Culture Technology, and Vigilance: How the Fraud Risk Landscape is Evolving

The fraud risk landscape continues to evolve as external threats and new innovations impact businesses. All members of the financial reporting ecosystem play a critical role in deterring and detecting fraud, but what contributes to fraud risk and how can companies stay vigilant in an ever-changing landscape?

This Fall, the Anti-Fraud Collaboration (AFC) hosted a webinar to discuss the prevalence of fraud at U.S. public companies and how organizations can strengthen their anti-fraud efforts using key findings from the Association of Certified Fraud Examiners (ACFE) and AFC’s benchmarking survey on the Impact of Fraud at U.S. Public Companies and the CAQ’s 2025 Institutional Investor Survey.

I moderated a panel of diverse stakeholders including Andi McNeal, Chief Training Officer at the ACFE, Theodore (Theo) Bunting Jr., Independent Director, and Chris Ekimoff, Principal at  WithumSmith+Brown, PC, who each brought a unique perspective on leading efforts to deter and detect fraud as we discussed the survey results.

Read on for top insights from our discussion.

The Reality of Fraud Losses: Perception vs. Data

The ACFE and AFC benchmarking report compiled findings from a survey of financial reporting stakeholders who work for or do substantial work with U.S. public companies, asking about their companies’ fraud losses in recent years, factors that contribute to fraud, and how their companies are managing various types of fraud risks. The respondents had direct visibility into the total revenue and the actual amount of known losses from all forms of fraud for 2023 and 2024.

The ACFE’s 2024 Report to the Nations estimated that organizations lose an average of 5% of their annual revenue to fraud. However, data from our latest benchmarking report specific to U.S. public companies paints a more nuanced picture of the issue.

Fig. 1, The Impact of Fraud at U.S. Public Companies Benchmarking Report

• Known Losses: Survey respondents reported that the median percentage of annual revenue lost due to all forms of known fraud at U.S. public companies was 1.07% and 1.06% for 2023 and 2024, respectively.
• Estimated Losses: When asked to estimate the loss due to fraud at a typicalS. public company (accounting for undetected fraud), estimates rose to a median estimate of 2.5%, of which employees and investors estimated fraud losses of 3% of annual revenue, and external roles estimated 4%.

While 1% may sound minimal, 1% of the Fortune 500’s revenue translates to roughly $200 billion annually. However, it is important to contextualize the amount on a micro-level that is unique to organizations and their specific types of fraud risks and risk profile. Therefore, it is important to reframe the 1% statistic by considering what is an appropriate margin for error for large multinational companies that operate in multiple jurisdictions.

The speakers also described a “NIMO” (Not In My Organization) phenomenon. While many financial reporting stakeholders recognize that fraud is a persistent problem, few choose to believe that fraud is occurring within their own organizations. This mindset can be dangerous for companies. It is important for organizations and stakeholders to stay vigilant so they can assess and respond to fraud risks appropriately.

The Shifting Fraud Risk Landscape: External Threats Take Center Stage

The ACFE and AFC survey results highlighted a distinct shift in how organizations determine their greatest fraud risks. While internal control over financial reporting remains vital, the most probable and significant fraud risks identified were largely external.

Fig. 3, The Impact of Fraud at U.S. Public Companies Benchmarking Report

As illustrated in the heat map, the risks that have the highest likelihood of occurring, according to survey respondents, include:

1. Cyberfraud (rated as the highest likelihood and highest significance)
2. Fraud by vendors and sellers
3. Customer payment fraud

Interestingly, traditional “internal” threats, such as financial statement fraud and asset misappropriation, were viewed as less likely to occur, though its impact is still viewed as significant. This suggests that while companies’ internal controls are improving, their defenses are continuously being threatened by external risks.

The “Why”: Contributing Factors and The Culture Gap

Each role within an organization views fraud differently depending on their unique perspective. This divergence was clear in the AFC’s benchmarking report when respondents were asked to rank the significance of ten factors in contributing to the current level of fraud.

Employees and external respondents (consultants, advisors, external auditors, and government agencies) cited the regulatory environment, external pressures, and organizational culture as top contributing factors. Governance responses highlighted the quality of external audits, technological advancements, and maturity of anti-fraud programs as most significant. The only factor in all groups’ top five ranking was economic conditions, highlighting that all stakeholders are impacted by economic uncertainty and believe it could contribute to a heightened fraud risk environment.

This data emphasizes the need for stronger internal communication. As noted during the panel, employees on the front lines feel the pressure of compliance and the economy, while boards rely heavily on assurance providers. To bridge this gap, organizations must prioritize culture.

Panelists highlighted that while technology, including artificial intelligence (AI), is a valuable tool, it is ultimately “human behaviors and communications” that drive outcomes. A strong tone at the top, flowing from management to the board of directors, is critical for fostering trust. Without that culture of trust, essential detection mechanisms such as whistleblower programs cannot function effectively.

Looking Ahead: Vigilance is Key

As we look forward, the majority of survey respondents anticipate that the fraud risk environment will become even more challenging, likely due to emerging technologies such as AI and a shifting regulatory landscape.

Fig. 6, The Impact of Fraud at U.S. Public Companies Benchmarking Report

As seen in the graph and discussed during our webinar, 66% of survey respondents expect the level of fraud to increase (either slightly or significantly) over the next two years. Investors share this concern, with 65% expecting fraud levels to increase.

How can financial reporting stakeholders strengthen our defenses against fraud? Survey respondents in governance roles suggested three areas for improvement:

1. Proactive and Continuous Monitoring: Moving from reactive investigation to real-time detection.
2. Technology and AI: Leveraging tools to proactively identify anomalies in large datasets.
3. Fraud Awareness and Culture: Training employees to maintain a “fraud lens” and exercise professional skepticism.

Whether you are an external auditor, an internal auditor, management, or a board member, you have a role to play in the fight against fraud. The fraud risk landscape is dynamic, but by leveraging technology, fostering a culture of skepticism, and breaking down silos within your organization, all members of the ecosystem can better protect the integrity of financial reporting and the U.S. capital markets.

I encourage you to watch the replay of the AFC webinar and download the full AFC Benchmarking Report and CAQ Investor Survey. Follow the AFC on LinkedIn for the latest insights on fraud deterrence and detection.