Two surveys, one of individuals inside or with ties to public companies and the other of institutional investors, shed light on perceptions of the scope, impact, and causes of fraud at U.S. public companies. While the two studies reach somewhat different conclusions, both indicate that public companies incur significant losses due to fraud and that fraud risk is increasing.  Both groups of respondents have suggestions as to how companies can reduce their fraud risk.

AFC/ACFE’s The Impact of Fraud at U.S. Public Companies Benchmarking Report

The Anti-Fraud Collaboration (AFC), a group comprised of the Center for Audit Quality, Financial Executives International, the Institute of Internal Auditors, the National Association of Corporate Directors, and the Association of Certified Fraud Examiners (ACFE), has released The Impact of Fraud at U.S. Public Companies Benchmarking Report. The report was prepared jointly by AFC and ACFE.  According to the ACFE’s July 29 press release announcing the report, the U.S. publicly traded companies in this study lost a median of 1.06 percent of their annual revenue to known frauds in 2024. Further, more than 70 percent of participants rated the current level of fraud as medium or high, and two-thirds believed that the overall fraud level will increase during the next two years.

These findings are based on a 29-question survey sent to ACFE members and members of AFC’s partners in March 2025. ACFE describes survey participants as “individuals with significant roles in relation to U.S. public companies, including current employees, those in governance roles, consultants and advisors, external auditors, and government regulators.”  Of the 1,049 survey responses, 396 were usable for purposes of preparing the report.

AFC/ACFE survey findings included:

• Fraud Losses.  ACFE asked survey participants to provide their organization’s total revenues and known fraud losses in 2023 and 2024. Known fraud losses were 1.06 percent of total revenue in 2024 and 1.07 percent in 2023. Respondents were also asked to estimate total fraud losses from all forms of fraud sustained by a typical U.S. public company in any given year.  For all survey respondents, this estimate was 2.5 percent.  Company employees estimated overall fraud at three percent, while board members, including audit committee members, thought it was two percent, and external respondents, such as auditors and regulators, estimated overall fraud losses at four percent. 

• Likelihood and Significance of Fraud. Survey respondents rated the likelihood and significance of six categories of fraud. Cyberfraud represented both the most likely and the most significant fraud risk. Financial statement fraud was identified as the least likely to occur, but as having the second greatest impact (after cyberfraud) when it did occur. The three fraud risks with the highest likelihood of occurrence were cyberfraud, fraud by vendors and sellers, and customer payment fraud.  AFCE characterizes these three risks as “external frauds,” i.e., frauds perpetrated by individuals outside the organization. The risks respondents viewed as least likely to occur were financial statement fraud, bribery and corruption, and asset misappropriation/embezzlement, all of which AFCE characterizes as “internal frauds,” i.e., frauds perpetrated by individuals inside the organization.

• Past, Current, and Future Levels of Fraud. Seventy-two percent of respondents rated the current level of fraud at U.S. public companies as either “material/medium” or “extremely material/high.” Sixty-six percent thought that the overall level of fraud had increased either slightly or significantly over the past two years.  The same percentage – 66 percent – expected the overall fraud level to increase either slightly or significantly over the next two years.

• Factors that Contribute to this Current Level of Fraud.  AFCE asked employees and individuals in governance roles what could be done to better deter fraud or detect it sooner.  Fifty-six percent recommended “more or improved proactive and continuous monitoring for fraud.”  Fifteen percent recommended “new or improved use of technology and AI,” and 13 percent suggested “enhanced efforts related to fraud awareness training and an anti-fraud culture.”

• Responsibility for Fraud Prevention. Fifty-eight percent of respondents in employee or governance roles identified internal audit as having responsibility for the anti-fraud program at their organization, followed by compliance (56 percent), legal (45 percent), risk (43 percent), corporate security (41 percent), and investigation (35 percent).  (Respondents could select more than one department or function.)

• Strengthening Fraud Prevention and Detection. Different types of respondents had different views about the factors that contribute to the occurrence of fraud. 

• Employees rated the regulatory environment as the most significant contributing factor to fraud, followed by economic conditions/environment, organizational culture/tone at the top, and external pressures (e.g., market expectations for financial performance). 

• Respondents in governance roles (directors, including audit committee members) thought that the most significant factor contributing to fraud was the quality of external audits, followed by technological advancements, the maturity of the organization’s anti-fraud program, and the effectiveness of governance by the board and audit committee. 

• For external respondents (regulators, consultants, and external auditors), the top four most significant contributors to fraud were economic conditions/environment, organizational culture/tone at the top, external pressures (e.g., market expectations for financial performance), and board and audit committee governance.

As ACFE notes, the employee and external respondents’ rankings of the contributing factors were similar, while the rankings of those involved in governance differed. The only factor that all three groups ranked as one of the top five contributors was economic conditions/environment.

