REPORT TO THE NATIONS - 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND ABUSE - Amazon S3
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
REPORT TO THE NATIONS 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND ABUSE
FOREWORD
With the publication of the 2018 Report to the Nations, I am
struck by how this study, like the Association of Certified Fraud
Examiners itself, is in many ways a tribute to the vision and
dedication of our founder and chairman, Dr. Joseph T. Wells,
CFE, CPA. When Dr. Wells created the ACFE, he did so because
he recognized there was a fundamental flaw in how organiza-
tions were attempting to prevent, detect, and investigate fraud.
His goal in founding our association was to establish a body of
Bruce Dorris, J.D., CFE, CPA
knowledge and training that would help anti-fraud professionals
President and CEO,
reduce the incidence of fraud and white-collar crime.
Association of Certified
Fraud Examiners One thing Dr. Wells came to recognize in the early days of the
ACFE was that the anti-fraud profession suffered from a glaring
weakness: we simply did not know enough about the crimes we
were trying to fight. So, with the aid of ACFE researchers John
Warren and Andi McNeal, he set out to address the problem by
commissioning the first Report to the Nation in 1996.
The 2018 report is the 10th edition of Dr. Wells’ study, and the Re-
port to the Nations remains the most comprehensive and widely
quoted source of occupational fraud data in the world. Based
on information from real fraud cases as reported by CFEs from
around the globe, the report continues to be a tremendous re-
source for those interested in how occupational fraud is commit-
ted, how it is detected, who commits it, and how organizations
can protect themselves from it.
On behalf of the ACFE, I am proud to present the 2018 edition of
the Report to the Nations.
Bruce Dorris, J.D., CFE, CPA
President and CEO,
Association of Certified Fraud Examiners
2 Foreword Report to the Nations
CONTENTS
Key Findings 4 Collusion by Multiple Perpetrators 42
Perpetrator’s Criminal Background 42
Introduction 6
Perpetrator’s Employment History 43
The Cost of Occupational Fraud 8 Behavioral Red Flags Displayed by Perpetrators 43
Projecting Total Fraud Losses Based on Imperfect Data 8 Spotlight: The Red Flags of Fraud 44
The Fraud Costs We Know 8 Non-Fraud-Related Misconduct by Perpetrators 46
How Occupational Fraud Is Committed 10 Human Resources-Related Red Flags 46
Categories of Occupational Fraud 10 Case Results 47
Spotlight: Corruption 13 Internal Action Taken Against Perpetrator 47
Duration of Fraud Schemes 14 Criminal Prosecutions and Civil Suits 48
Spotlight: Concealing Fraud 14 Spotlight: When Victim Organizations are Fined 50
Detection 16 Spotlight: Recovering Fraud Losses 51
Initial Detection of Occupational Frauds 16 Methodology 52
Tip Sources 17 Analysis Methodology 52
Median Loss and Duration by Detection Method 18 Survey Participants 54
Spotlight: Hotlines and Reporting Mechanisms 19
Regional Focus 56
Victim Organizations 20 Asia-Pacific 56
Type of Organization 20 Canada 58
Size of Organization 21 Eastern Europe and Western/Central Asia 60
Spotlight: Fraud in Small Businesses 22 Latin America and the Caribbean 62
Industry of Organization 24 Middle East and North Africa 64
Anti-Fraud Controls at the Victim Organization 26 Southern Asia 66
Perpetrators 33 Sub-Saharan Africa 68
Perpetrator’s Position 33 United States 70
Perpetrator’s Tenure 34 Western Europe 72
Spotlight: Fraud Committed by Owners and Executives 34 Index of Figures 74
Perpetrator’s Department 36
Fraud Prevention Checklist 76
Perpetrator’s Gender 39
Perpetrator’s Age 41 Glossary of Terminology 78
Perpetrator’s Education Level 41
About the ACFE 79
Contents Report to the Nations 3
KEY FINDINGS
2,690 $7 billion+
Median duration
of a fraud scheme
real cases of IN TOTAL LOSSES
occupational fraud
from
$130,000
125 countries
MEDIAN LOSS PER CASE
MONTHS
in 22%
23
OF CASES CAUSED
industry
categories
LOSSES OF
Corruption
$1 million+ was the most common scheme
in every global region
Tips are by far the most common
��
initial detection method
Asset Misappropriation schemes $800,000
are the most common and least costly median loss
�� internal management
tips
��
$114,000 40% audit review
median loss 15% 13%
89%
of cases
employees Organizations with hotlines
provide over half detect fraud by tips more often
of tips, and nearly
1/3 come from
financial statement outside parties
46%
fraud schemes OF CASES
30%
are the least common 10% DETECTED
of cases BY TIP OF CASES
and most costly DETECTED
BY TIP
HOTLINES NO HOTLINES
SMALL BUSINESSES
LOST ALMOST
TWICE AS MUCH
PER SCHEME
TO FRAUD
$104,000
MEDIAN LOSS
$200,000 MEDIAN LOSS
100+ EMPLOYEES
INTERNAL CONTROL WEAKNESSES
WERE RESPONSIBLE FOR NEARLY Owners/executives
HALF OF FRAUDS accounted for
a small percentage
of cases
Losses caused by men
were 75% larger
than losses caused by women
1
ALL 18 ANTI-FRAUD CONTROLS median losses
ANALYZED WERE ASSOCIATED
19% $$$$$$$ are far greater
WITH LOWER FRAUD LOSSES of cases $74,000 when fraudsters
collude
AND QUICKER DETECTION
2
but caused a $$$$$$$$$$$$$$
$150,000
median loss of
$850,000
3+
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$339,000
DATA MONITORING/ANALYSIS and
SURPRISE AUDITS were correlated with the
largest reductions in fraud loss and duration
FRAUDSTERS WHO HAD BEEN
WITH THEIR COMPANY LONGER
���52% Data monitoring/
analysis
��� 58%
85%
STOLE TWICE AS MUCH
MORE THAN 5 YEARS’ TENURE
$200,000
lower losses faster detection
���51%
lower losses
Surprise
audits
��� 54%
faster detection
of fraudsters
displayed at least
one behavioral
red flag
MEDIAN LOSS
LESS THAN 5 YEARS’ TENURE
$100,000
Yet only 37% of victim organizations
of fraud
MEDIAN LOSS
implemented these controls
Only 4%
Over the past 10 years, occupational fraud
referrals to prosecution declined 16%
OF PERPETRATORS
TOP REASON FOR HAD A PRIOR
NON-REFERRALS WAS
FRAUD CONVICTION
-16%
FEAR OF BAD
PUBLICITY
A MAJORITY OF THE VICTIMS RECOVERED NOTHING
2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018
Key Findings Report to the Nations 5
INTRODUCTION
Fraud in general poses a tremendous
threat to organizations of all types
and sizes, in all parts of the world.
