Battle Against Fraud: Seeking the Accounting Profession’s
An Exclusive CPA Journal Interview with
ACFE Founder and Chairman Joseph T. Wells
2006 - Joseph T. Wells, CFE, CPA, is the founder and chairman
of the Association of Certified Fraud Examiners (ACFE; www.acfe.com),
an organization dedicated to reducing the incidence of fraud
and white-collar crime. When he speaks about fraud detection
and deterrence, people listen. His passion for the subject
is clear, and his determination to bring the necessary skills
to the CPA profession is unwavering.
CPA Journal: For those who may be unfamiliar with you and
the ACFE, tell us about your professional background and
what led to the formation of the association.
Joseph T. Wells: Like
many, I did not end up where I started. My grand plan was
to be an astronomer. When that didn’t pan out, I graduated
with an accounting degree and went to work for the predecessor
to PricewaterhouseCoopers. But I was restless in public
accounting. In search of adventure, I applied to and was
hired as a special agent for the FBI. For nearly a decade,
I investigated a wide variety of cases, mostly fraud, ranging
from nickel-and-dime con artists to former U.S. Attorney
General John Mitchell’s involvement in Watergate.
I left the FBI 25 years ago to start an investigative and
consulting firm focused on white-collar crime.
lesson that my background in investigating fraud taught
me is that it is a very specialized field. In 1988, colleagues
and I decided to start an organization to represent individuals
who were employed in the profession of detecting, investigating,
and preventing fraud. We also worked to develop a certification
that recognized specialized knowledge and experience in
this area, and we established educational and professional
standards. Since that time, the Association of Certified
Fraud Examiners has grown to more than 37,000 members in
Many in the accounting profession use the terms “forensic
accounting” and “fraud examination” interchangeably.
What is the difference?
Wells: “Forensic accounting” is
the application of any accounting technique for courtroom
purposes. It can involve fraud, bankruptcy, damages, valuation,
or a host of other issues not connected with fraud. “Fraud
examination” is the application of specific procedures
to resolve allegations of fraud, from inception to disposition.
Fraud examiners gather evidence, take statements, prepare
reports, testify to findings, and assist in the detection
and deterrence of fraud. Although “forensic accounting”
is frequently used as a euphemism for fraud examination,
the former is a much broader term. Moreover, fraud examinations
are commonly conducted by professionals with a nonaccounting
You have long been an ardent advocate of antifraud education
for accounting students. What do they and other practicing
CPAs need to know about fraud to be able to detect it?
Wells: I have been such a passionate advocate
for antifraud education because of my personal experience.
I learned almost nothing about the topic during my undergraduate
education, nor did my public accounting experience assist
in this area. But when I actually started investigating
cases for the FBI, it became clear that accounting knowledge
was just one element. As I’ve said on prior occasions,
books and records don’t commit fraud, people do. Knowing
what motivates people to engage in illegal conduct is critical
to recognizing these offenses. So is a thorough understanding
of the laws related to fraud. CPAs who investigate fraud
must also know how to gather evidence and interview potential
witnesses. And finally, CPAs should be taught the most common
fraud schemes so they can recognize the signs when they
fraud cases are not complicated. The vast majority—nearly
90%—involve asset misappropriations, usually cash.
Although financial statement fraud cases get the lion’s
share of publicity because the losses are so large, they
are also exceedingly rare, accounting for less than 5% of
all fraud. Fraud isn’t rocket science, and although
accounting knowledge is helpful, it’s not absolutely
necessary to detect fraud except in unique situations.
ACFE conducted a study in 1996 of 2,608 actual cases of
occupational fraud and determined that they could be classified
into 11 main categories, what we call “the fraud tree.”
It is vital, in my view, that CPAs thoroughly understand
these categories. The Uniform CFE Exam includes four sections;
the section entitled “Fraudulent Financial Transactions”
tests extensively on the application and recognition of
the various schemes.
Do you think that AICPA Statement on Auditing Standards
(SAS) No. 99, Consideration of Fraud in a Financial Statement
Audit, changed the auditor’s responsibility to detect
fraud during the course of an audit?
Wells: Even though I helped draft SAS 99,
most of us would recognize that it is not a perfect document.
Those who are newer to the accounting profession may not
realize that SAS 99 is the third fraud standard in 15 years.
We keep trying to get it right, and I am sure we’ll
continue trying to improve it. One main feature of SAS 99
is a good one: It requires that the audit team, prior to
commencing the engagement, “brainstorm” how
material fraud could occur within the entity, and design
their audit accordingly.
of the three audit standards—SAS 54, 82, or 99—actually
increased the auditor’s responsibility to detect fraud,
although the subject is increasingly being covered in auditing
literature and pronouncements. The U.S. Supreme Court set
the standard for the auditing profession through a landmark
decision in 1984, when, in U.S. vs. Arthur Young, it defined
the independent CPA as the “public watchdog.”
