Tracing Fraudulent Applications within Salesforce

Case Studies
Hamish Imrie - Partner

Using data modelling to successfully extract, transform, analyze and then correlate millions of data points against each other. Systematically model data to detect anomalies in with grant applications.

In this audit, a suspicion of collusion between recipients of grants was suspected. The project mandate provided was to conduct a detailed analysis of all the applications submitted to the Salesforce system.

Changelogs were not enabled but a small aspect of the analysis was the examination of timestamps of the various stages of the approval and review workflow process.


  • A critical component was the comparison of more than 400 text fields against all of the other text fields in the database or more than 1500 applications.
  • The project revealed 15 valid audit points that were material in nature and were tabled for follow-up and investigation


A once-off data extract was conducted from Salesforce. The raw tables were scripted and transformed into problem specific data models to answer specific audit questions. For text analysis, key words were identified and a multi-loop script mined each text field against the larger set of data. An output score for each field was generated and after processing, the results with the highest scores were manually checked against each other. Outputs of the script resulted in a set of applications that contained clear signatures of coming from the same hand, and thus collusion between applicants.