Among the various kinds of fraud that organizations
might be faced with, occupational fraud is likely the The goal of the Report to the Nations
largest and most prevalent threat. Occupational
is to compile detailed information
fraud1—fraud committed against the organization by
about occupational fraud cases in
its own officers, directors, or employees—constitutes
an attack against the organization from within, by the
five critical areas:
very people who were entrusted to protect its assets
The methods by which occupational
and resources. Since we began tracking data on
fraud is committed
occupational fraud cases in 1996, we have reviewed
thousands of cases in which insiders collectively The means by which occupational frauds
stole billions of dollars from their employers, and are detected
those cases were merely a drop in the bucket. There
are millions of business and government organiza- The characteristics of the organizations
tions operating throughout the world and every one that are victimized by occupational fraud
of them, in some way, is vulnerable or potentially
vulnerable to fraud committed by their employees.
The characteristics of the people who
Most of those employees will never steal or abuse
commit occupational fraud
the trust that has been placed in them, but the ones
The results of the cases after the frauds
who do can cause enormous damage. It is because
have been detected and the perpetrators
of this risk that we continue to study these frauds
identified
and publish the Report to the Nations.
This study contains an analysis of 2,690 cases of derstand occupational fraud and the impact it has on
occupational fraud that were investigated between organizations.
January 2016 and October 2017. The data present-
ed herein is based on information provided by the The data we have gathered provides a broad and
Certified Fraud Examiners who investigated those deeply representative picture of occupational fraud’s
cases. Their firsthand experience with these frauds impact. The cases in this study include frauds com-
provides an invaluable resource for helping us un- mitted against organizations in 23 major industry
categories. Victim organizations range from small local
1
Occupational fraud is defined as the use of one’s occupation for per- businesses to multinational corporations with thou-
sonal enrichment through the deliberate misuse or misapplication of the
employing organization’s resources or assets. sands of employees. These frauds were committed by
6 Introduction Report to the Nations
individuals who worked in virtually every part of the agers, researchers, and the public at large. Readers
organization, from entry-level employees to C-suite will find a wealth of information about the methods,
executives. causes, costs, and indicators of occupational fraud, as
well as important information on how to prevent and
The cases we studied occurred in 125 countries detect it. This study is the 10th edition of the Report
throughout the world, which helps us develop a global to the Nations, and occupational fraud remains an
view of the costs, methods, victims, and perpetrators of enormous threat to the global economy, just as it was
these crimes. Figure 1 shows the number of cases from when we published the first edition in 1996. But in the
nine key geographical regions, along with the medi- time since that first report, we have seen organiza-
an loss per fraud in each of those regions. (Readers tions make tremendous strides in terms of awareness,
should note that the number of cases per region largely along with significant advancements in their ability to
reflects the geographical distribution of ACFE mem- combat these crimes. Such advances are only possi-
bership, so this data should not be taken to mean that ble when there is a true understanding of the nature
fraud is more or less likely in any particular region.) and extent of the threat that must be dealt with. We
publish this 2018 Report to the Nations hoping it will
Our hope is that the findings in this report will be of advance the collective understanding and awareness
value to anti-fraud professionals, organizational man- of occupational fraud risk for all those concerned.
FIG. 1 Countries with reported cases and median loss for each region2
United States CASES: 1,000 (48%) Sub-Saharan Africa CASES: 267 (13%) Asia-Pacific CASES: 220 (11%)
MEDIAN
LOSS: $108,000 MEDIAN
LOSS: $90,000 MEDIAN
LOSS: $236,000
Latin America Middle East
Western Europe CASES: 130 (6%) and the Caribbean CASES: 110 (5%) and North Africa CASES: 101 (5%)
MEDIAN
LOSS: $200,000 MEDIAN
LOSS: $193,000 MEDIAN
LOSS: $200,000
Eastern Europe and
Southern Asia CASES: 96 (5%) Western/Central Asia CASES: 86 (4%) Canada CASES: 82 (4%)
LOSS: $100,000 $150,000 $200,000
MEDIAN MEDIAN MEDIAN
LOSS: LOSS:
2
Geographical information was provided in 2,092 of the cases submitted. See pgs. 56–73 for lists of cases submitted by country.
Introduction Report to the Nations 7
THE COST OF
Accordingly, providing a measure of the cost of fraud
is an incredibly important endeavor. It is also an
OCCUPATIONAL
incredibly difficult one, given the number of unknown
factors required to make such an estimate. No one
FRAUD
knows the amount of frauds that go undetected or
unreported, and even for those frauds that do come to
light, the full amount of loss might never be calculated.
How much money do Such limitations mean that any attempts to quantify
organizations lose as a the global amount of fraud will be imperfect.
result of fraud? Projecting Total Fraud Losses
Based on Imperfect Data
Even with these limitations on projecting the total
Anti-fraud professionals know just
amounts lost to fraud, however, we know that such a
how devastating a fraud can be to projection has an important place in the fight against
its victims. But they are not the only fraud. Consequently, we asked survey participants,
ones who benefit from insight into based on their professional experience, what per-
centage of revenues they believe a typical organiza-
the amount of damage that fraud tion loses to fraud each year. The median response
causes organizations and their stake- provided by these CFEs is that organizations lose 5%
holders. Business leaders need to of their annual revenues to fraud. While this number
is only a general estimate based on the opinions of
understand how much is at stake
the CFEs who took part in our study, it represents the
as they assess their risks and make collective observations of more than 2,000 anti-fraud
resource-allocation decisions. Reg- experts who together have investigated hundreds
ulators need to determine where to of thousands of fraud cases. To place their estimate
in context, if the 5% loss estimate were applied to
focus their enforcement efforts. In- the 2017 estimated Gross World Product of USD
vestors and customers need to make 79.6 trillion, it would result in a projected total global
informed decisions about where fraud loss of nearly USD 4 trillion.3 To be clear, this
number is only an estimate and, given the limitations
to direct their own money. And the
described above, it is unlikely we will ever be able
media desires context and direction to calculate the true cost of fraud on a global scale.
for helping to raise awareness of the But we can be certain that the amount of damage is
issue to the general public. incredibly large, and this estimate, provided by an-
ti-fraud professionals who work to prevent and detect
fraud on a daily basis, helps give us some insight into
just how big the problem may be.
The Fraud Costs We Know
Determining total fraud losses—whether globally, re-
gionally, by industry, or even within a specific organiza-
tion—is outside the primary scope of our study. Instead,
we focus on analyzing known data to better under-
3
See https://www.cia.gov/library/publications/the-world-factbook/geos/
xx.html (retrieved March 22, 2018).
