The Anatomy of Fraud – Insights from the 2020 ACFE Global Study on Occupational Fraud

Audit & Accounting | Smadar Rinat | Jun 22, 2020

The Association of Certified Fraud Examiners (ACFE) recently released the Report to the Nations: 2020 Global Study on Occupational Fraud and Abuse.  This report, the 11th since the first edition was published in 1996, has become the primary source of fraud data on the costs and effects of occupational fraud. 

The 2020 study covered 2,504 cases, in 23 different industries, from 125 countries that were investigated by Certified Fraud Examiners (CFEs) between January 2018 and September 2019. Impacted organizations included private, public, government and not-for-profit entities. Perpetrators ranged from C-level executives to entry-level employees.

Occupational fraud is among the costliest forms of financial crime.  It is defined as the “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets” (2020 Report).  


The report presents detailed findings about occupational fraud in five areas:

  •  Methods by which occupational fraud is committed 
  •  Means of detection
  •  Characteristics of victim organizations 
  •  Characteristics of perpetrators 
  •  Case results following detection and perpetrators identification

The report also offers strategies on how these crimes might be averted or mitigated.

Methods by Which Occupational Fraud is Committed 

Since first conducting the studies on which the Reports to the Nations are based, the ACFE has found that the methods used to commit occupational fraud have remained largely consistent.  

The ACFE has identified three primary categories of occupational fraud: 

Asset Misappropriation – An employee stealing or misusing the employing organization’s resources (e.g., theft of company cash, false billing schemes, or inflated expense reports). 

Corruption – An employee misusing his or her influence in a business transaction in a way that violates his or her duty to the employer in order to gain a direct or indirect benefit (e.g., schemes involving bribery or conflicts of interest). 

Financial Statement Fraud – An employee intentionally causing a misstatement or omission of material information in the organization’s financial reports (e.g., recording fictitious revenues, understating reported expenses, or artificially inflating reported assets). 

While asset misappropriation was found to occur more frequently than the other categories of fraud (86% of cases), it resulted in the lowest median loss ($100,000).  In contrast, financial statement fraud occurred less frequently (10% of cases) but resulted in the greatest median loss ($954,000).  Corruption crimes fell in the middle of the other two categories in terms of frequency and financial cost (43% of cases and $200,000 median loss).  The study also found that in one-third of the cases examined, the perpetrator committed more than one of the three categories of fraud.

Within the category of asset misappropriation, billing, check and payment tempering, and theft of non-cash assets were the most frequent and impactful high-risk offenses. These types of fraud were also more likely to occur in small businesses than in large organizations.

Means of Detection

Detection is one of the most important keys to fraud prevention because increased employee perception that fraud will be detected can serve as a deterrent.

Knowing the most common methods fraud perpetrators use to conceal their schemes helps to increase detection and prevention. The study showed that the top concealment methods are (1) creating fraudulent physical documents, (2) altering physical documents, (3) altering electronic documents or files, and 4) creating fraudulent electronic documents or files.

The ACFE report found that while the median duration of a fraud is 14 months, average timelines vary by type of fraud.  Companies typically catch non-cash, cash on hand, skimming, and corruption frauds in under 24 months. Billing, expense reimbursement, register disbursements, check and payment tampering, payroll, and financial statement frauds tend to last over two years before being discovered.  Not surprisingly, there is a direct correlation between the length of time a fraud remains undetected and the resulting financial loss.  

The research continuously showed that frauds were most commonly uncovered by tips (more than 40% of cases), with internal audit (15% of cases), and management review (12% of cases) as the next most common. The most frequent tip source was employees (50%), while customers, vendors, and others (including anonymous tips) accounted for the other half. The report authors highlighted this as a demonstration that anti-fraud communication, education, and reporting mechanisms should include both internal and external parties.

Another finding was that passively discovered frauds, meaning that the fraud was detected through no effort of the victim organization (e.g., police notification, confession, by accident), lasted longer and resulted in higher losses as compared with frauds discovered by active methods, meaning a detection that involved a process designed to detect fraud (e.g., document examination, management review, IT controls, or surveillance).  In addition, the study found that organizations with hotlines detected fraud sooner (six months sooner on average) and suffered lower losses than organizations without hotlines.  For entities that did have a hotline, one of the factors that increased its usage was employee fraud awareness training.

Characteristics of Victim Organizations

Seventy percent of fraud took place in for-profit entities. Forty-four percent of the victims were private companies and 26% were public companies, with a median loss  of $150,000 on each.  Only nine percent of fraud cases were reported by non-profit organizations and represented a median loss of $75,000. This amount of loss, although smaller, poses a more detrimental impact on the non-profits which generally are tight on funds and resources. Among governmental entities, national level organizations were victimized at a higher rate and with a higher median loss than state and local governments.

Organizations across all sizes (in terms of the number of employees) reported the same percentage of fraud cases.  However, organizations with gross annual revenue under $50 million reported 38% of cases and sustained a median loss of $114,000, while organizations with revenue of $1 billion or above reported 26% of fraud cases and suffered a median loss of $150,000.

