014, p. 277). The acceptable audit risk can never be 0% because this would mean that the accountant can guarantee that no misstatements are possible after the audit, which would mean that the accountants would know absolutely everything that is going on in the audited firm (Arens, Randal, & Beasley, 2014, p. 277). Ideally, the acceptable audit risk is always as close as possible to 0%, but in practice, higher risk businesses such as banks have a lower acceptable audit risk than more stable businesses. The testing intensity is linked to materiality. Materiality is the amount at which accountants think a user’s opinion on the financial statement could be affected in case of a misstatement (Arens, Randal, & Beasley, 2014, p. 268). If the testing intensity is high, the materiality margin will be tight (Arens, Randal, & Beasley, 2014, p. 268). Both inherent risk and control risk are important for determining the materiality and are therefore important for the planning of the financial audit process (Schilder, Gortemaker, & Manen, 1995, p. 36). In this paragraph, inherent risk is discussed. In paragraph 2.1.3 control risk is discussed.
To determine the inherent risk, the following three procedures must be performed: the inherent risk much be detected, the importance of said risk is to be evaluated and the meaning of these risks for each ledger account is to be evaluated (Schilder, Gortemaker, & Manen, 1995, p. 36). These three steps are described in more detail in the text below.
To detect the inherent risk, accountants can do the following. Firstly, the accountant needs to assess the outcome of checks made in the assessment of the activities of the organisation, such as the analytical procedures (Schilder, Gortemaker, & Manen, 1995, p. 36). The results from these tests are examined and taken into account when assessing the inherent risk (Schilder, Gortemaker, & Manen, 1995, p. 36). The characteristics of individual transactions are also checked (Schilder, Gortemaker, & Manen, 1995, p. 36). This means that, for example, a complex transaction such as
a financial lease is checked for initial correctness. Lastly, it is checked what work is being done to make sure mistakes from the past are not repeated (Schilder, Gortemaker, & Manen, 1995, p. 37).
To assess the relevance of the found risks, the following five points must be taken into consideration. Firstly the business and industry of the assessed company needs to be considered (Schilder, Gortemaker, & Manen, 1995, p. 37). For example, if the audited company is in an industry with low margins and a lot of competition, the risk of fraud becomes higher because there is more pressure to perform (Schilder, Gortemaker, & Manen, 1995, p. 37). Secondly, the accountant can search for related party transactions or assess the payment structure of the directors (Schilder, Gortemaker, & Manen, 1995, p. 37). Thirdly, the accountant must assess whether there are any cases of fraud or mistakes already present (Schilder, Gortemaker, & Manen, 1995, p. 37). Fourthly, the size of the assessed risk needs to be estimated (Schilder, Gortemaker, & Manen, 1995, p. 38). And lastly, it must be assessed whether the found risks can potentially exceed the materiality threshold (Schilder, Gortemaker, & Manen, 1995, p. 38).
To determine what the meaning of these risks are for the individual ledgers and for the auditing goals, the effects of the possible risk on the completeness, correctness, existence, accuracy and valuation is assessed (Schilder, Gortemaker, & Manen, 1995, p. 38). The accountant must determine what the exact consequences of the potential misstatements are for the financial year report (Schilder, Gortemaker, & Manen, 1995, p. 38). This assessment helps in the forming of methods to reach the goals of the financial audit (Schilder, Gortemaker, & Manen, 1995, p. 38). An example of such a method would be an increased checking of correctness for handmade bookings on financial leases, because it is found that mistakes are made often during this procedure.
2.1.3 Assessment of internal controls
As stated earlier, to set the materiality for an audit, the accountant must assess the inherent risk and the control risk. To assess the control risk, the effectiveness of the internal controls is determined (Schilder, Gortemaker, & Manen, 1995, p. 40). If the control activities in an organization are reliable, accountants can spend less time on substantive testing because they can rely on the internal controls (Schilder, Gortemaker, & Manen, 1995, p. 40). This is explained through the before mentioned audit risk model as seen in figure 1. If the control risk is low, less substantive testing has to be performed later in the audit (Arens, Randal, & Beasley, 2014, p. 277).
Three aspects need to be tested when assessing the internal controls. Firstly, the control environment is tested. Secondly, the working of the administration is checked. And lastly, the internal control rules are tested (Schilder, Gortemaker, & Manen, 1995, p. 40).
The testing of the control environment is performed by assessing the attitudes, skills, alertness and actions of personnel, especially the management, by interviewing various people in the company (Schilder, Gortemaker, & Manen, 1995, p. 41). An important aspect of this testing phase is to check for the ‘tone at the top’, to see whether the management actually leads by example (Schilder, Gortemaker, & Manen, 1995, p. 41).
To test the effectiveness of the administration system, the accountant collects information about how data is handled (Schilder, Gortemaker, & Manen, 1995, p. 41). For example, the accountant can physically follow the control cycle of an invoice being booked (I5, 2016).
In order to assess the internal control rules, control systems are checked (Schilder, Gortemaker, & Manen, 1995). An example of this is the testing of IT systems by the IT accountant (I2, 2016). Also, the segregation of duty is verified (Schilder, Gortemaker, & Manen, 1995, p. 41).
2.1.4 Substantive testing
In this phase, the evidence that has been gathered by the client is tested and checked in order to assess whether the transactions in the financial statements represent a true and fair view of the firm’s business processes (Schilder, Gortemaker, & Manen, 1995, p. 43). These tests consist of two different types of tests: analytical procedures and the tests of evidence (Schilder, Gortemaker, & Manen, 1995, p. 43).
