Occupational Fraud: The Audit as Deterrent

Who better to teach CPAs how to spot fraud than the perpetrators?

here’s good news to be had: Audited companies suffer less severe fraud losses than unaudited ones, and the overall rate of occupational fraud hasn’t changed much in the last six years. Those conclusions come from the “2002 Report to the Nation on Occupational Fraud and Abuse,” issued by the Association of Certified Fraud Examiners (ACFE). From actual case studies taken from the report, auditors and their clients will learn the methods used by employees and insiders to commit occupational fraud and what can be done to better detect and deter these offenses.

The report defines occupational fraud as “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.” The breadth of this definition includes a wide range of misconduct by executives, managers and employees of organizations ranging from sophisticated investment swindles to petty theft.

The report, based on questionnaires mailed to some 10,000 certified fraud examiners (CFE), details 971 fraud cases. The CFEs typically fall into two broad groups: investigators and auditors. They are employed mainly in three sectors: government, business and public accounting (in that order). The average CFE has been involved in the audit or investigation of more than a hundred cases of alleged fraud.

Occupational Fraud Losses

Source: “2002 Report to the Nation on Occupational Fraud and Abuse,” published by the Association of Certified Fraud Examiners.

The survey covered four categories: the cost of fraud, the methods used, the perpetrators and the victims. This article will cover only highlights; the complete report can be viewed at www.cfenet.com .


Determining how much fraud actually costs the American economy is difficult, if not impossible, because not all fraud is detected or reported. Moreover, no organization is charged with accumulating comprehensive data, and few studies have been conducted. Even in the current ACFE report, I want to caution the reader that any estimates regarding the cost of fraud are subjective and that the survey focused only on occupational fraud.

Figures show that about 6% of revenues, or $600 billion, will be lost in 2002 as a result of occupational fraud and abuse (see graphic, “ Occupational Fraud Losses ”). Although this is a $200 billion increase since 1996, when compared with the $3 trillion rise in the gross domestic product (to $10 trillion from $7 trillion) during the same period, it is evident the rate of occupational fraud appears to be unchanged. Exhibit 1, above, shows that nearly half of the cases studied had losses in excess of $100,000; 16% of the cases had losses greater than $1 million.

Exhibit 1: Distribution of Dollar Losses
Dollar loss range Percent of all cases
$1$999   2.3
$1,000$9,999   10.2
$10,000$49,999   22.9
$50,000$99,999   12.1
$100,000$499,999   27.6
$500,000$999,999   8.5
$1,000,000$9,999,999   13.2
$10,000,000 and up   3.2
Totals   100.0

Source of data for exhibits 1 through 6: "2002 Report to the Nation on Occupational Fraud and Abuse," published by the Association of Certified Fraud Examiners.


A major goal of the survey was to determine precisely how fraud was accomplished and to classify the offenses by the methods used to commit them. In the ACFE’s first survey, “Report to the Nation on Occupational Fraud and Abuse,” published in 1996, the association found there were three principal illegal schemes committed against organizations: asset misappropriations, corruption and fraudulent statements. Asset misappropriations are still by far the most common and least expensive of the three schemes, accounting for more than 80% of the cases studied. Exhibit 2, below, compares the frequency and losses of the three main categories in 1996 and in 2002. As can be seen, the methods, their frequency and costs have—for the most part—remained somewhat stable. Within those broad categories, there are a number of principal schemes (see exhibit 3, below).

Exhibit 2: Comparison of Major Occupational Fraud Categories by 1996 and 2002 Data
  2002 1996
Scheme type Pct. cases* Median cost Pct. cases Median cost
Asset misappropriations 85.7 $80,000 81.1 $65,000
Corruption schemes 12.8 $530,000 14.8 $440,000
Fraudulent statements 5.1 $4,250,000 4.1 $4,000,000

*Readers will note that the sum of percentages in this column exceeds 100%. A number of the schemes that were reported in this survey involved more than one type of fraud; thus, they were classified in more than one category. In the 1996 survey we classified schemes based on the principal method of fraud only.


Current data create the following profiles of fraud perpetrators:

The majority of frauds (64%) are committed by employees. But frauds committed by managers or executives are three-and-a-half times more costly than frauds committed by employees, because the higher employees rise in an organization, the more they are entrusted with company assets.

