As boards fixate on the likes of cybersecurity strategies and AI-enabled threat detection, traditional, old-fashioned fraud continues to thrive quietly beneath the surface.
According to the Association of Certified Fraud Examiners (ACFE), asset misappropriation schemes – the backbone of traditional fraud – accounted for 89% of occupational fraud cases globally in its 2024 study. In the US and Western Europe, the median loss per case exceeded €120,000, with total damages in the billions. In the US alone, the median loss was $163,000, and in Western Europe, $128,000.
‘It’s all human behaviour. People see opportunity. They find ways around systems and controls’
In the US and UK alone, nearly US$1trn in financial and compliance penalties have been incurred since 2010, based on EY’s 2024 Global Integrity Report, with accounting deficiencies and tax violations growing two- to tenfold over the period.
And these are just the reported figures. As Steve Holt, partner at Grant Thornton’s forensic and investigation services practice, puts it: ‘Nobody wants to admit it has happened to them.’
Quiet epidemic
Traditional fraud is as old as commerce itself. It thrives not through clever malware, but through the manipulation of internal processes and human relationships. Falsified invoices, ghost employees and duplicate expense claims are just some of the simple mechanisms that fraudsters can use to drain funds from their employer or customer.
‘It’s all human behaviour,’ says Holt. ‘People see opportunity. They become ingenious. They find ways around systems and controls.’
‘Anything that’s hard for a layperson to assess, that’s where fraud tends to hide’
While technology has transformed how businesses operate, it hasn’t replaced the need for human judgment. In fact, according to the ACFE, the most common method for uncovering fraud is still a tip-off – usually from an employee. In organisations with established whistleblower systems, frauds were discovered twice as quickly and with significantly lower financial losses.
Yet many businesses continue to channel their fraud prevention budgets into cyber tools, leaving traditional schemes to flourish in areas like procurement, payroll and travel reimbursement.
EY’s Global Integrity Report 2024 reinforces this view, noting that 29% of global respondents cited ‘failure of financial processes and controls’ as the primary cause of recent integrity incidents. While not all misconduct is criminal, EY warns that financial fraud often arises from structural vulnerabilities – poor oversight, siloed operations and the normalisation of corner-cutting behaviours.
Sector exposure
Certain industries are especially vulnerable. In construction and real estate, where large payments are common and materials difficult to verify, procurement fraud is rife. In healthcare, the complexity of services and billing processes makes it easier to charge for high-cost treatments while delivering low-value care. Holt describes it as ‘anything that’s hard for a layperson to assess, that’s where fraud tends to hide’.
‘There’s always a risk when a single employee can both approve and certify a vendor’
In the ACFE’s 2024 data, construction frauds in the US carried a median loss of $250,000, while real estate schemes often involved false pricing or supply chain manipulation. Even professional services, where intangible outputs and billable hours rule, have seen a steady stream of fake invoices and unearned bonuses.
And while some of these cases are isolated ‘irritants’, Holt warns that one in 10 can be existential – particularly when they involve accounting manipulation. ‘That’s the stuff that brings down companies. Not stealing money outright, but boosting earnings to hit a sales target or masking losses ahead of a merger,’ he says.
Anatomy of a fraud
Traditional fraud often starts small. An extra lunch expense here, a duplicated invoice there. ‘Fraudsters test the water,’ argues John Gilkes, a forensic advisory principal at Grant Thornton in Washington DC who heads the global practice with Holt. ‘First, it’s lunch. Then shoes. That worked, so they go bigger. There’s a progression – and it always leaves a trail.’
The Fraud Triangle remains a useful tool
The danger lies in how easily these schemes slip through the cracks. Even in organisations with sophisticated systems, insiders know where the gaps are. ‘There’s always a risk when a single employee can both approve and certify a vendor. That’s where segregation of duties matters,’ Holt says.
Gilkes points out that smaller organisations – especially non-profits – are often at higher risk due to a culture of trust. ‘In non-profits, people are paid less and selected for their commitment to the mission. That can make leaders overly trusting,’ he says. He recalls one case where a staffer controlled both budgeting and accounts payable, and created fake vendor accounts with names similar to real suppliers.
The Fraud Triangle – which includes incentive, opportunity and rationalisation – remains a useful tool for understanding why fraud happens. Gilkes says: ‘Often it starts with a sense of entitlement or need. Someone thinks, “I’ll borrow a bit and pay it back.” But they rarely do. Rationalisation is the fig leaf that lets it continue.”
Fighting back
Stopping fraud requires more than a one-size-fits-all solution. Holt stresses the importance of a risk-based approach. ‘Don’t spend a million to save a pound. The controls for a pharma firm won’t work for a construction company,’ he says. ‘You must think like a fraudster – what looks like an easy win? What’s the path of least resistance?’
Gilkes agrees, adding that preventative work is increasing. ‘We’re usually the fire brigade. But there is a growing demand for fireproofing – getting ahead of the problem with better systems and culture,’ he says. And that includes training accountants to recognise red flags: ‘You need to know what a good ledger looks like to know when something’s off. That’s where accounting knowledge really matters.’
Accountants remain the first line of defence
Data analytics platforms used for anomaly detection have been around for over a decade and can be effective – but only with good data and proper interpretation. Holt is skeptical of how they’re often deployed.
‘Very rarely do I see them used in a way that actually makes sense,’ he says. Instead, he advocates for strong governance, internal audits and diligent monitoring. ‘Every day, validate the basics. That’s where fraud lives.’
Frontline role
Amidst all this, accountants remain the first line of defence. They’re the ones reconciling figures, reviewing controls and flagging irregularities. Their ability to spot the anomaly, challenge assumptions and advise on preventive strategy makes them indispensable.
But their role is also evolving – from passive record-keepers to active fraud advisers. ‘We don’t just investigate after the fact,’ says Holt. ‘We help clients design systems that work, anticipate threats and stay one step ahead.’
