The Inferential Investor

The Inferential Investor

Home
Notes
Stock Research
Prompt Library
Techniques
News and Research
Disclaimer
Archive
About

Forensic Security Analysis

Last updated: 15 September 2025

Objective:

Perform a forensic accounting examination of a company’s accounts to generate insights beyond traditional income statement trends. Identify and assess risks hidden within accounts and generate monitoring plans.

Explanation:

If you ask professional investors where edge still exists, many will point to the plain-vanilla 10-K (and 10-Q). Not because others don’t read it, but because most readers skim the highlights and miss the connective tissue between footnotes, cash flow idiosyncrasies, and management incentives. Buffet, Munger and other great investors study these documents intensively but its time consuming.

Generative AI massively changes the speed of this work. The risk is that speed without structure turns into superficiality. This prompt lays out a practical, structured way to pair classic financial-statement analysis interpretation that summarizes simply any identified risks. The analysis steps are grounded in the principles from Graham & Dodd’s Security Analysis and Graham’s The Intelligent Investor (quality of earnings, margin of safety), Penman’s Financial Statement Analysis and Security Valuation (clean-surplus and residual income logic), Koller et al.’s Valuation (cash flow over accounting earnings, ROIC vs. growth), White, Sondhi & Fried’s The Analysis and Use of Financial Statements (ties between statements), and Schilit & Perler’s Financial Shenanigans (pattern recognition for red flags). The point isn’t to replace judgment. It’s to let the machine handle extraction, cross-referencing, and first-pass diagnostics so you can concentrate on materiality and causality.

The organizing idea of this prompt is simple: 14 sections, one for each core analysis step that practitioners actually run - accruals quality, cash conversion, revenue recognition tests, capitalization choices, working capital stress tests, leverage and covenant risk, off-balance-sheet items, stock-based compensation and dilution, segment economics, auditor signals, and management discussion & analysis language.

As always, be aware that models can make mistakes. At each step, examine the response and challenge information or conclusions that appear erroneous before proceeding to any subsequent steps. If in doubt use a second model with the same prompt to verify the information and generate challenge questions and answers (CoVe process) to correct interpretations of data.

Link to blog post explanation:

Preferred Model:

  • Gemini 2.5 FLASH. see execution notes

Important Execution Notes:

  • The prompt is by default set for the user to upload the last 2 annual reports (10-K’s) and most recent quarterly report (10-Q) (unless the latest quarter is the year end).

  • If you find the analysis hangs in the process, it will be due to the complexity of the request and amount of attached information.

  • This can be solved by 3 methods: (1) using the Gemini FLASH model over PRO, (2) reducing the attachments to a single 10-K (that still has at least 2 years financial information) or 2-3 quarterly reports which are less detailed and/or (3) breaking the prompt down into separate steps (eg. modules 1-7 then 8-14).

  • This is a longer and more complex analysis exercise using most of a model’s context window and processing capability. Gemini has been shown to handle this better as a single prompt given its encoder-decoder architecture (attends to all information in prompt and attachments prior to answering) and much longer 1m token context window. It will typically provide a more comprehensive response to other models which try and summarize interpretations and analysis to preserve context window.

  • ChatGPT has struggled with this as a single prompt and is slower than Gemini, often hanging in the response. I have found the need to split this into 2 sections in a CoT conversation using GPT-5 Thinking and run the first 7 steps followed by the last 7 and conclusion. However due to ChatGPT’s autoregressive structure the summarized conclusion up front is best left to the end in order to pull together all the information attended to in the steps.

  • Insert required info in the square brackets (company name, share price, and optionally any peer companies to compare).

Sample Output:

Oracle Forensic Analysis Sep 25
218KB ∙ PDF file
Download
Download

Copy/Paste Prompt:

Important note: Subscribers can use this prompt for their own analysis. However, the prompt is copyrighted by The Inferential Investor, paywalled, and must not be shared without permission. Any subscribers found to be sharing prompts unauthorized, will be removed.

You are a senior equity analyst producing a forensic security analysis of [COMPANY NAME] based on its most recent 10-K (and prior year 10-K) and the latest 10-Q where relevant.

Objective: Produce a complete, page-cited report that covers 14 modules (listed below), computes specified metrics, and ends with a one-page synthesis and a monitoring plan.