Males accounted for losses that were three times greater than those of females—although the frequency of incidents was roughly the same. This trend is probably due to the “glass ceiling” phenomenon, where males generally occupy higher positions in organizations than their female contemporaries.

Only about 7% of fraud perpetrators had been convicted of a previous crime. This is consistent with other studies that showed most people who committed fraud were first-time offenders.

Approximately 33% of reported frauds involved two or more individuals. In cases involving collusion, the median loss was six times greater than the median loss when only one person committed the fraud—which indicated the need for better control mechanisms that involve the separation of duties.

The oldest perpetrators (over 60) caused median losses 27 times greater than those of the youngest fraudsters (below 25)—older employees generally occupy more senior positions with greater access to assets.

Exhibit 3: Frequency and Loss Comparison of 1996 and 2002 Data
  2002 1996
Scheme Pct. cases Median cost Pct. cases Median cost
Cash Larceny 6.9 $25,000 2.9 $22,000
Skimming 24.7 $70,000 20.3 $50,000
Billing schemes 25.2 $160,000 15.7 $250,000
Payroll schemes 9.8 $140,000 7.8 $50,000
Expense reimbursements 12.2 $60,000 7.0 $20,000
Check tampering 16.7 $140,000 11.5 $96,432
Register disbursements 1.7 $18,000 1.3 $22,500
Noncash misappropriations 9.0 $200,000 10.7 $100,000
Corruption schemes 12.8 $530,000 14.8 $440,000
Fraudulent statements 5.1 $4,250,000 4.1 $4,000,000


Two key facts emerged regarding the type of industry and the size of the organization: The largest median losses occurred in public companies, and the smallest took place in nonprofits and governmental agencies (see exhibit 4, below). This is not surprising considering public companies generally have more assets than the other two types of entities. The smallest organizations of 100 employees or less actually suffered larger median losses than did the largest organizations with 10,000 employees or more (see exhibit 5, below). This means the smallest companies were over a hundred times more vulnerable to fraud than their largest counterparts. In the 1996 report, the trend was similar.

Exhibit 4: Loss by Type of Organization
Victim Pct. cases Median loss
Government agency 24.7 $48,000
Publicly traded company 30.0 $150,000
Privately held company 31.9 $127,000
Not-for-profit organization 13.4 $40,000
Exhibit 5: Loss by Number of Employees
Number Pct. cases Median loss
1–99 39.0 $127,500
100–999 20.1 $135,000
1,000–9,999 23.4 $53,000
10,000+ 17.5 $97,000

The smallest organizations suffered the largest per-employee median losses because of three factors. First, basic accounting controls often were lacking; it was common for a small organization to have one employee write and sign checks, reconcile the bank statement and keep the company’s books. In such situations, occupational fraud was easy to commit. The second was due to the level of trust that existed because of the entity’s size: In an atmosphere where employees knew each other, they were less alert to the possibility of dishonesty. Third, small companies were less likely to be audited. Unfortunately, small companies were also less likely than their large counterparts to report and prosecute these offenses because of the effect of adverse publicity.

Exhibit 6: Impact of Audits
Internal or external
audit conducted?
Pct. cases Median loss
Yes 81.5 $100,000
No 18.5 $156,000


The audit function had a substantial impact on the size of the typical fraud. Respondents were asked if the victim organizations had internal audit departments and if they conducted external audits. The median loss in companies that had either internal or external audits was 35% lower than in companies that had no audit function.

Audits had a significant impact on losses for two distinct reasons. First, the audit process itself was able to detect fraud through routine procedures such as the examination of documents, analysis of trend data and verification of assets. Second, knowledge that auditors were present in an organization discouraged employees from committing fraud in the first place. In preventing fraud, oversight—by managers, auditors, audit committees and even other employees—appeared to be the single most effective deterrent.


Although the report was designed specifically for the public, its data provided significant implications for CPAs.

The three types of occupational frauds can be subdivided into various schemes as reflected in exhibit 3. CPAs who are familiar with the major schemes are more likely to recognize them during audits.

