It has been nearly 20 years since, in the pages of the Journal, the authors introduced the Fraud Diamond—a novel extension of the long-established Fraud Triangle that places greater emphasis on the personal characteristics of the fraud perpetrator. To mark this anniversary, the authors present a retrospective analysis of their paradigm-shifting model. They reflect upon the Fraud Diamond’s impact on practice, industry, and research. Looking forward, they ask about the proactive use of the Fraud Diamond, the pros and cons of highly capable people, and what is missing from the model.
***
In December 2004, “The Fraud Diamond: Considering the Four Elements of Fraud” (David T. Wolfe and Dana R. Hermanson, https://www.nysscpa.org/0412-dwdh) was published in The CPA Journal. In that article, we offered the Fraud Diamond as an extension of the traditional Fraud Triangle—comprising the three elements of incentive, opportunity, and rationalization—to include more of the fraud perpetrator in the model. Specifically, the Fraud Diamond includes a fourth element—the fraud perpetrator’s capability—in order to capture the attributes and traits needed to orchestrate a fraud, such as “position/function, brains, confidence/ego, coercion skills, effective lying, and immunity to stress” (see Exhibit 1). Thus, the Fraud Diamond includes more of the person, consistent with Wolfe’s notion that, “The number one cause of fraud is people.” The Fraud Diamond’s focus on people also is consistent with other researchers’ emphasis on human factors and the psychology of fraud (see Sri Ramamoorti and William Olsen, “Fraud: The Human Factor,” Financial Executive, 2007, July/August, pp. 53–55), as well as on behavioral forensics (see Sridhar Ramamoorti, David E. Morrison, Joseph W. Koletar, and Kelly R. Pope, A.B.C.’s of Behavioral Forensics: Applying Psychology to Financial Fraud Prevention and Detection, 2013, Wiley), which broadens the consideration of fraud to include not just how fraud occurs, but why.
The Fraud Diamond (Wolfe and Hermanson, 2004)
With its focus on perpetrator capability, the Fraud Diamond has become a very popular extension of the Fraud Triangle, and it has spurred additional research into the ingredients of fraud. In this article, we look back 20 years after the Fraud Diamond was proposed to assess its impact on practice, industry, and research; offer our perspectives on using the Fraud Diamond to identify and mitigate the risk of fraud; and share our hopes for the future of the Fraud Diamond. This 20-year retrospective is best provided in The CPA Journal, which is where the Fraud Diamond was first introduced. Fraud remains a major societal challenge today, as the headlines still feature large, complex fraud cases, such as those at FTX and Theranos, as well as billions of dollars of fraud in COVID relief programs. In this environment, the profession needs to continue to work to better understand and mitigate fraud.
The Fraud Diamond was based on Wolfe’s experiences as a fraud investigator and his observation that, despite fraud being a “people problem,” the prevailing fraud model did not devote much attention to the perpetrator (see Dana R. Hermanson, “Fraud and Governance: The Importance of People,” Journal of Forensic Accounting Research, 2021, vol. 6, no. 1, pp. 313–334). Rather, the traditional Fraud Triangle (which is derived from Donald R. Cressey, Other People’s Money: A Study in the Social Psychology of Embezzlement, 1953, Free Press) captures the fraud setting to a much greater degree than the person. For example, incentive focuses primarily on the pressures facing the potential perpetrator, the setting in which the person is operating. Likewise, opportunity reflects the strength of internal controls and anti-fraud controls in the target organization, once again capturing the setting, not the person.
Only the rationalization component of the Fraud Triangle focuses largely on the potential perpetrator, examining the perpetrator’s thought process and ability to justify the actions being taken (see Natalia Mintchik and Jennifer Riley, “Rationalizing Fraud: How Thinking Like a Crook Can Help Prevent Fraud,” The CPA Journal, 2019, vol. 89, no. 3, pp. 44–50). Rationalization has two key limitations, however. First, rationalization arguably is only one of many potential personal traits needed to commit fraud. Rationalization does not reflect the skills needed to recognize and exploit fraud opportunities. Second, auditors and other CPAs often struggle with how to assess an individual’s rationalization, which is not an easily observable trait. As a result, the rationalization notion broadened over time to become rationalization and attitude. The thinking is that certain attitudes about accounting or auditors might signal a greater possibility of rationalizing fraud. For example, if management is dismissive of concerns about internal controls or the quality of accounting, then this could signal an ability to rationalize fraudulent reporting.
