In Brief

The well-known fraud triangle framework includes three distinct components—perceived pressures, perceived opportunities, and rationalizations—but until recently very little was known about perpetrators’ rationalizations. The authors discuss the verbalizations used by fraud perpetrators to convince themselves that they are doing nothing wrong, as well as how fraud-related theories from the social sciences can inform the accounting profession. They argue that understanding the techniques that allow fraudsters to justify their crimes may prove to be the missing piece of the fraud prevention puzzle, and that better understanding of rationalizations could help corporate governance experts and auditors strengthen their antifraud programs.

Thank you for reading this post, don't forget to subscribe!

* * *

Despite the best efforts of regulators and executives, white-collar fraud continues to dominate headlines, destroy lives, and erode public confidence. From the 2013 conviction of the Dixon, Illinois, comptroller who embezzled more than $53 million, to the 2018 indictment of the prominent pastor and spiritual advisor to two former presidents who sold more than $1 million in worthless bonds, little seems to stem the tide of fraud. Accelerating globalization and the emergence of technologies such as cryptocurrency have only made things worse. In 2018, a UBS trader was charged with manipulating futures prices through “spoofing,” and the SEC accused the CEO of a tech startup of defrauding investors with trumped-up claims about the capabilities of a revolutionary blood-testing device. While the technological complexities have changed, the core of fraud remains inherently human (Sridhar Ramamoorti & William Olsen, “Fraud: the Human Factor,” Financial Executive, July 2007,; Eugene Soltes, Why They Do It: Inside the Mind of the White-Collar Criminal, PublicAffairs, 2016), and any antifraud program that ignores this human component is doomed to fail.

The goal of this article is to help gain better insight into the minds of fraudsters in order to fight fraud more effectively. What were these people thinking, and why did efforts at prevention fail? The answers to these questions may lie in the accounting profession itself. When faced with fraud-related threats, accountants often put too much faith in generic and dispassionate policies and controls, forgetting the psychological complexity that makes people the weakest link in the internal control chain. Accordingly, careful attention must be paid to rationalizations that make fraud possible.

How can anyone comprehend the reasoning of a fraudster? Research shows that individuals who behave unethically usually experience guilt and discomfort before committing the deviant act, and that they try to reduce this guilt and discomfort through rationalization. By understanding the common techniques for rationalization, organizations can design antifraud programs to make rationalization harder and, as a result, make it more challenging for potential fraud-sters to commit fraud.

A Missed Direction for Fighting Fraud

Criminologist Donald Cressey’s fraud triangle attributes the occurrence of fraud to three crucial elements: a nonshareable financial pressure, an opportunity, and rationalization (Other People’s Money: A Study in the Social Psychology of Embezzlement, Patterson Smith reprint series, 1973). The fraud triangle framework has been included in PCAOB auditing standards, in the Committee of Sponsoring Organizations (COSO) of the Treadway Commission’s revised Internal Control—Integrated Framework (2013), in COSO’s Fraud Risk Manage-ment Guide (2016), and in major accounting and auditing textbooks.

Despite widespread acceptance, the fraud triangle has been criticized for a lack of rigorous scientific testing and an inability to recognize collusion or the societal roots of crime (James J. Donegan and Michele W. Ganon, “Strain, Differential Association, and Coercion: Insights from the Criminology Literature on Causes of Accountant’s Misconduct,“ Accounting and the Public Interest, December 2008,; Wm. Dennis Huber, “Forensic Accounting, Fraud Theory, and the End of the Fraud Triangle,” Journal of Theoretical Accounting Research, January 2017, In addition, scholars, regulators, and executives have focused on addressing the role of incentives and opportunities while ignoring the element of rationalization. Although it is the crucial link between the fraudster’s mind and the fraud itself, this unique direction for fighting fraud has not been recognized. Most of the criminological research, including from the financial and accounting fields, does not include personality traits of the offender (Frank S. Perri, “White-collar Criminals: The ‘Kinder, Gentler’ Offender?” Journal of Investigative Psychology and Offender Profiling, October 2011, In the exceptional cases when researchers do examine such traits, attention is on the psychopathic tendencies of criminals who are likely to commit fraud whenever they see an opportunity (Sridhar Ramamoorti and Barry Epstein, “Today’s Fraud Risk Models Lack Personality: Auditing with ‘Dark Triad’ Individuals in the Executive Ranks,” CPA Journal, March 2016, Such criminals constitute only 2% of the general population, however, and at most 20% of corporate executives (Ramamoorti and Epstein, “When Reckless Executives Become Dangerous Fraudsters: Reward Structures and Auditing Procedures Need to be Reformed to Deter ‘Dark Triad Personalities’,” CPA Journal, November 2016, The majority of fraudsters are not sociopaths, and almost 96% of them are first-time offenders (ACFE, Report to the Nations on Occupational Fraud and Abuse, 2018,

