USE OF ACL AND HOW TO DETECT AND PREVENT FRAUD

C. Brantley SyncoMSHI, MBA, CPA, CIA, CAMS, CHPC, CHCDirector, Internal Audit and ComplianceBaptist Health System

What is ACL?

Originally known as “Audit Command Language”

SQL “LIKE” coding GUI Interface Repeatable queries/reporting

Data Access

Data Access

Data Access

Data Access

ACL Screen Shot

ACL Screen Shot

ACL Log

Scripting

Scripting

1. DEFINE TABLE DB SOURCE "hr90sys“ SCHEMA "HR83SYS"

2. TITLED "hr90sys"

3. DBTABLE "PS_EMPLOYEES“ FIELDS "ALTER_EMPLID"

Scripting

BHS Scripts/Reports in Production

ACL in Use(Finance)

Duplicate Invoices (Amount) Duplicate Invoices (Inv Number) Duplicate Invoices (Similar Amount) Duplicate Invoices (Different Invoice

Dates) Duplicate Invoices (Invoice Layout)

ACL in Use(Finance)

Invoice before PO date. Patient refunds to BHS employees. Payments to AP Employees Vendors with same address PO created and received by same

person Sequential invoices

ACL in Use(Finance)

Employee address to vendor address match

Employee bank account same as vendor.

Employees with same address Last work date > 30 days, but no

termination date. Same employee SSN and vendor EID

ACL in Use(OIG Compliance)

OIG scan of physicians (UPIN) OIG scan of employees (Name) OIG scan of employees (Address) OIG scan of Vendors (Address)

ACL in Use(OIG Compliance)

ACL in Use(OIG Compliance)

ACL in Use(OIG Compliance)

ACL in Use(Stark/AKB Compliance) Payments to physicians w/o contract Payments to physicians with expired contracts Guarantee payments w/o payment in 60 days. Physician contracts w/o a vendor number Physician contracts w/o a guarantee date end Physician contracts with guarantee ending

within 45 days. Physician monthly payment greater than

expected amount.

ACL in Use(Stark/AKB Compliance)

Questions?