What the Fraud Diamond adds to the traditional Fraud Triangle is capability: the personal traits and abilities that allow a perpetrator to recognize and exploit fraud opportunities, even when the other fraud elements are present. The six traits we described came from our experiences and observations made of perpetrators of complex frauds. It was our belief that these frauds would not have occurred without the perpetrator possessing most, or all, of these traits. The perpetrator must have a position, or be in the right function, to have some formal access and influence in the organization, and the perpetrator must be smart enough to spot and take advantage of fraud opportunities. The perpetrator must have the confidence and ego to proceed with the fraud. Perpetrators often need to be able to coerce others to participate in or facilitate the fraud, and they need to lie effectively and consistently. Finally, perpetrators need a certain level of immunity to stress, as the commission of fraud over time brings the stress of managing the fraud, as well as the stress of possibly being discovered and disciplined. Without the “right person” possessing the right traits, fraud opportunities likely will not come to fruition, even if incentive, opportunity, and rationalization are in place. This is especially true for more complex frauds.
Wolfe developed the graphic shown in Exhibit 2 to illustrate the Fraud Diamond in action. Incentive draws the person toward fraud. If the person can rationalize the act, then this provides additional pull. If the person cannot rationalize the act, this serves as a push away from fraud. Opportunity is the open doorway to a possible fraud, as well as potential preventing or complicating factors. Capability is the personal traits that allow the person to bypass controls to commit and mask the fraud and live with the act. Wolfe has found this visual to be very helpful in conveying the logic of the Fraud Diamond to others.
The Fraud Diamond in Action
Source: David Wolfe
Overall, what the Fraud Diamond adds is capability, the personal traits and abilities needed to recognize and exploit fraud opportunities, especially more complex opportunities. In this way, the Fraud Diamond gets much more of the person into the fraud model, and it directs more attention to people, not just the setting. After all, people bring intent and action to a fraud scenario. If the people are not capable, then fraud may not occur, or it may be discovered quickly if it does occur.
It also is important to highlight some similarities between certain aspects of capability and the “Dark Triad” personality types that enhance fraud risk (see Barry J. Epstein and Sridhar Ramamoorti, “Today’s Fraud Risk Models Lack Personality,” The CPA Journal, 2016, vol. 86, no. 3, pp. 15–21; Sridhar Ramamoorti and Barry J. Epstein, “When Reckless Executives Become Dangerous Fraudsters,” The CPA Journal, 2016, vol. 86, no. 11, pp. 6–10). Narcissism and confidence/ego are related, as are Machiavellianism and coercion skills. Psychopathy is somewhat related to avoiding stress from committing fraud. Furthermore, research finds evidence that companies facing pressure to manage earnings may be more likely to hire dark personality individuals into more senior accounting positions (Ling L. Harris, Scott B. Jackson, Joel Owens, and Nicholas Seybert, “Recruiting Dark Personalities for Earnings Management,” Journal of Business Ethics, 2022, vol. 178, pp. 193–218).
The Fraud Diamond has become widely recognized in the professional community over the past 20 years. A Google search of “fraud diamond” produces tens of thousands of hits, including appearances in materials of Big Four and other accounting firms and continuing professional education courses, among others. In retrospect, it appears that the Fraud Diamond was a welcome, even necessary, enhancement to the Fraud Triangle.