Analytical procedures are tests in which the reported amounts are compared to what would be expected to be found by calculations of the accountant (Schilder, Gortemaker, & Manen, 1995, p. 44). For example, the accountant can check whether the tax paid on salary matches the expected corresponding total salaries paid. Another part of the analytical procedures is the matching principle (Schilder, Gortemaker, & Manen, 1995, p. 44). The accountant checks whether certain amounts, such as goods bought, minus goods sold and goods written off, match the goods in inventory at the end of a period (Schilder, Gortemaker, & Manen, 1995, p. 44).
Tests of evidence consists of testing the evidence behind the reported amounts in the reported financial statements (Schilder, Gortemaker, & Manen, 1995, p. 44). Examples are checking bank statements to confirm the position of cash on the general ledger. Another typical
testing of evidence procedure would be to verify the accounts receivable ledger, by verifying invoices that were send out to customers (Schilder, Gortemaker, & Manen, 1995, p. 44).
2.1.5 Finalisation
Before the signing by the certified public accountant, four more tests need to be performed (Schilder, Gortemaker, & Manen, 1995, p. 44). The first item to be performed is to review the fieldwork done by the junior personnel (Schilder, Gortemaker, & Manen, 1995, p. 45). The second item that has to be considered is what activities were performed after the closing date of the financial statement (Schilder, Gortemaker, & Manen, 1995, p. 45). The third item is to acquire testimonials regarding the trueness and fairness of the reported numbers from the board of directors and determine whether these are acceptable (Schilder, Gortemaker, & Manen, 1995, p. 45). Lastly, a check of the financial statement is performed which verifies whether all set legal laws are applied and whether relevant GAAP is properly followed (Schilder, Gortemaker, & Manen, 1995, p. 45).
2.1.6 Accountant’s statement issuance
The end product of the financial audit process is the issuance of the auditor’s report (Schilder, Gortemaker, & Manen, 1995, p. 45). Because this phase is so important to the financial audit process, it is described in this research. However, it can be noted that no data analysis technique specifically helps to generate this accountant’s statement.
There are four possible accountant’s statements as outcome of the financial audit process (Schilder, Gortemaker, & Manen, 1995, p. 45). The first option is a standard unqualified opinion, which means that the financial statements of the company audited, represents a true and fair view of their actual business processes (Schilder, Gortemaker, & Manen, 1995, p. 45). The second option is a qualified opinion statement, which means that a certain part of the financial statement is misstated (Schilder, Gortemaker, & Manen, 1995, p. 45). An explanation is given in the accountant’s statement why this part is misstated (Schilder, Gortemaker, & Manen, 1995, p. 45). A third option is to give an auditor’s statement with a disclaimer of opinion (Schilder, Gortemaker, & Manen, 1995, p. 45). This means that there were complications with the work performed by the auditor. Examples of such complications could be uncheckable accounts, limited continuity of the client or reduced independency of the auditor (Schilder, Gortemaker, & Manen, 1995, p. 45). The fourth and last accountant’s statement option is to give an adverse opinion, which means that the
financial statements of the audited client do not represent a true and fair view of their actual business processes (Schilder, Gortemaker, & Manen, 1995, p. 45).
2.2 Description of possible data analysis techniques
To determine whether or not data analysis techniques in general are applicable to the financial auditing process, the most commonly discussed data analysis techniques are assessed. In this theoretical framework, data analysis techniques regarding journal entry mining, text mining and process mining are described. The most prominent forms of data analysis can be divided into three categories: journal entry mining, text mining and process mining. These subjects can be split up further into sub categories. In journal entry mining, the most common analysis techniques are Benford’s Law analysis and affinity grouping. In text mining there is email text mining and financial statement text mining. Lastly, there is process mining. In the following paragraphs, the data analysis techniques are described in the order previously mentioned.
2.2.1 Journal entry mining
Many cases of failures of accountants were related to fraudulent, incorrect or absent journal entries (Debrency & Gray, 2010, p. 158). One such example was WorldCom: the fraud was relatively straightforward (Debrency & Gray, 2010, p. 160). The fraud included many adjustments in rounded amounts, that would be obvious to the most casual of inspections (Debrency & Gray, 2010, p. 160). Journal mining techniques could have helped in finding these fraudulent journal entries. Journal entry mining is about discovering patterns based on a population of data (Gray & Debrenecy, 2014, p. 358). The output of journal entry mining is a list of anomalies, which is a list of unexpected journal entries. Examples of such anomalies are entries booked in weekends, while nobody works on weekends in the assessed company (I1, 2016). These entries are interesting for the accountant, for it provides the accountant with ‘red flags’, which leads to do research on. To find anomalies in journal entries, the auditor can use the entire population of all journal entries (Nigrini & Miller, 2009, p. 306). The two journal entry mining techniques discussed in this research are discussed below. The first is Benford’s Law analysis. Benford’s Law analysis is a special type of journal entry mining technique because it focusses on a mathematical law. Affinity grouping is a more general form of journal entry mining, which is based on identifying anomalies with human logic. Both techniques are discussed shortly.