8 The Cost of Occupational Fraud Report to the Nations
stand the risks posed by occupational fraud. To FIG. 2 How much does an occupational fraud cost
that end, we examined the losses incurred in the the victim organization?
actual cases of fraud reported to us to learn about Less than $200,000
how fraud affects its victims. 55%
The total loss caused by the cases in our study $200,000–$399,999
exceeded USD 7.1 billion. While we do not know
4
11%
the total number of cases of fraud that occurred
globally during our study period, it is safe to as- $400,000–$599,999
sume that the 2,690 cases included in our study 7%
represent only a tiny fraction of the frauds com-
mitted against organizations worldwide during $600,000–$799,999
that time. Thus, the USD 7.1 billion in known loss- 3%
es—while staggering on its own—does not come
$800,000–$999,999
close to representing the total amount lost to
fraud. The true global cost of fraud is likely mag- 2%
nitudes higher, especially when factoring in the
$1 million or more
indirect costs, such as reputational harm and loss
of business during the aftermath of a scandal. 22%
The mean, or average, loss due to the frauds in
our study was USD 2.75 million,5 which is also an
Throughout this report, we further examine
enormous amount when considering how much
these losses through different lenses, based
damage such a loss represents to most organi-
on the specific schemes, victim organizations,
zations. However, due to the presence of several
perpetrators involved, and other factors.
very large frauds in our data, this amount likely
We hope that our research into and analysis of these cases
does not illustrate the typical fraud case. Conse-
helps shed additional light on the way that fraud impacts
quently, throughout this report we use median
the global business community and its stakeholders.
loss calculations, rather than mean, to provide
a more accurate representation of how fraud
typically affects organizations.
The median loss for all cases in our study was
USD 130,000. Figure 2 shows the loss distribution
of the cases. While 55% caused less than USD
200,000 in financial damage, more than one-fifth
resulted in a loss of at least USD 1 million.
4
The total losses represented in our study were actually signifi-
cantly higher than USD 7.1 billion. However, our survey results
included a few cases with losses so large that including them in the
total loss figure may have enabled them to be identified. To avoid
compromising the confidentiality of our survey participants, we
winsorized the top and bottom 1% of the data used in this total loss
calculation (i.e., assigned all cases in the top 1% and bottom 1% the
same value as the 99th percentile and 1st percentile, respectively).
While including those cases would increase the total loss amount
figure substantially, we believe it prudent to both ensure those
cases remain unidentified and conservatively report loss amounts.
5
As with the total loss figure, the top and bottom 1% of the data
were winsorized for purposes of the average loss calculation.
The Cost of Occupational Fraud Report to the Nations 9
HOW
OCCUPATIONAL
FRAUD IS FIG. 3 How is occupational fraud committed?
COMMITTED 89%
What methods do
fraudsters use to
commit their schemes?
PERCENT OF CASES
One of the goals of the first Report to the
Nation was to examine the methods by 38%
which fraudsters commit their schemes,
and we have continued this line of study in
every subsequent report. Over the last two
decades, even with tremendous technolog- 10%
ical development and numerous changes in
the global business and regulatory environ-
ments, our research shows that occupation- Asset Financial
misappropriation Corruption statement fraud
al fraud falls into several time-tested cate-
gories. The taxonomy of these categories
is illustrated in the Occupational Fraud and
$114,000
Abuse Classification System, also known as
the Fraud Tree, as depicted in Figure 4.
$250,000
MEDIAN LOSS
Categories of Occupational Fraud
Of the three primary categories of occupational fraud,
asset misappropriations are by far the most common,
occurring in 89% of the cases in our study. However,
they are also the least costly, causing a median loss of
USD 114,000. Corruption schemes are the next most
common form of occupational fraud; 38% of the cases
in our study involved some form of corrupt act. These
schemes resulted in a median loss to the victim organi-
zations of USD 250,000. The least common and most
costly form of occupational fraud is financial statement
$800,000
fraud, which occurred in 10% of the cases and caused a
median loss of USD 800,000.
10 How Occupational Fraud Is Committed Report to the NationsFIG. 4 Occupational Fraud and Abuse Classification System (the Fraud Tree)6
Corruption Asset Misappropriation Financial Statement Fraud
Net Worth/ Net Worth/
Conflicts of Illegal Gratuities Economic Net Income Net Income
Interest Bribery Extortion Overstatements Understatements
Purchasing Invoice Timing Timing
Schemes Kickbacks Differences Differences
Sales Fictitious Understated
Bid Rigging Revenues Revenues
Schemes
Concealed Overstated
Liabilities and Liabilities and
Expenses Expenses
Improper Improper
Asset Asset
Valuations Valuations
Improper Improper
Disclosures Disclosures
Cash Inventory and All
Other Assets
Theft of Cash Theft of Cash Fraudulent Misuse Larceny
on Hand Receipts Disbursements
Asset
Requisitions
Billing Payroll Expense Check and Register and Transfers
Skimming Cash Larceny Reimbursement Payment
Schemes Schemes Disbursements
Schemes Tampering
False Sales
and Shipping
Shell Ghost Mischaracterized
Refunds Employee Forged Maker False Voids
Sales Receivables Company Expenses
and Other Purchasing
and Receiving
Non- Overstated
Accomplice Falsified Forged
Write-Off Expenses Endorsement False Refunds
Unrecorded Vendor Wages
Schemes Unconcealed
Larceny
Personal Commission Fictitious
Lapping Purchases Schemes Altered Payee
Understated Expenses
Schemes
Multiple Authorized
Unconcealed Reimbursements Maker
6
The definitions for many of the categories of fraud schemes in the Fraud Tree are found in the Glossary of Terminology on pg. 78. In previous reports, the category
check and payment tampering was referred to simply as check tampering. However, to better reflect the increasing shift toward electronic payment methods, we
have changed the category title.
Report to the NationsFraud
How Occupational Committed Report
HowIsOccupational to Committed
Fraud Is the Nations 11When assessing an FIG. 5 How often do fraudsters commit more than one type of occupational
organization’s fraud risks fraud?
and designing anti-fraud
controls, it is important to
remember that fraudsters
typically seize whatever Financial
statement fraud
opportunity arises when
committing their schemes.
Thus, many frauds— Asset
including nearly one-third misappropriation
Corruption
of the cases in our study,
as illustrated in Figure
5—involve more than one
form of occupational fraud.
