Fraud examiners are acutely aware of the potential threats that can wreak havoc on different businesses. More importantly, they are familiar with warning signs and act quickly to prevent further damage. Businesses also have natural enemies – often times these enemies are employees that commit occupational fraud.

3 Main Categories of Occupational Fraud

The Association of Certified Fraud Examiners (ACFE) defines occupational fraud as “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.” The first step in combating fraud is learning to identify the most common types of occupational fraud. To aide in this effort, the ACFE has developed a “fraud tree” that categorizes and organizes occupational fraud into three main categories:
1.  financial statement fraud,
2. asset misappropriation, and
3.  corruption.

Financial statement fraud is actually quite rare compared to the other categories, so this article will focus on the other two.

Asset Misappropriation

Asset misappropriation is an employee stealing from or unauthorized use of/theft from the employer, usually by a single perpetrator. The asset misappropriation category of the ACFE fraud tree encompasses many types of fraud schemes. Five of the most common schemes include:

1. Billing Schemes

According to the ACFE, the most popular asset misappropriation is billing schemes—and the most popular billing scheme is a shell company. In this scheme, the fraudster creates a company that exists only on paper (e.g., the “shell”) and only for the purpose of defrauding his/her employer. The shell appears to be a business entity because it has a name (probably recorded on state records), a bank account, and address (usually a post office box). The fraudster holds a key employee position and can ensure that the shell company is added to the employer’s authorized vendor list. Then, the perpetrator is in the position to approve an invoice for phony services (usually not a product). Once those two things happen, the employer’s system will take care of the rest – issuing a check for the invoice amount and mailing it to the fraudster’s address. The fraudster puts the check in the shell company’s bank account and uses the funds for personal expenditures.

2. Theft of Assets

Non-cash schemes involve the theft of assets that are not cash, such as equipment and inventory. The simplest example is an employee stealing items from inventory for personal use or to sell (e.g., on

3. Expense Reimbursement

Another popular scheme is expense reimbursement. In this scheme, an employee simply falsifies an expense reimbursement report and receives payment for fabricated expenses. Falsification can be accomplished by either inflating actual expenses or including phony expenses. The good news is that fraudsters tend to steal small amounts when committing the expense reimbursement scheme.

4. Skimming

Skimming can be perpetrated either via cash or receivables. In skimming, the employee is in the position to exchange cash or checks for a service or product. He or she is also in the position to fail to record the transaction in the accounting system and cover up the sale and thereby creating a fraud – unauthorized receipt of employer’s funds. For decades, the mob was famous for skimming cash from casinos in Las Vegas for decades, and fraudsters do the same today. For example, a customer places an order at a fast food counter and pays with exact change; the restaurant employee pockets the cash and fails to post the transaction in the cash register system.

5. Check Tampering

Generally, check tampering is the costliest type of asset misappropriation. Basically, the fraudster tampers with a legitimate organization’s check by: forging the maker’s signature,

  • changing the payee,
  • falsely endorsing a check (i.e., forgery),
  • falsely acquiring an authorized signature (e.g., “rubber stamping”), and/or
  • an authorized maker creates an unauthorized check to himself/herself.


Corruption is unique in that it involves someone within the victim organization working with someone outside of the organization. A common type of fraud found in the corruption category of the ACFE fraud tree is bribery, which consists of:

1. Kickbacks

This scheme involves an employee colluding with a vendor to charge higher than market prices with the understanding that part of that excess will be “kicked back” to the employee. That stage of the fraud could be in the form of cash to the employee or a phony consulting engagement. In the case of the latter, no services are provided to the vendor, but the employee (i.e., the “consultant”) receives a check regularly from the vendor to pay for the phony benefits received by the vendor. Note: the employee has to be in a trusted, key position to get away with excessive charges.

2. Bid Rigging

Similar to kickbacks, bid rigging occurs when an employee works with a vendor to ensure that a particular vendor is awarded the bid in the employer’s competitive bidding process. Typically, the employee sees the bids as they come in and informs the collaborating vendor of the lowest bid. Then, the vendor bids at the last moment with a bid sure to win the bidding process. Additionally, the employee may exaggerate the bid requirements so that all other bidders will bid higher than the one collaborating vendor who is going to provide something less by agreement with the key employee. For example, the bid could be for paving of a parking lot 300 feet by 500 feet with three inches of asphalt, and the collaborating vendor may actually be paving a 200 feet by 400 feet lot with two inches of asphalt.

Cultivate an Anti-Fraud Culture.

Becoming knowledgeable about the most common occupational fraud schemes and the red flags associated with each can help you deter fraud in your business. CRI’s forensic professionals can help your business develop countermeasures that are effective in preventing or detecting fraud.