1. WHAT IS FRAUD?

Fraud is a knowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or her detriment.

2. HOW MUCH TIME ELAPSES BEFORE FRAUD IS DETECTED?

The median fraud duration from commencement to detection of 18 months.

3. HOW DOES FRAUD AFFECT ORGANIZATIONS?

The typical organization loses 5 percent of its annual revenues to fraud.1 During the time the fraud has gone undetected, the median loss for an organization is $145,000, with nearly a quarter of cases involving losses of at least $1 million.

4. WHAT ARE THE MOST COMMON TYPES OF FRAUD?

Occupational fraud, which is fraud committed by an individual in their role within the workplace, can be broken into three categories:

  • Financial statement fraud
  • Corruption (primarily bribery)
  • Asset misappropriation

Many cases involve more than one category of occupational fraud.

5. HOW MUCH DOES EACH TYPE OF FRAUD COST AN ORGANIZATION?

The median financial losses for occupational fraud are:

  • $1 million for financial statement fraud
  • $200,00 for corruption and
  • $130,000 for asset misappropriation

6. WHAT IS THE BEST METHOD OF FRAUD DETECTION?

Tips are consistently the most effective fraud detection tool. Approximately 40 percent of frauds are detected by tips, making tips twice as effective at fraud detection than management reviews, audits, account reconciliation, document examination, surveillance and monitoring, law enforcement and IT controls.

7. WHAT IMPACT DOES THE FRAUD PERPETRATOR’S ROLE WITHIN THE ORGANIZATION HAVE ON FINANCIAL LOSS?

The more senior the role, the greater the loss. The median loss based on the perpetrator’s role is:

  • An owner or executive perpetrator = $500,000
  • A manger perpetrator = $130,000
  • An employee perpetrator = $75,000

8. HOW DOES THE NUMBER OF PEOPLE INVOLVED IN A FRAUD IMPACT AN ORGANIZATION’S FINANCIAL LOSS?

The more people involved, the greater the loss. Losses increase from a median of $80,000 for a single person to $500,000 for four or more persons.

9. WHY DON’T TRADITIONAL AUDITS DETECT FRAUD?

External audits account for just 3 percent of accurate fraud detections, although approximately 80 percent of victimized organizations rely on them. Three principle reasons fraud evades detection in traditional audits are:

  • Predictable timing: Audits often occur on a regular and announced timetable, which allows perpetrators to avoid periods when detection would be likely.
  • Limited scope: Audits are concerned with examining financial data and the existence of controls with the goal of reaching an opinion on financial statements and related information. This is not always comprehensive enough to detect fraud, which requires the more intensive tasks of reviewing documents, conducting interviews and performing record searches.
  • Approach: Although auditors are required to employ professional skepticism, the traditional audit is nonadversarial. By contrast, a fraud investigation requires an approach designed to identify whether there is sufficient evidence to support or rebut an allegation of fraud.

10. WHAT CAN ORGANIZATIONS DO?

Establish and employ anti-fraud training, policies and controls tailored to fraud risks at each employee level and for all business lines.

Establish and use employee hotlines as a first line of defense to fraud.

Where appropriate training, policies and controls are in place, the length of fraud schemes may be reduced by 50 percent and the financial loss reduced by 60 percent. Statistics used in this document are drawn from The Association of Certified Fraud Examiners (ACFE) Report to the Nations on Occupational Fraud and Abuse (2014), available at www.acfe.com/rttn.aspx.