CFE Exam Mnemonics: 40+ Memory Tricks for All Four Sections

Remember the three main branches of the ACFE Fraud Tree:

• Corruption (48% of cases, $200K median loss)
• Asset Misappropriation (89% of cases, $120K median loss)
• Financial Statement Fraud (5% of cases, $766K median loss)

Think: "CAF" like a café where fraudsters meet—Corruption brings the bribes, Asset Misappropriation steals the silverware, and Financial Statement Fraud cooks the books!

The nine types of asset misappropriation schemes:

• Skimming (cash theft before recording)
• Cash Larceny (cash theft after recording)
• Register Disbursements (false refunds/voids)
• Inventory & Other Assets (non-cash theft)
• Billing Schemes (shell companies, overbilling)
• Expense Reimbursements (fake/inflated expenses)
• Skimming...
• Payroll Schemes (ghost employees, falsified hours)
• Electronic/Check Tampering
• Noncash Misappropriation

Think: "SCRIBES use a PEN to write fraudulent checks and fake invoices!"

The three categories of billing fraud:

• Shell Company Schemes (fictitious vendors)
• Overbilling by Real Vendors (inflated invoices)
• Personal Purchase Schemes (buying for yourself)

Think: "SOP" = Standard Operating Procedure for fraudsters—they either create fake vendors, overcharge through real ones, or buy stuff for themselves!

The critical difference that appears on every CFE exam:

• SKIMming = Taking cash BEFORE it's recorded in the books
• STEALing (Larceny) = Taking cash AFTER it's recorded

Think: You skim cream off the TOP of milk (before it mixes in). Larceny is stealing what's already in the bucket.

The corruption sub-categories on the Fraud Tree:

• Bribery (payments to influence decisions)
• Illegal Gratuities (gifts for past favors)
• Kickbacks (portion of payment returned secretly)
• Economic Extortion (demanding payment under threat)

Note: Conflicts of Interest is technically a fifth type—think "BIKE + COI" if you need all five!

Five major financial statement manipulation methods:

• Timing Differences (improper revenue/expense recognition)
• Revenue Overstatement (fictitious sales)
• Asset Overvaluation (inflated inventory/receivables)
• Improper Disclosures (hiding liabilities)
• Liability Understatement (concealing obligations)

Think: Fraudsters leave a "TRAIL" of manipulated financial statements!

The classic money laundering sequence (appears on every CFE exam):

• Placement (getting dirty money into financial system)
• Layering (moving money through transactions to obscure origin)
• Integration (returning "clean" money to the criminal)

Think: "PLI" like "PLIers"—criminals use these three stages like tools to twist dirty money into clean money!

The five elements plaintiff must prove in civil fraud:

• Material Misrepresentation of fact
• Reliance by the victim (justifiable)
• Representation was known to be false (scienter)
• Intent to deceive
• Damages resulted
• Duty to disclose (in some cases)

Think: "MR. RIDD" got rid of money because of fraud!

What must be communicated during Miranda warning:

• Right to remain silent
• Anything you say can be used against you
• Stop questioning at any time you wish
• Counsel—right to an attorney
• Attorney provided if you can't afford one
• Lawyer present during questioning

Think: Only a "RASCAL" would ignore these rights when questioning a suspect!

Major exceptions where hearsay is admissible:

• Business Records
• Excited Utterances
• Dying Declarations
• Present Sense Impressions
• Admissions by Party-Opponent
• Not offered for truth (verbal acts)
• Statements Against Interest

Think: Hospital "BEDPANS" collect all sorts of statements that end up being admissible!

Five common bankruptcy fraud schemes:

• Concealment of assets
• Hidden transfers (fraudulent conveyances)
• Acquiring debt without intent to repay
• Multiple filings (serial bankruptcy fraud)
• Perjury in bankruptcy documents

Think: These fraudsters think they're a "CHAMP" at gaming the bankruptcy system!

