According to ACFE research, organizations worldwide lose an average of 5 percent of their revenues each year to fraud. And criminals are using ever-increasing sophistication to pilfer their employers’ assets. Clearly, companies cannot afford to ignore indicators of fraud that may exist. With so much at stake, management must proactively look for fraud.

Often, fraud cases can be detected if staff members, auditors, managers, and executives are observant of some of the indicators—or red flags—that are present in many common fraud schemes. A red flag is a circumstance, or set of circumstances, that is unusual in nature or varies from the normal activity; it is a signal that something is out of the ordinary and should be further investigated.

Even the best-concealed frauds frequently display red flags of the crime—if those around the perpetrator know what to look for. Warning signs relating to potential fraud can generally be broken down into several categories, which include internal control weaknesses, operational anomalies, and behavioral anomalies.

Internal Control Weaknesses

Fraud most commonly occurs where weaknesses in internal controls provide opportunities for dishonest employees to exploit the system for personal gain.  For example, segregating the responsibilities of authorization, custody, record keeping, and reconciliation within each business function is a key anti-fraud control; if any employee is allowed to perform two or more of these activities, it greatly increases the employee’s opportunity to commit fraud. Consequently, a lack of segregation of duties should be heeded as a warning sign for potential fraud that should be carefully monitored (if it cannot be remediated). Other internal control weaknesses that can serve as red flags of fraud include a lack of physical safeguards over organizational assets, a lack of proper authorization on documents and records, and the ability of management—or anyone else—to override existing internal controls.

Operational Anomalies

Operational anomalies are unusual events concerning the company’s operations—they are fluctuations or situations that fall outside the typical ups and downs of doing business.  Such circumstances may or may not be within the control of management, but they do merit consideration as red flags for possible fraud. Some of these anomalies are operating in a crisis mode, whether due to internal or external conditions; operating with insufficient capital or recurring negative cash flows; financial or strategic dependence on only one or two products; high employee turnover, especially in areas that are particularly vulnerable to fraud; an unusual organizational structure, such as an internal audit department that reports to the finance department; and previous or ongoing problems with government regulators.

Behavioral Anomalies

Fraud perpetrators often display certain behaviors or characteristics that might indicate they have a heightened risk of committing fraud. On their own, these behavioral red flags do not prove an individual is engaged in a fraud, but they can serve as warning signals to the individual’s coworkers and managers, as well as the organization’s anti-fraud staff.

The ACFE 2010 Report to the Nations on Occupational Fraud and Abuse examines 1,843 real cases of occupational fraud in an effort to identify common threads and trends in white-collar crimes. The breakdown of the behavioral red flags displayed by the perpetrators of these frauds—as well as those reported in the ACFE 2008 Report to the Nation—is displayed in the chart below. As shown, the most common behavioral red flags were living beyond financial means and experiencing financial difficulties.

Red Flag Graph color 2

Two Cautionary Notes

It is easy to retroactively spot the symptoms of a fraud, once the scheme has been detected and investigated. The challenge comes in trying to proactively identify the warning signs of a potential or existing fraud. In doing so, two cautionary notes should be considered:

  • Do not ignore a red flag— Studies of fraud cases consistently show that red flags were present, but either were not recognized or were recognized but not acted upon by anyone. Once a red flag has been noted, management should take action to investigate the situation to determine if a fraud has been committed.
  • Sometimes an error is just an error—While red flags should lead to appropriate action, sometimes an error is just an error and no fraud has occurred. Just as action is important, so is avoiding overreaction. Respect for employees—which is itself a vital part of preventing and deterring fraud—demands avoiding assumptions that fraud has taken place in the absence of evidence. It further requires that investigations not be conducted unprofessionally or with unwarranted hostility. Responsibility for follow-up investigation of a red flag should be placed in the hands of a measured and responsible person.


Most frauds produce warning signs that, had they been noticed or reported, might have resulted in the fraud being detected earlier. Spotting these red flags is not rocket science; however, it does demand a questioning, open mind and an ability to look behind the figures and ask why any irregularities occurred. Only by proactively watching for red flags of fraud—and educating employees at all levels to do the same—can organizations reduce their chances of losing hard-earned revenues to white-collar criminals.

James D. Ratley, CFE, is the President and CEO of the Association of Certified Fraud Examiners (ACFE). The ACFE has nearly 55,000 members in more than 160 countries. Additional resources on fraud are available at