Fraud Detection

Print Version

Fraud is the dark-side of an Excel spreadsheet’s flexibility. Risk arises where users are able to break the integrity of the spreadsheet without being detected. Examples include:

Presentation Fraud: Here the Excel spreadsheet is set to display and print different numbers to those calculated. Common fraud examples are hidden rows or columns or setting the font color to be the same as background. Less well known is conditional formatting. This can change or hide data depending on its value as illustrated below.

Click here for an Excel spreadsheet containing examples of presentation fraud.

Data Fraud: Here input data for an otherwise correct spreadsheet are replaced by false values. For example, Excel spreadsheet links may be redirected to alternative data sources, changing the spreadsheet results. This was the basis of the $690m AIB fraud. Data fraud can also occur where values are manually updated. It is easy for the ‘judgment’ behind these values to be distorted or for updates to be ‘forgotten’. The fraudster relies on the difficulty and infrequency of independent checks to avoid detection.

Incremental fraud: This is seen in communities where bonuses are calculated on the value of a changing portfolio of many items (e.g. trading). Over multiple days the fraudster sequentially adds a small amount to a cell buried in the detail of the spreadsheet. The incremental approach avoids sudden output changes that might generate suspicion. Over time the adjustments contribute a material difference, triggering the payment of the performance bonus. Thereafter the increments are then removed on a similarly gradual basis. By the end of the process all evidence of the manipulation has been removed but the trader has retained their bonus.

Burial Fraud: Here a fraudulent change is made to a key transaction in a list and the user then sorts the list using standard Excel spreadsheet functionality. With thousands (or more) transactions such a change is virtually impossible to locate manually. For some automated technologies unravelling this change is extremely difficult, but ClusterSeven is able to locate the fraud even after the data has been sorted.

Function Fraud: This makes use of the extensible nature of advanced spreadsheets such as Excel to create new functionality beyond standard cell-based formulas. It includes the fraudulent manipulation of macros or UDF (user defined functions) that are difficult for an average user to understand. In extreme circumstances this functionality may be located on hidden worksheets to avoid discovery.

Print Version


To take your understanding of this subject to the next level you may be interested in a more detailed presentation given to the ACFE (Association of Chief Fraud Examiners) in early May, 2010.

Click here for full ACFE Presentation

Allied Irish Bank suffered one of the most notorious spreadsheet frauds in 2001 when John Rusnak caused a loss of US$690million by manipulating data entries.

More recently, in 2008, the Securities and Exchange Commission (SEC) in the US charged ProQuest, a data management company, with false accounting as a result of hiding data within spreadsheet-based financial reports. The result was a 58% drop in market capitalization, equivalent to US$437million.

Simon “Scissorhands” Treacher has added to the list of clumsy ways in which the foolish can fall foul of the Financial Services Authority [UK Financial Services Regulator]. Blue Bay Asset Management’s experienced emerging markets fund manager cut and pasted erroneous figures into his monthly valuations, and then misled the UK regulator about what he’d done. The acts, carried out between August and October 2008, inflated the value of his funds by a mere $27m (£17m).

FT.com, 3 February 2010