What to document for proper evidence handling:

• Time evidence was collected/transferred
• Identity of each person handling evidence
• Condition of evidence at each transfer
• Storage location and security measures

Think: Every "TICS" of the clock matters when tracking evidence!

The five stages of the ethical interview framework (increasingly tested on CFE exam):

• Planning and Preparation
• Engage and Explain
• Account (obtain their version)
• Closure (summarize, next steps)
• Evaluation (assess interview effectiveness)

This is already a mnemonic! Remember: PEACE focuses on information-gathering, not confession-seeking.

The question types fraud examiners use:

• Introductory Questions (build rapport)
• Closed Questions (yes/no, specific facts)
• Assessment Questions (evaluate truthfulness)
• Leading Questions (suggest answer—use sparingly!)
• Layout/Open Questions (who, what, when, where, how)

Think: "I CALL" witnesses to get information through different question types!

Requirements for effective fraud examination reports:

• Factual (no opinions unless expert witness)
• Accurate (verified information only)
• Complete (include all relevant findings)
• Timely (prepared promptly while evidence fresh)

Think: Reports must stick to the "FACTS"!

Steps for proper digital forensics:

• Preserve the original (never work on original media)
• Acquire a forensic image/copy
• Document everything (chain of custody)
• Data analysis on the copy
• Interpret and report findings

Think: "PADDI" your digital evidence with proper procedures!

The sequence for confronting a suspect:

• Direct accusation (clear, confident statement)
• Reasons/rationalization opportunity
• Explanation requested (let them respond)
• Alternative question (face-saving option)
• Details obtained (who, what, when, where, how much)
• Notes taken (document admissions)
• Others involved? (expand the investigation)
• Take written statement

Think: Suspects "DREAD" the interview, but you should "NOT" be intimidated!

Expected frequency of first digits in naturally occurring numbers:

• Digit 1: ~30%
• Digit 2: ~18%
• Digit 3: ~12%
• Digit 4: ~10%
• Digits 5-9: ~8-7-6-5-5% (declining)

Key insight: Numbers starting with 1 appear THREE TIMES more often than numbers starting with 9 in legitimate data. Deviations suggest fraud!

Cressey's three conditions for fraud:

• Pressure (motivation, incentive)
• Opportunity (weak controls)
• Rationalization (mental justification)

Think: Fraudsters are "POR" (poor) decision-makers who convince themselves it's okay!

Wolfe & Hermanson's four-element model (adds Capability):

• Pressure
• Rationalization
• Opportunity
• Capability (skills to execute fraud)

Think: "PROC" like "process"—the diamond shows the full process of fraud!

What makes someone capable of committing fraud:

• Position (authority to override controls)
• Intelligence (understands systems/weaknesses)
• Ego (confidence, narcissism)
• Coercion skills (can pressure others)
• Effective lying ability
• Stress tolerance (immunity to pressure)

Think: These "PIECES" come together to enable large-scale fraud!

Warning signs that someone may be committing fraud (84% display at least one):

• Living beyond means (39% of cases!)
• Irritability and defensiveness
• Financial difficulties
• Excessive control/won't share duties
• Sleeplessness, addiction issues
• Too close to vendors/customers
• Years without vacation
• Late nights/unusual hours
• Employment issues (complaints, divorce)

Think: Watch for "LIFESTYLE" changes that don't match salary!

The five components of internal control:

• Control Environment (tone at the top)
• Risk Assessment
• Information & Communication
• Monitoring Activities
• Existing Control Activities

Think: Good internal controls prevent "CRIME"!

How fraud is most commonly detected (in order of effectiveness):

• Tips (43%—#1 detection method!)
• Internal Audit (14%)
• Management Review (13%)
• Surprise Audits
• Accident/By Accident
• Confession
• External Audit (3%)

Think: "TIM'S ACE" at detecting fraud is getting tips from employees!

Core principles CFEs must uphold:

• Due diligence and professional care
• Integrity and objectivity
• Skill maintenance (continuing education)
• Confidentiality
• Only accept appropriate engagements

Think: CFEs need to "DISCO"ver fraud while maintaining ethical standards!