What motivates people to commit fraud? And what can organizations do to guard against it? KPMG's global study Global Profiles of the Fraudster shows that the perpetrator is often closer than thought and rarely suspected directly.
The study is based on more than 250 fraud cases investigated over the past five years. While each case is unique, the data show striking similarities. For example, the typical fraudster often appears to be male (more than 80 percent), between the ages of 36 and 55, with a long track record within the company. In 65 percent of cases, the perpetrator had worked at the affected organization for more than six years. Of personal problems or resentment toward the employer is rare. The main motive: financial gain, usually purely out of greed or because it simply "could be done.
Contrary to the classic image of the "lone wolf," fraud often turns out to be a group activity: in 70 percent of cases, several people worked together - usually two to five people, often colleagues within the same organization. KPMG emphasizes that collaboration can actually reduce the risk of discovery, especially in the absence of internal controls.
Most fraud cases occurred in operational departments (32 percent), followed by finance (25 percent), management (25 percent) and procurement (23 percent). These percentages overlap in part because fraud often affects multiple departments simultaneously.
The most common form is misappropriation of assets (52 percent), such as money or goods. Procurement fraud (38 percent) is also common, with employees working with outside suppliers to artificially inflate prices in exchange for a share of the proceeds. Financial reporting fraud was found in one in five cases.
Fraud within the board of directors, by the way, does not mean that the ceo himself is involved, but rather that positions at that level often provide greater access to resources and have less oversight, which increases the risk.
A recurring pattern: sufficient internal controls were lacking in 76 percent of cases. In fact, half of the organizations involved had no anti-fraud measures such as audits or segregation of duties at all. In many cases, employees appeared to have unlimited powers.
Not surprisingly, 45 percent of fraud cases came to light through whistleblower reports or informal tips. A clear signal of the importance of a safe reporting culture.
Although cyber fraud currently accounts for only 5 percent of cases reviewed, KPMG warns of a rising trend. New technologies such as AI and cryptocurrencies are creating opportunities for more sophisticated forms of fraud, such as through deepfakes or ceo fraud. Unlike traditional forms of fraud, cybercrime is more often detected through data analysis and automated monitoring.
According to KPMG, there are several ways to better prevent fraud and detect it faster. Consider strengthening internal controls, implementing clear authority limits and encouraging an open and ethical corporate culture. Collaboration between departments and due diligence on external parties are also essential, especially at a time when fraud is not confined to the walls of the company.
