Occupational Fraud and the Fraud Triangle – Part 1

Every year, organizations are losing billions of dollars to fraud. Fraud can come in many guises, including occupational fraud, which strikes workplaces the hardest. Occupational fraud is also called workplace fraud, employee fraud or internal fraud. It generally refers to fraud committed by a company’s staff at any level of the company. 


This two-part blog series will look at how your company can identify and guard against occupational fraud in your organization.


The fraud triangle


The fraud triangle is composed of three elements:


  1. Opportunity
  2. Financial pressure
  3. Rationalization


The fraud triangle hypothesis states that a person is more likely to engage in fraudulent activities if all three elements are present. If one element of the fraud triangle is absent, the likelihood of fraud diminishes rapidly. 


People who have engaged in fraudulent practices who had previously refrained from similar violations of trust tend to explain their reasoning by stating either:


  • I didn’t have a similar need. 
  • I never thought of committing the fraud at that time.
  • At that time, it felt dishonest, but it didn’t feel unethical this time.


These explanations line up with an element of the fraud triangle that was lacking in the previous situation. For example,


  • I didn’t have a similar need ⇒ lack of financial pressure
  • I never thought of it then ⇒ lack of opportunity
  • At that time, it felt dishonest, but it didn’t feel unethical this time ⇒ lack of rationalization


This shows that a person willing to commit fraudulent acts does so only under a particular set of conditions. This does not necessarily mean that every person would commit fraud if put into a scenario that contained these conditions. However, it does imply that fraud is significantly more likely to occur when all these conditions are present. It stands to reason that if a company can remove one or more elements of the fraud triangle from their corporate scenario, the likelihood of fraudulent activity should drop.


Classifications and categories of occupational fraud 


There are three categories of occupational fraud. Each type of fraud can be classified as either organizational or individual. These classifications include:


  1. Against individuals: This occurs when a fraudster targets a single person. Examples include identity theft and Ponzi schemes.
  2. Internal: This occurs when someone within an organization, like an employee or executive, deceives the company. Examples include embezzlement and lying to shareholders.
  3. External occupational fraud: This occurs when someone outside the organization, like a vendor or customer, commits fraud. Examples include vendors lying about their work and customers returning stolen products. Technological advances threaten companies’ intellectual property and customer data via cyber attacks.


However, there are also categories of occupational fraud.


Categories of occupational fraud under the fraud tree


The three categories of occupational fraud are:


  1. Corruption
  2. Asset misappropriation
  3. Financial statement fraud




Corruption occurs when an internal member of the organization, like an executive, owner or employee, abuses their power to subvert the decision-making process for company or personal gain. Sometimes corruption can cross the line into asset misappropriation or financial statement fraud. 


Examples of corruption include:


  • Kickbacks, where an employee receives gifts or payments from an outside party in return for business opportunities.
  • Product substitution, where an employee conspires with a supplier to replace high-quality purchased goods with counterfeit or low-quality substitutions.
  • Collusion with a vendor to make fake payments for services that were never performed.
  • Bribery, when an employee uses corporate funds to provide a benefit to an outside individual or business in exchange for personal gain.


According to a report from the Association of Certified Fraud Examiners, the median loss for corruption is $150,000. It accounts for 50 percent of cases.


Asset misappropriation


Asset misappropriation is the most common form of fraud. It occurs when someone within the organization uses their position to steal from the company. 


Examples of asset misappropriation include:


  • Falsified expenditure reports
  • Company credit card abuse
  • Falsified time sheets
  • Theft of cash, inventory or intellectual property
  • Purchase order schemes
  • Falsified sales involving commissions


The median loss for asset misappropriation is $100,000. It accounts for 86 percent of cases.


Financial statement fraud


Financial statement fraud occurs when an employee changes cash flow statements, income statements or balance sheets with the intent to deceive. The motivation may vary from personal gains to keeping the business solvent. Sometimes financial statement fraud can cross the line into corruption or asset misappropriation.


Examples of financial statement fraud include:


  • Inflating an asset’s value
  • Postponing reporting expenses to make current earnings look higher
  • Falsifying sales records


The median loss for financial statement fraud is $593,000. It accounts for 9 percent of cases.


The fraud tree


The fraud tree outlines occupational fraud and the abuse classification system. It lays out the three categories of occupational fraud — corruption, asset misappropriation and financial statement fraud — and links them to certain activities. 


Corruption is linked to:


  • Conflicts of interest ⇒ purchasing schemes and sales schemes
  • Bribery ⇒ invoice kickbacks and bid rigging
  • Illegal gratuities
  • Economic extortion


Asset misappropriation is linked to:


  • Cash ⇒ theft of cash on hand, theft of cash receipts and fraudulent disbursements
  • Inventory and all other assets ⇒ Misuse and larceny


Financial statement fraud is linked to:


  • Net worth/net income overstatements ⇒ timing differences, fictitious revenues, concealed liabilities and expenses, improper asset valuations and improper disclosures
  • Net worth/net income understatement ⇒ timing differences, understated revenues, overstated liabilities and expenses, improper asset valuations and improper disclosures


Duration of fraud schemes


As careful as your company may be to prevent occurrences of fraud, it is impossible to eradicate all chances of fraud happening within your organization. For this reason, it is important to understand the average duration of fraud schemes and what longer and shorter fraud schemes indicate.


Initial detection


Most fraud schemes are initially detected 12 months after the scheme’s inception. Longer schemes indicate more significant financial losses, as the culprit had more time to siphon away resources.


The following table shows the median length of time to initial detection, the detection method, the detection style and the median loss associated with those cases.


Detection method

Median time until detection

Detection  style

Median loss

Automated transaction or data monitoring

6 months




6 months



Account reconciliation

8 months



Management review

12 months



Internal audit

12 months




12 months

Active or passive


Document examination

12 months




14 months



Notification by law enforcement

18 months



External audit

20 months

Active or passive


By accident

23 months




Active methods were more commonly employed to detect fraud than passive methods. More proactive fraud protection efforts yield a better chance of identifying and halting fraudsters within your organization. Additionally, the sooner your company can initially detect potential fraud, the more money you can protect from being drained out of your company’s coffers, on average. 


In Part Two, we will look at characteristics of victim organizations, the perpetrators and the role internal auditors are playing in the fight against fraud.