Asset misappropriations are the bane of small business and can be material or even catastrophic. Both the 1996 and 2002 reports concluded that nearly nine in 10 misappropriations involved the cash account. CPAs who provide nonaudit services to small business can help educate their clients to asset misappropriation risks and recommend one or more of three actions: first, that the small business have adequate fidelity insurance to cover large losses; second, that monthly bank statements be delivered unopened to the owners, who should review them in detail for possible irregularities; and third, that entities consider an independent review of the cash accounts by CPAs.

Corruption in business is particularly prevalent in the purchasing function. In the typical case, a purchasing agent accepts kickbacks to favor an outside vendor in buying goods or services. Bribes and kickbacks can be among the most difficult occupational frauds to uncover, as the illegal transfer of funds occurs outside the company’s books. Nonetheless, in most cases of corruption, three clues are present. First, the company shows an increasing trend of favoritism toward one vendor, often to the exclusion of other qualified suppliers. Second, purchases from the vendor in question tend to be made at above-market prices. Third, dishonest purchasing agents sometimes maintain excessive lifestyles, engaging in conspicuous spending for such items as homes, cars, boats, clothing and jewelry. CPAs should be alert to these indicators.

Fraudulent financial statements are the least common but by far the most expensive occupational frauds. Our study was consistent with a 1999 report from the Committee of Sponsoring Organizations (COSO) of the Treadway Committee that found the majority of financial statement frauds involved the overstatement of sales and receivables. However, the COSO report studied only public companies. The ACFE 2002 report gathered data on public and private entities, and we concluded the risks of financial statement manipulations were inversely proportional to company size; that is, smaller businesses were more likely to commit financial statement fraud. In a typical situation that prompted fraudulent actions, a business was attempting to raise money from a private source such as a bank that required audited financial statements, and if the company’s statements were not audited, it was more likely to cook its books. This again indicated the power of the audit as a deterrent to fraud. There are two messages here for CPAs. First, a company is at the greatest risk to attempt financial statement fraud when it is actively trying to raise money and is unaudited. Second, based on this knowledge, CPAs should encourage bankers and other lenders to require more audits of their borrowers.

One fact rises above all others: Occupational fraud is easier to prevent than to detect; most schemes could have been avoided altogether with basic accounting controls, audits and proper oversight. Although management is ultimately responsible for fraud deterrence, it’s the CPA’s job to educate the client about these problems. Studies such as this one can help. In the war against fraud, education is the armor needed to protect us; the more we know, the less likely we are to become casualties.


The business manager of a church stole nearly $200,000 from the collection plate until the volunteer treasurer noticed a trend: While church attendance was increasing, weekly contributions were decreasing. The church hired a CPA/CFE to look into the matter. She counted Sunday’s contributions and compared them with the business manager’s Monday deposit. When the deposit total was lower, she used video surveillance in the manager’s office, which caught him opening the safe on Monday morning—before funds were counted—and helping himself to handfuls of cash. Dual control over the cash function would have easily prevented this scheme.


Internal auditors were doing a routine purge of dormant vendors when they noticed activity in two of the accounts. Although the company hadn’t done business with the vendors in years, there were recent payments to them on the books. After an investigation the auditors discovered a warehouse manager had caused $535,000 in checks to be issued to the dormant vendors, which he deposited into a bank account he controlled. The scam was made possible by a basic violation of computer security practiced by one company supervisor: The warehouseman knew the supervisor didn’t log off the system when he went to lunch, so he used that computer to make the fictitious entries. Proper controls over computer access might have prevented this loss.


A cashier for a government agency managed to steal $150,000 in two years by issuing fictitious refund slips to nonexistent purchasers of inventory and removing an equal amount of currency from the cash register. In addition, the cashier was known to spend a lot of money and, most obvious of all, he bragged about his thefts to other employees and claimed he was blackmailing his supervisor to look the other way. When a new supervisor was hired, employees quickly revealed the fraud. A CPA could have easily detected the scheme by using analytical techniques that would have shown the agency’s inventory shrinkage was high.


The office manager of a 24-employee business insisted on handling certain bank transactions such as deposits and reconciliations by herself. She removed currency from the deposit, then altered the bank’s copy of the deposit slip to reflect the lower amount. However, she left the company’s copy unchanged. Because she also reconciled the checking account, she was able to conceal $180,000 in thefts until the company ran out of cash and checks started bouncing. As is common for small businesses, there was no separation of duties over cash. An independent examination of the cash account by a CPA would have discouraged this scheme.