Asset Misappropriation
Sub-Schemes
Within the category of Asset misappropriation only 57%
asset misappropriation,
Asset misappropriation and corruption 23%
our research shows that
there are several dis- Corruption only 9%
tinct sub-categories of
schemes. The heat map Corruption, asset misappropriation, and financial statement fraud 4%
in Figure 6 illustrates the
Asset misappropriation and financial statement fraud 3%
relative frequency and cost
of each of these scheme Financial statement fraud only 1%
types. The schemes falling
Corruption and financial statement fraud 1%
in the darkest area of the
heat map—check and pay-
ment tampering,7 billing,
and theft of noncash as- FIG. 6 What asset misappropriation schemes present the greatest risk?
sets—rank among the most
common and the costliest Check and payment tampering
$150,000 (12%)
scheme types and thus
typically pose the greatest
Billing
risk to organizations. $100,000 (20%)
Noncash
$98,000 (21%)
7
In previous reports, this category
was referred to simply as check
tampering. However, to better Cash larceny
reflect the increasing shift toward $75,000 (11%)
electronic payment methods, we Payroll
$63,000 (7%)
have changed the category title to Skimming
check and payment tampering. $50,000 (11%)
Expense reimbursements
Register disbursements $31,000 (14%)
$29,000 (3%) Cash on hand
$20,000 (15%)
LESS RISK MORE RISK
12 How Occupational Fraud Is Committed Report to the NationsCORRUPTION
Corruption represents one of the most significant fraud risks for organizations in many
industries and regions. Understanding the specific factors involved in corruption schemes
can help organizations effectively prevent, detect, and investigate them.
Percent of cases involving corruption Industries with highest
proportion of
40% 36% 60% CORRUPTION CASES:
WESTERN EASTERN EUROPE AND
EUROPE WESTERN/CENTRAL ASIA
CANADA
30% 51%
UNITED STATES
62%
49%
53%
ASIA-PACIFIC
MIDDLE EAST AND
____NORTH AFRICA SOUTHERN
ASIA
ENERGY
51%
SUB-SAHARAN
AFRICA
LATIN AMERICA
AND THE 49%
CARIBBEAN
51%
MANUFACTURING
70%
of corruption cases were perpetrated by
someone in a POSITION OF AUTHORITY
82%
of corruption cases were
committed by males
50%
GOVERNMENT
AND PUBLIC
ADMINISTRATION
38% MANAGER WHILE ONLY
27% EMPLOYEE
18%
3% OTHER 32%
50 %
OWNER/ of corruption cases were
EXECUTIVE committed by females
OF CORRUPTION CASES
TOP RED FLAGS were detected
by a tip
in corruption cases
43% Living beyond means
34% Unusually close association with vendor/customer
23% Financial difficulties
21% “Wheeler-dealer” attitude
How Occupational Fraud Is Committed Report to the Nations 13Duration of FIG. 7 How does the duration of a fraud relate to median loss?
Fraud Schemes 27%
Examining how long frauds
tend to last can also provide
insight into how they affect 19%
their victims. The median
PERCENT OF CASES
duration for all of the fraud
13%
cases in our study was 16
11%
months. However, it stands 10%
to reason that the longer a 8%
fraud goes undetected, the 6%
5%
larger the scheme will grow.
Figure 7 shows that frauds
that last over 60 months are
more than 20 times as costly 6 months 7–12 13–18 19–24 25–36 37–48 49–60 More than
or less months months months months months months 60 months
as those that are caught in the
first six months. Our data also $30,000
indicates that fraudsters tend $75,000
to start small and increase $125,000
their frauds rapidly over $200,000
MEDIAN LOSS
the first three years. Thus,
it is incredibly important for
organizations to implement
$400,000
proactive fraud detection $425,000
mechanisms to catch frauds $500,000
quickly and minimize their
damage (see pg. 18).
$715,000
CONCEALING FRAUD
An act of fraud typically involves not only the commission of the scheme itself, but also efforts
to conceal the misdeeds. Understanding the methods fraudsters use to cover their crimes can
help organizations better design prevention mechanisms and detect the warning signs of fraud.
TOP 8 CONCEALMENT METHODS USED BY FRAUDSTERS
55% 48% 42% 34% 31% 30% 29% 27%
Created fraudulent Altered physical Created fraudulent Altered transactions Altered electronic Destroyed physical Created fraudulent Created fraudulent
physical documents documents transactions in the in the accounting documents or files documents electronic journal entries
accounting system system documents or files
14 How Occupational Fraud Is Committed Report to the NationsWe also examined the duration FIG. 8 How long do different occupational fraud schemes last?
of the cases reported to us Payroll
based on the type of scheme 30 months
involved. Figure 8 shows the
result of this analysis. The Check and payment tampering
24 months
payroll schemes in our study
tended to last the longest,
Financial statement fraud
with a median duration of 30 24 months
months, while schemes involv-
ing cash on hand and register Expense reimbursements
disbursements were both 24 months
typically uncovered one year
Billing
after they began.
24 months
Cash larceny
24 months
Corruption
22 months
Skimming
18 months
Noncash
18 months
Cash on hand
12 months
Register disbursements
12 months
How to Conceal: what to Conceal:
3
ONLY
%
����� �
Create, Alter, or Destroy? physical or electronic evidence?
OF CASES
80% 80%
Altered existing
DID NOT Created fraudulent
evidence
evidence
involve 21% 63% 12%
���
any attempts
to conceal
the fraud
Manager-level
43%
fraudsters are more
likely to alter evidence.
All of these
unconcealed Deleted or Owners/executives are ELECTRONIC PHYSICAL
cases were destroyed evidence more likely to create BOTH
or delete evidence. EVIDENCE EVIDENCE
committed
by owners/
executives
How Occupational Fraud Is Committed Report to the Nations 15DETECTION
How are fraud schemes
initially detected?
Understanding the methods by
which occupational frauds are
detected is critical for both investi-
gating schemes and implementing
effective prevention strategies. We
asked survey participants to tell us
how the frauds they investigated
were initially detected, which helps
us understand how organizations
are most likely to discover frauds
in the future. This data also shows
how organizations can take steps
to detect fraud proactively, rather
than passively.
Initial Detection of
Occupational Frauds
Figure 9 shows that the leading detection
methods are tips, internal audit, and man-
agement review. This finding is not surpris-
ing, as these have been the three most com-
mon means of detecting occupational fraud
in every edition of the report since 2010.
Collectively, these three detection methods
were cited in 68% of the cases in our current
study. Tips were by far the most common
means of detection at 40% of cases—more
than internal audit (15%) and management
review (13%) combined.
16 Detection Report to the NationsTip Sources
Since tips are the most common detection method, but this data suggests organizations should also
it is important to understand where those tips come consider promoting reporting mechanisms to outside
from. Figure 10 shows that slightly more than half parties, especially customers and vendors. Addition-
of all tips (53%) were provided by employees of the ally, 14% of tips came from an anonymous source,
victim organizations. Meanwhile, nearly one-third demonstrating that a significant portion of those who
(32%) of the tips that led to fraud detection came reported fraud did not want their identities known.
from people outside the organization: customers, Whistleblowers often have a fear of being identified
vendors, and competitors. Active cultivation of tips or retaliated against, which is why it is important that
and complaints, such as the promotion of fraud they be able to make reports anonymously where
hotlines, is often geared primarily toward employees, such practice is legally permissible.
FIG. 9 How is occupational fraud initially detected? FIG. 10 Who reports occupational fraud?