For example, in the professional practice context, KPMG highlights fraud risks in the Environmental, Social, and Governance (ESG) space using the Fraud Diamond (https://tinyurl.com/y6jfzdy7). The firm emphasizes the risks created by personnel with ESG expertise, as well as those with other capability elements. BDO discusses audit committee responsibilities for fraud risk oversight using the Fraud Diamond (https://tinyurl.com/mudcs5fr). BDO highlights the capability component to emphasize the need for audit committees to monitor capability-related fraud risks. Windham Brannon discusses how to use the Fraud Diamond in fraud prevention and detection (https://tinyurl.com/4knz8t95). The firm calls attention to the elements of capability and the emergence of new technologies that can create fraud risk. Greater fraud risk necessitates stronger controls and oversight. In addition, Wolfe sees more forensic accounting units incorporating the Fraud Diamond into their fraud allegation assessments and investigations in practice.
Furthermore, Hermanson has presented the Fraud Diamond and related insights to two auditing regulators, providing them with detailed insights into how the Fraud Diamond and capability could be helpful to auditors. The Fraud Diamond is used in various university accounting courses and in presentations to professional groups. Overall, it appears that the central message of the Fraud Diamond—the importance of capability and people in fraud risk management—has been well received by practice and industry.
The Fraud Diamond has had a significant impact on accounting research. The 2004 article has been cited more than 2,500 times, according to Google Scholar (https://tinyurl.com/3jv8fy67).
Many researchers have examined aspects of the Fraud Diamond; a few selected findings will be highlighted here. First, Douglas Boyle, Todd DeZoort, and Dana Hermanson (“The Effect of Alternative Fraud Model Use on Auditors’ Fraud Risk Judgments,” Journal of Accounting and Public Policy, 2015, vol. 34, No. 6, pp. 578–596) conducted an experiment with auditors using either a Fraud Diamond practice aid or a Fraud Triangle practice aid to assess fraud risk in a hypothetical client. The authors found that auditors assess fraud risk 17% higher when using the Fraud Diamond rather than the Fraud Triangle. This suggests that “the fraud model matters” and that specifically focusing auditors on management’s capability results in higher fraud risk assessments. Furthermore, the authors found evidence that the Fraud Diamond concept also can be reflected in a three-sided shape, made up of incentive, opportunity, and capability (which includes rationalization). The authors called this new model the Enhanced Fraud Triangle.
Second, Barbara Arel, Michael Tomas, and Larry Stark (“The Effect of Fraud Diamond Capability Measures on Fraud Occurrence,” Journal of Forensic Accounting Research, 2023, vol. 8, no. 1, pp. 1–19) examined the relationship of Fraud Diamond elements with the likelihood of fraud. The authors found evidence that intelligence and confidence/ego are positively related to the likelihood of fraud, while the ability to handle stress is negatively related to fraud. The authors also found that using the capability elements helps to increase fraud prediction accuracy. The authors concluded that “the analysis of fraud risk within an organization should incorporate an assessment of employees’ and management’s capabilities as suggested in the fraud diamond model” (p. 17).
Third, other studies have found evidence of a link between capability and greater risk of fraud or misstatement. For example, Anne Albrecht, Elaine Mauldin, and Nathan Newton (“Do Auditors Recognize the Potential Dark Side of Executives’ Accounting Competence?” The Accounting Review, 2018, vol. 93, no. 6, pp. 1–28) found that executives’ accounting competence interacts with compensation incentives to increase the risk of misstatements when accounting expert executives have stronger incentives to misstate the financial statements. Thus, greater accounting competence can reflect greater fraud risk. Similarly, Ferdinand Gul, Mehdi Khedmati, Edwin Lim, and Farshid Navissi (“Managerial Ability, Financial Distress, and Audit Fees,” Accounting Horizons, 2018, vol. 32, no. 1, pp. 29–51) found that the quality of financial reporting is reduced when managers have greater ability, but the company is in financial distress. Again, there is evidence that managerial ability is a risk factor under certain conditions. The authors concluded that their results “provide support for the fraud diamond” (p. 30).