Characteristics of Perpetrators

Level of Authority

The offender’s level of authority in the organization tended to correlate with the magnitude of the crime. While only 20% of the frauds in the study were perpetrated by owners/executives, the median loss in those cases amounted to $600,000, which far exceeded the losses caused by managers and staff-level employees. This is attributable to the fact that employees at the higher level of authority are better positioned to override controls and have greater access to an organization’s assets. The length of fraud was also directly correlated to the perpetrators level of authority, while the scale of the financial damage was directly correlated to the perpetrator’s length of employment with the entity. Frauds committed by employees with a longer tenure at the organization were found to cause a significantly higher financial loss than frauds committed by employees with a shorter tenure.


Executive/upper management team and the accounting department were more susceptible to having fraudsters among their ranks than other departments and were associated with high frequency of cases and a higher resulting loss.


The study found significant gender disparity in fraud frequency and loss.  More than 70% of perpetrators were male, and male perpetrators caused a significantly larger loss ($150,000) than female perpetrators ($85,000).


Fifty-three percent of perpetrators were between the ages of 31 and 45.  However, median losses tended to be higher for frauds perpetrated by offenders in the older range.


A correlation was also noted between the perpetrator’s education level and median loss.  Fraudsters with more advanced education caused greater median losses.  The study authors noted that higher education levels also correlate with higher positions of authority and greater technical abilities to commit fraud.

Behavioral Red Flags

In the process of committing the fraud, perpetrators often exhibited certain attributes.  These red flags were almost always identified by someone in the victim organizations before the frauds themselves were detected. The most common red flags were: 

  1. Living beyond means (42%)
  2. Financial difficulties (26%)
  3. Unusually close association with a vendor or customer (19%)
  4. Excessive control issues or unwillingness to share duties (15%)
  5. Unusual irritability, suspiciousness, or defensiveness (13%)
  6. A general “wheeler-dealer” attitude, involving shrewd or unscrupulous behavior (13%)
  7. Recent divorce or family problems (12%)

Forty-five percent of fraudsters had other non-fraud work misconduct issues (e.g., bullying, excessive absenteeism, or tardiness), and 42% of offenders had human resources-related red flags (e.g., negative performance evaluations, fear of job loss, etc.).

Case Results

The most common response to a discovered fraud was termination of employment (66%).  Many cases resulted in relatively light punishment – the perpetrator leaving the organization or being allowed to resign, or no punishment at all.

Fifty-nine percent of cases were referred to law enforcement, while 28% of cases resulted in civil litigation.  Forty-one percent of those civil litigation cases resulted in judgment for the victim, 36% were settled, and 21% resulted in judgment for the perpetrator. Of the law enforcement cases, 56% pleaded guilty or no contest, 23% were convicted at trial, 12% were declined prosecution, and 2% were acquitted.

Many victims never reported their cases to law enforcement.  The 2020 study found that 46% of victims determined that internal discipline was sufficient.  Other reasons for not reporting the crimes included fear of bad publicity (32%) and private settlement (27%).

The Role of Internal Controls in Fraud Deterrence and Detection 

The ACFE report found that lack of internal controls contributed to almost one-third of frauds, while the presence of anti-fraud controls was correlated with lower fraud losses and faster detection. It is therefore important for organizations to evaluate their fraud risks on a regular basis. This evaluation should include an understanding of the internal control environment, control gaps, risk of management override of controls, and residual risks.

As previously highlighted, smaller businesses (fewer than 100 employees) coped with somewhat different fraud risks than larger entities (100 or more employees).  Smaller organizations also encountered different challenges in preventing fraud and implemented anti-fraud controls at a much lower rate than larger organizations. The most common anti-fraud controls, external audit of financial statements and code of conduct, were only in place in 56% and 48% of small businesses, respectively, as compared with 92% and 91%, respectively, in the larger businesses.

It is important to note that annual financial statements audits are not designed to detect fraud. An organization’s management is responsible for the design, implementation, and maintenance of internal controls and programs to prevent and detect fraud.

Organizations can increase their protection against fraud by implementing measures that do not require significant investment of resources and help improve the anti-fraud environment. Such measures include adopting a code of conduct and an anti-fraud policy, having managers review the work of subordinates, and conducting anti-fraud training for employees. Engaging external consultants to perform independent fraud testing on an annual or as-needed basis can also help mitigate these risks. 

COVID-19 Implications

The coronavirus pandemic and its toll on daily life introduces challenges impacting individuals, organizations, and governments. These challenges manifest in entities through changes in business volume and activities, as well as the shifting of a large percentage of the workforce to remote work.  In this new environment, organizations need to reevaluate internal controls, policies, operating procedures, training needs, and fraud risks.  As the pandemic situation remains fluid, these changes may create new risks that need to be assessed. 


As the ACFE’s Report to the Nations consistently demonstrates year after year, a considerable portion of an organization’s revenue is susceptible to occupational fraud schemes, regardless of the size or type of the entity. No organization is impervious to occupational fraud, and these crimes can originate from anywhere within the organization.

Through the methodical and thorough use of suitable, proactive fraud detection measures such as internal controls and policies that include thorough management reviews, account reconciliations, and surveillance/monitoring, the risk of fraudulent schemes can be curtailed and the potential for damages from financial losses can be reduced.


“2020 Report to the Nations. Copyright 2020 by the Association of Certified Fraud Examiners, Inc.”