Tip
40%
Internal audit
15%
Management review
13%
Employee
By accident 53%
7%
Other
6%
Account reconciliation Customer
5% 21%
Document examination
4%
External audit Anonymous
4% 14%
Surveillance/monitoring
3%
Vendor
8%
Notified by law enforcement
2%
Other
IT controls 5%
1%
Competitor
Confession 3%
1%
Shareholder/owner
2%
Internal source External source Other
Detection Report to the Nations 17Median Loss and Duration
by Detection Method
In addition to determining the most common meth- passive detection methods because those mechanisms
ods of detection, we also analyzed the median loss might or might not involve proactive efforts specifically
and duration of fraud schemes based on how they to identify fraud, depending on the circumstances.
were uncovered. Our results indicate that there is a
correlation between the way in which occupational Our findings show that median duration and median
fraud schemes are detected and the severity of the loss were relatively low in frauds that were detected
fraud. More importantly, the data points to steps or- by active methods. Frauds detected passively tended
ganizations can take to detect fraud proactively and, to last much longer and have larger median losses.
in doing so, mitigate losses. For instance, frauds detected actively by IT controls
tended to last five months and cause a median loss of
Figure 11 portrays the median loss and median dura-
USD 39,000, compared to schemes detected passive-
tion for all cases, based on the method by which they
ly through notification from law enforcement, which
were detected. We grouped each of these detection
tended to last two years and cause a median loss of
methods into three categories: active, passive, or
almost USD 1 million. The key takeaway from this data
potentially active or passive. Active detection methods
(shaded teal) involve a deliberate search for miscon- is that organizations can reduce the impact of fraud
duct from someone within the organization or an inter- by pursuing internal controls and policies that actively
nal control designed to detect fraud. Passive detection detect fraud, such as thorough management review,
methods (shaded black) refer to cases in which the account reconciliation, and surveillance/monitoring.
organization discovers the fraud by accident, confes- Organizations that do not actively seek out fraud are
sion, or unsolicited notification by another party. We likely to experience schemes that continue for much
classified tips and external audit as potentially active or longer and at a higher cost.
FIG. 11 How does detection method relate to fraud duration and loss?
30 Active detection method
$186,000
Potentially active or passive detection method
MEDIAN MONTHS TO DETECTION
24 months
25 Passive detection method
$150,000
20 $250,000 24 months $935,000
23 months 24 months
15 $130,000 $126,000
18 months 18 months
$110,000
10 $108,000 14 months
$52,000 12 months
11 months
5
$50,000
$39,000 6 months
5 months
0
n
ls
ing
ion
it
n
e
w
Tip
nt
it
tio
sio
ud
lic
ud
ro
vie
ide
iat
or
po
ina
nt
la
la
es
re
nit
c
cil
co
na
ac
nf
na
by
am
nt
mo
on
Co
IT
r
er
me
te
ed
ex
By
ec
e/
Int
Ex
tifi
ge
nt
tr
nc
me
No
un
na
illa
co
Ma
cu
rve
Ac
Do
Su
18 Detection Report to the NationsHOTLINES AND REPORTING MECHANISMS
The presence of a hotline or other reporting mechanism affects
how organizations detect fraud and the outcome of the case.
Fraud losses were
63 $200,000
LOREM IPSUM
%
of victim
organizations
had hotlines
46%
OF CASES
DETECTED
BY TIP
HOTLINES
30%
OF CASES
DETECTED
BY TIP
NO HOTLINES
Corruption is particularly likely
Organizations
with hotlines
detected fraud by
tip more often
50% SMALLER
at organizations
$100,000
DOLOR SIT
to be detected by tip
with hotlines Asset Financial
��� ��� ���
Corruption Misappropriation Statement Fraud
than those without
Organizations without hotlines were 50%
DETECTED
38%
DETECTED
38%
DETECTED
more than TWICE AS LIKELY to detect BY TIP BY TIP BY TIP
fraud by accident or by external audit
Telephone hotlines are most popular, but
whistleblowers use various reporting mechanisms NOT ALL TIPS COME
THROUGH HOTLINES
Web-based/ When a reporting mechanism is not
Telephone hotline Email online form used, whistleblowers are most likely
to report to:
42% 26% 23% DIRECT SUPERVISOR 32%
EXECUTIVE 15%
Mailed letter/form Other Fax FRAUD INVESTIGATION TEAM 13%
16% 9% 1% COWORKER 12%
INTERNAL AUDIT 10%
Detection Report to the Nations 19VICTIM ORGANIZATIONS
How are different kinds of organizations
affected by occupational fraud?
To better understand the victim organizations in our study, we asked
participants to provide information about
T Y P Ethe
O F Vorganizations’
I C T I M O R G A N I Z A T type,
I O N — size,
FREQUENCY AND MEDIAN LOSS
and industry, as well as the mechanisms that the organizations had in
place to prevent and detect fraud at the time the scheme occurred.
Type of Organization FIG. 12 What types of organizations are victimized by
occupational fraud?
As shown in Figure 12, more than 70% of
42%
the frauds in our study occurred at for-prof-
it organizations, with 42% of the victim
PERCENT OF CASES
29%
organizations being private companies and
29% being public companies. The private
16%
companies in our study suffered the greatest
9%
median loss, at USD 164,000. Not-for-profit
4%
organizations were the victim in only 9% of
frauds and had the smallest median loss of Private Public
Government Not-for-profit Other
company company
USD 75,000; however, for many not-for-profit
entities, financial resources are extremely
limited and a loss of USD 75,000 can be
particularly devastating.
MEDIAN LOSS
Level of Government Organization $75,000
Resources and operations vary greatly by
level of government, meaning that fraud can $117,000 $118,000 $120,000
affect these organizations differently. Con-
sequently, we broke down the government
fraud cases in our study based on the level $164,000
of government agency involved. While there
was not a large variation in the percentage
FIG. 13 What levels of government are victimized
38+31+265F
of schemes that occurred at local, state/ by occupational fraud?
provincial, and national levels, the frauds at
national-level agencies tended to be much
larger, causing a median loss approximately National: 38% Local: 31%
twice as large as the losses experienced by ($200,000*) ($92,000*)
local and state/provincial governments (see State/provincial: 26% Other: 4%
($110,000*) ($58,000*)
Figure 13).
*Dollar amounts are median loss.
20 Victim Organizations Report to the NationsSize of Organization
The size of an organization’s staff can directly affect both the opportunity for
fraud and the ability to enact certain anti-fraud mechanisms. Larger entities
typically have more resources to invest in their anti-fraud programs, as well as
a greater ability to separate duties among staff members to help prevent fraud;
however, the large staff size can also mean more potentially dishonest employ-
ees who might attempt schemes and more complex processes and transac-
tions, which can increase the risk of fraud.
