The CFE credential โ Certified Fraud Examiner โ is issued by the ACFE, the Association of Certified Fraud Examiners, and it's the most recognized anti-fraud certification in the world. Unlike most professional credentials, the CFE isn't just an exam โ it's an application-based process. You need to meet education and work experience requirements, be an ACFE member in good standing, and pass a background check before you're eligible to sit for the exam.
Once you qualify, the exam itself is 500 total questions split across four sections of 125 questions each. Here's the thing that surprises most candidates: it's open book. You can use the ACFE Fraud Examiners Manual while you test. That sounds easy โ it isn't. The manual is thousands of pages. The exam tests your ability to apply concepts quickly, not your ability to look things up slowly.
Download the free PDF on this page to practice the question types and content areas you'll encounter. The PDF covers all four sections: Financial Transactions and Fraud Schemes, Law, Investigation, and Fraud Prevention and Deterrence.
This is where most candidates have a strong foundation โ and where most still lose points. 125 questions covering how fraud actually happens in financial environments.
Financial statement fraud is intentional misrepresentation in financial reports. Two main directions: overstatement (inflating assets, revenue, or net income) and understatement (hiding liabilities, deflating expenses to boost apparent profit).
Revenue recognition manipulation is the most common financial statement scheme. Techniques include recording revenue before it's earned (channel stuffing โ pushing excess product to distributors with side agreements to return it), fabricating sales entirely, recording contingent sales as final. The auditing standard is clear: revenue is earned when performance obligations are satisfied. Any acceleration of that recognition without legitimate business substance is potential fraud.
Asset misstatement: inflating receivables by not writing off uncollectible accounts, capitalizing expenses that should be expensed (overstating PP&E), recording fictitious inventory. The Enron and WorldCom cases are classic CFE exam examples โ know them at a conceptual level.
Asset misappropriation is the most common type of occupational fraud by far โ the ACFE's Reports to the Nations consistently shows it in over 85% of fraud cases. The median loss is lower than other schemes, but the frequency makes it critical to understand.
Cash theft schemes: lapping is a receivables scheme where an employee steals payment from Customer A, then covers it by applying Customer B's payment to A's account, then covers B with C's payment โ a rolling delay that continues until discovered or the employee leaves. Skimming is stealing cash before it's recorded โ off-book and harder to detect. Billing fraud: creating fictitious vendor accounts and submitting fraudulent invoices, or inflating legitimate invoices.
Payroll fraud: ghost employees are the classic scheme โ a fake employee is added to payroll, and the fraudster routes the paychecks to themselves. Falsified hours: inflating time records, especially where time tracking is manual or unsupervised. Commission fraud: misrepresenting sales figures to inflate commission payments.
Expense reimbursement fraud: submitting personal expenses as business expenses, inflating legitimate expenses (changing $40 to $140 on a receipt), submitting the same expense twice, fabricating receipts entirely.
Inventory theft: removing physical inventory for personal use or sale. Easier in environments with weak count controls. CFE fraud examiner candidates should expect inventory theft to appear in scenario-based questions that test both detection methods and internal controls.
125 questions. This section is the one candidates most often underestimate โ especially candidates without legal backgrounds. You don't need a law degree, but you need functional understanding of several legal frameworks.
Fraud crimes require two elements: actus reus (the guilty act โ the actual fraudulent conduct) and mens rea (the guilty mind โ intent to defraud). This is critical for CFE exams. Accidental errors aren't fraud. Fraud requires intentional deception for personal gain or to cause harm. Most fraud statutes also require proof of materiality (the misrepresentation was significant enough to affect decisions) and reliance (someone acted on the false representation).
Civil fraud cases can proceed alongside or instead of criminal prosecution. The standard of proof is lower โ preponderance of evidence rather than beyond reasonable doubt. Civil remedies include compensatory damages, punitive damages, and injunctive relief. Know the difference between a tort (civil wrong) and a crime โ the same act can give rise to both civil and criminal liability.
