Answers / Risk & Compliance

Explain the fraud triangle and how compliance programs use it.

A core Risk & Compliance interview question — asked in analyst and associate interviews across IB, PE, and the Big 4.

THE SHORT ANSWER

The fraud triangle holds that three conditions typically coincide when fraud occurs: pressure/incentive (financial need, aggressive targets, personal difficulty), opportunity (weak controls, override ability, poor oversight or segregation), and rationalization (the person justifies it — 'I'll pay it back', 'everyone does it', 'the company owes me'). It's useful because an anti-fraud program should attack all three rather than just one: reduce pressure (sensible incentives and targets, support channels), limit opportunity (segregation of duties, four-eyes, access controls, monitoring — usually the most controllable lever), and undermine rationalization (a strong ethics culture, tone from the top, visible consequences, training). Opportunity is where controls bite hardest, but culture (rationalization) is what makes the difference at senior levels where controls can be overridden. Auditors also use it under ISA 240 to assess fraud risk. The insight: fraud isn't just 'bad people' — remove the conditions, not only the individuals.

WHAT INTERVIEWERS LISTEN FOR

  • Three conditions: pressure/incentive, opportunity, rationalization
  • Programs should address all three, not one
  • Opportunity = most controllable (segregation, four-eyes, monitoring)
  • Culture/tone undermines rationalization, esp. at senior/override level

COMMON MISTAKES

  • Addressing only one corner (e.g., controls)
  • Ignoring culture/rationalization at senior level
  • Treating fraud as just 'bad apples'

Reading isn't the same as answering under pressure.

Interviewers don't hand you the model answer — you deliver yours on a clock. Practice this and 1,000+ questions with AI feedback on every answer.

TRY QUICKFIRE →Or train full Risk & Compliance case simulations →

RELATED QUESTIONS