To provide some insight into the relative risks of fraud for organizations of
various sizes, we analyzed the cases reported to us based on the number of
employees at the victim organization. Figure 14 shows that small organiza-
tions (those with fewer than 100 employees) both experienced the greatest
percentage of cases in our study (28%) and suffered the largest median loss
(USD 200,000). See “Fraud in Small Businesses” on pgs. 22–23 for more
information about how fraud affects these organizations.
FIG. 14 How does an organization’s size relate to its occupational fraud risk?
28%
26%
24%
22%
PERCENT OF CASESFRAUD IN SMALL BUSINESSES
Fraud can be especially devastating to small businesses. These organizations typically have
fewer resources to both prevent and recover from a fraud, and they often require an increased
level of trust in employees due to a lower ability to implement robust anti-fraud controls.
SMALL BUSINESSES
LOSE ALMOST
TWICE AS MUCH
PER SCHEME TO
OCCUPATIONAL FRAUD
0 EMPLOYE + EMPLOYE
10 E 00 E
S
<
1
S
Median loss:
Median loss:
$200,000 $104,000
Frauds detected by tip: 29% 44%
Frauds caused by
lack of internal controls: 42% 25%
Frauds perpetrated by
an owner/executive: 29% 16%
22 Victim Organizations Report to the Nations32%
Corruption
43%
29%
Billing
18%
Check and 22%
payment tampering 8%
Expense 21%
reimbursements 11%
Skimming 20% Small businesses face
DIFFERENT RISKS
8%
20%
Cash on hand
14%
16%
than larger organizations
Noncash
22%
Financial 16%
statement fraud 7%
Cash larceny 14%
9%
Payroll 13%Industry of Organization
In addition, we examined the cases reported to us based on the industry of the victim organization. The greatest num-
ber of cases in our study occurred in the banking and financial services, manufacturing, and government and public
administration sectors. Readers should note that this data likely represents the industries that most often employ
CFEs, rather than the industries that are most susceptible to fraud. However, information about occupational fraud in
various industries can be useful for benchmarking purposes.
FIG. 15 How does occupational fraud affect organizations in different industries?
17+83+R
Banking and
366
Cases
financial services
M E D I A N LO S S :
$110,000
10+90+R
Manufacturing
212
7%
Cases
M E D I A N LO S S :
$240,000
9+91+R
Government and
201
14%
Cases
public administration
M E D I A N LO S S :
$125,000
7+93+R 5+95+R
Health care
158
Cases
M E D I A N LO S S :
$100,000
Retail
M E D I A N LO S S :
$50,000
108
Cases
5+95+R Insurance
101
Cases
M E D I A N LO S S :
$153,000
4+96+R Education
97
Cases
M E D I A N LO S S :
$68,000
4+96+REnergy
94
Cases
M E D I A N LO S S :
$300,000
4+96+R 4+96+R
Construction
90
Cases
M E D I A N LO S S :
$227,000
Other
M E D I A N LO S S :
$70,000
84
Cases
4+96+R 83
Cases
Transportation and
warehousing
M E D I A N LO S S :
4+96+R 76
Cases
Food service and hospitality
M E D I A N LO S S :
$90,000
3+97+R
Technology
68
Cases
M E D I A N LO S S :
$150,000
3+97+R 3+97+R
or social services
60
Cases
Religious, charitable,
M E D I A N LO S S :
$90,000
58
Cases
Services (professional)
M E D I A N LO S S :
$258,000
$140,000
2+98+R 51
Cases
Arts, entertainment,
and recreation
M E D I A N LO S S :
2+98+R
Telecommunications
50
Cases
M E D I A N LO S S :
$100,000
2+98+R
Real estate
35
Cases
M E D I A N LO S S :
$180,000
1+99+R 1+99+R 32
Cases
Agriculture, forestry,
fishing, and hunting
M E D I A N LO S S :
$136,000
Utilities
M E D I A N LO S S :
$150,000
29
Cases
$88,000
1+99+R
Services (Other)
28
Cases
M E D I A N LO S S :
$82,000
1+99+R Mining
27
Cases
M E D I A N LO S S :
$208,000
1+99+R
Communications and
publishing
24
Cases
M E D I A N LO S S :
1+99+R
Wholesale trade
24
Cases
M E D I A N LO S S :
$110,000
$525,000
24 Victim Organizations Report to the NationsMost Common Schemes by Industry
Understanding the frequency of specific fraud schemes within different industries can help organizations assess
and design controls to guard against the schemes that pose the most significant threats. Figure 16 provides a heat
map showing the relevant risk for each category of occupational fraud in every industry that had at least 50 report-
ed cases in our study. Boxes are shaded from light to dark red based on the respective level of occurrence, with
darker boxes indicating higher-frequency schemes.
FIG. 16 What are the most common occupational fraud schemes in various industries?
Financial statement fraud
Expense reimbursements
Register disbursements
Check and payment
Cash on hand
Cash larceny
Corruption
tampering
Skimming
Noncash
Payroll
Billing
INDUSTRY Cases
Banking and financial
338 11% 14% 23% 12% 36% 7% 8% 11% 2% 3% 9%
services
Manufacturing 201 27% 8% 15% 12% 51% 18% 10% 28% 5% 3% 7%
Government and public
184 15% 11% 11% 9% 50% 11% 5% 22% 7% 2% 11%
administration
Health care 149 26% 7% 13% 13% 36% 16% 11% 19% 17% 1% 12%
Retail 104 20% 10% 19% 9% 28% 8% 12% 34% 5% 13% 13%
Education 96 23% 19% 19% 6% 38% 18% 6% 19% 6% 0% 14%
Insurance 87 20% 9% 3% 18% 45% 8% 7% 11% 3% 1% 11%
Energy 86 20% 2% 10% 12% 53% 10% 3% 27% 7% 2% 10%
Construction 83 37% 12% 8% 19% 42% 23% 16% 23% 14% 1% 13%
Transportation and
79 25% 8% 8% 9% 46% 15% 8% 28% 3% 3% 13%
warehousing
Food service and
75 17% 16% 20% 11% 29% 12% 12% 24% 7% 0% 23%
hospitality
Technology 62 26% 5% 10% 8% 42% 21% 16% 32% 8% 0% 6%
Religious, charitable, or
58 40% 9% 22% 19% 34% 29% 10% 19% 22% 3% 17%
social services
Services (professional) 54 26% 17% 15% 26% 17% 30% 13% 13% 15% 0% 15%
Arts, entertainment,
50 14% 20% 36% 6% 32% 12% 8% 18% 4% 8% 28%
and recreation
LESS RISK MORE RISK
Victim Organizations Report to the Nations 25As noted in Figure 16 on pg. 25, corruption poses Effectiveness of Anti-Fraud Controls
a significant risk to several industries, with the most
Demonstrating the return on investment in anti-fraud
common occurrence of corruption schemes in the
initiatives can be a difficult task, as it is nearly impos-
energy, manufacturing, and government and public
sible to measure the amount of fraud prevented by a
administration sectors. Skimming schemes were also
specific control. However, many anti-fraud profession-
notably more common in the arts, entertainment, and
als find themselves needing to make a business case
recreation and the food service and hospitality indus-
to justify additional fraud prevention and detection
tries than elsewhere, while payroll schemes occurred
initiatives. To provide some visibility into the relative ef-
more frequently in the religious, charitable, or social
fectiveness of various anti-fraud controls, we compared
services and the health care sectors. Interestingly, the
the losses experienced by the victim organizations that
cases that occurred in religious, charitable, or social
had specific controls in place against the losses experi-
services organizations also tended to involve the most
enced by those that had not implemented each control.