2.2.1a Benford’s Law Analysis
Benford’s Law analysis consists of testing journal entries against Benford’s Law. Benford’s Law is named after Frank Benford, who noticed that the first few pages of his log of tables of common logarithms were more worn than the later pages (Nigrini & Miller, 2009, p. 307). From this he hypothesised that the logs of low first digits were looked up more often than the logs of numbers with high first digits (Nigrini & Miller, 2009). After much testing, this resulted in what is now known as Benford’s Law, which can be stated as the following formula (Nigrini & Miller, 2009, p. 307):
𝑃(𝐷1) = 𝑙𝑜𝑔 (1 + 1
𝐷1) where 𝐷1 ∈ {1, 2, … ,9}
Which means that the chance that a randomly picked number from a large population of natural numbers, has a 30% chance to start with a 1, a 20% chance to start with a 2, 15% chance to start with a 3 etc. Benford’s Law can and is applied to journal entry populations in order to find anomalies (Nigrini & Miller, 2009, p. 306). An anomaly in the case of Benford’s Law analysis is when a high occurrence of unexpected values is found. For example, a significantly high occurrence of numbers starting with 78 might be suspicious according to the Benford’s Law analysis. The bookings are suspicious because the occurrence of numbers starting with 78 should have a lower occurrence than numbers starting with 10 (Nigrini & Miller, 2009, p. 308).
2.2.1b Affinity grouping
Affinity grouping tries to find patterns in journal entries based on human logic (Gray & Debrenecy, 2014, p. 361). There are many specific types of affinity grouping techniques. These techniques look for anomalies in patterns, such as patterns in time or patterns in amounts (Gray & Debrenecy, 2014, p. 361). Examples of these are given in the text below. While there are many different techniques, not many of these techniques are specified explicitly in literature. Because of this, some affinity grouping techniques are described with the help of the information found in the interviews with professionals at the assessed Big 4 firm.
In the assessed Big 4 firm, the following techniques were included in a standard available software package: a search for weekend bookings; a search for bookings with a similar description to a different bank account numbers; a search for different bank account numbers while there is a
similar description for the transaction; a search for bookings ending in three nines and lastly; a search for bookings of round numbers (I6, 2016).
Another notable frequently used technique of affinity grouping is Journal Source Assignment analysis (I4, 2016; I6, 2016). In this analysis a table is generated where the user can easily see from what sources on the balance sheet the profit and loss statement is comprised (I6, 2016). This makes it easier to identify whether relations between the balance sheet and the profit and loss statement make sense. For example, when a school’s earnings comes mostly from the buildings and equipment ledger, this is marked as a red flag (I6, 2016). The accountant expects that the schools earnings would mostly come from government subsidies (I6, 2016). This affinity grouping analysis is also named in literature, by (Gray & Debrenecy, 2014, p. 361).
Another frequently discussed form of affinity grouping is benchmarking (I3, 2016; I1, 2016; I4, 2016). With this technique, results from analytical procedures are compared to an industry benchmark result (I4, 2016). This benchmark is calculated with data from a large database of client data from a Big 4 firm (I4, 2016). An example of a finding would be if the costs of goods sold in a retail firm are suddenly significantly higher than its industries’ benchmark for costs of goods sold (I3, 2016). This would be a red flag for accountants (I3, 2016). In this way, the analysis helps identify red flags for the accountant to analyse.
2.2.2 Text mining
Data mining is traditionally mostly applied to structured data such as journal entries. However, text mining is a growing field which aims to understand statistical and linguistic patterns in structured and unstructured texts (Gray & Debrenecy, 2014, p. 362). There are various fields to which text mining analysis can be applied, most notably the scanning of texts from social media such as Twitter and Facebook (Gray & Debrenecy, 2014, p. 362). However, it can be applied to accounting data analysis as well (Gray & Debrenecy, 2014, p. 362). As with journal entry mining, there are many subclasses of text analysis but the most frequently written about are email text mining and financial statement text mining.
2.2.2a Email text mining
Email text mining has been enabled as a source of data mining because of the Sarbanes-Oxley Act, which requires all public companies to store every document that influences financial
reporting, including emails (Holton, 2009, p. 853). Dissatisfied employees are more likely to commit fraud according to studies. Therefore, email text mining can be attempted in order to find these disgruntled employees (Holton, 2009, p. 856). Email text mining works as follows. Raw data from a corporate email server is processed by a program anonymously. The program is then trained by receiving emails containing negative language. After the training, the program can identify negative language correctly in 89 percent of the emails it checks (Holton, 2009, p. 858).
2.2.2b Financial statement text mining
Another form of text data mining is the analysis of public financial texts, which include the MD&A, the notes to the financial statement and press releases (Gray & Debrenecy, 2014, p. 585). Also, research in the field of text analysis has proven that fraudulent disclosures use more activation language, imagery, pleasantness, group references, and less lexical diversity then non-fraudulent ones (Humpherys, Moffitt, Burns, Burgoon, & Felix, 2011, p. 585). The financial statements are scanned with the use of machine learning software to test for these linguistic differences (Humpherys et al., 2011, p. 591). An example would be to scan the public financial statement of WorldCom with a linguistic text analyser. The program would give a score as to how likely it is that there is fraud in the statement by looking at the level of activation language, pleasantness, group reference, etc. This technique had a 69 percent success rate in identifying a fraudulent financial statement (Humpherys et al., 2011, p. 590).
2.2.3 Process mining
Lastly, process mining is discussed. Process mining is a relatively new field of data analysis. It is based on the fact that many business processes are supported by software such as Enterprise Resource Planning (ERP) systems (Jans, Lybaert, & Vanhoof, 2010, p. 13352). These systems hold logs with data of everything that is going on in the business system (Jans, Lybaert, & Vanhoof, 2010, p. 13352)The idea of process mining is to analyse event logs found in ERP systems in order to find and visualise patterns in organisational processes (Jans, Lybaert, & Vanhoof, 2010, p. 13353). One such process could be the ordering, receiving and paying of a process order, such as demonstrated in the process mining model of Jans, Lybeart and Vanhoof (2010, p. 13353). Process mining software often produces a so called “Petri-Net” model, which is like a flowchart of the process analysed. An example of a Petri-net model can be seen in figure 2.
