CFE Study Guide 2026
Everything you need to pass the CFE exam in one place: the exam format, every topic to study, real practice questions with explanations, flashcards, and full-length practice tests. Free, no sign-up needed.
📋 CFE Exam Format at a Glance
📚 CFE Topics to Study (21)
✍️ Sample CFE Questions & Answers
1. Each of these agencies is a good fit for the kind of information it gives, except:
Maintaining birth records and SSN information is not a State Attorney General function — vital statistics are kept by state health/vital records offices and SSNs by the Social Security Administration. The other three correctly match the DOJ, CIA, and Secret Service to their actual responsibilities.
2. This is what the Gramm-Leach-Bliley Act lets:
The Gramm-Leach-Bliley Act covers all three: it permits financial institutions to share and sell customer information while also requiring that customers be given the right to opt out of having their information shared. Because each option is a valid provision, 'All of the above' is correct.
3. Which federal statute criminalizes the use of mail or wire communications in furtherance of a scheme to defraud?
The federal mail fraud (18 U.S.C. § 1341) and wire fraud (18 U.S.C. § 1343) statutes prohibit using mail or wire communications in furtherance of a scheme to defraud.
4. Which federal agency has primary jurisdiction for investigating securities fraud in the United States?
The SEC has primary civil and regulatory authority over securities fraud, though the FBI handles criminal investigations often in parallel with SEC civil enforcement.
5. Why is a fraud investigation done in the first place?
Explanation: The main goal of a fraud investigation is to find out if fraud has happened. This could mean gathering evidence, talking to people, and looking at financial records to determine the fraud size and type.
6. Which type of computer fraud involves an employee inserting unauthorized code that skims small amounts from many accounts into a single account?
A round-down scheme (also called a salami attack) involves programming a system to round down fractions of cents from many transactions and accumulate those fractions in a single account.