In order to be able to commit fraud, ordinary people need to rationalize to quiet the morality-based inner protests that would otherwise preclude them from engaging in such behavior. These rationalizations, which the ACFE cites among “critical thinking errors” leading to lapses in ethical judgment (Inside the Fraudster’s Mind,, should not be confused with postfraud excuses. Fraud perpetrators construct such rationalizations before the fraud to justify behavior primarily to themselves rather than others.

In order to create effective antifraud programs that counter this tendency, it is important to recognize typical rationalizations that potential fraudsters are likely to invoke.

Thinking Like a Crook

Current auditing standards provide little guidance on identifying, understanding, and mitigating fraudsters’ rationalizations. Regulators instruct auditors to pay attention to some factual clues, such as “behavior indicating displeasure or dissatisfaction with the company or its treatment of the employee,” without an explanation of why and how such clues relate to fraudsters’ rationalizations (PCAOB, AU section 316, “Consideration of Fraud in a Financial Statement Audit,” 2002). As a result, auditors and other fraud fighters often resort to a checklist mentality without understanding the underlying reasons for such recommendations (Sridhar Ramamoorti, David Morrison, Joseph Koletar, and Kelly Pope, ABC’s of Behavioral Forensics,Wiley, 2013).

This same criticism has been leveled at COSO’s Integrated Framework. Principle 8 under the “Risk Assessment” component instructs executives to explicitly consider fraud risk potential and assess rationalization; however, COSO provides few examples of potential fraud rationalizations and does not link them directly with relevant antifraud procedures. In addition, COSO’s Enterprise Risk Management Framework (2017) cites numerous examples of undesirable pressures that are detrimental for corporate culture but does not explicitly address rationalizations. To overcome the implementation challenges from such limited guidance, the authors used research from the social sciences to develop the framework presented in the Exhibit(Gresham M. Sykes and David Matza, “Techniques of Neutralization: A Theory of Delinquency,” American Sociological Review,1957,; Albert Bandura, Moral Disengagement: How People Do Harm and Live With Themselves, Worth Publishers, 2016).


Techniques of Fraud Rationalization

In order to preserve their self-respect, fraudsters will justify their behavior by using a neutralization or disengagement technique. The key to creating an effective fraud deterrent system is to recognize these rationalization techniques and develop strategies for neutralizing them before a fraudster acts. Consider the fraudster’s perspective by identifying the broad focus (listed below), understanding the basic rationalization (left box), being attentive to situations that would facilitate this type of thinking (center), and designing antifraud responses (right).

