One of the main attributes AppZen utilizes to identify and assign risk to an expense report is the AppZen Compliance Index (ACI). ACI is analogous to a FICO credit score. Just as a FICO score uses previous purchasing history to determine a person’s reliability in paying back a loan and the interest rate is given, the ACI gives an employee a risk score from 0 to 100 based on his or her expense reporting behaviors, trends over time, and how they compare to their peers.
How Does It Work?
While certain violations will be categorized as “High Risk” based on a customer’s policies and configurations at the initial expense audit, assessing medium-risk violations is really what ACI was built to assist with. Essentially, not all medium-risk expense violations should be treated the same.
For example, let’s say two employees submit the same expense report on which both violated their daily meal cap limit by $20 for the day. According to the company’s configuration, small meal limit violations should only incur medium-level risk. After initial receipt & report analysis, AppZen’s AI will assign a preliminary medium risk.
However, before assigning a final risk level, the employee history will be evaluated. While both employees committed the same violation, both have different historical behavior.
Has committed multiple policy violations in the last few weeks
ACI score of 70
Has only committed one small policy violation in the last few weeks
ACI score of 10
Employee Greg has a history of recorded bad behavior. He has been warned many times before but continues to violate the T&E policy. Taking into account an ACI score of 70, the AppZen AI engine will assign an overall risk level of HIGH to this report letting an auditor know this employee has a track record of misconduct even though this specific policy violation itself was inconsequential.
Employee Jerry has had one minor policy violation but overall follows T&E policy to a tee. Taking into account a track record of good behavior coupled with a relatively low dollar amount policy violation, AppZen’s AI will assign a risk level of LOW to this report and increase the employee’s ACI score from 10 to 15
How is ACI Calculated?
The first step to feeding the AppZen ACI algorithm is through the proper configuration. The baseline for all of our AI engine’s decision-making is based on the levels of risk a company assigns to each and every potential policy violation during implementation. Utilizing these predefined violation weights, data is fed into a model that determines the relative distribution of violations across other employees to determine an ACI score.
For example, let’s say an employee has a few beers at dinner. This same expense item might play out differently in two different company policies when it comes to ACI:
Company A has a zero-tolerance policy against alcohol and assigned a high-risk indicator to violations regarding alcohol during configuration.
Before expense report submission, ACI = 10
After expense report submission, ACI = 30
Expense report marked as “High” due to “High Risk” associated at the policy violation level
Large ACI number jump due to a major policy violation
Company B doesn’t allow alcohol but views the violation as a medium risk at the configuration level. Meaning, although alcohol is allowed, it is not worth auditor review if its occurrence is infrequent.
Before expense report submission, ACI = 10
After expense report submission, ACI = 15
Expense report marked as “Low” due to “Medium Risk” associated at the policy violation
level and an employee track record of good behavior
Small ACI number jump to make sure this violation does not become a trend from the employee overtime.
What this example illustrates is that an employee’s ACI score is a combination of many different factors, starting at the initial policy-level risk down to violation frequency and impact. High-risk violations can alter an employee's ACI score 10 to 20 points while medium-risk violations typically falls within a 1 to 10 point range depending on severity. ACI can only be made available when a sufficient number of expense reports have been processed by the system and adequate sample size is available across the organization. For most companies, this typically takes about a month or more after go-live.
ACI Score Ranging From 1-30 = Model Employees
These employees follow policy the majority of the time. They might occasionally have a small violation, but nothing worth auditing as they are given the benefit of the doubt.
ACI Score Ranging From 30-70 = Employees With Patterns of Policy Violations
These employees have a track record of policy violations. While none of their violations might be considered major, they are typically not correcting their behavior over time after repeated warnings.
ACI Score Ranging From 70-100 = Employees With Extremely Bad Behavior
These employees not only have a track record of policy violations but also violations with the major risks associated with them. These could range anywhere from high dollar out-of-policy spend all the way up to suspected fraudulent behavior.
If an expense report is flagged as high and has been audited with a Risk Reason for Rejection as “False Positive”, the ACI score will not be impacted. If any of the other Risk Reasons are given, the ACI score will be adjusted for that employee.
When are ACI Scores Calculated?
ACI scores are calculated once per month. The date for this calculation is the 2nd Day of the month (e.g., October 2) and is reflective of the prior 3 months of expense report data.
EXAMPLE: The October 2nd ACI score for an employee is reflective of reports submitted from July 2 through October 1.
NOTE: When referring to this time frame (7/2-10/1), it is important to refer to it as the September ACI score (versus October), as to not confuse customers thinking that it is forward-looking.
If a user submits a high-risk report that is rejected within the ~29-day time frame following the previous score report date (e.g., October 2) and the upcoming one (e.g., November 2), the Employee Dashboard will show the updated high risk spend, however, the ACI score will not be reflective of that high-risk report until next report date (11/2) when scores are calculated again.
Can an Employee Improve his or her ACI Score?
Yes! ACI is a culmination of an employee’s rolling 3-month expense behavior. While policy violations at the employee level can certainly be evaluated over longer periods of time at the reporting level, ACI is more interested in an employee's current behavior and whether each employee is improving their compliance behavior over time.
EXAMPLE: For the ACI score in March, AppZen looks at the months [Jan-Feb-Mar]. For the ACI score in April, AppZen looks at the months [Feb-Mar-Apr]. Each month, when the ACI score is recalculated it drops a previous month and picks up the following month.