Finally, researchers have applied the Fraud Diamond to other settings, such as online consumer fraud, (Andrew Harrison, William Dilla, and Brian Mennecke, “Relationships within the Fraud Diamond: The Decision Processes that Influence Fraudulent Intentions in Online Consumer Fraud,” Journal of Information Systems, 2020, vol. 34, no. 1, pp. 61–80), student cheating (Kenneth Smith, David Emerson, and Shawn Mauldin, “Online Cheating at the Intersection of the Dark Triad and Fraud Diamond,” Journal of Accounting Education, 2021, vol. 57, no. 100753), and analysis of various specific fraud cases. The Fraud Diamond has also been the focus of many international research studies.
Overall, subsequent studies have supported the Fraud Diamond’s capability element, as well as suggested enhancements and extensions of the model. The research impact of the Fraud Diamond is consistent with greater appreciation of the behavioral aspects of fraud (the psychology of fraud) and the nature of fraud as human-to-human deception (Ramamoorti et al., 2013). The Fraud Diamond has proven useful in helping researchers understand why fraud occurs and analyze specific fraud cases.
Today, 20 years after the introduction of the Fraud Diamond, there are three issues that we believe warrant additional attention: the proactive use of the Fraud Diamond, the pros and cons of highly capable people, and what is missing from the Fraud Diamond.
How can CPAs and others use the Fraud Diamond proactively to prevent or detect fraud, as opposed to using the model to explain past frauds in hindsight?
In our 2004 article, we encouraged readers to follow three key steps to deal with capability. First, “explicitly assess the capabilities of top executives and key personnel.” In other words, know people well. Second, “if there are concerns about capability, respond accordingly.” This could include enhanced controls or rotation of duties, among other measures. Third, “reassess the capabilities of top executives and key personnel.” Capability assessments should not be “one-time exercises.” Today, we offer two additional perspectives on using the Fraud Diamond proactively.
First, we encourage users of the Fraud Diamond to pay special attention to the interaction between capability and other components of the model. For example, highly capable people can create fraud opportunities that are not available to others. Specialized skills can open fraud doorways in unexpected places. Furthermore, highly capable people can create incentives, pressures, or rationalizations in ways that most people cannot. The key consideration is not to view capability in isolation, but rather to assess how highly capable individuals might lead to greater opportunity, incentive or pressure, or even rationalization than expected.
Second, as noted above, assessing capability involves knowing and interacting with people. Although the rise of remote work offers many advantages, it does create an apparent new risk in that it is difficult to fully get to know and assess other people remotely. Big picture—fraud is a people problem, and remote work arguably reduces one’s ability to fully understand and assess other people. Will remote work decrease the ability to use capability assessments to mitigate fraud risk? We encourage careful consideration of the effect of remote work on fraud risk and the ability to assess capability. We also encourage research on the effect of remote work on opportunity and rationalization.
It is critical to note that capability is not inherently “bad.” Rather, there are pros and cons of highly capable people.
A job placement ad for an executive in a growing company likely would include variations of many capability elements identified in the Fraud Diamond. Companies want executives who have prior experience at a high level, and who are smart, confident, and able to handle stress. Skills in coercion and lying certainly sound unappealing. But if crafted as skills in motivating others and maintaining positive messaging and outlook in difficult times, then even these elements might be at least partially reflected in the ad. Ultimately, an organization wants capable executives and employees.
The point is that capability is not inherently bad. Capability is highly desirable—but it also creates risks that must be considered. Highly capable employees can achieve great things for the organization, but they also can do nefarious things that most employees cannot. Capability is a double-edged sword, and both the pros and cons of highly capable employees need to be fully considered.
What is missing from the Fraud Diamond model? Specifically, what about instances where all four Fraud Diamond ingredients are present, but fraud does not occur?
Shefali Saluja, Arun Aggarwal, and Amit Mittal (“Understanding the Fraud Theories and Advancing with Integrity Model,” Journal of Financial Crime, 2022, vol. 29, no. 4, pp. 1318–1328) argue that the Fraud Diamond and many related models omit an important “integrity” element. Personal integrity is a component of the Fraud Scale (Steve Albrecht, Keith Howe, and Marshall Romney, Deterring Fraud: The Internal Auditor’s Perspective, 1984, Institute of Internal Auditors Research Foundation), but it is not an element of the traditional Fraud Triangle or Fraud Diamond. In a similar vein, Olukayode Sorunke (“Personal Ethics and Fraudster Motivation: The Missing Link in Fraud Triangle and Fraud Diamond Theories,” International Journal of Academic Research in Business and Social Sciences, 2016, vol. 6, no. 2, pp. 159–165) propose adding “personal ethics” to the Fraud Diamond to create a five-sided fraud model.
