Leading Trends in ConductingLeading Trends in ConductingRisk-based Data Analytics for Internal Audit and Compliance
Top issues for Life Sciences companies — what we are seeing in Asia
► Bribery and corruption remain top risks
► Regulatory compliance and fraud & abuse Speaker programs, grants, marketing, research► Speaker programs, grants, marketing, research
► Third-party integrity
► Risk areas include: ► Integrity of vendors, suppliers and distributors, HCP or non-HCP► Improper payments in the forms of bribes or kickbacks► Travel and entertainment abuse
Conflicts of interests (e.g., employee and supplier matches)
1
► Conflicts of interests (e.g., employee and supplier matches)
Frequent compliance monitoring focus areas
Meals & Entertainment Speaker Programs/ Fee For Service
Incentive Compensation
Education Grants, Sponsorships
Emerging monitoring activities may include…
Vendor Payments Samples Monitoring
2
Social Media Monitoring Advanced Email Monitoring Publications Monitoring
Medical Science Liaisons Monitoring
Forensic data analytics maturity modelBeyond traditional “rules-based queries” – consider all four quadrants
Stru
ctur
ed
Detection RateLow High
Matching, Grouping, Ordering, Anomaly Detection, Clustering
Stru
ctur
edD
ata
Uns
truc
ture
dD
ata
“Traditional” rules-Based Queries & Analytics
Matching, Grouping, Ordering, Joining, Filtering
Statistical-Based Analysis
Anomaly Detection, ClusteringRisk Ranking
Keyword Search Data visualization, Drill-down into data, Text Mining
3
False Positive RateHigh Low
Uns
truc
ture
dD
ata
Traditional Keyword Searching Data Visualization & Text Mining
data, Text Mining
Forensic data analytics steps
Create your risk profile• Policies• Procedures• Risk assessment• Audit findings
Identify and collect data• Integrity• Accuracy
4
Design the tests• Select from
library• Customize for
Client
Execute the data analytics• Visualization and
dashboards • Risk ranking
Payments (ERP
Structured and unstructured data…. is organized and “riskscored” for analysis.
Big Data and anti-fraud — centralized platform
(ERP System)
Call NotesT&E Systems
Compliance AnalysisPlatform
5
Sales Discounts
Program/ Event
databases
How EY is helping other Life Sciences clients address these issues
► Teaming with client to design targeted, risk-based analytics
► Integrating data visualization, statistics and text mining techniquestechniques
► Risk scoring (objective review) and dashboard analysis (subjective review)
6
Subjective analysis Objective analysis
Current challenges when conducting analytics
Compliance requirements and complexities continue to increase, yet Life Sciences companies are faced with…
► Incomplete or inaccurate data for analysis► Incomplete or inaccurate data for analysis
► Extensive manual inputs required for analysis
► Systems are often not integrated with other key systems related to compliance (e.g., speaker programs, medical visitation systems, expenses, field sales force, etc.)
7
etc.)
► Limited resources
Speaker programs (promotional and medical-run events)
Risk Basic Intermediate Advanced
Meeting andSpend and Interactions
► Total Meeting Spend► Meeting Spend Per
Expense Category
► Medical Managed ForumsSpend: allowable per attendee per policy
► Fuzzy cluster attendee analytics to identify trends and potential supper clubsInteractions Expense Category
► Meeting Spend Per Requestor, per HCP
attendee per policy► % of named attendees► Trend of compliant spend
YTD
and potential supper clubs► Monitoring unmet
minimums by requestor, region, product
Use of speakers
► Cancellation reasons for paid speakers
► Speakers trained vs. utilized
► Cancellation trending
Eventcompliance
► Adverse Experiences reported outside of policy
► Venue analysis► Trending analytics on
speaker program field
8
speaker program field monitoring results based on rep, speaker, geography
Out of the Box Thinking► Event volume and attendance in correlation with product life-cycle
DRAFT
Speaker program monitoring (back-end analysis)
In this example of speaker program analytics, we used statistical modeling and data visualization, to identify clusters of repeat attendances by groups ofspeakers and attendees. The two events circled indicate that multiple people are attending the same event – in the highest case, 22 times in a given period.
