Fraud Diamond Model – A Crucial Tool to Prevent or Detect Fraud

In the Association of Certified Fraud Examiners’ (ACFE) Occupational Fraud 2024: A Report to the Nations®, the thirteenth edition of the largest global study on occupational fraud examined 1,921 cases of occupational fraud in 138 countries and territories and 22 major industry categories, in which the total calculated losses of the cases amounted to $3.1 billion. Additional findings from the report are just as troubling:

• Organizations lose 5 percent of their revenues annually to fraud.
• A typical fraud case runs twelve months before being detected, with a median loss of $145,000.
• The average loss per case is $1.7 million.
• 48 percent of reported cases included corruption.
• The top median losses by industry included mining, wholesale trade, manufacturing, construction and real estate.

What are the Most Common Types of Occupational Fraud?

The ACFE confirmed in its findings that occupational fraud schemes are usually one of three main types:

• Asset Misappropriation – The most common category of fraud, asset misappropriation occurs when assets or resources at an organization are misused. The average loss in this type of fraud case is $120,000.
• Corruption – Corruption occurs when there is an abuse of power in an organization that results in private gain, such as bribery and extortion. The average loss in a corruption fraud case is $200,000.
• Financial Statement Fraud – While financial statement fraud is the least common, such cases result in far greater losses. In these cases, fraudsters are responsible for misstatements or omission within the financial statements of an organization. The average loss in a financial statement fraud case is $766,000.

The Fraud Diamond – Rethinking Fraud Prevention and Early Detection

The cost and challenge of recovering funds in fraud cases make prevention or early detection more cost-effective. For years, corporations and fraud examiners used the Fraud Triangle theory, developed by criminologist Donald Cressey in 1950, to understand and manage the risk of fraud. Cressey’s triangle had three elements — opportunity, pressure and rationalization. Lack of internal controls or oversight offered the opportunity. Debt, greed, lifestyle needs or falling short of forecast supplied the pressure. The ability to justify clearly illegal and unethical behavior provided the necessary rationalization.

In 2004, David Wolfe, of Glasgow Forensic Group, and Dana Hermanson, of Kennesaw State University, introduced their expanded fraud model in “The Fraud Diamond:  Considering the Four Elements of Fraud.” Their four-sided model added the element of capability to Cressey’s Fraud Triangle:

As Wolfe and Hermanson noted, Congress has passed tougher fraud laws, and regulatory agencies have increased enforcement actions. Auditors now use tougher audit standards and processes, and accounting software includes continuous monitoring of back-office activity. Still, the frequency and severity of fraud continue to grow, particularly employee fraud.

Enhanced Internal Controls and Oversight Raise the Bar

The pressure, opportunity and rationalization that motivate fraudsters haven’t changed. What has changed, according to the Fraud Diamond model, is the critical need for capability. A person driven to commit fraud must now have the skills and ability — both to recognize the opportunity and execute the scheme.

Wolfe and Hermanson list the six factors that constitute capability:

• The fraudster’s position or responsibilities within the organization must provide a singular opportunity. This includes the ability to control or influence the timing of deals, which affects the timing of revenue and revenue recognition. The fraudster may also be responsible for recurring activities, such as bank reconciliations or opening vendor accounts.
• Expertise and experience are invaluable to recognize the opportunity and exploit weak internal controls. This is supported by the ACFE’s recent findings – in its 2024 report, the ACFE notes that median losses for frauds by owners and executives at an organization were more than seven times greater than those carried out by employees. Additionally, the longer a fraudster has been employed at the organization meant that their fraud was more costly.
• Committing fraud requires a strong ego and robust self-confidence. Fraudsters tell themselves that they won’t be caught — or if they are, they can lie convincingly.
• Fraudsters can coerce associates to participate in their scheme or remain silent. They may bully these colleagues or make them afraid not to comply.
• The ability to lie fluently and convincingly is critical. Fraudsters may be able to avoid the telltale signs of lying — fidgeting, saying too much or too little. They can also keep track of their fabrications, so their lies remain consistent.
• The risk of detection, exposure, criminal prosecution and loss of social standing deter many people from committing fraud. Fraudsters handle the stress.

Strategies for Fraud Prevention and Detection

One of the most crucial prevention strategies against fraud is to establish strong internal controls within an organization, including clear policies and procedures for financial transactions as well as segregated duties so that no single individual has control over all aspects of a financial transactions. Employee training should also be an integral part of your fraud prevention strategy – conduct regular training requirements for recognizing and reporting fraud, and create confidential reporting mechanisms (i.e., whistleblower programs) that encourage employees to report suspicious activity without fear of retaliation.

Regular audits, both internal and external, are important for identifying vulnerabilities and ensuring compliance with policies. Access controls should be enforced to limit sensitive information to authorized personnel, along with implementing strong password policies and multi-factor authentication. Utilizing data encryption also protects sensitive information in transit and at rest, making it more difficult for unauthorized users to access it.

For fraud detection, organizations can employ fraud detection software that monitors transactions for unusual patterns and anomalies. Leveraging data analytics also helps identify trends that may indicate fraudulent activity, while continuous transaction monitoring allows for quick detection of suspicious behavior. Developing key performance indicators (KPIs) can highlight areas of concern, such as high turnover rates in financial roles or frequent changes to vendor information. Periodic reviews of financial statements and reports are also essential to identify inconsistencies or discrepancies.

Lastly, maintaining a culture of transparency and encouraging open discussions about fraud-related concerns can enhance overall awareness and response. By creating a robust framework encompassing these strategies, organizations can effectively prevent and quickly identify fraud when it occurs.

Windham Brannon Can Help in the Fight Against Fraud

As noted earlier, it’s more cost-effective to have safeguards in place than to respond to fraud with criminal charges and recovery actions. Windham Brannon’s forensic accountants can assess your accounting procedures and financial statements, and we’ll work with you to implement stronger internal controls and more effective risk mitigation.

If you suspect that fraud has occurred at your company, contact our Forensic and Litigation Services Practice to discuss an investigation. Our team has extensive experience in working with businesses and their legal counsel to investigate fraudulent acts. We can quantify damages and provide the supporting evidence to pursue criminal charges and/or seek restitution. For more information, talk to your Windham Brannon advisor or contact Kevin Bennett, Principal for Windham Brannon’s Forensics and Litigation Practice.