Basic Rationalization; Situations that Facilitate; Antifraud Responses Focus on the Bigger Mission Appeal to higher loyalties Moral justification Advantageous comparison; “I need to do this for the team/my family” “I want the dream to keep going” “I don't want to disappoint those who believe in me” “It's not as bad as Enron” “It is better to tweak the numbers one time than to leave people without bonuses” “Somebody needs to do this to save the business”; Create a concise and clear code of conduct Establish procedures to: •train new employees and refresh current employees •enforce and monitor enforcement •ensure that the code is shared and reinforced by business partners, especially providers of outsourcing services. •monitor the tone at the top and the consistency of the message throughout organization Strive for fair performance evaluation policies and incorporate a reminder about the code of conduct into annual performance evaluations Focus on Responsibility Denial, displacement, or diffusion of responsibility Condemning the condemner; “I was instructed to do this” “Everybody does it” “You would do the same if you were in my shoes” “It was a group decision” “It's outside my control: I don't have a choice” “Since so many people are aware, it could not be that bad” “My contribution is so small relative to what others did” “I'm a victim of circumstances” “It's the auditors' job to catch this”; Create clear alignment of employees' responsibilities with organizational objectives Stress ultimate employees' accountability in the presence of outsourcing service providers Create a culture of whistleblower protection Diligently monitor groups, and keep them small Instill ownership of decisions through positive and negative consequences Focus on the Consequences Denial of injury Euphemistic labeling Misrepresentation of the outcomes; “No one will even notice” “I'll pay it back” “It's not material” “It's not a big deal” “I'm leveling the field” “Technically, this is within the GAAP rules”; Create a culture of accountability and collegiality Consider inviting former white-collar criminals as speakers at corporate events to reinforce the message of devastating long-term consequences of fraud for both the fraudster and the organization Focus on the Victim Denial of the victim Dehumanization; “They deserve it” “They owe me this” “It's me or them” “It's their duty to exercise proper due diligence” “Shareholders aren't real people”; Create a positive working environment Provide fair compensation and benefits Value strong board oversight and audit functions

Current auditing standards provide little guidance on identifying, understanding, and mitigating fraudsters’ rationalizations.

Based on that research, four broad categories of fraud rationalization are suggested in the Exhibit:

  • Focus on the bigger mission (appeal to higher loyalties, moral justification, advantageous comparison)
  • Focus on responsibility (denial of responsibility, condemnation of condemners, displacement of responsibility, diffusion of responsibility)
  • Focus on the consequences of the act (denial of injury, euphemistic labeling, misrepresentation of the consequences)
  • Focus on the victim (denial of the victim, dehumanization).

Arguably, a focus on the bigger mission is one of the most effective (and dangerous) of all techniques because it removes any self-censure and presents the deviant behavior as heroic and self-sacrificing. A focus on responsibility—namely denying, displacing, and diffusing responsibility—is particularly problematic in group activities; when tasks are subdivided into small pieces, the anonymity provided by collective action allows individuals to relax their personal moral constraints. Focusing on the consequences enables a fraudster to assert that the effects of the fraud are trivial; this is a “no harm, no foul” technique. A fraudster may re-label cash theft as a “temporary loan” that will be paid back, or call a fraudulent journal entry a “timing difference” that will be cancelled out in the following accounting period. Finally, when rationalizing with a focus on the victim, the perpetrator shifts the blame to the victim and claims unjust treatment as an excuse, presenting his own actions as rightful retaliation or fair punishment.

Surprisingly, none of the examples of potential fraud rationalizations in COSO’s Integrated Framework include anything related to the first two items above. Of the three examples COSO provides, two center on fraud consequences, and the third relates to denial of the victim. These examples are helpful, but incomplete; unless CPAs learn to think like crooks, they will continue to handcuff their fraud-fighting efforts.

Designing More Effective Antifraud Programs

While understanding potential rationalizations is important, it is just a first step in designing effective antifraud programs. Once aware of typical rationalizations, CPAs must address them, and the Exhibit provides many potential responses.

Focus on the bigger mission.

Focusing on the bigger mission may be the most difficult rationalization to root out. COSO recognizes that diversity in employees’ backgrounds is instrumental for innovation and productivity, but it can backfire if not properly aligned with organizational objectives. Start by establishing the accountability and authority of employees within the context of broader organizational goals, then explaining clearly to employees the reasons for limiting their authority.

While many organizations focus their attention on developing an appropriate code of conduct, this is only one measure needed for an effective control environment. Management’s actual behavior and its reactions to deviations from the code of conduct send a much stronger message to employees than the content of the code itself. Recall that Enron produced a 64-page code of ethics, signed by every employee, as well as a training video on integrity. That code was no more than a piece of paper; management’s behavior—greed, corruption, and extreme hubris—created a toxic tone at the top and a culture tailor-made for fraud. An organization’s positive behavior in response to ethical deviations, and the creation of a culture of integrity and accountability, can just as effectively produce positive results.

