Occupational Fraud and Abuse Update

Plus, a Small Business Perspective

norman-kur 3

Norman A. Kur, CFE, CMA, AM

On April 17, 2018, the Association of Certified Fraud Examiners (“ACFE”) released the 10th edition of its global study on occupational fraud, the Report to the Nations – 2018 Global Study on Occupational Fraud and Abuse (hereinafter the “Report to the Nations”). The information and statistics set forth therein are based on 2,690 cases of occupational fraud in 125 countries that resulted in over $7 billion in total losses. Clearly, fraud is big business – and it affects businesses both big and small. But because small businesses face different risks and are typically more resource constrained than larger organizations, their approach to detection and prevention should be viewed through a slightly different lens.

Definition + classifications

Let’s begin with a simple definition. According to the Report to the Nations, “Occupational fraud is defined as the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.” The definition is important as it is indifferent to the individual committing the fraud. In other words, occupational fraud can be committed against an organization by any employee, including executive management, as well as officers, directors and owners.

Over time, the ACFE has developed an extensive Occupational Fraud and Abuse Classification System, also known as the “Fraud Tree.” The Fraud Tree identifies numerous fraud schemes that generally fall within three overarching categories: corruption, asset misappropriation and financial statement fraud, which are defined as follows:

  • Corruption: a scheme in which an employee misuses his or her influence in a business transaction in a way that violates his or her duty to the employer in order to gain a direct or indirect benefit (e.g., schemes involving bribery or conflicts of interest).
  • Asset misappropriation: a scheme in which an employee steals or misuses the employing organization’s resources (e.g., theft of company cash, false billing schemes, or inflated expense reports).
  • Financial statement fraud: a scheme in which an employee intentionally causes a misstatement or omission of material information in the organization’s financial reports (e.g., recording fictitious revenues, understating reported expenses or artificially inflating reported assets).

Many of the findings presented in the Report to the Nations are organized around these three classifications.

Findings by type of fraud

Consistent with prior studies, the Report to the Nations found an inverse relationship between the frequency of fraud committed by classification and the median loss involved. Asset misappropriation schemes accounted for a whopping 89% of the cases reviewed, with a median loss of “only” $114,000. Financial statement fraud, on the other hand, occurred in only 10% of the cases, but the median loss was a hefty $800,000. Corruption schemes fell in between, occurring in 38% of the cases in the study and resulting in a median loss of $250,000. 1

Interestingly, though perhaps not surprisingly, fraud often involves a combination of schemes. While the majority (57%) of the cases involved asset misappropriation only and 9% involved corruption only, nearly one-quarter (23%) involved both asset misappropriation and corruption. Four percent of the fraud cases involved elements of all three major categories (corruption, asset misappropriation and financial statement fraud).

As mentioned above, some form of asset misappropriation (alone or in combination with other categories) was present in a full 89% of the cases. The Report to the Nations drilled down on these results to report findings by eight specific asset misappropriation schemes. The following table presents the results, organized in descending order by cost to the organization2:

Asset misappropriation schemeMedian costFrequency
Check and payment tampering$150,00012%
Cash larceny$75,00011%
Expense reimbursements$31,00014%
Register disbursements$29,0003%
Cash on hand$20,00015%

According to the Report to the Nations, three schemes “rank among the most common and the costliest scheme types and thus typically pose the greatest risk to organizations.” These are:

  • Check or payment tampering schemes, which are fraudulent disbursement schemes in which a person steals his or her employer’s funds by intercepting, forging, or altering a check or electronic payment drawn on one of the organization’s bank accounts.
  • Billing schemes, which are fraudulent disbursement schemes in which a person causes his or her employer to issue a payment by submitting invoices for fictitious goods or services, inflated invoices, or invoices for personal purchases.
  • Noncash misappropriations, which are any schemes in which an employee steals or misuses noncash assets of the victim organization.

Initial detection

Fraud by its very nature involves deception. Black’s Law Dictionary (9th edition), for example, defines it as:

A knowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or her detriment.

So, if perpetrators work to hide their fraudulent activity, how is occupational fraud initially detected? The Report to the Nations provides some interesting information. Tips, in fact, are the most common detection method by far. In the cases studied, 40% of the frauds were initially detected by tips. The second most common method was internal audit, which accounted for the initial fraud detection in only 15% of the cases. These methods are also categorized as active or passive, which are defined in the Report to the Nations as follows:

  • Active detection methods involve a deliberate search for misconduct from someone within the organization or an internal control designed to detect fraud.
  • Passive detection methods refer to cases in which the organization discovers the fraud by accident, confession or unsolicited notification by another party.
  • Potentially active or passive detection methods might or might not involve proactive efforts specifically to identify fraud, depending on the circumstances.