We encourage efforts to enhance the Fraud Diamond model, and we believe that an integrity or ethics element is a very promising candidate. Some may argue that integrity is a part of a person’s rationalization element, such that people with greater integrity or ethics simply cannot fully rationalize fraud. Others assert that fraud models need to be expanded to include integrity as a separate element.
We have two primary hopes for the future of the Fraud Diamond and the capability component. First, we hope to see ongoing impacts in research and practice, but also in regulation. Researchers can address such issues as additional capability elements, further testing of capability and its relationship to other aspects of the Fraud Diamond, and applying the Fraud Diamond in additional settings. From a practice perspective, we hope that continued coverage in CPE courses will help to further spread the usage of the Fraud Diamond in accounting firms. From a regulatory perspective, key auditing standards setters are revisiting their fraud standards, and regulators should be encouraged to incorporate the capability component into auditors’ assessments of client fraud risk. As Clinton Free (“Looking Through the Fraud Triangle: A Review and Call for New Directions,” Meditari Accountancy Research, 2015, vol. 23, no. 2, pp. 175–196) notes, “While [the Fraud Diamond] has generated interest in both academic and practitioner circles, it has not penetrated the official pronouncements of the various audit bodies throughout the world.” Auditing standards still focus on the traditional Fraud Triangle, and fraud research has moved well past that now-dated model, with greater focus on capability and Dark Triad personalities.
The second hope for the future is that fraud models will move beyond an individual perpetrator focus to incorporate group fraud efforts, as well as the effects of organizational culture and tone, local norms, and similar items (see Dennis Huber, “Forensic Accounting, Fraud Theory, and the End of the Fraud Triangle,” The Journal of Theoretical Accounting Research, 2017, vol. 12, no. 2, pp. 28–49). Fraud occurs within a broad setting that goes far beyond the components of the Fraud Triangle or even the Fraud Diamond, and we encourage efforts to expand the scope of our fraud models without diluting their meaning. Interested readers should consult Clinton Free (2015, above), as well as Pamela Murphy and Clinton Free (“Broadening the Fraud Triangle: Instrumental Climate and Fraud,” Behavioral Research in Accounting, 2016, vol. 28, no. 1, pp. 41–56) for examples of forward-thinking perspectives on expanding fraud models. Also see Ramamoorti et al. (2013) for discussion of fraud considerations at the individual, group, organization, and society level.
The contribution of the Fraud Diamond is its inclusion of capability that incorporates more of the person into the fraud model. Whether one prefers the format of the Fraud Diamond or the Enhanced Fraud Triangle (which combines rationalization and capability), the key is to explicitly consider capability when assessing and managing fraud risk. Fraud is a “people issue,” and the fraud model should include a focus on the individual traits and abilities needed to recognize and exploit fraud issues.
Now that the Fraud Diamond is 20 years old, we are very encouraged by the model’s popularity in the professional and academic community, and we hope for a future focus on capability by standard setters, policy makers, and regulators. We support efforts to better understand additional elements of capability, as well as research focused on expanding fraud models beyond the individual perpetrator. In this regard, the Ramamoorti et al. (2013) model of a “bad apple, bad bushel, and bad crop” is memorable and instructive. Fraud continues to be a significant societal problem, and there is still much to learn about the contributors to fraudulent behavior.
Dana R. Hermanson, PhD is the Dinos Eminent Scholar Chair and a professor of accounting at Kennesaw State University, Kennesaw, Ga.
David T. Wolfe, CPA, CFF is a senior investigator and forensic accountant at The Global Fund, Geneva, Switzerland.