é É « » à è ù ç ô é

Internal & external fraud: key statistics

Supervizor Team |
September 3, 2025
Internal & external fraud: key statistics

Fraud today represents one of the most persistent and costly threats facing modern businesses. Despite technological advances and stronger control systems, this threat continues to evolve and adapt.

This threat comes in many forms: internal fraud, carried out by employees or executives, and external fraud, perpetrated by malicious actors such as fake suppliers or cybercriminals.

A global PwC study (Global Economic Crime Survey 2024) shows that 41% of companies worldwide have experienced fraud in the past two years. This average masks significant regional variations: 59% in India and 29% in Central and Eastern Europe¹. These findings confirm fraud's universal nature, with impact varying by region.

Eye-opening numbers: today’s fraud landscape

The Association of Certified Fraud Examiners (ACFE), in its Report to the Nations 2024, estimates that organizations lose an average of 5% of their annual revenue to fraud². When applied to global GDP (approximately $105 trillion in 2023³), this represents roughly $5.25 trillion per year – more than Japan's entire GDP (approximately $4.2 trillion in 2023)⁴.

The 2024 ACFE report also reveals:

  • Median loss per fraud case reached $145,000² (up from $117,000 in 2022)
  • Median time to detection remains 12 months²
  • 22% of cases result in losses exceeding $1 million

Internal fraud vs external fraud: two sides of the same coin

Fraud presents two distinct yet related categories:

  • Internal fraud, committed by employees, managers, or executives who exploit their positions to steal assets, manipulate financial statements, or bypass controls
  • External fraud, orchestrated by outside actors (fake suppliers, cybercriminals, CEO impersonators) who exploit company trust or technological vulnerabilities

This distinction is crucial because prevention and detection strategies differ significantly based on fraud type.

The costliest types of fraud

Asset misappropriation and theft

In 2024, asset misappropriation remains the most common type of fraud, accounting for nearly 9 out of 10 cases². With a median loss of $120,000 per incident², this practice is the classic example of internal fraud: cash theft, falsified expense reports, phantom suppliers, or unauthorized payment approvals.

This fraud remains so widespread because it exploits everyday operational gaps where controls may be less stringent.

Corruption and procurement fraud

Corruption appears in nearly half of all cases recorded by ACFE². Meanwhile, procurement fraud perfectly demonstrates how internal and external threats intersect: it often involves collusion between internal employees and malicious external partners (fictitious suppliers, inflated pricing).

This issue particularly concerns certain regions: 1 in 2 Indian executives identify it as their top risk, compared to 3 in 10 globally¹. Central and Eastern Europe shares this concern, with 52% of executives ranking it as their primary worry¹.

Financial statement manipulation

While representing only 5% of cases in 2024², financial statement fraud sets new records for cost: $766,000 median loss per case².

This ultimate form of internal fraud typically stems from economic pressures that drive companies to disguise their financial reality. The consequences extend far beyond finances: regulatory sanctions, reputation damage, and media scandals inevitably follow these cases.

Who commits fraud and how do they do it?

Breakdown by organizational level

According to ACFE 2024²:

  • Executives/owners cause a median loss of $500,000
  • Managers: $184,000
  • Employees: $60,000

This hierarchy reflects different levels of access to resources and control systems. The higher the position, the greater the potential financial impact of internal fraud.

Most common methods in the United States

According to the Federal Trade Commission (FTC) and recent industry surveys, the most widespread schemes are also primarily external. Imposter scams — criminals posing as government officials, executives, or trusted contacts — generated more than 845,000 reports in 2024, with losses approaching $3 billion⁵.

Businesses are also exposed to vendor fraud and fraudulent wire transfers, where attackers submit fake invoices or redirect legitimate payments. These schemes represented the majority of reported corporate losses in 2024, with nearly 60% of U.S. firms affected⁶. Business email compromise (BEC) — often involving CEO impersonation — continues to rise, forcing finance departments to strengthen verification processes⁷.

Finally, investment and procurement fraud remain highly costly, frequently involving collusion between insiders and external actors².

Impact beyond financial losses

Whether internal or external, fraud damages organizations across multiple dimensions:

  • Reputation: Exposed fraud can permanently erode trust among investors, partners, and customers
  • Hidden costs: Investigations, legal fees, additional audits, and internal restructuring often exceed the amount stolen
  • Workplace culture: Internal fraud destroys trust between employees, undermines management credibility, and increases turnover

How do companies detect fraud?

ACFE 2024² confirms that:

  • 43% of fraud cases are detected through tips, with 52% coming directly from employees (internal fraud)
  • Audits (internal + external) detect 17% of cases
  • Management review: 13%
  • Accidental discovery: 5%

Median detection time drops significantly in organizations with hotlines or reporting mechanisms: 12 months with hotline versus 24 months without².

Technology's role in fighting fraud

The growing complexity of fraud schemes demands a technological response.

  • Advanced data analytics: Cross-referencing large transaction volumes enables rapid anomaly identification
  • Automation: Continuous monitoring reduces control gaps
  • Artificial intelligence: AI algorithms can identify unusual patterns and improve detection rates for both internal and external fraud

Example: Supervizor

Supervizor
exemplifies this approach by integrating over 350 automated controls for financial transactions.

This proactive strategy reduces detection times and frees teams from repetitive tasks to focus on analysis and risk management.

Conclusion: Moving toward proactive management

Corporate fraud remains a major challenge. However, organizations that invest in robust defenses can significantly reduce their exposure:

  • Ethical corporate culture
  • Training
  • Reporting channels
  • Automated controls

As fraudsters continue to innovate, prevention and proactive detection should be viewed as a strategic investment, not just a cost of doing business.

Sources

  1. PwC – Global Economic Crime and Fraud Survey 2024 (India & CEE reports)
  2. ACFE – Report to the Nations 2024 (Occupational Fraud Study)
  3. World Bank – World GDP 2023 (approximately $105 trillion)
  4. World Bank – GDP Japan 2023 (approximately $4.2 trillion)
  5. FTC – Consumer Sentinel Network Data Book 2024
  6. ABA – Business Fraud Survey 2025 (American Bankers Association)
  7. FBI IC3 – Internet Crime Report 2024 (Business Email Compromise data)

Related Blogs

Automating internal controls: Choosing the right method

Automating internal controls: Choosing the right method

When automating their controls, companies save time, increase efficiency, and ensure compliance with...

Discover More
ECCTA Guidance: Key Steps to Prepare

ECCTA Guidance: Key Steps to Prepare

The UK’s Economic Crime and Corporate Transparency Act (ECCTA) is reshaping how companies manage cor...

Discover More
How AI is Revolutionizing Financial Transparency

How AI is Revolutionizing Financial Transparency

Are you confident in the accuracy of your company's financial data? In a world where a single accoun...

Discover More