Beyond Bankman-Fried: Analyzing the Occupational Fraud Problem
A U.S. district court judge sentenced former cryptocurrency mogul Sam Bankman-Fried to 25 years in prison on Thursday and ordered him to pay $11 billion in forfeiture for orchestrating several major fraud schemes.
“Samuel Bankman-Fried orchestrated one of the largest financial frauds in history, stealing over $8 billion of his customers’ money,” said U.S. Attorney for the Southern District of New York Damian Williams in a statement. “His deliberate and ongoing lies demonstrated a brazen disregard for customers’ expectations and disrespect for the rule of law, all so that he could secretly use his customers’ money to expand his own power and influence.”
Bankman-Fried, 32, was previously convicted on two counts of wire fraud, two counts of conspiracy to commit wire fraud, one count of conspiracy to commit securities fraud, one count of conspiracy to commit commodities fraud, and one count of conspiracy to commit money laundering.
The founder of FTX.com and Alameda Research carried out the fraud from 2019 until approximately November 2022, according to an indictment. He misappropriated billions of dollars of customers’ funds for his personal use, including to make investments and political contributions to candidates in the Republican and Democratic parties. Bankman-Fried also provided false and misleading financial information to lenders and investors to conceal his misuse of customer deposits.
“Anyone who believes they can hide their financial crimes behind wealth and power, or behind a shiny new thing they claim no one else is smart enough to understand, should think twice,” said U.S. Attorney General Merrick Garland in a statement about Bankman-Fried’s sentencing.
While Bankman-Fried’s trial garnered headlines around the world, he wasn’t the only occupational fraudster active during the prime years of the COVID-19 pandemic.
The Association of Certified Fraud Examiners (ACFE) released its biennial study Occupational Fraud 2024: A Report to the Nations last week. The analysis of 1,921 cases from 138 countries and territories (collected via survey from ACFE members) found that occupational fraudsters caused total losses of more than $3.1 billion during a two-year period.
Fraud committed by owners or those at the executive level represented just 19 percent of the cases ACFE studied, but caused the highest median losses—$500,000, more than eight times higher than median losses from staff-level employee fraud.
Being at the top level gives one the ability to override controls meant to prevent fraud, as well as knowing the business well and where weaknesses are, says Andi McNeal, CFE, CPA, vice president of education at ACFE and co-author of the report.
“And there’s a trust factor. I think people trust that whatever the boss says needs to happen is what needs to happen,” she adds. “There’s definitely compounding factors that would feed into why they’re able to get away with it.”
Upper-level executives also tend to engage in financial statement fraud and corruption schemes, which are more costly. These schemes are based on having a higher-level position in the business, which gives them access to statements, the ability to direct people to “fudge the numbers or fudge them themselves, versus someone at a lower level,” McNeal adds. “Or they’re engaged in deal-making—finding new business partners—and that’s where that corruption risk gets higher and higher.”
Occupational Fraud Landscape
Asset misappropriation schemes (billing schemes, theft of noncash assets, check and payment tampering, and billing schemes) were the most common (89 percent of cases, $120,000 median loss), but financial statement fraud was the costliest (5 percent of cases, $766,000 median loss) of the cases examined in the 2024 report.
ACFE publishes this study every two years, so 2024’s analysis was the first to include information about fraud schemes carried out during the COVID-19 pandemic, McNeal says.
“We saw that the losses caused by fraud during COVID actually went up from previous years, which was really interesting, but how long they were lasting did not go up,” she explains.
The ACFE report shows that median losses from occupational fraud were up 24 percent between 2022 and 2024, with median losses from financial statement fraud rising from $593,000 in 2022 to $766,000 in 2024; corruption increasing from $150,000 in 2022 to $200,000 in 2024; and asset misappropriation rising from $100,000 in 2022 to $120,000 in 2024.
“The real takeaway there was that fraudsters were stealing faster during COVID than they were before COVID, and there are a lot of reasons why that might be the case,” McNeal says. “We also saw that employees were more likely to act alone during COVID than they were previously. After years of seeing increases in collusive frauds, we saw a reduction in the amount of collusion.”
Factors that could have influenced this were that many employees during this time were sent home and fraud controls may have been reimagined to facilitate remote work.
Additionally, there was more pressure on people during the pandemic and some oversight mechanisms that previously existed in an office environment were not there.
“The restrictions and limitations of in-person contact provided opportunity for bad actors to act more covertly,” says Anthony D’Amico, PSP, member of the ASIS International Human Threat Management Community Steering Committee and security consultant with Sentinel Consulting, LLC. “I wouldn’t be surprised if further analysis of the COVID-19 pandemic reveals a higher amount of misappropriation in the United States since there was an abundance of money released by the U.S. government throughout the pandemic.”
Kevin Weekes, member of the ASIS International Human Threat Management Community Steering Committee and CEO of British security consultancy ZENRS Ltd, says that government support during the COVID-19 pandemic created new opportunities for business owners and generally honest people to commit their first significant fraud.
“The landscape for this environment is born out of the sense of panic and uncertainty that pressurizes governments into creating a lightly regulated scheme and the business owners into whether they are going to go bust,” Weekes says. “The former point is key; it creates an opportunity for otherwise honest people to step over the line.”
One of the most effective oversight mechanisms to prevent fraud is fellow employees who notice that something about one of their colleagues seems off, so they report it. Most fraud cases take at least 12 months to detect, which typically comes in the form of a tip (43 percent of all cases) from an employee via a Web-based reporting mechanism (40 percent, compared to 30 percent of phone tips and 37 percent email tips), highlighting the need to have reporting mechanisms that are attractive for digital natives.
In the 2022 report, 42 percent of fraud cases were detected by tips predominantly coming from employees, reflecting a trend in ACFE’s research during the last several iterations of the occupational fraud report, McNeal says.