crossover between scheme types, meaning the perpe-
The results of this analysis are provided in Figure 18
trators in these cases used many different schemes to
on pg. 28. Interestingly, the presence of every control
defraud the victims, rather than limiting their frauds to
we analyzed was correlated with lower fraud losses.
one specific area.
For example, the use of proactive data monitoring and
analysis and surprise audits was associated with a
Anti-Fraud Controls more than 50% reduction in fraud losses.
at the Victim Organization
We similarly analyzed the duration of fraud schemes
The presence of a robust system of anti-fraud con-
based on the presence or absence of each anti-fraud
trols can be a powerful deterrent, as well as a proac-
control (see Figure 19 on pg. 29). Data monitoring and
tive prevention and detection mechanism, in the fight
analysis and surprise audits were correlated with the
against fraud. Thus, organizations can benefit from
most significant reductions in fraud duration; as these
knowing which anti-fraud controls are commonly
two controls were also associated with some of the
used by their peers, as well as which tend to be the
largest loss reductions, our data indicates that they are
most effective. To help explore this information, we
among the most useful tools in the fight against fraud.
provided survey respondents with a list of 18 enti-
ty-level, anti-fraud controls and asked which, if any,
were present at the victim organization at the time
the fraud occurred. As noted in Figure 17, 80% of the
organizations had a code of conduct and underwent
external financial statement audits, while 73% had
internal audit departments, and 72% had company
management certify the financial statements. On the
other end of the spectrum, 19% of organizations had
policies requiring job rotation or mandatory vacation,
and only 12% provided rewards for whistleblowers.
26 Victim Organizations Report to the NationsFIG. 17 What anti-fraud controls are most common?
Code of conduct
80%
External audit of financial statements
80%
Internal audit department
73%
Management certification of financial statements
72%
External audit of internal controls over financial reporting
67%
Management review
66%
Hotline
63%
Independent audit committee
61%
Employee support programs
54%
Anti-fraud policy
54%
Fraud training for employees
53%
Fraud training for managers/executives
52%
Dedicated fraud department, function, or team
41%
Formal fraud risk assessments
41%
Surprise audits
37%
Proactive data monitoring/analysis
37%
Job rotation/mandatory vacation
19%
Rewards for whistleblowers
12%
Victim Organizations Report to the Nations 27FIG. 18 How does the presence of anti-fraud controls relate to median loss?
$250,000
PERCENT
REDUCTION
$200,000 56%
52%
50% 51%
50% 50%
46% 47%
43%
38% 41%
$150,000 38%
35%
33%
29%
20% 23%
12%
Median loss without controls
$100,000
Median loss with controls
$50,000
Co
Pr
Su
de
oa
Ex
rp
Ma
cti
of
te
Ho
ris
An
v
rn
co
na
ed
ea
tlin
Int
al
Ma
ti-
nd
ge
er
ud
at
Fr
e
au
fra
uc
na
m
Fo
am
na
au
its
dit
ud
Em
en
t
ge
rm
Fr
la
dt
0
De
on
t
of
po
Ex
plo
me
au
ud
al
r
r
dic udit
e
Jo
a
ito
i
te
lic
dt
Ind
n
v
ini
fra
ye
nt
it d
i
br
te
Re
rn
e
at
rin
y
ra
ng
es
ce
w
ud
ep
rn
al
e
ed
ot
w
g/
i
pa
n
rti
al
up
ar
en
fo
at
a
ris
ing
an
fra
fic
rtm
co
re
d
ion
po
d
k
aly
sf
en
ud ncia
at
fo
nt
as
mp ents
rt
en
/
or
of
ion
ma
sis
rm
ro
ta
se
de
pr
t
loy
wh
ls
fin
ud
nd
ss
og
an
pa
of
ov
ee
a
m
ist
it c
at
r
ag
rtm
fin
am
er
s
or
leb
om
er
an
en
y
fin
s
l
s/e
low
cia
v
sta
mi
t, f
an
a
xe
ca
tte
ls
er
t
un
cia
e
cu
tio
ta
s
me
e
cti
lr
tiv
te
n
ep
on
nt
me
es
s
or
,o
nt
tin
rt
s
g
ea
m
Percent Control Control not Percent
Control of cases in place in place reduction
Code of conduct 80% $110,000 $250,000 56%
Proactive data monitoring/analysis 37% $80,000 $165,000 52%
Surprise audits 37% $75,000 $152,000 51%
External audit of internal controls over financial reporting 67% $100,000 $200,000 50%
Management review 66% $100,000 $200,000 50%
Hotline 63% $100,000 $200,000 50%
Anti-fraud policy 54% $100,000 $190,000 47%
Internal audit department 73% $108,000 $200,000 46%
Management certification of financial statements 72% $109,000 $192,000 43%
Fraud training for employees 53% $100,000 $169,000 41%
Formal fraud risk assessments 41% $100,000 $162,000 38%
Employee support programs 54% $100,000 $160,000 38%
Fraud training for managers/executives 52% $100,000 $153,000 35%
Dedicated fraud department, function, or team 41% $100,000 $150,000 33%
External audit of financial statements 80% $120,000 $170,000 29%
Job rotation/mandatory vacation 19% $100,000 $130,000 23%
Independent audit committee 61% $120,000 $150,000 20%
Rewards for whistleblowers 12% $110,000 $125,000 12%
28 Victim Organizations Report to the NationsFIG. 19 How does the presence of anti-fraud controls relate to the duration of fraud?
