The MindBridge data scientist team consulted extensively with auditors to determined the default control points values. Remember, marking them all as 100% is like you saying everything is important to you. Not really conducive to finding what you don’t like. These values provided a reasonable risk profile.
We recommend that you start out with the values at default. Over time adjust your weighting to focus on a specific risk area.
Depending on the rule-based and Machine Learning-based risk scores for every transaction will be assigned an aggregated risk score and grouped into low, medium, and high-risk strata(i.e., buckets), which allows for easy prioritization and further review from the audit team.
Rule-based control points
For rule-based control points, the control point indicators should be customized to consider client-specific risk areas. For example:
- Weekend entries might be normal business practices for one company and irrelevant to them, but highly suspicious for another.
- Material Value may be set to something other than 0 because most organizations do not care about 0.00$ transactions. They consider that “normal”. That’s not to say that every company is the same, but if it’s important to include it audit for a client, then enabling it to be >5% (with a value of whatever you wish, e.g., $100) would say that anything that has a value > $100, start giving it a higher Risk Score because that’s important for our analysis.