9
Focusing on payment text descriptionsWhat if you saw these terms used as justification for payments?
“<blank>” Pay on behalf of
Nobody calls it “bribe expense”
Government fee“<blank>”
Donation
Pay on behalf of
Special payment
One time payment
Special honorariumFriend fee
Commission to the customer
Consulting fee
Processing fee
Goodwill payment
10
Volume contract incentiveIncentive payment
Commission to the customer
Beyond just keyword searching, text mining within payment data plays a key rolein identifying potentially improper payments.
Payment Risk ScoringKey component to reducing false positives and focusing risk assessment
Filter by selected analytics
Review breaches on targeted analytics
12
Risk scoring and data visualizationGeocoded heat maps
Geocoding risk scores to identify hot regions.
13
Meal & Entertainment Expenses with HCPs
Risk Basic Intermediate AdvancedTotal HCPspend and frequency
► Analysis of spend category► Total spend per meal per
attendee
► Medical-Managed Forums and Rep-led program reports break down total
► T&E data analytics dashboards by: expense type, frequency attendee
► Total T&E Spend per business unit
reports break down total spend per attendees at meals
► Monitoring of Business Meetings Over Meals track if spending is within policy guidelines and spending within allowable timeframe.
expense type, location, volume, round amounts, thresholds
► Tracking analytics on Key Opinion Leaders (“KOL”) and high-risk institutions
Kick-backs (gifts & entertainment)
► Total gifts or entertainment vs. policy per recipient and per sales rep
► Round Expenses by amount
► Text mining for kickbacks and off-label key words in T&E data
14
► Round Expenses by amount and frequency
► Misc. expenses by employee
Out of the Box► Sales reps targeted through data analytics prioritization► Triangulating T&E data with other data sources (e.g., email, medical information)
DRAFT
Travel & entertainment — an FCPA risk example “Who entertained who, where, what for, and for how much?”
15
Accounts payable monitoringSample Life Sciences dashboard — who got paid what, where and what for?
16
Educational Grants, Booth Sponsorships and Charitable Contributions
Risk Basic Intermediate AdvancedVolume of funding
► Total spend vs. total approved by Compliance Committee
► Monitored by Grants Ops Team:► # of Grants Paid by type
► Analyze disbursement data for repeat paymentsCommittee
► Spend by institution and by period
► Spend vs. limit
► # of Grants Paid by type and processing area
► Approved payee consistent with template
► Venue ► Contract returned
before start date
payments► # of grants without
reconciliation provided
Payment for inappropriate event or purpose
► None identified ► Correlate event activity and approvals with product lifecycle
17
Out of the Box► Fuzzy entity identification on address for payments to unknowingly repeat institutions
DRAFT
Reviewing employee expense data via dashboard interface
Analytics include:► Employee stratification► Stratify by expense type► Sensitive keywords► Sensitive keywords► Term frequency analysis
(concept analysis)► Round payments► One-time payments► Potential “gross ups”► Potentially duplicative► Out-of-policy spend► Weekend or personal use► High risk venues
18
► High risk venues(e.g., adult entertainment, check cashing, etc.)
► Meal splitting► HCP spend► Spending over time/
trending
Social network analysisWho is talking to who, about what?
► Understanding a complex organization’s true organization chart: Identification of relationships, versus activities, amongst actors
► Triage of custodians and communications: Rapidly identify and point to communications of highest interestcommunications of highest interest
19
Sample analytics criterion:1. Private communications, where 90% of all communications is outbound
2. Private Communications where content is FORWARDED outbound more than 35% of time
3. Private Communications where attachments are sent outbound more that 35% of time
EY | Assurance | Tax | Transactions | Advisory
About EYEY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.
EY refers to the global organization and/or one or more of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.
Ernst & Young LLP is a client-serving member firm ofErnst & Young Global Limited operating in the US.
© 2013 Ernst & Young LLP.All Rights Reserved.
ED None
ey.com