Figure 2: Example of a Petri-net model
The Petri-net model is created by using different data elements entered in an ERP system’s log. Examples of such data elements are time stamps, names or descriptions (Jans, Lybaert, & Vanhoof, 2010, p. 13353). With the above mentioned data, a Petri-net model of the process order can be visualised and anomalies can be found more easily. For example, if an issued mortgage has to be approved by an independent third person before being issued to the customer, this could be checked with process mining. If it turns out that some mortgages do not pass by the approver, this would be a red flag for the accountant because it would indicate that there is something wrong with the internal and/or system controls.
3.
Analysis and discussion
In this analysis, the five data analysis techniques from the theoretical framework are applied to four stages of the financial audit. While there are six stages in the financial audit, only four of the six are used in combination with data analysis. This is because the last two phases of the audit process, the finalisation of the audit and the issuance of the accountant’s statement, require a lot of professional judgement. This cannot be replaced by data analysis. Because of this, it is found that both phases five and six are not affected by data analysis.
For each of the first four steps of the financial audit, the effects on the audit process are evaluated with the help of literature and with the help of transcripts from interviews with professionals from a Big 4 firm. The last paragraph will consist of remarks about data analysis in general that cannot be linked to a specific audit process phase. At the end of this chapter, an overview is given in table 1.
3.1 Data analysis for the assessment of the activities of the organization
The first phase of the financial audit is the assessment of the activities of the organisation. As stated in the theoretical framework, the assessment of the activities of the organisation is required in order to make a good audit plan (Schilder, Gortemaker, & Manen, 1995, p. 35). Four objectives are key in doing the assessment of the activities of the organisation. These objectives are as follows. Firstly, knowledge about the client’s business and environment has to be updated. Secondly, risk factors have to be determined by performing initial analytical procedures. Thirdly, valuation principles are assessed. Lastly, the materiality has to be set (Schilder, Gortemaker, & Manen, 1995, p. 35). In the following paragraphs, each of the described data analysis techniques from the theoretical framework are applied to this first phase of the financial audit process. To help determine the effects of these analysis techniques on the financial audit, interviews at a Big 4 firm with various individuals throughout the company are held. The first technique discussed is the Benford’s Law analysis. After that, affinity grouping is taken into consideration. After the journal entry analysis, the email text mining and financial statement text mining techniques are taken into consideration. Lastly, process mining is discussed.
Benford’s Law analysis mainly focusses on retrieving a detailed overview of specific journal entries (I7, 2016; I1, 2016). In the assessment of the client’s activities phase, only high level analytical procedures are performed (Schilder, Gortemaker, & Manen, 1995, p. 35). Because
of this, the use of Benford’s Law analysis seems not to be appropriate for this phase of the financial audit. Concluding, Benford’s Law analysis does not have an effect on this phase of the financial audit because only high level analytical procedures are performed.
Contrary to Benford’s Law analysis, affinity grouping is used in this phase of the financial audit. As stated above, in the first audit phase, only high level analytical procedures are performed. While generally speaking the goal of affinity grouping is to get a detailed analysis of journal entries (I7, 2016), there is one technique in affinity grouping that can potentially help with assessment of the client’s activities. This is the Journal Source Assignment technique (I4, 2016; I6, 2016). This technique is used often in audit engagements in the assessed Big 4 firm (I6, 2016). In short, it can be said that while most affinity grouping journal entry tests are not appropriate for this phase of the financial audit, the Journal Source Assignment test can be helpful by identifying red flags.
The use of email text mining is disputable. It is used in Big 4 firms now, but only in forensic investigations (I8, 2016; I1, 2016; I7, 2016). There might be a potential use for this data analysis technique with the assessment of activities of the client, by identifying topics that are much discussed in emails (I5, 2016). Sometimes, the client forgets to communicate such much discussed subjects to the accountant (I5, 2016). Email text mining can help the accountant in preparing interviews with the client (I5, 2016). However, professionals raise their concerns about the viability of this technique. The main concern is that clients are not willing to give such personal data to the accountant (I8, 2016; I1, 2016; I4, 2016; I3, 2016; I7, 2016; I2, 2016). Summarizing, it can be said that there might be some potential in email text mining, but this form of data analysis has many downsides when it comes to privacy. Clients will most likely not want to use it.
The financial statement text mining analysis is not interesting for assessing the clients business activities. It remains to be seen whether concrete leads can be generated from this report (I8, 2016; I4, 2016). While there is some research being done, professionals at the assessed Big 4 firm are not enthusiastic about this approach, because of its inability to generate concrete leads (I8, 2016; I4, 2016). In theory the technique helps to identify whether the chance of fraud is high or low. This might be of help when assessing the level of inherent risk but it hardly helps with the assessment of the activities of the client, because the result never points to a concrete business case (I8, 2016). Summarizing, the use of financial statement text mining does not help the assessment of the client’s activities.
The last data analysis technique, process mining, could theoretically be promising. This is because with process mining, the entire process of a company can be visualised (Jans, Lybaert, & Vanhoof, 2010, p. 13352). Despite the interesting possibilities, it turns out that the overview received from process mining is too large to be used as an assessment of the clients activities (I1, 2016; I2, 2016). Concluding, process mining does not have effect on the assessment of the client’s activities.