The controller for a 400-person company liked to brag to employees that he was winning big at the gambling casinos because of his “foolproof system.” The winnings gave him quite the lifestyle: racehorses, expensive cars and a mansion. But the boss was skeptical. He found out the controller was losing big-time and hired fraud examiners to take a close look at the books. They discovered the controller had forged checks totaling $2.5 million and deposited the proceeds in his own checking account, which he withdrew for gambling. The controller had coded the checks to a variety of expense accounts, making his thefts easier to conceal. This scheme could have been detected early by an independent review of the bank statements.


An upper-level manager of a large company traveled frequently with other employees, who noticed he always asked for extra blank receipts in restaurants and taxis. They turned him in to the CFO. Auditors quickly discovered forged, duplicate and phony expense receipts. On top of that, the manager’s travel log didn’t even match the expense documentation. He spent six months in jail for an $18,000 fraud, an unusually harsh sentence for a first-time offender. Routine audit procedures—such as matching expenses to itinerary—would have easily revealed the fraud.


The timekeeper for a government agency doubled her salary in one year by taking advantage of an internal control deficiency. Procedures required that a supervisor sign her timecard before the hours were posted to the books. The timekeeper routinely got approval for the correct hours on her timecard, then grossly inflated the hours she worked when entering the information into the computer. The scheme came to light when actual salary expense exceeded budget. Two simple control measures would have prevented this fraud. First, the timekeeper should not have been permitted to post her own payroll records. Second, the computer system should have flagged large or unreasonable entries.


The purchasing manager of a large company dreamed of starting a hardware store in another state. Since he was short on cash, he decided his employer could help out. The manager rented a warehouse, began approving merchandise purchases on behalf of his employer and had the merchandise shipped to the warehouse. From there he reshipped out of state. Since the purchasing manager had authority only to approve purchases up to $5,000, he was careful to keep his transactions under that amount. But a sharp-eyed accounts payable clerk noticed a distinct pattern. On many occasions, merchandise purchases in the tens of thousands of dollars were being split into smaller amounts. The clerk notified the company’s fraud examiners, who uncovered several hundred thousands of dollars in phony inventory purchases. The auditors could have uncovered this scheme earlier by conducting a detailed review of disbursements under $5,000.


An executive of a construction company contract had final authority to approve all vendors and amounts paid to them. The exec worked out a secret sweetheart deal with two of the vendors. They’d send him phony or inflated invoices for materials or labor, he’d approve payment and the three would split the loot. But the company, a Fortune 1000 enterprise, had an internal communication program that allowed any employee to request information on any subject. One curious worker wanted to know why this particular construction project cost so much. An audit revealed the manager had pocketed more than $565,000 in kickbacks. He spent a year in prison and was on parole for five more years. He was ordered to pay complete restitution. Corruption schemes, although difficult to detect, can often be prevented by requiring written disclosures of personal finances from key employees such as those in the purchasing function.


A county treasurer with control over a large public investment fund speculated recklessly and lost about $5.4 billion of public money in less than a year. The perpetrator conspired with two other officials to hide the losses from several institutions that were investors in the fund. The treasurer and his accomplices falsified records and secretly shifted money from other funds in an attempt to pay the principal on billions of dollars in short-term investments. Eventually the scheme collapsed, and the perpetrators were forced to confess to the crime when they were unable to cover the losses on their short-term investments. The case was referred to law enforcement authorities, and the three perpetrators were convicted. The auditors failed to uncover the scheme because they accepted—without independent verification—phony audit evidence placed in the fund’s portfolio.

JOSEPH T. WELLS, CPA, CFE, is founder and chairman of the Association of Certified Fraud Examiners, Austin, Texas, and professor of fraud examination at the University of Texas. Mr. Wells’ article, “ So That’s Why They Call It a Pyramid Scheme ” ( JofA , Oct.00, page 91), won the Lawler Award for the best article in the JofA in 2000. His e-mail address is joe@cfenet.com .


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: IRS warning on cyberattacks and a change in pension rules

Once again, the IRS sounds the alarm about a threat from cyberthieves. See how much you know about this and other recent news with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.