Admissibility: evidence must be relevant, material, and competent to be admitted. Hearsay is generally inadmissible unless an exception applies. The best evidence rule prefers original documents over copies for proving the content of a document.
Chain of custody: every piece of evidence must have a documented chain of custody โ who collected it, when, how it was stored, who had access. A broken chain creates admissibility challenges. For digital evidence, this means forensically sound collection methods (write-blocking, hash verification).
Privilege: attorney-client privilege protects communications between a client and their attorney made for the purpose of legal advice. Work product doctrine protects materials prepared in anticipation of litigation. Both can limit what a fraud examiner can access during an investigation.
The Fourth Amendment (unreasonable searches and seizures) applies to government actors, not private employers. A private company's fraud investigator doesn't need a warrant to search company computers or records. The Fifth Amendment (self-incrimination) means a suspect in a criminal proceeding can refuse to answer questions โ but in an internal corporate investigation, refusing to cooperate may be grounds for termination.
The Foreign Corrupt Practices Act prohibits U.S. companies (and foreign companies listed on U.S. exchanges) from bribing foreign government officials to obtain or retain business. Two main provisions: the anti-bribery provision and the accounting provision (requiring accurate books and internal controls). FCPA violations can result in massive fines and individual criminal prosecution. The CFE exam tests this as a key corporate governance and compliance framework.
125 questions on how you actually conduct a fraud examination โ from the first allegation through final report.
Fraud examiners work from the specific to the general โ starting with a specific allegation and working outward. This is opposite to auditors, who sample broadly and look for anomalies. The CFE exam tests this distinction. An auditor finds an anomaly and investigates; a fraud examiner starts with a predicate (reasonable belief that fraud occurred) and gathers evidence to prove or disprove the allegation.
Documents are the bread and butter of financial fraud investigations. Know how to analyze: bank statements (check for unusual payees, round numbers, sequential check numbers which may indicate fabrication), vendor invoices (check for duplicates, unusual addresses, P.O. boxes, round numbers), payroll records (check for employees without Social Security numbers, employees sharing addresses or bank accounts with other employees).
Public records research: incorporation records, property records, UCC filings, court records, bankruptcy filings. Many fraud schemes involve shell companies โ checking state corporate registries to trace ownership is a fundamental investigative technique.
Computer forensics basics: forensic copies (bit-for-bit copies of storage media, verified with hash values) preserve evidence. Metadata in documents can reveal when a document was created or modified โ and whether that timeline is consistent with the document's claimed history. Don't open original files without write protection.
The cognitive interview technique maximizes memory retrieval by reconstructing the mental context of an event. Ask open-ended questions, encourage the subject to recall in different orders, and avoid leading questions. Useful for witnesses who want to cooperate but have trouble remembering details.
The Reid Technique is a more confrontational approach designed for suspects where guilt is already suspected. It involves a behavioral analysis interview followed, if deception is indicated, by a nine-step interrogation. The Reid Technique is controversial and jurisdictions vary on its use โ but the CFE exam tests it as a recognized methodology.
Detecting deception: look for inconsistencies between verbal and non-verbal cues, statements that don't hold up against the documentary evidence, evasion (answering a different question than was asked), hedging language. No single cue reliably indicates deception. Clusters of behavior inconsistencies are more meaningful than any single signal.
Witness vs. suspect interviews have different objectives and different legal considerations. Witnesses are interviewed to gather information. Suspects are interviewed with the goal of obtaining admissions. Suspects have more legal protections โ especially in criminal contexts. Know when to involve legal counsel before proceeding with a suspect interview.
The final section covers the structural and organizational factors that prevent fraud โ and why fraud happens in the first place. 125 questions.
The COSO framework โ Committee of Sponsoring Organizations โ is the dominant internal control framework. Five components: Control Environment (the "tone at the top," ethical standards, organizational structure), Risk Assessment (identifying and analyzing risks), Control Activities (specific policies and procedures โ authorization, verification, reconciliation, separation of duties), Information and Communication (relevant information flows up, down, and across the organization), and Monitoring (ongoing evaluation of control effectiveness).
