Due to regulations such as those required under the Sarbanes-Oxley Act of 2002, business entities (e.g., corporations and other organizations) must keep records for a large amount of information related to the business entity's financial activity. Financial activities, or activities which affect the business entity's financial status, may include, for example, payroll activities (e.g., payments made to employees, adjustment to employee salary, automated tax withdrawal amounts, etc.), accounts payable activities (e.g., receipt of loan amounts, receipt of goods, service fees due, etc.), accounts receivable activities (e.g., invoiced sales, services rendered, etc.), general ledgers activities, and other activities. Certain financial activities within the business entity are initiated or otherwise carried out by humans. These activities may be recorded by an employee, for example, on tickets, which may each maintain a record of information related to each activity. Tickets may be maintained, for example, electronically or on paper or other recording media. A ticket serves as an individual record of the activity, and may include information such as, for example, date, time, implementer, location, action, action description, etc.
All of the tickets generated within the business entity may be maintained in a filing system, such as a database or other data storage. Ideally, every financial activity implemented by a human at a business entity would have an associated ticket that includes the correct information regarding the activity. This would include original tickets as well as change tickets, which record changes to previous activities recorded in original tickets or other change tickets. However, the individual records represented by tickets are prone to human error, such as, for example, typographical errors or other data entry mistakes. In addition, individual records are not immune from unauthorized tampering or falsification. For example, an employee may shift certain funds to an offshore account without creating the appropriate ticket. Or, an employee may create a ticket, but later may alter the monetary amounts recorded on the ticket without authorization and without creating a change ticket. Given the strict regulations imposed by the government, business entities must develop effective ways to monitor and audit the activities of their employees that affect their finances.
One business entity monitoring system is described in U.S. Patent Application Publication No. 2006/0212487 A1, to Kennis et al., entitled “Methods and Systems for Monitoring Transaction Entity Versions for Policy Compliance.” The '487 publication describes a monitoring system that monitors financial transactions at a business entity, stores information about the transactions in a database, and extracts, processes, and analyzes data from the stored information in order to detect and track policy exceptions and their underlying transactions. However, as described above, a dangerous threat to business entity financial systems are the erroneous, fraudulent, or malicious actions of humans. Although the '487 system provides for the analysis of financial transactions at a business entity, it does not provide a simplified method for extracting, processing or analyzing transaction data by differentiating between human-initiated and computer-initiated activities. Furthermore, the '487 system is limited in its ability to permit an analyst to easily review all human activities associated with a particular transaction in order to determine which activities may be problematic.
The disclosed methods, systems, and computer program products provide an effective means for monitoring and auditing corporate financial activities, particularly those implemented by humans, to ensure compliance with governmental regulations, and to protect against employee fraud within an organization.