Beyond the First Leading Digit Test, Benford’s Law includes further methods like the Second-Digit Test, First-Two Digit Test, and Last-Two Digit Test, adding depth to anomaly detection (Nigrini 2012). These tests provide enhanced sensitivity by uncovering patterns that might escape the basic first-digit analysis. For example, the Second-Digit Test identifies irregularities that evade initial detection, offering a deeper layer of scrutiny (Nigrini 2012). The First-Two Digit Test can reveal duplicate transactions below material thresholds, indicating potential fraud (Aris et al. 2017). The Last-Two Digit Test helps identify rounding patterns, which could suggest manipulative behavior, such as rounding up earnings to meet targets (Das and Zhang 2003; Tran et al. 2023).

While these tests can detect subtle irregularities, they have limitations. The First-Two Digit Test requires large, diverse datasets and statistical expertise, which may challenge smaller audit practices (Cleary and Thibodeau 2005). Additionally, these methods can produce false positives, requiring careful interpretation to prevent unnecessary resource use. Although these advanced tests extend Benford’s scope, they often lack guidance on actions to take after identifying anomalies. This gap underscores the need for research that combines sophisticated detection methods with practical auditing strategies.

The International Auditing and Assurance Standards Board (IAASB 2024b; ISA 520) supports using statistical or non-statistical sampling for detailed audit testing. Antonio (2023) demonstrated this by auditing a random 10% sample of transactions identified as anomalies using Benford’s Law, finding both human errors and misappropriation. Da Silva and Carreira (2013) proposed models for audit sampling based on Benford’s Law to identify nonconforming records. However, Benford’s Law assumes that datasets naturally conform to its expected digit distributions, which is not always true for restricted or manipulated data, such as tax rates or pricing strategies (Leonov et al. 2022a; Nigrini 2012). Additionally, Benford’s Law may miss anomalies that do not affect leading digit distributions, potentially overlooking critical issues (Durtschi and Pacini 2004). These challenges highlight the importance of using Benford’s Law alongside other sampling methods and qualitative analyses for a comprehensive audit.

Machine learning (ML) and artificial intelligence (AI) have significantly expanded the scope of anomaly detection in auditing. Bhattacharya et al. (2011) combined Benford’s Law with neural networks to create classifiers that differentiate between fraudulent and error-prone anomalies. Badal-Valero et al. (2018) demonstrated how logistic regression and support vector machines could identify high-risk areas by analyzing patterns beyond Benford’s scope. While ML enhances detection, it lacks the contextual understanding needed for follow-up actions, relying on training data without deeper insight into anomalies (Sifa et al. 2019).

Challenges in using ML for fraud detection include training data imbalances, where fraudulent cases are far fewer than legitimate transactions, leading to less accurate models (Badal-Valero et al. 2018; Sylwestrzak 2023). Furthermore, ML tools often rely on pre-labeled fraudulent cases, a condition rarely matched in real-world audits. This can limit their practical application in audits, where uncertainty is common. The high costs of false positives, such as unnecessary investigations, further highlight the need for ML tools to be complemented with human expertise and additional analyses to ensure balanced and effective audit decisions (Beneish and Vorst 2022).

Amiram et al. (2015) introduced the Financial Statement Divergence (FSD) score, which leverages Benford’s Law to assess deviations in financial statements, serving as a reliability indicator. The FSD score can predict material misstatements and act as an early warning signal. However, Walker (2022) found the FSD score less effective when used alone for detecting major errors and highlighted that adding the F-score showed mixed results in predictive accuracy. Cano‐Rodríguez et al. (2023) also questioned the reliability of the FSD score.

Tammaru and Alver (2016) developed a simpler version of the FSD score to detect earnings management by comparing expected and actual item counts. This method has been applied to assess financial credibility (Leonov et al. 2022b). Chakrabarty et al. (2024) recently introduced the AB-score and ABF-score, combining Benford’s Law with the F-score model. These metrics outperform traditional models like support vector machines, offering higher accuracy in fraud detection. The ABF-score is particularly effective in reducing false positives and negatives, thus improving audit precision. While the integration of Benford’s Law with machine learning in the ABF-score offers advanced fraud detection capabilities, its effectiveness can be constrained by limited training datasets with insufficient fraud cases.

According to Nonnenmacher and Gómez (2021), dividing the initial data into subsets (clustering) can mitigate data quality issues. Therefore, a greater amount of information could be acquired that would not have been obtained had the data not been divided into subsets. Dividing data into subsets before applying Benford’s Law significantly enhances the precision and relevance of anomaly detection in auditing processes (Anderson et al. 2022). This methodological approach allows for a more targeted analysis, isolating specific segments of data that may exhibit distinct financial behaviors or characteristics that could be obscured in a comprehensive dataset analysis. By analyzing these subsets, auditors can identify nuanced patterns of irregularities that are tailored to different operational areas or transaction types, enabling a more focused and effective investigation. Furthermore, this segmentation facilitates the identification of localized issues within the data, potentially leading to more accurate diagnostics and efficient resolution of anomalies (Smith 2017). This strategic partitioning not only increases the granularity of the analysis but also improves the overall utility of Benford’s Law in practical auditing scenarios, making it a vital tool for auditors seeking to enhance the accuracy and efficiency of their work.