Separation of duties is the single most effective internal control against occupational fraud. The three functions that should never rest in the same person: authorization (approving transactions), custody (handling assets), and record-keeping (accounting for transactions). When one person controls all three, they can create and conceal fraud indefinitely.
Effective governance includes an active board of directors with independent audit committee, external auditors, internal audit function, and a code of conduct with real enforcement. The CFE exam distinguishes between governance that exists on paper and governance that actually functions.
Ethics programs: a code of conduct alone doesn't deter fraud. What matters is whether violations are enforced consistently and whether leadership models ethical behavior. Hotlines significantly increase fraud detection โ the ACFE's data shows that the most common way fraud is detected is through tips, not auditing.
Donald Cressey's Fraud Triangle identifies three conditions that must be present for occupational fraud: pressure (financial need or external pressure motivating the fraud), opportunity (a weak control environment that makes it possible), and rationalization (the fraudster justifies the behavior to themselves โ "I'll pay it back," "the company owes me," "everyone does it").
The ACFE's Reports to the Nations โ published every two years using data from CFE members โ is the empirical backbone of the exam. Key findings that get tested: asset misappropriation is the most common scheme type, corruption schemes cause the highest median losses, the typical fraud lasts 12 months before detection, tips are the most common detection method, small organizations have higher per-employee losses due to weaker controls, and accounting personnel commit the most frauds by department.
Pre-employment background checks deter fraud by screening out candidates with relevant criminal history. The CFE exam tests the limits of background checks โ they're not perfect, they can't detect future behavior, and they must comply with FCRA (Fair Credit Reporting Act) requirements for adverse action notifications.
Whistleblower programs protect employees who report suspected fraud. Strong programs have multiple reporting channels, guarantee confidentiality, and prohibit retaliation. The SEC's whistleblower program under Dodd-Frank offers financial awards (10โ30% of sanctions over $1 million) โ a significant incentive that has materially increased reporting of securities fraud.
Sarbanes-Oxley (SOX) was enacted in 2002 after Enron and WorldCom. Key provisions for CFE candidates: Section 302 (CEO and CFO must personally certify the accuracy of financial statements), Section 404 (management must assess and report on internal controls over financial reporting, with external auditor attestation), Section 806 (whistleblower protections for publicly traded companies). SOX applies to publicly traded companies and their subsidiaries.
Open book doesn't mean easy. It means you can't be stumped by a factual lookup โ but you can absolutely run out of time trying to look everything up.
The candidates who pass the CFE exam treat the Fraud Examiners Manual as a backup, not a primary source. They know the concepts cold and use the manual only to verify specific details on the small number of questions where precision matters. If you have to look up every answer, you won't finish.
Build your study plan around concept mastery, not memorization of page numbers. Know what lapping is before you look for its definition in the manual. Know how the COSO framework works before you look up the exact wording of its five components. The manual confirms your understanding โ it doesn't replace it.
The PDF practice test on this page simulates that environment. Print it, set a timer, and answer from memory. Then โ after you've scored it โ go back and verify your answers against your study materials. That two-phase approach (timed testing, then verification) builds both the speed and the accuracy the open-book format requires.
You can't just sign up and take the CFE exam. The ACFE requires: at minimum a bachelor's degree (or an equivalent two-year associate degree plus two additional years of experience), at least two years of professional experience in a field related to fraud examination or prevention, ACFE membership in good standing, and a satisfactory background check.
Experience points are calculated using a matrix โ different types of experience (accounting, auditing, fraud investigation, criminology, law) carry different weights. You need a minimum of 50 experience points. If you don't yet have the required points, you can still become an Associate Member of the ACFE and begin studying while you accumulate the experience.
The exam itself must be completed within 30 days of your approved application. You get the login credentials for the online testing portal. The 30-day window is strict โ plan your prep accordingly so you're ready before you apply, not after.