CAQ’s Institutional Investor Survey

Seventy-nine percent of institutional investors believe that the overall level of fraud at U.S. public companies is either “extremely material/high" or “material/medium,” according to Institutional Investor Survey (July 2025), a new Center for Audit Quality (CAQ) publication. These respondents also think that the typical U.S. publicly traded company loses three percent of its revenue each year because of fraud. 

KRC Research, a global opinion research and insights consultancy, conducted the online survey on which the CAQ’s report is based in April. There were 100 survey respondents, all of whom had at least six years of professional investment experience and were employed at the director or higher level at firms with a U.S. primary market focus that managed at least $500 million in assets.

Other CAQ survey findings included:

• Likelihood and Significance of Fraud.  Survey respondents said that the types of fraud most likely to occur are cyberfraud, customer payment fraud, and fraud by vendors and sellers.  Eighty-three percent of respondents said that cyberfraud was either probable or reasonably possible, followed by customer payment fraud (82 percent), fraud by vendors and sellers (81 percent), asset misappropriation/embezzlement (80 percent), financial statement fraud (79 percent), and bribery and corruption (63 percent). 

Investors believe that the type of fraud that has the potential to be the most catastrophic is cyberfraud.  Eighty-six percent of respondents thought that cyber fraud had the potential to be either “catastrophic/extremely material” (63 percent) or “moderate/material” (23 percent).  Asset misappropriation/embezzlement placed second, at 82 percent, although only 23 percent of respondents thought that type of fraud had the potential to be “catastrophic”, while 59 percent thought it could potentially be “moderate/material.” Combining both likelihood of occurrence and potential impact, respondents viewed cyberfraud as the most serious fraud risk U.S. public companies face.

• Past, Current, and Future Levels of Fraud. Over two-thirds of institutional investors believe fraud increased in the last two years, and over half think it will increase further in the next two years.  Sixty-eight percent of respondents said that the overall level of fraud occurring at U.S. publicly traded companies had increased either “significantly” (14 percent) or “slightly” (54 percent) in the past two years, while 18 percent thought it had stayed about the same and 14 percent thought it had declined. Fifty-six percent thought fraud would increase either “significantly” (11 percent) or “slightly” (45 percent) in the next two years.  Twenty percent thought it would stay about the same, and 24 percent thought it would decrease.

• Responsibility for Fraud Prevention. A plurality of institutional investors believe that internal audit is primarily responsible for preventing and detecting fraud, followed by company management and the board of directors. Twenty-four percent of respondents thought that internal audit had primary fraud prevention and detection responsibility, followed by management (20 percent) and the board of directors (18 percent).  External auditors came in fourth at twelve percent.

However, 41 percent of respondents said that senior management was “most responsible” when financial reporting fraud occurs at a publicly traded company.  Twenty-five percent viewed the board of directors/audit committee as most responsible, followed by internal auditors (13 percent), external auditors (12 percent), and business units/subsidiaries (nine percent).

• Strengthening Fraud Prevention and Detection. Respondents were asked, based on their knowledge of fraud at companies they had invested in or were otherwise aware of, what could have been done differently to deter fraud or detect it sooner? The top four suggestions were “AI to monitor transactions/Machine learning algorithms to detect fraud” (14 percent), “Promote ethical leadership and culture” (14 percent), “Training/Fraud awareness programs” (twelve percent), and “Severe penalties for unethical behavior/Harsher penalties for executives involved” (eleven percent).

Audit Committee Takeaways

1.   Fraud losses are a significant issue.  Based on the results of these surveys, fraud losses are a serious problem.  In both studies, respondents rated fraud risk as medium or high.  The AFC respondents put losses from known fraud at over one percent of total company revenue, and total losses (including from frauds not discovered) between two and four percent of revenue.  Similarly, institutional investors estimated that the average U.S. publicly traded company loses three percent of revenue each year due to fraud.  Majorities of both sets of respondents also think that fraud risk will increase in the future.

2.   Audit committees may want to consider how fraud could be affecting their company.  Assuming the survey findings are accurate, fraud losses could have a material impact on net income and earnings per share at many companies. It may be worthwhile for the audit committee to initiate a study, perhaps by internal audit, of the amount and likely sources of both known and undiscovered fraud losses at the company.  Both surveys found that cyberfraud is the type of fraud most likely to occur and poses the greatest potential risk; in both surveys, fraud by vendors and sellers, and customer payment fraud were the other top three most likely frauds.  These areas could be starting points for inquiry. 

3.   Audit committees may also want to explore whether there are cost-effective steps that could reduce fraud losses. Fraud losses cannot be reduced to zero, and the costs of specific additional actions to deter or prevent fraud need to be balanced against the potential savings.  But, in light of these findings, audit committees may want to discuss with management whether any additional cost-effective steps could mitigate fraud risk. In the AFC and CAQ surveys, there was general agreement on actions that could reduce fraud risk.  Suggestions included using AI or other technology to monitor transactions; promoting ethical leadership, fraud awareness, and an anti-fraud culture; and better training.