CPAs, and auditors in particular, have been criticized for
not doing enough to prevent and detect fraud. Given the
many practical constraints that CPA firms face related to
an audit (e.g., time, cost, customer relations, availability
of well-trained staff), do you think that this criticism
is valid? To what degree do you believe it’s possible
for accountants to detect fraud within an organization?
Wells: The risk of fraud varies from organization
to organization. Our research shows clearly that the highest
risk of fraud lies with the smallest companies, those least
likely to be audited. Although an audit has yet to be proven
an effective fraud-detection tool, we’ve shown that
it has a major deterrent effect. According to the ACFE’s
2006 Report to the Nation on Occupational Fraud and
Abuse [available free from www.ACFE.com],
nonprofits and government entities generally have a lower
risk of reported fraud; the risk is higher in financial
and retail industries.
some extent, I believe that the criticism of our profession
is valid. Many CPAs didn’t accept their fraud-related
responsibilities willingly, and were dragged into this battle
kicking and screaming. It took huge judgments against accounting
firms before we started taking fraud seriously. But if we
are committed to deterring fraud, let’s begin by ensuring
that every accounting student, and every CPA, receives adequate
training in this area. We’re still years away from
that goal, although we have made significant progress.
think that we have lost sight of what the public really
wants and expects. Financial reporting has become so complicated
that few people, CPAs included, can read a set of financial
statements and really understand what they mean. Complexity
is the killing field of fraud; the more dense the concepts,
the easier it is to mask wrongdoing. Enron was a classic
that investors understand and accept that market conditions,
the economy, and other influences can cause stock prices
to fluctuate. What they will never accept is their hard-earned
money being hijacked by crooks masquerading as corporate
executives. So my view is that the number-one responsibility
of the auditing profession is to ensure that clients are
dealing with the investing public in an honest and ethical
manner. Unfortunately, although we have many auditing techniques,
none of them is effective in measuring integrity.
respect to the CPA’s responsibilities to detect
fraud, in my opinion current audit standards are fundamentally
and fatally flawed; we should shift our emphasis to preventing
fraud in the first place. Although we can and should do
a better job of detecting illegalities, that’s a difficult
row to hoe. In the last 30 years, I have personally trained
tens of thousands of CPAs. I’ve given them balance
sheets and income statements that contain material fraud.
And even knowing that the books are cooked, they find it
difficult to uncover these problems. That is simply because
there are so many methods of concealment, and the clues
are not unique to fraud. For example, who is to say whether
a large spike in the cost of sales is caused by fraud or
by a legitimate increase in expenses? Oftentimes, it is
hard to differentiate a red flag from a red herring.
the point of view of a classically trained accountant, fraud
prevention is incorrectly seen as synonymous with internal
control. Controls are an important element, but they are
hardly a panacea. First, they are designed only to provide
reasonable assurance. Second, few controls cannot be overridden
or circumvented by those with sufficient motivation or authority.
We need to take a more holistic view and invest enough research
to determine better predictors of fraud risk. Two organizations
that outwardly appear the same may experience very different
outcomes. One will experience fraud; the other will not.
We don’t really know why, but we need to find out.
some time, I have advocated a concept that I’ve dubbed
The Model Organizational Fraud-Prevention Program.
The idea is to develop a complete list of what the perfect
organization does to prevent fraud. We already know some
of the elements, but certainly not all of them. Once we
have the list, then the auditor’s duty would be to
audit the model. So rather than opining that the organization
is free of material fraud, the auditor would instead opine
that the entity is in compliance with the model.
would accomplish several important objectives. First, it
would encourage organizations to concentrate on fraud prevention.
Second, it would shift limited audit resources to where
they are most cost-effective. Third, it would relieve the
auditor from the nearly unlimited liability for fraud detection
imposed by current audit standards. And fourth, it would
provide investors with the assurance they really seek: that
they are dealing with an honest and ethical organization.
From the data that the ACFE has gathered or analyzed, is
the rate of fraud in our society increasing, decreasing,
or remaining stable?
