In June 2008, the Netherlands Court of Audit (NCA) published a report on its audit of the Dutch government’s efforts to combat money laundering and terrorist financing. During its audit, the NCA used a geographical information system (GIS) to analyze and present its findings. As reported in this Journal in October 2006, GISs have been used successfully for a variety of auditing purposes. At the XIX INCOSAI in Mexico in November 2007, the INTOSAI Task Force on the Accountability for and Audit of Disaster-Related Aid affirmed the usefulness of geographic information in audits of disaster-related aid. In this article, we describe some features of a GIS, give an overview of how a GIS was used in the recent NCA audit, and introduce the NCA’s new knowledge center on the use of GIS in auditing.
Geographical Information Systems and Auditing
Geographical or spatial information can be linked to specific locations (for example, zip codes or longitude and latitude coordinates). A GIS can be described as a computerized system that facilitates data entry, storage, analysis, and presentation especially for spatial (geo-referenced) data. In the example shown in figure 1, data layers on land usage, elevation, parcels, streets, and customers can be combined and analyzed in their geographical context to ask questions such as where do customers live (geographical setting) and how can they be reached? SAIs can ask and answer similar questions about targeted groups of government policies.
Figure 1: Example of Layers That Can Be Combined and Analyzed in a GIS
A GIS enables users to (1) produce high quality maps on any scale, (2) store and maintain a large quantity of geographically related information, (3) visualize and simplify complex data, and (4) create new data from existing data.
The most powerful feature of a GIS is its ability to allow users to perform complex analyses by linking data layers and overlaying different data sets to get a spatial perspective.
For more explanation regarding GISs, please see the Web site of the INTOSAI Task Force on the Accountability for and Audit of Disaster-Related Aid (www.intosai-tsunami.org). The task force believes strongly in the added value of GISs and remote sensing (RS) technology (such as satellite and aerial images, which provide data that can be used as a layer in a GIS) for auditing in general and specifically for auditing disaster-related aid. A GIS and remote sensing data can be of value for the subsequent stages of an audit:
Assessing Relevant Risks
Audits start with performing risk analyses and assessments to indicate where the audit will provide the greatest added value. A GIS and remote sensing data (GIS/RS) can assist in analyzing and assessing risks. A GIS makes it possible to analyze various data attributes or layers in a geographical context, which would be more difficult or complicated using only spreadsheets. Such data attributes or layers could include the geographical spread of projects behind schedule, the use of certain contractors in various regions, the geographical spread of allocated funds, or demographic information.
Designing the Audit
With available information on risks, a GIS/RS can assist auditors in designing the audit by helping to decide on its focus and scope. For example, data from a GIS and remote sensing technology can establish the number and geographical spread of projects on or behind schedule. To determine whether houses are unfinished, it would be easier and quicker to display all field data and combine it with satellite imagery than to use a table with numbers. This insight, in turn, would make it easier for the auditor to decide whether to focus on (1) projects behind schedule so that risks related to contract management can be audited or (2) projects on schedule so that performance (such as the quality and occupancy rate of houses) can be audited.
Furthermore, a GIS/RS can also be used to plan field visits and routing and to establish an optimal mix of field visits and remote sensing data: to which locations should a team be sent and for which can we rely on remote sensing data?
Conducting the Audit
During the implementation phase of the audit, the audit team can use GPS devices and satellite-based maps to link audit field data with geographical data. This makes it possible to analyze the field data directly when the coordinates are uploaded to GPS software and combined with maps—field data are directly visibly mapped in a geographical context—not only at a later stage in the audit. For example, if an auditor wanted to determine whether houses or infrastructure were being constructed in the right places in Indonesia following the tsunami, this information would be directly visible when the data are uploaded.
Analyzing Audit Findings
As stated earlier, a GIS makes it possible to analyze different layers of related geographical information (such as audit findings combined with global positioning system (GPS) coordinates). For example, for an audit on settlements affected by the 2004 tsunami, these data may include the number of school buildings lost and rebuilt, the number of surviving children, and location-specific data (land elevations and proximity to rivers or roads). With the type of analysis a GIS makes possible, performance can be measured: have schools been built in areas where children need them?
Visualizing results with a GIS can also provide insight on geographical differences in the performance of public organizations. In the case of the tsunami, the performance of local governments could be benchmarked. In disaster situations, it may also be interesting to benchmark the performance of the government with nongovernmental organizations (NGO), since these are some of the few situations in which the government does not have a monopoly on implementing activities. (NGO performance is used only as a reference in this regard because most SAIs do not have a mandate to audit them.)