Summarizing the results, it appears that while data analysis techniques such as text mining would have interesting potential, only one specific form of affinity grouping, the journal source assessment, is of real effect on the first phase of the financial audit. The main reason for this is because of the fact that the other forms of data analysis are too specific, which is not required in assessing the clients business activities on a higher level.
3.2 Data analysis to detect inherent risk
The second phase of the financial audit is the evaluation of the inherent risk. To repeat the theoretical framework shortly: there are several steps to be performed in this second phase of the financial audit. The first step consists of assessing the inherent risk by using the analytical procedures from the first phase, checking the valuation principles and analysing remarkable individual transactions (Schilder, Gortemaker, & Manen, 1995, p. 32). The second step is to assess what the found results in the first step mean for the inherent risk (Schilder, Gortemaker, & Manen, 1995, p. 32). The last step is to determine which methods should be used to reach the audit goals (Schilder, Gortemaker, & Manen, 1995, p. 33). In the following paragraphs, each of the five described data analysis techniques is assessed.
As stated before, Benford’s Law analysis mostly focusses on getting an overview of specific journal entries (I7, I1). In this financial audit phase, some individual transactions are assessed in order to determine whether or not they are of influence on the inherent risk (Schilder, Gortemaker, & Manen, 1995, p. 36). The Benford’s Law analysis can be of help here because it gives an overview of every individual transaction within the organisation (I6, 2016). However, despite giving an overview of individual transactions, nothing can be concluded about the inherent risk (I8, 2016). Because in this phase it is required to assess what the relevance of the individual transactions are to the inherent risk, the Benford’s Law analysis is not of help for this stage of the
financial audit. Summarizing, Benford’s Law analysis does not have an effect on assessing the inherent risk because it doesn’t provide information about the context of the found results.
Affinity grouping has some potential in helping the accountant assess the inherent risk. A technique called benchmarking has potential to identify whether a company might bear more risk compared to other comparable companies (I3, 2016; I4, 2016). However, a downside of this data analysis technique is it’s legal restrictions (I3, 2016). It is not allowed to store data for usage other than that usage for which the data is provided for (I3, 2016). In the auditing business, clients are still sensitive about sharing this information (I3, 2016). In the advisory business, clients are more willing to share their data in order to perform benchmark-like tests (I1, 2016). Concluding, the benchmarking technique of affinity grouping can help evaluate inherent risk of a company, but companies are reluctant to share data in order to make widespread comparisons.
Email text mining is comparable to affinity grouping in its usability for this phase of the financial audit. Where it potentially might help the accountant find issues that were discussed frequently within the company (I5, 2016), many companies are not willing to share this information easily with the auditor (I3, 2016; I8, 2016). At the moment, this analysis does not help the auditor in assessing the inherent risk for a company (I8, 2016). Summarizing, it can be said that while there is potential for this analysis technique in helping to assess the inherent risk of a company, the downside is the reluctance of clients to share data.
Financial statement text mining also has some potential effect in assessing the inherent risk of a company. As stated before, the financial statement text mining technique cannot give a concrete lead as to where fraud can be found (I8, 2016). It can however, help identify whether the risk of fraud is present (Holton, 2009, p. 856). Research is being done at the Big 4 accountancy firm to develop a method to identify these risks by analysing financial statement texts (I8, 2016). A significant problem is to find enough datasets that actually contain fraud, to train the model in recognizing fraudulent statements (I8, 2016). Because of this, many professionals are sceptical about this approach (I8, 2016; I4,2016; I2, 2016). Concluding, financial statement text mining could help assess the inherent risk but enthusiasm with professionals is not high for this technique.
Lastly, process mining is discussed. While process mining can be used for the financial audit (Jans, Lybaert, & Vanhoof, 2010, p. 13352), there is no direct use for assessing inherent risk found in literature or in interviews. Therefore, it is concluded that process mining does not contribute to the assessment of the inherent risk.
To summarize, it can be said that data analysis techniques affect the second phase of the financial audit somewhat. The effect is however dependent on the willingness of clients to share their data. Affinity grouping, email text mining and financial statement text mining could in theory help assess inherent risk, but there are severe limitations to the clients willingness to share data. Overall it can be said that data analysis techniques have some potential effect in the assessment of the inherent risk.
3.3 Data analysis applied to the assessment of internal controls
The third step of the financial audit stated in the financial audit framework is the assessment of the internal controls. As seen in figure 1, the internal controls in combination with the inherent risk form the base of the financial audit planning (Arens, Randal, & Beasley, 2014, p. 277). The better the internal controls are, the less the accountant has to test manually (Schilder, Gortemaker, & Manen, 1995, p. 38). The assessment of the internal controls consists of the testing of the control environment, the testing of the effectiveness of the administration system and lastly, the testing of the internal controls themselves (Schilder, Gortemaker, & Manen, 1995, p. 38). The five data analysis techniques are applied to these steps to determine whether data analysis techniques affect this phase of the financial audit.
As Benford’s Law analysis’s main focus is to evaluate journal entries, the assessment of the internal controls does not seem to benefit from Benford’s Law analysis. To assess the control environment, the accountant has to assess the ‘tone at the top’ (Schilder, Gortemaker, & Manen, 1995, p. 40). This cannot be checked by testing journal entries. Also, the effectiveness of the administration system cannot be tested with Benford’s Law analysis. Lastly, the internal controls can only be tested by assessing the control systems themselves. Benford’s Law analysis doesn’t say anything about control systems. Therefore, Benford’s Law analysis does not contribute to the testing of the internal controls.