Management must also be aware that employees operate in a broader society and are exposed to cultural norms that can override the conditions of the code. This is especially important when dealing with foreign subsidiaries or employees from different cultures. Studies suggest that people’s convictions of what is morally right or wrong (their “moral structures”) form very early in life as a consequence of cultural socialization. Once a moral structure is formed, acquiring another might be as difficult as acquiring a second language (Jesse J. Prinz, The Emotional Construction of Morals, Oxford University Press, 2009). Research on cross-cultural differences suggests that people from some countries have much higher tolerance than others for unequal power distribution within society, as well as a much stronger preference toward tightly integrated relationships outside immediate family (Geert Hofstede, Gert Jan Hofstede, and Michael Minkov, Cultures and Organizations: Software of the Mind, McGraw-Hill Education, 2010). Individuals from such cultures might experience stronger internal conflict between their collective group loyalty and formal code compliance when pressed to do something unethical by their colleague or supervisor.

Management must also be aware that employees operate in a broader society and are exposed to cultural norms that can override the conditions of the code.

Unfortunately, the “focus on a bigger mission” technique can be an effective way for such individuals to resolve a conflict in these circumstances. If an organization has significant international exposure, it is critical that internal auditors and antifraud executives are educated on these important intercultural differences. Even if the company operates exclusively in the United States, culture outside an entity matters as much as culture inside. To decrease the possibility of encouraging a “focus on the bigger mission” technique among employees, management needs to ensure that the corporate code of conduct is shared and enforced by business partners, especially those involved in the value chain and provision of outsourced services.

In addition, codes of conduct and corporate ethics programs are especially prone to a checklist mentality: schedule a workshop (check), require all employees to attend (check), read a list of dos and don’ts (check), and promise to do it all again next year (check). This attitude becomes further entrenched if management does not model appropriate behavior. Instead, think of the code of conduct as a daily practice, ensure timely updates to the materials and procedures, and instill the principles throughout every event, action, and reaction in the organization. Otherwise, efforts may quickly become stale and inadequate, inviting indifference and defiance.

Of course, even the most effective control environment is no guarantee against use of the “bigger mission” rationalization; it does little to deter the loyalty or fear of employees who commit fraud in order to protect their colleagues or families. Consider Betty Vinson, a WorldCom accountant who pleaded guilty to fraud charges. She cited concern for her family’s health insurance and a scarcity of comparable jobs in Jackson, Mississippi, as reasons for conceding to management demands. Similarly, David Myers, the former WorldCom controller, defended his fraud involvement by citing his desire to stay loyal to the team. Upping the ante was Scott Sullivan, the WorldCom CFO, who persuaded Vinson, Myers, and other WorldCom employees that their fraud-related actions were as essential to WorldCom’s survival as the behavior of an aircraft carrier’s personnel is to bringing planes and pilots safely home (Melanie O. Anderson, “Worldcom’s Betty Vinson and Cynthia Cooper: A Tale of Two Professionals,” Strategic Finance, July 2013,

How can companies fight this? First, consider that the incentive structures and external economic realities that feed this rationalization are common across employees. Recognize that all employees are likely to fear job loss and retaliation, and to feel a responsibility for their colleagues’ well being. Second, remember that some of the most prominent frauds of the past involved collusion, and many fraud instigators seem to be intuitively aware that appealing to the bigger mission is an effective method of convincing others to participate.

The few examples of rationalizations in COSO describe fraud committed by a “lone wolf.” Instead of limiting searches to such cases, think like the WorldCom crooks: consider the incentives and policies that could encourage employees to follow somebody like Scott Sullivan. Think like the Wells Fargo employees and consider whether incentive programs encourage employees to commit fraud en masse on a daily basis. How can such policies be redesigned to encourage the right behavior? What recourse is available to employees like Vinson and Myers to counteract the appeal to higher loyalties? Do employees know where to report the pervasive and destructive effects of organizational policies? Are there clear protocols for encouraging and protecting whistle-blowers? And more importantly, has the company demonstrated this commitment to employees?