Communicating Audit Results
With a GIS/RS, audit findings and other data can be mapped and made visible, supporting the main conclusions and recommendations of an audit and also facilitating an accessible way to communicate audit results to final beneficiaries.
We will further detail the value of a GIS for the subsequent stages of our audit of Dutch efforts to combat money laundering and terrorism financing.
Audit of Dutch Efforts to Combat Money Laundering and Terrorism Financing
The NCA decided to use a GIS in an audit of government efforts to combat money laundering and terrorism financing. Money laundering is the process of turning money from illegal activities into legitimate wealth in such a way that its illegal origins cannot be traced. Terrorism financing often involves the use of legal funds to finance the illegal activities of terrorists. Both money laundering and terrorism financing represent a risk to the integrity of financial systems and to public confidence in the operation of financial markets.
In its audit, the NCA investigated the policy in place to combat money laundering and terrorism financing. It considered how the Minister of the Interior and Kingdom Relations, the Minister of Finance, and the Minister of Justice manage their enforcement chains. It also looked at how organizations prevent, detect, investigate, prosecute, and sanction money laundering and terrorism financing. It did not consider the enforcement of sanctions.
To gain insight into the performance of investigation services and the Public Prosecution Service, the NCA developed performance indicators for the probability that money laundering and terrorism financing would be detected (detection rate) and punished (punishment rate). To relate this performance to the volume of money laundering and terrorism financing, the NCA used the number of suspicious transactions per geographical unit. The geographical boundaries of the local police force were chosen as the geographical unit. In the Excel spreadsheet shown in figure 2, this is represented by the unique police district code linked to geographical boundaries (SHAPE-Length and SHAPE-Area). By doing this, the NCA was able to combine three different data sets: suspicious transactions, results of the investigation units of local police, and punishments carried out by the Public Prosecution Service and the criminal courts.
Figure 2: Unique Police District Codes Linked to Geographical Boundaries in the NCA Audit
The NCA was also able to visualize and analyze the performance geographically with GIS software, as shown in figure 3.
Figure 3: Detection and Punishment Rates of Money Laundering and Terrorism Financing by Geographical Unit
The NCA used money laundering density—the number of suspicious transactions per geographical unit—as a base layer. The NCA visualized the results of the local police investigation units in the detection rate layer and those of the Public Prosecution Service and the criminal courts in the punishment rate layer.
In its audit report, the NCA noted that despite the many measures that the Ministers of the Interior, Finance, and Justice had taken to combat money laundering and terrorism financing, the results were disappointing. The audit found that money laundering and terrorism financing were still inadequately prevented, that the probability of money laundering and terrorism financing being detected and punished was low, and that the investigation services and the Public Prosecution Service made little use of their powers to seize the assets of criminals. Because of the ambitions declared by the previous five governments and the priority placed on combating money laundering and terrorism financing in the past 10 years, these findings were unexpected.
By visualizing the money laundering density and the results of local police investigation units, the Public Prosecution Service, and the criminal courts, the NCA was able to give the Parliament, ministries, and executing agencies insight into geographical differences that were not available before its audit. This insight has already raised questions about the extent to which geographical differences are acceptable and why money laundering density varies so greatly by geographical unit. In their reaction to the NCA audit, the responsible ministers stated that they will use the outcomes of the audit to improve insight into the volume of money laundering and the results of combating money laundering and terrorist financing.
With these overviews of results (performance) and the volume of the problem that public entities tackle, it is possible to not only analyze and communicate the results of an audit but also facilitate the selection of samples for the audit field work. In this particular case, if data had been available at an earlier stage of the audit, we could have selected the investigation units of the police and the units of the Public Prosecution Service as samples based on their results.
Knowledge Center on the Use of GISs in Auditing
The NCA has decided to establish a knowledge center on the use of GISs in auditing. This center will focus on the national activities of the NCA and also be part of the NCA’s portfolio as vice chair of the Working Group on Accountability for and Audit of Disaster-Related Aid, which is chaired by the European Court of Auditors. The center will focus on
The NCA invites all SAIs to assist it in further developing the use of GISs in auditing by sharing audit results, ideas, and information. It also invites SAIs that want to start using GISs as an audit tool to contact the NCA.
For additional information, contact Egbert Jongsma (project manager of the GIS knowledge center) at firstname.lastname@example.org.