Case Studies

The Merrison Technologies Case Data Analytics and Mining legal services team is composed of a wide range of industry specialists. These include System Analysts, Database Developers, Software Developers, Export Transform Load (ETL) Engineers, and Law Clerks. Merrison has an existing IT infrastructure with access to a variety of ETL, data visualization, reporting, e-discovery, and document review tools. We also have our own proprietary programs and algorithms created in Python, KornShell, C#, and JAVA. This gives us the unique ability to provide a vast amount of experience and technology at a single case for a low cost. Often in our initial case kick-off meeting the Merrison case team identifies data insights and deliverables the client case team was not aware were possible. Our experience also gives us the ability to translate technical jargon to laymen and vice versa, allowing us to offer complicated technical solutions in easy to understand terms. Below are real examples of Merrison Case Teams’ solutions. The company names, product names, and specific details have been removed to protect our clients’ privacy.

Example Case #1

TIME CARD FRAUD
Callers Union v. ABC Corp.

ABC Corp, a call center with hundreds of employees belonging to ACME Call Centers Union, requires all employees to work exactly 40 hours per week. ABC Corp experiences an unexplainable dip in productivity and wanted to investigate hours worked by their union employees. The Merrison Case Team was asked to do e-Discovery analysis on the results of a standard document request, such as e-mails, spreadsheets, and word documents to detect fraudulent behavior.

Approach

During the initial case consultation Merrison identified other systems that were used to track and monitor worker productivity not included in standard document requests. Specifically, we discovered that employees primarily enter their time through a software system called TimeKeeper. Merrison also learned that employees are required to swipe a badge to enter and exit the call center and that all badge swipes were recorded by a software called DoorSafe.

  • Merrison met with the ABC Corp and their legal team and guided them through obtaining databases and production logs from TimeKeeper and DoorSafe.
  • Once the data was obtained, Merrison went to work comparing data from DoorSafe (card entry swipes) and TimeKeeper (time cards).
  • Merrison was able to determine a “physically possible” number of hours for each employee by analyzing the entry and exit patterns from DoorSafe. Additionally, Merrison was also able to determine the number of hours reported by each employee by analyzing the data from TimeKeeper.
  • Once issues were found (i.e., someone reporting 8 hours through TimeKeeper, but only had a total of 6 hours through DoorSafe) Merrison was able to flag employees and calculate total hours not worked by each employee.
  • Further, Merrison was able to develop a timeline of which employees could have been in the building at any given time and determined that these employees were punching TimeKeeper for personnel who were not in the building.

ABC Corp used this data to target specific internal e-mails for review, as well as obtain security camera footage and witness testimony to bolster its case against ACME Call Centers Union.

ABC Corp determined that ACME Call Centers Union was complicit and systematically misreporting time worked by their union members. ABC Corp was able to successfully sue the Union for damages resulting from lost revenue due to the time card fraud.

Example Case #2

IDENTIFYING FAKE CUSTOMER LEADS
Use name scoring to quickly identify potentially fraudulent data

A large company awards bonuses to its employees based on the number of new customer leads they generate. The number of leads had been rapidly increasing, and the company wanted to investigate if employees were creating fake customer leads to pad their bonus awards. The company’s legal team was considering bringing suit but were having trouble processing the large amount of data and documents that required review and had difficulty finding definitive answers. They hired the Merrison Case Team to determine which entries were fraudulent.

Approach

Merrison developed a scoring methodology to determine which leads were more likely to be fraudulent based on the characteristics of the customer name.

  • Compare names against publicly available data sets. The Social Security Administration and US Census Bureau have lists of first and last names that span many decades. If a first or last name does not appear on these lists, it may be more likely to be fraudulent.
  • Compare against a list of celebrity names, cartoon characters, other fictional characters.
  • Compare against a list of profanity or other offensive language.
  • Look for impossible n-grams (e.g. ‘aa’ will appear in names like ‘Aaron’ but ‘aaa’ is very unlikely to occur).
  • Check length of names (especially long or short names are less likely to occur).

Merrison successfully employed this data enrichment methodology to organize a large dataset composed of millions of entries by locating the records most likely to be fraudulent. This greatly decreased the amount of time the organization spent locating and checking identification information for the potentially fake leads. Merrison saved the company time and money and allowed the legal team to focus on data that clearly identified fraudulent activity by several employees.

Example Case #3

VERIFYING PROPRIETARY SOFTWARE
Use custom scripting and comparative analysis to identify similarities between two software products

Company A has licensed the source code of a large enterprise software product from Company B. Company C, an industry competitor of Company A, has bought Company B and decided not to renew the license to Company A at the end of its term. Management at Company A feels after 10 years of use they have modified their software product to the point where it is now a new original offering with no relation to the originally licensed software product. Company A hired Merrison to verify the accuracy of this assumption before entering a legal challenge with Company C.

Approach

Merrison created several custom shell scripts to compare source code and database schema of the original software product (before any modification) and the current software product deployed in production.

  • Compare database schemas of two different database products by examining table names, column names, indexes, and record counts. The database technology had changed, but that does not mean the original structure and design changed too.
  • Use shell scripting to conduct structure line of code (SLOC) count by folders on the filesystem. Identified by functional module if there were similar code structure and size between the two systems.
  • Compare comments in the code left by software developers that existing in both systems. Quickly identified areas of interest to verify if original programming still existing in the new system.

Merrison was able to determine conclusively that more than 88% of the new system was still using the original software product design and structure. Company A was able to avoid a legal suit that was likely not winnable and negotiate a new license agreement with Company C. This process has considerable application in copyright litigation using the abstraction-filtration-comparison (AFC) test.