On May 12, 2026, the Association of Certified Fraud Examiners (ACFE) released the Occupational Fraud 2026: A Report to the Nations. The report analyzed 2,402 occupational fraud cases across 143 countries and regions, involving total losses exceeding USD 3.4 billion. According to the report, the median loss per case was USD 104,000, while the average loss reached USD 1.457 million. In addition, Certified Fraud Examiners estimated that organizations lose approximately 5% of their annual revenue to occupational fraud each year.

From the perspective of organizational type, private companies remained the most common victims of occupational fraud, accounting for 44% of all reported cases, followed by publicly listed companies at 25%, government organizations at 16%, and non-profit organizations at 10%. These figures indicate that occupational fraud has become a significant and widespread risk faced by organizations regardless of their nature or industry.

The report also highlighted another noteworthy finding: 43% of occupational fraud cases were detected through tips or whistleblowing mechanisms. Among the reporting sources, employees accounted for 55%, customers for 21%, and suppliers for 11%. This finding further demonstrates that effective whistleblowing channels and internal monitoring systems remain critical tools for organizations in detecting and preventing occupational fraud.

Occupational fraud is generally categorized into three major types: asset misappropriation, corruption, and financial statement fraud. The 2026 report shows that asset misappropriation remains the most prevalent form of fraud, occurring in 90% of cases. Corruption-related schemes accounted for 45% of cases, with a median loss of USD 150,000 per case. Although financial statement fraud represented only 6% of reported cases, it resulted in the highest median loss, reaching USD 1 million. Notably, the report highlighted that the proportion of corruption-related cases increased significantly from 10% in 1996 to 45% in 2026, reflecting the increasingly sophisticated and concealed nature of occupational fraud.

Asset misappropriation typically involves cash theft, fraudulent reimbursement claims, fictitious procurement activities, inventory theft, and payment manipulation. Although the loss associated with each individual incident is often relatively small, such fraud tends to occur frequently and across a broad range of operational activities, particularly within procurement, payment processing, warehousing, sales, and expense reimbursement functions. As a result, organizations should pay close attention to authority allocation, approval procedures, and fund flow controls within routine business operations.

In comparison, corruption-related fraud more commonly involves improper benefit transfers, commercial bribery, kickbacks, conflicts of interest, bid rigging among suppliers, and the concealment of related-party transactions. The continued increase in corruption-related cases suggests that occupational fraud is no longer limited to the direct misappropriation of corporate assets, but is increasingly evolving into more complex forms of transaction manipulation and rent-seeking behavior. Such misconduct is often associated with management override, loss of control over supplier relationships, and ineffective internal supervision, posing deeper challenges to corporate governance frameworks.

Although financial statement fraud occurs less frequently, its impact is significantly more severe and destructive. Such fraud schemes commonly involve revenue inflation, understatement of expenses, profit manipulation, concealment of liabilities, and overstatement of asset values. These activities may not only mislead investors, regulators, and creditors, but also expose organizations to substantial legal liabilities, regulatory penalties, and serious reputational damage.

Based on the above trends, organizations should further strengthen fraud risk management and internal control systems, with particular attention to high-risk areas such as procurement management, payment approvals, third-party cooperation, related-party transactions, and financial reporting. Companies should also enhance whistleblowing and investigation mechanisms, conduct regular fraud risk assessments, strengthen conflict-of-interest management, and improve management accountability and compliance awareness. In light of the continued increase in corruption-related cases and the growing complexity of occupational fraud, reliance solely on traditional financial audits is no longer sufficient to effectively identify risks. Organizations should therefore establish more systematic, continuous, and forward-looking anti-fraud management frameworks to mitigate operational and compliance risks. In particular, organizations should pay close attention to the following risks:

(1) Supplier and third-party management risks, including fictitious suppliers, bid rigging, improper benefit transfers, and concealed related-party transactions;

(2) Risks arising from excessive concentration of management authority and insufficient internal oversight, particularly where procurement, payment approval, contract authorization, and financial management functions lack proper segregation of duties;

(3) “Small but frequent” abnormal transaction risks, such as repetitive reimbursement claims, split payments, and fragmented procurement activities that may accumulate over time;

(4) Financial reporting risks, including revenue inflation, concealed liabilities, and profit manipulation;

(5) Commercial bribery and compliance risks associated with cross-border operations and overseas business cooperation;

(6) Information system access control risks, including abuse of ERP systems, online banking permissions, and electronic approval workflows, as well as data manipulation risks;

(7 )Risks relating to ineffective whistleblowing mechanisms, weak compliance culture, and internal control failures during periods of rapid business expansion.

Accordingly, organizations should strengthen anti-fraud management across multiple dimensions, including policies, processes, personnel, systems, and corporate culture. In addition to establishing post-incident investigation mechanisms, companies should place greater emphasis on preventive controls and ongoing monitoring. Measures such as data analytics, continuous auditing, supplier background verification, and abnormal transaction monitoring can further enhance fraud detection capabilities and improve early risk warning mechanisms.

By Linda Yang, Senior Consultant