About the Report

  • Conclusions and Recommendations

    • Occupational fraud is a universal problem for businesses around the globe. Although some slight regional variations were noted in methods used both by fraudsters to commit their crimes and by organizations to prevent and detect fraud schemes, the overall trends in our data are quite consistent, both across borders and over time. This consistency underscores the nature and pervasiveness of fraud’s threat to all organizations.
    • The longer frauds last, the more financial damage they cause. Passive detection methods (confession, notification by law enforcement, external audit and by accident) tend to take longer to bring fraud to management’s attention, which allows the related loss to grow. Consequently, proactive detection measures — such as hotlines, management review procedures, internal audits and employee monitoring mechanisms — are vital in catching frauds early and limiting their losses.
    • Small businesses are both disproportionately victimized by fraud and notably under-protected by anti-fraud controls, a combination that makes them significantly vulnerable to this threat. While resources available for fraud prevention and detection measures are limited in many small companies, several anti-fraud controls — such as an anti-fraud policy, formal management review procedures and anti-fraud training for staff members — can be enacted with little direct financial outlay and thus provide a cost-effective investment for protecting these organizations from fraud.
    • External audits are implemented by a large number of organizations, but they are among the least effective controls in combatting occupational fraud. Such audits were the primary detection method in just 3% of the fraud cases reported to us, compared to the 7% of cases that were detected by accident. Further, although the use of independent financial statement audits was associated with reduced median losses and durations of fraud schemes, these reductions were among the smallest of all of the anti-fraud controls analyzed in our study. Consequently, while independent audits serve a vital role in organizational governance, our data indicates that they should not be relied upon as organizations’ primary anti-fraud mechanism.
    • Many of the most effective anti-fraud controls are being overlooked by a significant portion of organizations. For example, proactive data monitoring and analysis was used by only 35% of the victim organizations in our study, but the presence of this control was correlated with frauds that were 60% less costly and 50% shorter in duration. Other less common controls — including surprise audits, a dedicated fraud department or team and formal fraud risk assessments— showed similar associations with reductions in one or both of these measures of fraud damage. When determining how to invest anti-fraud dollars, management should consider the observed effectiveness of specific control activities and how those controls will enhance potential fraudsters’ perception of detection.
    • The vast majority of occupational fraudsters are first-time offenders; only 5% had been convicted of a fraud-related offense prior to committing the crimes in our study. Furthermore, 82% of fraudsters had never previously been punished or terminated by an employer for fraud-related conduct. While background checks can be useful in screening out some bad applicants, they might not do a good job of predicting fraudulent behavior. Most fraudsters work for their employers for years before they begin to steal, so ongoing employee monitoring and an understanding of the risk factors and warning signs of fraud are much more likely to identify fraud than pre-employment screening.
    • Most occupational fraudsters exhibit certain behavioral traits that can be warning signs of their crimes, such as living beyond their means or having unusually close associations with vendors or customers. In 92% of the cases we reviewed, at least one common behavioral red flag was identified before the fraud was detected. Managers, employees, auditors and others should be trained to recognize these warning signs that, when combined with other factors, might indicate fraud.
2014 ACFE Asia-Pacific Fraud Conference