Inputs:

- Entire 10-K (current year) with preserved page numbers.
- 10-K (prior year).
- Latest 10-Q (optional but preferred).

- Assumptions provided by the user: current share price [USER_INPUT_PRICE], peer names (optional) [USER_INPUT_PEERS].

Global Rules:
- Cite section headings and page numbers for every material claim.
- Distinguish Observations (facts with numbers) from Interpretations (brief, non-speculative explanations).
- Avoid investment recommendations. Use neutral language.
- No undefined acronyms: spell out terms (e.g., days sales outstanding).

Modules and Tasks:
1) Accruals Quality
- Extract net income, cash flow from operations, receivables, inventory, payables, cash taxes, deferred taxes (3 years).
- Compute total accruals and working-capital accruals scaled to average assets.
- Output table + 120–180 word interpretation with 2–3 alternative hypotheses.

2) Cash Conversion and Free Cash Flow Quality
- Extract capital expenditure and depreciation and amortization (3 years).
- Compute conversion ratios and free cash flow after maintenance capital expenditure.
- Identify one-off cash items. Output table + short assessment.

3) Revenue Recognition
- Summarize revenue policies by stream; extract receivables and deferred revenue (3 years).
- Calculate growth comparisons; produce risk map (High/Medium/Low) with citations.

4) Capitalization Choices
- Extract research and development expensed vs. capitalized, intangible assets, amortization lives (3 years).
- Compute capitalization rate; flag life changes; output risks.

5) Working Capital Stress Tests
- Compute days sales outstanding, days inventory outstanding, days payables outstanding (3 years).
- Flag shifts >10 percent; provide 3 hypotheses to test.

6) Leverage, Covenants, and Liquidity
- Build debt maturity table; compute interest coverage and +100 basis-point sensitivity.
- Identify most binding constraint.

7) Off-Balance-Sheet Exposures and Leases
- Summarize leases and commitments by year; compute shadow leverage metric.
- Provide narrative on potential hidden leverage.

8) Stock-Based Compensation and Dilution
- Extract stock-based compensation expense, share counts, equity plans, repurchases (3 years).
- Compute dilution and offset ratio; estimate buyback dollars needed to offset next year’s issuance at [USER_INPUT_PRICE].

9) Segment and Geographic Economics
- Compute segment growth, margins, implied returns; build margin bridge (mix vs. within-segment).
- List geographic concentration and currency exposures.

10) Auditor Signals: Opinions, Critical Audit Matters, Restatements
- Catalog opinion type, going-concern language, critical audit matters (new vs. recurring), and restatements with magnitude.

11) Management Discussion and Analysis Language
- Redline current vs. prior year; produce an “MD&A change log” (8–12 bullets) with metric corroboration.

12) Related-Party Transactions and Governance
- Table of related-party transactions (counterparty, nature, amounts, terms); governance snapshot (board independence, shareholder rights, incentive metrics).
- Note conflicts and monitoring items.

13) Provisions, Contingencies, and Legal Matters
- Roll-forwards and ratios; list legal matters and ranges; assess reserve adequacy and transparency.

14) Guidance-to-Economics Bridge
- Build driver-based bridge to guidance midpoint; list three must-be-true conditions and fastest falsification checks.

Synthesis and Monitoring Plan (Final Section):
- “What changed vs. last year” in 10 bullets or fewer, each tied to a metric and a page cite.
- Assess which 2–3 modules drive intrinsic value variance the most and why.
- Provide a monitoring plan: 6–8 leading indicators with thresholds (for example, days sales outstanding rises >10 days; deferred revenue growth < revenue growth for 2 consecutive quarters; stock-based compensation >10 percent of revenue).
- Appendices: all tables from modules, formulas used, glossary of terms (no acronyms without expansion).

Formatting:
- Begin with an Executive Summary (≤250 words) listing the top five forensic findings.
- Each module starts on a new page with a summary box (Inputs, Key Metrics, Top Finding, Page Cites).
- Provide all numeric outputs in a machine-readable table at the end (comma-separated values format).
© 2025 Andy West · PrivacyTermsCollection notice
Start your SubstackGet the app
Substack is the home for great culture