Wells: Regrettably, the actual cost of fraud
is unknown and unknowable. It is a concept the criminologists
call “the dark figure.” Unlike visible crimes
such as robbery, not all frauds are uncovered. Of those
uncovered, not all are reported. No agency is tasked with
compiling comprehensive data on fraud.
we can do is take an educated guess. In the ACFE’s
2006 Report to the Nation on Occupational Fraud and
Abuse, about 1,200 CFEs estimated that the average
organization loses about 5% of its revenues to various forms
of fraud. Multiplied by the U.S. gross domestic product,
this would amount to total fraud losses of more than $650
billion. Whatever the actual sum, it’s a staggering
amount of money. Worldwide, the underground economy probably
amounts to trillions of dollars a year.
to whether fraud is growing, remaining the same, or decreasing,
we can only make another educated guess. Statistics indicate
that violent crimes, such as robbery, assault, and the like,
are committed by young people who are overwhelmingly male.
Dips in those crime rates can usually be tied to reductions
in the population of young males. That’s the principal
reason that your chances of being mugged are the lowest
in 30 years. On the other hand, fraud is the crime of choice
for the older and more educated. Our society is aging and
will continue to do so through about 2050. If for no other
reason, we should expect fraud-related offenses to rise
for about the next four decades.
Do you think that the Sarbanes-Oxley Act, or any other legislation,
can help prevent future Enron-type scandals?
Wells: Sarbanes-Oxley has some good features;
parts of it certainly can’t hurt in the fight against
fraud. Although many will disagree, legislation was long
overdue to separate auditors from consulting work. The
emphasis on reporting on internal controls is worthwhile,
too. But the law was passed by an angry Congress to appease
an even angrier public. Parts of it are clearly overkill.
Quadrupling the penalty for mail fraud is likely to have
almost no deterrent effect, because the funding to enforce
it was not also quadrupled. It’s what I term “feel-good
legislation.” The elected officials who voted for
Sarbanes-Oxley can feel good that they have made a strong
problem with a law like Sarbanes-Oxley is that it addresses
the symptoms and not the underlying cause. Companies are
under enormous pressure to show short-term results in the
market. In these days of online trading, investors often
don’t care about a company’s earnings potential,
long-term strategy, innovations in development, or its plans
for the future. That’s sad, but true. Moreover, executive
compensation packages frequently border on the obscene.
It will probably be a decade before we see the real effects
of Sarbanes-Oxley, but I am pessimistic that it will provide
a cure for the manipulation of financial statements.
What effect, if any, do you believe that the convictions
in the Enron case will have on fraud deterrence?
Wells: Criminologists define two kinds of
deterrence: general and specific. The latter involves the
effect of punishment on the individual who commits the crime.
The notion is that, if you are punished for wrongdoing,
you will be less likely to commit it in the future. General
deterrence is the message that we supposedly get from seeing
someone else punished. Many studies have concluded that
general deterrence is much less effective than we would
hope. The public has a short memory for those convicted
of crimes, and in the long run the lasting effect of these
punishments is likely to be minimal.
Many people believe that fraudsters get off with little
or no punishment. Does this perception contribute to increased
fraudulent activity, and would you support stiffer penalties
for white-collar criminals as a deterrent?
Wells: I would not support stiffer penalties.
Instead, I would advocate more uniform enforcement. Many
may not realize that the United States has some of the harshest
criminal sanctions in the industrialized world. For punishment
to be effective, it must have three components: certainty,
severity, and swiftness. Our criminal justice system can
be severe. However, it is not certain or swift. Of the three
elements, certainty is the most important. Until and unless
we change the existing imbalance, increasing the severity
of sanctions is largely futile.
Some in our society contend that the increase in fraud is
because people are not as ethical today as they were in
the past. Do you agree?
Wells: I’d like to see some valid scientific
studies that test that notion, but I am not aware of any.
Perhaps a more logical reason for fraudulent behavior is
anomie theory, developed by sociologist Robert Merton. It
argues that there is a disconnect between what we have and
what we want, which then creates discord and pressure to
acquire more. We live in a society where television and
other media sometimes focus on those with incredible wealth
and lavish possessions. That ultimately drives some to justify
getting what they believe they deserve by any means.
Does the ACFE’s research show whether codes of conduct
and ethics training really make a difference in reducing
Wells: No, but the topic is worthy of study.
The cynic in me finds the idea ludicrous that a potential
fraud offender, who is contemplating committing a criminal
act that could send him or her to prison, would really be
deterred by a company’s ethics policy. But my sense
is that most organizations do not provide the proper kind
of training in this area regardless. While it is noble to
implore employees to “do the right thing,” I
believe antifraud training needs to drive home how dishonest
conduct hurts the company and everyone in it. Fraud costs
jobs, raises, individual dignity, and the organization’s
year, the ACFE, in conjunction with the AICPA, produced
a one-hour DVD training program titled “How Fraud
Hurts You and Your Organization.” It can be used to
educate employees from the mailroom to the boardroom, and
it is available for free (except for mailing costs) via
the antifraud and corporate responsibility center at www.aicpa.org.