Because it is impossible for an organization to influence most external realities, such as unique family duress, the next best option may be a strong, independent, well-staffed monitoring function. The fact that the internal audit function ultimately exposed the fraud at WorldCom is a lesson for all organizations. Such a function is crucial not just for detecting fraud before it becomes catastrophic but also for deterring fraud in the first place. COSO stresses the necessity to consider the joint effect of several components in achieving effective antifraud practices. While a strong control environment reinforces a commitment to integrity, clearly communicated lines of reporting and an effective monitoring function send the message that fraud detection is imminent and signal a willingness to take prosecutorial action.

Focus on responsibility.

A focus on responsibility is an easily accessible rationalization in accounting settings. The more people are included in a questionable decision or task, the easier it is to engage in diffusion or displacement of responsibility. This is a valuable insight for corporate boards, and suggests the need for a smaller number of members on committees that are prone to ethical temptation (e.g., compensation, audit). It’s a simple numbers game: fewer members means less opportunity to diffuse responsibility. If the company has embraced the team structure for work tasks, diligence is needed in carefully designing groups to mitigate this technique.

Think like the Wells Fargo employees and consider whether incentive programs encourage employees to commit fraud en masse on a daily basis.

Furthermore, companies need to be particularly cognizant of midlevel managers acting in the role of transmitters (Shadd Maruna and Heith Copes, “What Have We Learned From Five Decades of Neutralization Research?” Crime and Justice, 2005, Research suggests that this group could more easily rationalize responsibility in order to pursue destructive commands. In a traditional organizational hierarchy, the people at the top are responsible for generating fraudulent initiatives (e.g., a scheme to manipulate earnings by capitalizing line expenses), while the people at the bottom are responsible for the direct execution of these plans (e.g., physically recording the transaction in the accounting system). The transmitters can use their position to deny any responsibility: they did not order nor implement the fraud. Companies should offer robust training for employees, both transmitters and those they pressure, to recognize and report fraudulent directives. Clear, consistent, and protective methods for whistleblowing are critical to encourage individuals to resist the temptation to absolve themselves of responsibility and instead take action when fraudulent behavior is suspected.

In addition, management should be mindful of the impact that outsourcing certain functions has on the ease with which this rationalization can be invoked. Outsourcing of functions and processes will likely decrease the sense of employee ownership over these processes and related controls. COSO recognizes the unique risks created when organizational activities are outsourced to a service provider (OSP) and explicitly discusses potential responses to such risks throughout the framework. For example, under Principle 1, COSO mentions the importance of communicating ethical values to OSPs, but also stresses that management should be aware that it still bears the ultimate responsibility for delegated processes and outcomes. COSO also points out under Principle 3 the importance of the board of directors to consider OSPs when establishing authority structures and reviewing potential conflicts of interest. These and other measures discussed in COSO with respect to OSPs should reduce the risk of invoking responsibility-driven rationalizations.

Focus on consequences.

This rationalization technique—and the next—is more intuitive and more familiar to CPAs. The Exhibit highlights methods commonly used by fraudsters to justify their actions through the perceived outcome. COSO suggests that a fraudster might frame her actions as borrowing with the intent to pay back; the ability to alter the accounting records to hide the “temporary loan” acts as the final push to move from contemplation of fraud to action. Similarly, framing a fraudulent act as being “below the materiality threshold” is another dangerous rationalization unique to the accounting context.

Given the complexity and highly technical nature of the accounting environment, fraudsters are likely to speak in sophisticated accounting jargon and sanitizing language—not only during conversations with others, but also in their internal monologue—to quiet a troubled conscience. For example, Sullivan defended the capitalization of line expenses to the WorldCom board with the matching principle. Sushovan Hussain, the ex-CFO of Autonomy Corporation who was convicted in 2018 of securities fraud that overinflated the company’s business by billions of dollars, attempted to exonerate himself while on trial by citing the technical differences between British and American accounting standards. Executives should be mindful about such doublespeak, and board members should follow up with probing questions if they spot it in senior management’s presentations.

Focus on the victim.