For affinity grouping, the same as for Benford’s Law analysis applies. Affinity grouping mainly focusses on trends in journal entries. Similar to Benford’s Law analysis, affinity grouping does not say anything about the control environment. It also does not help in assessing the effectiveness of the administrative system of a company. Lastly, the checking of the internal controls is not helped either by affinity grouping. To conclude, affinity grouping does not contribute to the assessment of the internal controls.
Compared to the two journal entry analysis methods mentioned above, email text mining can be of some use for the third step of the financial audit process. It can help to identify the control environment, by checking what the attitude throughout the company is on a certain subject (Holton, 2009, p. 853; I5, 2016). In the same spirit, it can be used to assess the tone at the top (I5, 2016). It is hard to determine whether affinity grouping can help determine the effectiveness of the administration systems or the testing of the internal controls themselves. It must again be noted that many customers are hesitant in sharing this data (I3, 2016; I8, 2016; I2, 2016). In short, the email text mining can help to assess the control environment, but the reluctance of clients to share data remains a downside.
Financial statement text mining does not bear the same complications as email text mining because it uses publicly available data for its analysis (I3, 2016). However, it is also not as useful as email text mining (I8, 2016). It is hard to find evidence as to how financial statement text mining can contribute to assessing the internal controls. Based on theory and on the interviews, financial statement text mining might help to determine the tone at the top, by checking whether the writers of the financial statement use language that is commonly found in fraudulent financial statements (Humpherys, Moffitt, Burns, Burgoon, & Felix, 2011, p. 586). There is no evidence that financial statement text mining can help determine effectiveness of the administration system or the working of the financial controls themselves. Concluding, while no concrete evidence can be found in interviews or literature, financial statement text mining might help to assess the tone at the top, and with that the control environment in the company.
Compared to the mild success of the other data analysis techniques, process mining can be of enormous use for the assessment of the internal controls (I5, 2016; I8, 2016; I3, 2016; I1, 2016; I2, 2016; I4, 2016). With process mining, systems and the processes logged in the system can be analysed, efficiently and fast (I3, 2016). One thing that remains crucial with process mining is to check the control environment (I3, 2016). This is a downside. For example, if multiple people have the password to the account of the CFO, the data that is in the system cannot be relied upon (I3, 2016). Because of this, the control environment, which includes attitudes towards security policies, is to be checked thoroughly by the accountant. When it is determined that the control environment can be counted upon, process mining can do an amazing job in determining whether the systems of administration work effectively and whether the planned control activities are actually working (I3, 2016; I4, 2016). To check whether the administration works effectively, a map can be
visualised of the path that, for example, an invoice takes through the administration system. This enables the possibility to check whether the payment of the invoice isn’t approved when the approver was actually on holiday (I3, 2016). The assessed Big 4 firm is already working on integrating this form of analysis into its standard audit procedure (I3, 2016; I4, 2016). Concluding, it can be said that process mining is of great influence of for the assessment of the internal controls.
Summarizing, it can be said that both journal entry mining techniques have no potential in assessing the internal controls. Both forms of text mining have some potential in helping with the assessment of the internal controls. Process mining however, is of huge potential to for assessing internal controls, and will probably be used more in the future. All in all, the process of assessing the internal control system can definitely be affected by data analysis techniques.
3.4 Data analysis techniques in substantive testing
The substantive testing phase of the financial audit is the most well-known work process of the accountant. The process consists of doing analytical procedures and performing substantive tests on evidence (Schilder, Gortemaker, & Manen, 1995, p. 44). These tests are fundamental in determining whether the reported financial data represent a true and fair view of the real business processes of the firm. Again, for this phase of the financial audit, all five data analysis techniques are applied to the substantive testing phase in order to determine whether or not the data analysis techniques can have an effect on this phase of the financial audit.
Firstly, Benford’s Law analysis is applied to substantive testing. Where in earlier phases of the financial audit, the Benford’s Law analysis was not highly relevant, this is the most relevant phase for the Benford’s Law analysis. It can be seen as an analytical procedure but also as a method to more efficiently determine what evidence should specifically be tested. Benford’s Law analysis could be helpful to identify fraudulent journal entries, such as entries just below a certain threshold (I5, 2016; I3, 2016; Nigrini & Miller, 2009, p. 306). Despite this, it is not common for audit teams to use this test (I6, 2016). This might be because most accountants at the assessed Big 4 firm are not aware of its availability in their software systems (I5, 2016). Nevertheless, Benford’s Law analysis is part of a larger fraud focussed test in the assessed Big 4 firm (I8, 2016). The main downside to the Benford’s Law analysis is that it generates too many false negatives (I8, 2016). This only leads to more work for the accountant. Another problem that arises for the accountant is that the accountant doesn’t know how to document the findings in the audit documentation file
(I2, 2016; I5, 2016; I8, 2016). This is mainly a problem because, despite the fact that these false negatives are below set materiality, the analysis has marked them as suspicious and therefore the accountant must report on them (I2, 2016). Concluding, it can be said that Benford’s Law analysis does have great potential to help substantive testing, but the downside is that the current form of the technique still creates too many false negatives.