I’d highly encourage this training program as a starting
point for every organization, large or small.
Beyond what they are currently doing, how can CPAs deter
Wells: Past what we have already discussed,
CPAs need to take a more aggressive stance against fraud.
Criminologists can provide a boatload of studies showing
that punishment-based deterrence is largely ineffective.
That does not mean fraudsters should escape atoning for
their crimes—it is absolutely vital in a civilized
society. But it does mean that we should not rely on punishment
as our first line of defense.
works is more cops on the beat, so to speak. In crime-ridden
neighborhoods, the classic police response is to increase
their presence, which increases the perception that illegal
activity will be detected. If we translate the same concept
to corporate crimes, we need auditors and fraud examiners
who are actively looking for those who commit misdeeds,
and for their mission to be clearly understood by everyone
in the organization. To accomplish this, I’d suggest
that auditors, in the normal conduct of their work, ask
appropriate personnel three simple questions:
You understand that part of my job as an auditor is to
detect and deter fraud. Do you think that the company
has any particular problem in this regard?
Has anyone in the company asked you to do something that
you thought was illegal or unethical?
In the future, if you become aware of illegal or unethical
conduct, will you please contact me?
vast majority of employees will answer “no”
to the first two questions and “yes” to the
third. Regardless, the message is clear and unmistakable:
Auditors are looking, and they’re not afraid to ask
the tough questions. This more aggressive approach is certain
to help deter fraud.
You helped organize the Institute for Fraud Prevention (IFP).
What is its mission and its connection to the ACFE?
Wells: The IFP is a nonprofit consortium of
about 10 colleges and universities, domestic and international,
with a mission to conduct cutting-edge research into the
causational factors of a wide variety of frauds. I made
the mistake of commenting to my academic colleagues one
day that there was no organization dedicated to fraud research.
They encouraged me to support such a venture. Shortly thereafter
the IFP was formed, and I was selected to oversee it. The
funding to date has been provided by the ACFE, the AICPA,
Grant Thornton, and the Japanese consulting firm D-Quest.
We have intellectual contributors such as the FBI, the GAO,
the U.S. Postal Inspection Service, the National White-Collar
Crime Center, and the Council of Better Business Bureaus.
a shameless plug for additional funds, we are seeking other
organizations to contribute to this effort. The minimum
financial commitment is $120,000, spread over three years,
which is tax-deductible. If accepted, that sum will buy
selected organizations a seat on the IFP board, which will
help shape its research direction. We are not simply soliciting
capital; we are also attempting to select the right organizations
to serve on the IFP board. Those interested in finding out
more can e-mail our executive director, Dr. William K. Black,
What career opportunities exist for CFEs and other antifraud
Wells: Four main segments employ CFEs. The
first is public accounting. Antifraud services are increasing
at a rapid rate. All of the Big Four and most of the so-called
second-tier firms have fraud or forensic accounting units.
Internal auditors and security directors for major corporations
employ CFEs to help deter and resolve their own fraud problems.
Probably less familiar to CPAs are law-enforcement agencies.
The FBI, the GAO, and the U.S. Postal Inspection Service,
among others, recognize and actively recruit CFEs, as do
insurance companies. And finally, many professionals have
found success in hanging out their shingles as antifraud
specialists, offering fraud detection and deterrence services
Robert Half organization recently released a report describing
the CFE as one of the most marketable credentials in the
workplace today. Indeed, our latest salary survey indicates
that the average CFE makes $25,000 more per year than his
or her non-CFE counterpart.
What is your vision for the future of the ACFE?
Wells: My first vision is for the ACFE to
continue without me. I am in the autumn of a very rewarding
career. But because I founded the ACFE, many people view
the association and me as one—we’re not. The
ACFE is managed by a dedicated group of people: our board
of regents, our staff, committees, and volunteers from more
than 100 chapters. I stepped down from active operations
nearly four years ago to pursue other interests while my
health is still strong enough to enjoy them.
envision that the ACFE will continue to grow as a worldwide
organization that forges public- and private-sector partnerships
and makes further inroads in detecting and deterring fraud.
I strongly believe that working together gives us realistic
hope that we can make progress in turning the corner in
the fight against fraud. Without false modesty, the ACFE
has become the world’s largest antifraud organization
because of its dedication to the core values of quality,
integrity, and service. My vision is that these characteristics
will prevail in perpetuity.
Mary-Jo Kranacher, MBA, CPA, CFE, Editor-in-Chief
of The CPA Journal, is a former member of the ACFE Board of