One of the most common tests to see if a dataset is conformed to Benford’s Law is the Chi-square test due to its robustness in analyzing distribution of data (Cerqueti et al. 2021). However, it has recently been proven by Kossovsky (2021) that the Chi-square test is often unsuitable for assessing conformity to Benford’s Law because it not only evaluates the distribution of leading digits but also assumes that the dataset represents a random sample from a defined population. However, Benford’s Law typically applies to non-random datasets such as financial records or election results, where all entries are analyzed without selection. Using the Chi-square test can lead to misleading conclusions, falsely attributing non-conformity to the randomness of data collection rather than to actual deviations in digit frequencies. Therefore, alternative statistical measures that directly assess the fit to Benford’s distribution, without assuming data randomness, are preferable for such analyses (Kossovsky 2021). Therefore, this paper will use the Z-Statistic and the Mean Absolute Deviation test to test conformity to Benford’s Law.

• Objective: Define the scope and objectives of the audit.
• Understand the business, its environment, and identify the key areas of risks
• Establish materiality thresholds.

• Objective: Prepare the dataset for Benford’s Law analysis.
• Obtain the financial dataset.
• Clean the data by removing non-numeric entries, removing transactions starting with 0 and ensuring all transactions are absolute values.
• Check if the dataset meets the requirements for Benford’s Law (e.g., minimum of 5,000 records, naturally occurring numbers, spanning several orders of magnitude).

• Objective: Detect anomalies in the dataset using Benford’s Law.
• Apply Benford’s Law to the entire dataset.
• Calculate the expected and observed frequency distributions of leading digits.
• Perform the Z-Test and Mean Absolute Deviation (MAD) test to assess conformity.
• The MAD test to access the conformity to Benford’s Law of the whole dataset.
• The Z-Test to access the conformity to Benford’s Law of the individual digit.
• Identify significant deviations from the expected distribution.
• If the data follows Benford’s Law and no significant deviation is found, go to Step 4.
• If the data does not follow Benford’s Law and significant deviation is found, go to step 5.

• Objective: Enhance the precision of anomaly detection by segmenting the data.
• Segment the dataset using K-means clustering into small, medium, and high-value transactions.
• Reapply Benford’s Law analysis to each segment.
• Calculate Z-scores and the MAD for each subset to identify statistically significant anomalies.

• Objective: To further investigate the significant anomalies and narrow down the audit sample size.
• Perform First-Two Digit tests(10 to 99) on each segment or the entire dataset
• Perform First-Three Digit tests (100 to 999) on each segment or the entire dataset
• Calculate Z-scores and the MAD for each subset to identify statistically significant anomalies.

• Objective: Determine the nature of detected anomalies.
• Investigate high-deviation digits in each segment.
• Conduct a manual audit on transactions starting with digits showing significant deviations.
• Manual audit procedures include an interview with the managers and responsible employees, detailed examination of the suspicious transactions, etc.
• Conclude the Manual Audit

• Objective: Ensure all audit work is properly documented.
• Maintain detailed workpapers for all analyses and findings.
• Document findings, conclusions, and recommendations.
• Ensure audit files are complete and organized.

• Objective: Communicate audit findings to stakeholders.
• Prepare the draft audit report.
• Discuss findings with management.
• Finalize and issue the audit report.
• Present findings to the audit committee or board of directors.

• Objective: Ensure that corrective actions are taken.
• Monitor implementation of recommendations.
• Conduct follow-up audits if necessary.

Despite the substantial discoveries and contributions of this research, it is essential to point out several limitations. First, the applicability of Benford’s Law necessitates that datasets satisfy specific criteria, including size, natural occurrence, and diversity. The generalizability of the findings to other types of financial data that do not inherently conform to Benford’s Law may be restricted by the fact that this study exclusively examined datasets that met these criteria. Additionally, although effort was made to ensure that only datasets of sufficient size were chosen, certain subsets may still be affected by the limited sample sizes, particularly when they are divided into smaller groups. This has the potential to impact the reliability and robustness of anomaly detection results. Finally, the auditor’s judgment remains a significant factor in the interpretation of anomalies. Although statistical tools serve as a foundation for identifying potential issues, the ultimate determination of fraud versus error demands an in-depth understanding of the context, which can differ significantly among auditors.

Building on the findings of this study, future research could further investigate the combination of K-Means Clustering with Benford’s Law. The results from this study showed that dividing data into clusters and applying Benford’s Law significantly improved fraud detection accuracy. Future studies could explore other clustering algorithms and their impact on fraud detection efficiency. Furthermore, the datasets used in this paper did not contain fraudulent data. Therefore, future research could use the research framework proposed by this paper and apply it to data that contained fraudulent data to validate the accuracy and reliability of the algorithms.

In addition, future study could extend this model to include the Last-Two Digit test. The Last-Two- Digits test is particularly valuable for identifying falsifications related to financial rounding or the creation of fictitious numbers (Aris et al. 2017). Often used to scrutinize the integrity of financial records, this test examines whether the endings of transaction figures suggest unnatural patterns. In retail settings or industries where pricing strategies typically end prices in ‘.99’ or ‘.95’, a disproportionate number of transactions ending in ‘00’ might indicate that numbers have been rounded up or entirely fabricated. Such findings could suggest the presence of fraudulent activities, especially if these rounded transactions cluster within certain departments or are frequently authorized by specific individuals, providing a lead for further investigation.