Secondly, affinity grouping is applied to substantive testing. Because this is the phase where journal entries are assessed in great detail, affinity grouping is highly relevant for this phase of the financial audit. There are several affinity grouping techniques that are used in this phase of the financial audit. These affinity grouping techniques attempt to replace the more traditional sample testing (I3, 2016). Affinity grouping tests for substantive testing are better than sample tests because the entire population of journal entries is assessed (I3, 2016). In literature, some concerns are raised regarding the issue that accountants will be hesitant to use this technique (Gray & Debrenecy, 2014, p. 378). If the fraud goes undetected, the accountant can be blamed for not having seen the fraudulent entries, even though an analysis has been performed on the fraudulent items (I1, 2016). However, this turns out to not be of importance for the assessed Big 4 firm. All interviewees in the assessed Big 4 firm agree that the need for quality improvement is more important than the availability of the excuse of the fraud being missed because of sampling (I3, 2016; I4, 2016; I1, 2016). This is confirmed by the fact that journal entry tests have even been made mandatory for each audit engagement by the assessed Big 4 firm (I3, 2016; I4, 2016; I1, 2016; I5, 2016). Two concrete examples of mandatory journal entry tests are searches for journal entries made on free days or searches for bookings with similar descriptions and different bank account numbers (I6, 2016). These checks are performed often and are helpful in finding suspicious bookings (I5, 2016). Next to the fact that affinity testing makes the audit process better by testing the entire population, it is intended to make the audit process faster as well. Accountants are integrating automated analytical procedures in their audit systems (I3, 2016; I8, 2016). This means that the audit system of the accountant will automatically retrieve data from the database of the client, enabling automated analytical procedures such as the three way match (I8, 2016). This will make analytical procedures more efficient (I3, 2016). Summarizing, affinity grouping for substantive testing is highly relevant. It is already making an impact on the current substantive testing process and will continue to do so in the future.
Email text mining, contrary to both journal entry tests, is not of use in this part of the financial audit. Email text mining requires highly personal data from clients, which they often are not willing to share (I8, 2016). On top of that, email text mining does point to individual bookings being true or not (I8, 2016). Email text mining also doesn’t help in analytical procedures or testing of evidence. In short, email text mining cannot help with the substantive analysis phase of the financial audit.
For financial statement text mining, the same holds up as for email text mining. Financial statement text mining does not identify separate journal entry bookings, therefore it does not help with analytical procedures nor does it help with testing of evidence (I8, 2016). Financial statement text mining does not contribute to this phase of the financial audit.
Lastly, process mining is applied to the financial audit process. Where process mining was highly applicable to the assessment of the internal controls, it is not applicable for analytical procedures nor for the testing of evidence. No evidence of its applicability in the substantive testing phase has been found. In short, process mining has no effect on the substantive testing phase of the financial audit.
To give an overview, both Benford’s Law analysis and affinity grouping have a profound impact on the substantive testing phase of the financial audit. The other three data analysis techniques, email text mining, financial statement text mining and process mining, do not have any effect on the substantive testing phase at all. Overall, because journal entry mining contributes greatly to substantive testing, it can be said that the substantive testing phase of the financial audit is definitely affected by data analysis techniques.
3.5 General remarks on data analysis in the financial audit
As stated in the theoretical framework, the finalisation and the issuance of the auditor’s report are the final steps of the financial audit process. Despite being of great importance to the process, no evidence has been found of data analysis contributing to these phases of the financial audit.
There are however, important results found in the interviews, which apply to the entirety of the financial audit process. These findings are described here. Firstly the concern of data analysis knowledge for senior accountants is discussed. Secondly, it is explained why data analysis
is not used more widespread amongst younger accountants. Lastly, the reason why data analysis has not reduced costs yet is explained.
To begin with, a key finding in the interviews is that the signing accountant must be able to explain all used methods of assessing the financial statements (I2, 2016). When data analysis techniques are used, an explanation must be given on how and why these analyses were performed and what the meanings of the results are (I2, 2016). In order to do this, the signing accountant must understand the analysis technique. This can turn out to be a problem (I2, 2016). Signing accountants are often older and generally have a busy agenda, which withholds them from taking the time to extensively learn about data analysis techniques (I2, 2016). This withholds the senior accountants from using new data analysis techniques in their audits (I2, 2016).
Furthermore, it is found that younger accountants in the normal audit practice receive limited education on the new data analysis techniques that are developed (I5, 2016). This often results in younger accountants, like the senior accountants, also not using any data analysis techniques in their engagements, because they do not know what techniques are available or how to document the results found by the analysis techniques in the audit documentation file (I5, 2016; I2, 2016). This internal communication problem severely restricts the usage of data analysis techniques available (I6, 2016).
Last but not least, data analysis techniques have turned out to show potential to improve audit quality, but up and until now data analysis has definitely not made the financial audit process less costly (I2, 2016; I4, 2016; I1, 2016). Four years ago people kept saying that after a year of investments, data analysis techniques would make the audit less costly and more efficient, but there is no sign of such developments yet (I4, 2016). The reason for this, is that data analysis techniques do not replace any accounting methods, such as sampling, yet. This means that data analysis now causes more work rather than less work (I4, 2016). Resulting in more costs rather than less costs. This might change in the future but for now cost reduction has not yet occurred (I4, 2016).
Table 1
Summary of analysis – effect of data analysis techniques on financial audit process phases Benford’s
Law analysis
Affinity grouping
Email text mining Financial statement text mining
Process mining
1. Assessment of activities of the organisation
No effect Large effect Potential effect No effect No effect
2. Evaluation of inherent risk
No effect Potential effect Potential effect Likely effect No effect 3. Assessment of
internal controls
No effect No effect Potential effect Potential effect Large effect
4. Substantive testing Large effect Large effect No effect No effect No effect
*Process 5 and 6, the finalisation and issuance of accountant’s statement, are left out because data analysis techniques have no effect on these phases.
Legend:
No effect
Potential effect – There could be an effect but there are complications. Likely effect – Not yet used but could be used.