25
58%
54%
50% 50% PERCENT
50% 50% REDUCTION
50% 50%
50%
20 50% 50%
50%
MEDIAN MONTHS TO DETECTION
48%
46%
44%
38% 40%
33%
15
Median duration without controls
10 Median duration with controls
5
Pr
Su
oa
Int
rp
Ma
cti
er
Ex
ris
Ma
na
ve
na
Ho
te
ea
An
la
na
ge
Fr
rn
tlin poli
da
ti-
ud
Fr
au
ud
al
ge
me
Fo
ta
fra
e
au aud
i
au
dt
it d fica
t
me
Re
rm
s
mo
nt
ud
dt
Ind f con
Co atio
dit
ra
wa
ep
nt
al
Jo
0
ce
nit
ra
ini
ep
de
of
fr
a
br
re
rd
De
rti
ini
Ex
or
ng
r
en
Em
tm
vie
s
i
o
cy
ot
ng
nt
te
ing
dic
fo
de
fo
e
er
rn
plo
w
ris
t
nt
rw
fo
/an
at
re
ion
nt
na
a
rm
ed
la
ye
ka
n/
du
mp
his
aly
au
lc
o
ud
m
es
fra
an
ct
ss
f fi
on
dit
tle
sis
loy
an
it o
es
up
ag s
ud
n
tro
blo
co
da
ee
an
sm
po
e
f fi
de
ls
mm
t
rs/
w
s
cia
o
en
rt
na
ov
er
r
pa
ex
y
ls
pr
itt
t
nc
s
er
va
r
ec
og
tm
ta
ee
ial
fin
ca
ut
te
ra
en
sta
tio
ive
an
me
ms
t,
n
cia
s
te
fu
n ts
me
nc
lr
ep
tio
nt
or
s
n,
tin
or
g
te
am
Percent Control Control not Percent
Control of cases in place in place reduction
Proactive data monitoring/analysis 37% 10 months 24 months 58%
Surprise audits 37% 11 months 24 months 54%
Internal audit department 73% 12 months 24 months 50%
Management certification of financial statements 72% 12 months 24 months 50%
External audit of internal controls over financial reporting 67% 12 months 24 months 50%
Management review 66% 12 months 24 months 50%
Hotline 63% 12 months 24 months 50%
Anti-fraud policy 54% 12 months 24 months 50%
Fraud training for employees 53% 12 months 24 months 50%
Fraud training for managers/executives 52% 12 months 24 months 50%
Formal fraud risk assessments 41% 12 months 24 months 50%
Rewards for whistleblowers 12% 9 months 18 months 50%
Independent audit committee 61% 12 months 23 months 48%
Code of conduct 80% 13 months 24 months 46%
Job rotation/mandatory vacation 19% 10 months 18 months 44%
Dedicated fraud department, function, or team 41% 12 months 20 months 40%
External audit of financial statements 80% 15 months 24 months 38%
Employee support programs 54% 12 months 18 months 33%
Victim Organizations Report to the Nations 29Background Checks FIG. 20 Was a background check run on the perpetrator prior to hiring?
Effectively preventing fraud
Did the check reveal
begins with ensuring that existing red flags?
the organization hires ethical
Yes 10%
employees. As part of our
study, we examined whether
No 48% No 90%
the victim organizations ran
a background check on the
perpetrator prior to hiring him
or her, as well as whether the
background check revealed
any potential indicators of the
employee’s dishonesty. As Yes 52%
noted in Figure 20, 52% of the
organizations ran background
checks, while 48% did not.
Of the organizations that did
run a check before hiring the
perpetrator, 10% were alerted
to a red flag regarding the
perpetrator but chose to hire FIG. 21 What types of background checks were run
the person anyway. on the perpetrator prior to hiring?
We also asked about the Employment history 78%
types of background checks Criminal checks 75%
used by the victim organiza- Reference checks 55%
tions in our study. Figure 21
Education verification 50%
shows that these organiza-
Credit checks 36%
tions were most likely to look
into the individual’s employ- Other 4%
ment and criminal history, with
three-quarters or more of the
background checks covering
these areas.
30 Victim Organizations Report to the NationsInternal Control Weaknesses that Contributed to Fraud
Understanding the factors that can lead to fraud is the foundation of preventing future occurrences. Conse-
quently, we asked survey respondents what they perceived to be the primary internal control weakness that
contributed to the fraud they reported. In 30% of cases, a simple lack of controls was the main factor that
enabled the fraud to occur, while another 19% of cases occurred because the perpetrator was able to override
the controls that had been put in place.
FIG. 22 What are the primary internal control weaknesses that contribute to occupational fraud?
Lack of internal controls 30%
Override of existing controls 19%
Lack of management review 18%
Poor tone at the top 10%
Lack of competent personnel in oversight roles 8%
Lack of independent checks/audits 4%
Other 6%
Lack of employee fraud education 2%
Lack of clear lines of authority 2%
Lack of reporting mechanismWe also analyzed these FIG. 23 How do internal control weaknesses vary by scheme type?
control weaknesses based
on the category of fraud Lack of internal controls
32%
involved in the scheme (see
25%
Figure 23). Not surprisingly, 29%
a poor tone at the top was
much more likely to be the Lack of management review
primary factor in financial 19%
15%
statement fraud and cor- 15%
ruption cases than in asset
misappropriation cases. Override of existing internal controls
However, it is interesting to 18%
21%
note that a lack of internal
14%
controls is more common in
asset misappropriation and Poor tone at the top
financial statement frauds, 9%
18%
while corruption schemes 23%
are more likely than other
schemes to involve an Lack of competent personnel in oversight roles
override of existing con- 8%
6%
trols. In addition, a lack 5%
of management review is
more commonly the reason Other
for asset misappropriation 5%
7%
schemes than other forms
8%
of fraud.
Lack of independent checks/audits
4%
3%
5%
Lack of employee fraud education
2%
3%PERPETRATORS
What does a typical fraudster look like?
We asked survey respondents to provide a broad range of information about
the fraud perpetrators they investigated, including the offenders’ conditions
of employment, basic demographics, prior misconduct, and behavior that
might have been warning signs of fraudulent activity. Our goal is to identify
common characteristics and risk profiles for those who commit occupational
fraud, which can help organizations better recognize fraud perpetrators or
those at risk for engaging in fraudulent activity.
Perpetrator’s Position FIG. 24 How does the perpetrator’s level of authority
relate to occupational fraud?
As seen in Figure 24, there is
a strong correlation between 44%
the fraud perpetrator’s level of
authority and the size of the
34%
fraud. While owners/execu-
PERCENT OF CASES
tives only committed 19% of the
frauds in our study, the schemes
committed by these individuals
19%
resulted in a median loss of USD
850,000, which was nearly six
times larger than the median
loss caused by managers, and 17
times larger than the median loss 3%
caused by low-level employees.
A significant correlation between Employee Manager Owner/executive Other
authority and fraud loss has
been found in every edition of $50,000
the report dating back to 1996.
This correlation likely reflects $150,000
$189,000
the fact that high-level fraudsters
tend to have greater access to
MEDIAN LOSS
an organization’s assets than
low-level personnel. They may
also have greater technical
ability to commit and conceal
fraud, and they might be able to
use their authority to override or
conceal their crimes in ways that
low-level employees cannot. $850,000
Perpetrators Report to the Nations 33You can also read