These are “tried and true statistics,” she adds. “Those that have anti-fraud controls in place detect fraud faster and have less losses than those that do not have anti-fraud controls in place.”
D’Amico adds that the statistics on employees reporting fraud via a hotline are a “convincing argument for an organization to provide a means for reporting bad behavior, as well as a formal process for investigating all tips and complaints received by the organization.”
The report also found that the longer a person has worked for an organization, the more costly their fraud was. Employees who had worked at a company for one year or less engaged in schemes with median losses of $50,000, compared to employees of 10 or more years engaging in schemes with median losses of $250,000.
“The more senior the employee, the better access they have, more unsupervised they are likely to be, and more confident that they can get away with fraud,” Weekes says. “Empowering our workforce, including our managers, does not mean that we dispense with checks and balances.”
Women committed fewer frauds (25 percent of cases) than men (75 percent of cases) and caused lower losses ($100,000 median loss, compared to $158,000 for men). Part of the explanation for this is that there are more men in the workforce in certain regions of the world.
Empowering our workforce, including our managers, does not mean that we dispense with checks and balances.
“We’ve also looked at the red flags, which tell an interesting story,” McNeal says. “Female perpetrators typically have family problems and are trying to solve a personal issue or crisis. Male perpetrators tend to have a wheeler-dealer attitude or close association with vendors or customers, external business types of red flags.”
And while banking and business systems are moving towards a more digital ecosystem, fraudsters still love a physical paper trail. Most occupational fraudsters concealed their schemes by creating fraudulent physical documents (41 percent), altering physical documents (37 percent), or destroying or withholding physical documents (23 percent).
“It’s fascinating to me that we’re still seeing physical documents at the top of that list—the fact that people are still altering or creating fake physical evidence,” McNeal says. “Those are controls we’ve been talking about for decades, making sure that things don’t look photocopied, looking for anys signs of manipulation.”
One development in the past few years that may make these altered documents more difficult to spot is the release of generative artificial intelligence (AI) tools into the marketplace, which could be used to create fake documents.
“We’re going to have to evolve controls around fake documents because these tools can probably create things in a way that people may have struggled with in the past,” she adds.
Where Security Can Help
As mentioned, one of the primary ways that companies are alerted to potential fraud is by employees reporting suspicions via a telephone, email, or Web-based hotline. Key to this reporting is awareness of red flag indicators that could indicate fraud.
“People working in close contact with the perpetrator are more likely to spot fraudulent behavior,” Weekes says. “People outside of work are more likely to see the results of the fraud.”
Nearly 84 percent of fraudsters displayed at least one behavioral red flag, ACFE found. These flags include:
- Living beyond means – 39 percent
- Financial difficulties – 27 percent
- Unusually close association with vendor or customer – 20 percent
- Control issues, unwillingness to share duties – 13 percent
- Irritability, suspiciousness, or defensiveness – 12 percent
- “Wheeler-dealer” attitude – 12 percent
- Bullying or intimidation – 11 percent
- Divorce or family problems – 10 percent
“Fraudsters living beyond their means has consistently been the most common behavioral red flag since we began tracking this data in 2008,” ACFE said in the report.
Clay Barnett, CFE, chair of the ASIS International Banking and Finance Community speaking in his personal capacity, says his organization trains on red flag indicators. A major red flag for him is if someone is resistant to taking time off—which is often a fraud control for individuals working in a financial role because it allows someone else to review their work.
“Your biggest red flag on any type of fraud scheme is they have to keep it going,” Barnett says. “If they go out and anyone else is handling their work, they might get caught. So, they have to always be the one handling the process. That’s why it’s always good to institute a vacation requirement, so someone else can review their work.”
Fraudsters living beyond their means has consistently been the most common behavioral red flag since we began tracking this data in 2008.
McNeal says it’s important to educate employees that spotting a red flag does not mean that fraud is occurring. It just means that there could be pressure to solve a problem.
“A lot of it comes down to those in management positions having strong awareness of what these red flags are,” she explains, adding that when managers spot a behavioral change or indicator, they can ideally support that employee by connecting them with employer resources to address it before it escalates.
ACFE’s analysis also found that in 84 percent of the cases it reviewed where a background check was run, the check did not reveal any existing red flags. This reinforced ACFE’s findings that most occupational fraud perpetrators do not have a documented fraud-related criminal or employment history.
Weekes says this is not surprising since background checks are just a snapshot in time and everyone’s circumstances change as they move through it.
“Even the very best background check is only good at the time it is executed,” he adds. “Businesses need to run an in-employment screening strategy combined with security education and training, using case studies, alongside pre-employment checks.
“There is no universal register of bad people, and any compliance database normally contains mostly people either too stupid or too unlucky to avoid capture,” Weekes says. “We need to look at the whole of the individual, identify opportunities for adversaries, and design awareness training regimes to mitigate this.”
An area where security teams can partner with fraud prevention experts is in providing fraud awareness training for employees and managers. ACFE has found that more organizations are providing this training, and those that do appear to have fewer fraud losses—including at the executive level.
The increase in this type of training could show how senior leaders and business owners now perceive every member of the workplace as playing a crucial role in fraud detection and prevention, says Tyler Nahorny, CPP, a member of the ASIS International Human Threat Management Community Steering Committee.
“By receiving fraud awareness training, they’ll have heightened awareness to fraud detection and anomalies that may occur,” he adds. “From the training, they’ll know what to look for and how to report suspicious activity when it occurs. Similarly, if not training is provided and no top down buy in by senior leadership is demonstrated, it can send the message that the anti-fraud program isn’t a high priority organizationally, and lack of staff engagement will follow.”