4.
Conclusion
The accounting profession is supposed to be one of the jobs that is most susceptible for replacement by data analysis techniques. The media are full of it and professionals in the media equally voice their concerns. Big 4 firms are enormous companies with a long tradition of performing professional services from a business perspective, but the recent attention in the media suggests that this might change to a more technology focused perspective. Is this the case? What are the effects of data analysis techniques on the financial audit process of a Big 4 firm? This research attempts to contribute to the accounting research field by clarifying what the actual effects are of the most discussed data analysis techniques on separate phases of the financial audit process. This is done by taking a financial audit process model and the most discussed data analysis techniques found in literature, and assessing what the effects of each of the data analysis techniques are on the specific phases of the financial audit, by interviewing professionals in a Big 4 firm. The results can be summarized as follows.
The first phase of the financial audit, the assessment of the clients activities, is not much affected by data analysis techniques. The only exception is the affinity grouping technique, which is relevant because of the Journal Source Assignment analysis, which highly improves the accountants assessment of the clients business activities. This analysis is already regularly used. Email text mining has some potential effect in this phase as well, but it has limitations in terms of the clients willingness to share data. Email text mining is therefore only of potential effect. The other three analysis techniques have no potential to affect the first phase of the financial audit.
The evaluation of the inherent risk is the second phase of the financial audit. This phase is also marginally affected by data analysis techniques. Affinity grouping and email text mining have some potential effect. Affinity grouping is potentially relevant because it can give new insights in the client’s business with a benchmarking technique. Only potentially relevant because rules and regulations are strict on the aggregation of client data, which makes
benchmarking difficult. For email text mining, the fact that clients do not want to share this form of data remains a problem. Financial statement text mining is more likely to affect this audit process phase. This is because the data being analysed is public data, which can be used to assess
the inherent risk of the company. Lastly, process mining has no potential to affect the firms inherent risk assessment.
The assessment of internal controls is one of the processes which has the most potential to be affected by data analysis techniques. This is mainly because of the process mining
technique. Process mining, with which processes such as control systems are visualised, is already having a large impact on how internal controls are assessed and will continue to do so in the future. Next to process mining, email text mining and financial text analysis also have some potential effect on this phase of the financial audit, but both have their restrictions. While email text mining does have good potential by helping to check the control environment, the restriction of using very private information remains too much of a downside. Financial text analysis only has some potential in assessing the internal controls by determining the tone at the top, but it remains an unspecific technique, therefore not helping much. Lastly, both journal entry tests do not help in the assessment of the internal controls.
Next to the assessment of hte internal controls, substantive testing is the phase that is most affected by data analysis techniques. This is mainly because Benford’s Law analysis and affinity grouping are highly relevant in this phase. This is the only phase where Benford’s Law analysis can contribute. Benford’s Law analysis is not used often because it mostly provides more information and not necessarily better information. Affinity grouping on the other hand, is used widespread already and is even mandatory for each audit engagement. Tests such as weekend bookings and searches in bank transfers, such as transfers of similar description with different bank account numbers, are already used often. Contrary to these data analysis
techniques, there are email text mining, financial statement text mining and the process mining. All of these techniques do not contribute to the substantive testing phase of the financial audit.
The fifth and sixth phase of the financial audit, the finalization phase and the statement of the accountant’s issuance phase, are not relevant for data analysis. This is because these phases require subjective and professional decision making. This can’t be replaced by data analysis.
Lastly, there are some important general comments on data analysis techniques found in the interviews. To begin with, senior accountants that formulate audit plans have little time to be informed about data analysis techniques. Next to that, junior accountants are not educated well enough in the usage and availability of data analysis techniques either. Because of the lack of education on data analysis techniques, accountants do not know how to document the results
found by the data analysis techniques in the audit report documentation, causing them to refrain from using them even if they would know what techniques are available. Lastly it can be noted that, although data analysis does improve the quality of the financial audit, because more information is generated, so far data analysis techniques have not led to efficiency gains or cost reduction in the financial audit.
Concluding, it can be said that data analysis is and will continue to influence the accountancy practice for Big 4 firms. However, contrary to media and research suggesting that the accounting profession will be replaced because of efficiency gains, it is found that data analysis techniques do not lead to more efficiency or lower costs in practice. Data analysis techniques mainly provide an alternative to sample testing. These alternatives are more reliable because the entirety of the population can be assessed and because a more specific search is performed, compared to the sample test. This could increase the quality of the audit. Because of this, Big 4 firms will continue to incorporate data analysis techniques in their financial audits, mainly because it will improve their business proposition in the audit market.
Some limitations of this research should also be stated, in order to form a more objective opinion about the subject but also to help with the development of new research. Firstly, while the interviews were performed with various professionals throughout a Big 4 firm, only one Big 4 firm in the Netherlands was used. The research field might benefit if similar research is performed in different Big 4 firms, and in different countries. It might be that other Big 4 firms in different settings have a slightly different approach to the subject of data analysis. Lastly, another limitation is that the information on which this interview is based is from a limited sample, only nine professionals were interviewed. While these professionals were representative, a larger survey study might give a more complete overview in exchange for a reduction in the depth of the research.
At last, the profession of accountant has existed for ages. Recent developments in technology, specifically in data analysis, are causing media and professionals to question the legitimacy of the auditing profession. While data analysis will have a significant impact on the auditor’s job, it seems as if the typical business accountant will not be a thing of the past in twenty years’ time. Innovate or die? Innovate. Because of quality. Not because of replacement.