Focusing on the victim has multiple applications in accounting fraud. For embezzlers, the victim is the company, and by focusing on real or imagined slights in the work-place, the embezzler justifies his actions. Believing that the company “does not pay me enough” or “passed me over for that promotion” gives an embezzler a reason to neutralize or disengage. Generating fraudulent financial statements may be justified in much the same way, but in this case, the benefit gained is a bonus or stock option payoff. If executives feel pressured by shareholders and analysts’ expectations, the act of providing fraudulent statements to those very parties may be viewed as “deserved.” This technique draws attention to the importance of sound human resource policies for hiring and promoting, as well as supervising personnel activities. Ensuring that employees are paid fair market wages, receive adequate benefits, enjoy a safe work environment, and experience timely and effective responses to voiced concerns can reduce the inclination to “settle the score.”

In addition, denial of the victim is a popular rationalization when the victim is not known or physically distant. It is easy to invoke this technique while manipulating financial statements, because shareholders are so far removed from the immediate fraud perpetrators. Patrick Kuhse, who stole millions of dollars from the state of Oklahoma through fraudulent commissions in the early 1990s, rationalized that no one would be hurt much since Oklahoma has millions of taxpayers. In the above-mentioned case of Autonomy Corporation, Hussain’s lawyer argued the case should have been dismissed because Autonomy was a U.K. corporation, purchased by a Dutch subsidiary of Hewlett Packard—which made it challenging to identify the fraud victims and related jurisdiction. Creating feelings of ownership in the organization through stock options or similar compensation can also backfire, as past frauds prove that this encourages the very behavior companies seek to prevent. Accordingly, a strong corporate board, an internal audit function, and external audit monitoring are critical for mitigating this principal-agent problem.

Although this article focuses on the direct relationship between the fraudster and the company, it is important to remember that organizations do not exist in a social vacuum. The reasoning and behavior of leaders are directly affected by the activities and guidance of larger societal institutions, such as the SEC, PCAOB, and Congress. Not surprisingly, fraud becomes pervasive when those institutions establish dysfunctional incentives and loosen oversight (Ramamoorti et al. 2013).

Where to Start

The good news is that most interventions overlap several of the fraud rationalizations, and considering them in concert can provide the most effective defense. For example, focusing on the victim can be easily invoked in conditions of weak internal controls. Lax control over assets or reporting can generate feelings that a company is “asking for it” or doesn’t care what employees do. As a result, the responsibility for fraud is diffused or displaced; it becomes the company’s fault for allowing fraud to occur. As shown in a number of interview-based studies of corporate offenders, executives whose opinions on sensitive issues have been ignored multiple times stop caring about consequences and fulfill their work obligations in a mechanical, disengaged manner. This environment is ripe for the perpetration of fraud, and suggests specific aspects of human resource policies and management style to be mindful about. By implementing the suggestions in this article, companies can nullify several rationalization techniques at once.

Believing that the company “does not pay me enough” or “passed me over for that promotion” gives an embezzler a reason to neutralize or disengage.

Even more good news is the fact that many of these insights are directly related to COSO, which many organizations have already embedded in their governance structures. An awareness of rationalization techniques can advance an organization beyond the checklist mentality that sometimes results in the instinctive temptation to merely check the box. Combining this knowledge with the directives under COSO can turn the fraud triangle into a multifaceted armor against fraud.

Understanding Is Key

Every day, in every company, nearly every employee has some opportunity to commit fraud. Thankfully, most do not, but as long as fraud continues, companies must continue to push their understanding of why and how it exists. The traditional governance and internal control systems commonly described in accounting guidance are necessary but not sufficient to fight fraud because they primarily address incentives and opportunities, and in most cases, these are the easier two components to spot. Rationalization is hidden and much more insidious. As Ramamoorti and Olsen explain, it is often the most trusted and seemingly honest people who become fraudsters (“Fraud: the Human Factor”). For accountants trained in how to implement objective rules and procedures, probing into the mind of a fraudster might seem like a daunting task. But this challenge must be embraced if fraud is to be prevented.

Natalia Mintchik, PhD, CPA is an associate professor of accounting at the University of Cincinnati.
Jennifer Riley, PhD, CPA is the William C. Hockett Associate Professor of Accounting at the University of Nebraska–Omaha.