I’m expanding journal entry testing beyond AU-C/ISA 240 minimums after a Q3 review where 19 late-night, round-dollar entries hit revenue cut-off. Who’s using scripting or CAATs to operationalize criteria (user override, weekend posts, same-approver/creator), and how are you documenting it to satisfy PCAOB AS 2401 and ACFE standards?
I script flags for ‘late-night, round-dollar’ JE plus creator=approver; scheduled batches skew timestamps; you logging timezones? AS2401/ACFE mapped.
I’ve had luck joining JE tables to the ERP workflow/change logs (e.g., SAP CDHDR/CDPOS) to flag cases where an entry was “parked” then posted by the same user within 5 minutes or where the approver switched post-posting — both have popped on late-night, round-dollar revenue hits like your Q3 batch. For docs, I keep a one-pager mapping each flag to AS 2401.55–.64 and ACFE categories and embed the SQL plus a dataset hash so re-performance is clean. Do you have access to workflow/change logs or only GL headers?
And try adding a rare user–account pair flag off a 90‑day baseline, plus a narration keyword scan (‘plug’, ‘true-up’) — it’s like spotting a visitor badge in the server room, but exclude service/batch users to cut noise. For documentation, park the SQL, parameter snapshot, and a one‑page decision log in the workpapers so it’s re‑performable under AS 2401/ACFE; @a_roberts78, are you stripping API/service accounts from the baseline too?
I’d add an FX-rate override flag around Q3 cut-off — map to AS 2401: AS 2401: Consideration of Fraud in a Financial Statement Audit | PCAOB — thoughts?