Fraud methods are evolving. What should organizations do in 2025 to stay one step ahead of fraudsters?

Opinion article by Mihail Bucheru, Director, Laura Avram, Manager, and Vasile Beleuța, Senior Consultant, Advisory, Corporate Forensic Services, Deloitte Romania 

Fraud is a silent but costly threat that continues to translate into significant financial losses every year. Association of Certified Fraud Examiners (ACFE) reports reveal that businesses worldwide lose an estimated 5% of their annual revenue to occupational fraud. Yet, many organizations underestimate fraud risks and resort to prevention measures late, generally in response to severe episodes.

Fraud methods and targeted sectors: a changing landscape

Analyzing the results of the ACFE reports from the past ten years reveals multiple shifts in fraud schemes, as well as in detection methods. Fraudsters have increasingly exploited cyber-enabled fraud, with ransomware and technology-based scams becoming more sophisticated. Moreover, AI-generated financial fraud and deepfake identities had made detection and attribution harder, forcing businesses to adopt real-time fraud monitoring. At the same time, classical methods of fraud, such as embezzling funds, forging documents, or conflicts of interest, remain relevant and continue to be exploited by fraudsters, adapting to new economic and technological contexts.

Among the sectors most frequently targeted, financial institutions have reported over one million cases of deposit fraud in early 2023. The healthcare sector has also seen a surge in fraudulent claims and genetic testing fraud, generating over $40 million in damage in the third quarter of 2024 alone. Industries like oil & gas and power & utilities make no exception. With complex supply chains, large-scale procurement processes, and increasing pressure around environmental and social governance (ESG) reporting, these sectors face unique fraud risks. From procurement fraud and contract manipulation to ESG data misrepresentation, the financial and reputational stakes are high. The evolution of fraud schemes in these industries further emphasizes the need for proactive prevention strategies and robust internal controls.

Other notable trend is the decrease in median fraud duration. If in 2014 the average fraud scheme lasted 18 months before detection, according to the ACFE, in 2024, it has decreased to only 12 months in 2024. Consequently, fraudsters have less time to operate before being caught, and this is a direct result of data analysis programs and whistleblowing channels implemented by more and more organizations.

As for the impact of socioeconomic developments on fraud, it is worth mentioning that organizations shifting to remote work environments saw an increase in cybersecurity threats, financial misstatements, and procurement fraud. However, there was also an accelerated adoption of digital fraud detection solutions. More companies invested in real-time transaction monitoring, machine learning fraud detection models, and external fraud risk assessments, helping to reduce fraud detection times and limit losses.

How are businesses detecting fraud?                                                                                                                                           

Fraud detection methods have significantly improved over the years, but many businesses still rely on reactive rather than proactive measures. The ACFE reports reveal that in 2024 the top method of fraud detection is tips from employees or third parties, accounting for around 43% of cases, which point to the importance of whistleblowing channels in uncovering fraud early.

Additionally, internal audits and internal control systems have also gained traction in fraud detection. Companies that integrate forensic techniques and continuous data monitoring detect fraud significantly faster, reducing financial losses and reputational risks. 

Why prevention is the best strategy

While fraud detection has improved, prevention remains the most effective approach. Organizations that implement strong internal controls, fraud risk assessments, and independent forensic investigations experience fewer and less severe fraud cases.

One of the most relevant findings from ACFE reports is that many organizations still fail to act against known fraud risks. More than half of fraud cases occurred due to lack of internal controls (32%) and due to override of existing controls (19%) in 2024, proving that companies that fail to invest in prevention strategies are at a much higher risk of financial loss. Therefore, prevention should not be perceived as an additional cost, but as a strategic investment that protects the company’s resources and ensures long-term business continuity.

To conclude, fraud is not just a compliance issue, but a major financial risk that can threaten the stability and reputation of any organization. According to the latest ACFE Report to the Nations, a median loss per case of occupation fraud reaches approximately USD 145,000, thus emphasizing the significant exposure that organizations can face.

Thus, businesses must adopt a proactive approach, leveraging forensic expertise, continuous monitoring, and internal fraud awareness and reporting initiatives. The cost of ignoring fraud is far greater than the cost of preventing it; and in today’s evolving fraud landscape, prevention is the only sustainable strategy.