The following table summarizes the results 3:

Initial detection methodTypeFrequency
TipPotentially active or passive40%
Internal auditActive15%
Management reviewActive13%
By accidentPassive7%
Account reconciliationActive5%
Document examinationActive4%
External auditPotentially active or passive4%
Notified by law enforcementPassive2%
IT controlsActive1%

The Report to the Nations also collected information regarding median months to detection and median loss by initial detective method. Frauds initially detected by active methods were shorter in duration and less costly, while the duration and losses of frauds that were detected passively were greater, and in some cases significantly.

Primary internal control weaknesses

The Report to the Nations identified the primary internal control weaknesses that contribute to occupational fraud. The results are as follows:

WeaknessResponse rate
Lack of internal controls30%
Override of existing controls19%
Lack of management review18%
Poor tone at the top10%
Lack of competent personnel in oversight roles8%
Lack of independent checks/audits4%
Lack of employee fraud education2%
Lack of clear lines of authority2%
Lack of reporting mechanism<1%

As indicated, lack of internal control, ability to override existing controls and lack of management review were identified approximately two-thirds of the time as the primary internal control weakness that the fraudster exploited. In another 10 percent of the cases, a poor management climate or “tone at the top” was identified to be the primary weakness, although this is much more relevant in cases of financial statement fraud and corruption than in asset misappropriation matters.

Small business fraud

Many of us are generally familiar with some of the major frauds in the last couple of decades. Remember Enron? How about Tyco, WorldCom and HealthSouth? And who can forget Bernie Madoff? These are the frauds that get the headlines, and rightly so, but fraudulent activity occurs frequently at small businesses that often have far fewer resources to devote to fraud prevention and detection.

The Report to the Nations compared the characteristics and impacts of fraud on organizations with fewer than 100 employees to those that have 100 or more employees. Certain comparisons stood out, as follows:

 <100 Employees100+ Employees
Median loss$200,000$104,000
Frauds detected by tip29%44%
Frauds caused by lack of internal controls42%25%
Frauds perpetrated by an owner/executive29%16%

These comparisons help to put some of the previous discussion into context for small businesses. As mentioned above, tips were the initial detection method in 40% of the cases reviewed. However, this result is skewed to the larger organizations as a smaller, though still significant, 29% of frauds in smaller operations were detected by tips. Not surprisingly, smaller companies were much more likely to experience frauds that were caused by insufficient internal controls. As stated in the Report to the Nations, small businesses “often require an increased level of trust in employees due to a lower ability to implement robust anti-fraud controls.”


Case results

Once a fraud has been discovered, companies can take internal actions, such as terminating or suspending the perpetrator, and can seek remedies through external means, such as criminal and civil litigation. With respect to internal actions, the most common action was the termination of the perpetrator, which occurred in 65% of the cases surveyed, while there was no punishment at all in only 6% of the matters. In 58% of the cases surveyed, the perpetrator was referred to law enforcement and in 73% of those matters, the fraudster pleaded guilty or no contest or was convicted at trial. In 23% of the cases, a civil suit was filed. Among those, a judgment in favor of the victim was reached 53% of the time, while a settlement occurred in 27% of the cases.

Unfortunately, according to the Report to the Nations, the fraud victims are typically not made whole. In fact, only 15% of the victims in the cases reviewed recovered all of their losses and only 32% made a partial recovery. A full 53% of the victims recovered nothing.


The 2018 Report to the Nations provides a wealth of fraud-related statistics based on 2,690 cases of occupational fraud. Because the likelihood of fraud occurring at a business is relatively high and the potential for recovering fraud losses is quite low, it would benefit small businesses to evaluate their circumstances in light of the survey results and determine what, if any, steps they should consider taking given their specific fraud risks and their resource constraints. Certain measures like establishing an internal audit department or procedures might be cost prohibitive, while others, such as remedying easy override of existing controls could prove very effective. Given the survey data presented in the Report to the Nations, all organizations, no matter their size, should take steps within their means to proactively address fraud prevention and detection in order to lessen the associated risks.

Norman A. Kur, CFE, CMA, AM, Director, specializes in economic damage calculations and forensic accounting services. You can reach him at (480) 483-1170 or NormK@hhcpa.com.

  1. Percentages will not sum to 100%, as more than one scheme may have been present in any single case.
  2. Ibid
  3. Does not sum due to rounding