Glossary

An Audit Trail is a complete and traceable record of transactions, changes, and system activities.

Audit trails are a key component of internal controls, forensic evidence handling, and IT governance. They enable traceability of actions and are closely linked to access rights abuse and audit procedures.

They are essential for audits, investigations, and regulatory compliance by ensuring transparency and accountability.

System logs capturing all changes to accounting entries and user activities.

Average Fraud Duration refers to the average time between the initiation and detection of a fraud scheme.

Average Fraud Duration is a key metric in fraud risk management and is commonly used as part of fraud KPIs by internal audit and compliance functions. It provides insights into the effectiveness of internal controls and detection mechanisms.

A shorter average fraud duration indicates effective controls and timely detection, while longer durations suggest weaknesses in monitoring and control environments.

A fraud scheme is detected after 14 months.

Chain of Custody refers to the documented and traceable handling, transfer, and storage of evidence throughout its lifecycle.

The Chain of Custody is a fundamental concept in forensics, internal investigations, and legal proceedings. It ensures that evidence remains identifiable, intact, and properly handled at all times.

A properly maintained Chain of Custody is critical for the admissibility of evidence, as it prevents tampering allegations and ensures evidential integrity.

Documented and signed transfer of digital evidence between investigators.

Percentage of controls operating effectively.

Control effectiveness rate is a key metric within internal controls and is commonly used in fraud risk assessment as well as internal and external audits. It evaluates whether defined controls operate as intended and effectively mitigate risks.

Measures the quality and reliability of the internal control system and serves as a key indicator of its overall performance.

85 percent effective controls.

Percentage of failed controls.

Control failure rate is a key metric within internal controls and fraud risk assessment. It measures the effectiveness of control mechanisms, such as approvals, reconciliations, or system-based controls, and is often assessed in audits and monitoring processes.

Direct indicator of weaknesses in the control environment and potential fraud exposure.

Multiple failed dual controls.

Cost of Fraud Management refers to the total resources required for fraud prevention, detection, and investigation, including personnel, systems, analytics, and training.

The cost of fraud management is closely linked to fraud risk assessment, data analytics for fraud detection, and internal controls. It arises across the full control lifecycle, from preventive measures to continuous monitoring and investigative activities.

It supports cost-benefit analysis and enables organizations to balance investment in controls against potential fraud losses.

Budget allocated to fraud analytics tools, internal audits, and employee training programs.

Data Analytics Detection refers to the use of data analysis techniques to identify anomalies, patterns, and indicators related to fraud.

Data Analytics Detection is applied within fraud risk management, compliance, and internal audit to enable continuous monitoring of transactions and master data. It supports the identification of red flags, unusual patterns, and weaknesses in internal controls.

Data Analytics Detection enables scalable and continuous monitoring, increasing the likelihood of detecting complex or systematic fraud schemes at an early stage.

Duplicate vendor analysis to identify potential fraud or control weaknesses.

Distribution of fraud detection sources.

Detection source ratio is an analytical metric in fraud risk assessment and the monitoring of fraud detection methods. It breaks down detection by source, such as tips, internal controls, audits, or data analytics, enabling a structured evaluation of detection effectiveness.

Highlights the relative effectiveness of different detection channels and supports the targeted improvement of control and reporting mechanisms.

60 percent detected via tips.

Multiple payments for the same invoice.

Duplicate payments typically occur in procurement and accounts payable processes and are often linked to weaknesses in internal controls, insufficient segregation of duties, or poor data quality. They are a classic example of red flags in fraud detection.

Indicates process and control weaknesses and may point to both errors and fraudulent activities.

Invoice paid twice.

External Audit Detection refers to the identification of irregularities or Fraud by independent external auditors during the audit of financial statements.

External Audit Detection typically occurs within statutory audits and focuses on material misstatements in financial reporting. It is closely linked to Financial Statement Fraud, Internal Control, and Compliance, but is not primarily designed to actively detect Fraud.

External Audit Detection plays an important control role but identifies only a portion of Fraud, as external audits are risk-based and not designed as forensic investigations.

Material misstatements identified during the audit of financial statements.

Forensic Evidence Handling refers to the proper collection, documentation, analysis, and preservation of evidence during investigations.

Forensic Evidence Handling is a core component of investigations into fraud and other forms of financial crime. It is closely linked to the chain of custody, digital forensics practices, and investigative procedures.

Forensic Evidence Handling ensures the integrity and legal admissibility of evidence and prevents tampering or loss of critical information.

Collection and preservation of server logs for use in an investigation.

Number of fraud cases over a period.

Fraud case frequency is a key metric in fraud risk assessment and the monitoring of fraud detection methods. It is often analysed alongside indicators such as loss per case and average fraud duration to assess risk trends and control effectiveness.

Enables trend analysis, benchmarking, and evaluation of prevention and detection effectiveness.

Increase from 5 to 9 cases per year.

Fraud KPI (Key Performance Indicator) is a quantitative metric used to measure fraud risk, actual fraud cases, or the effectiveness of internal controls.

Fraud KPIs are used within compliance, internal audit, and fraud risk management frameworks. They support ongoing risk monitoring, trend analysis, and the evaluation of prevention and detection measures.

Fraud KPIs enable data-driven management, comparability across time and entities, and structured reporting to management and oversight bodies.

Number of detected fraud cases per year.

Total financial loss caused by fraud.

Fraud loss amount is a key metric in fraud risk assessment and is often analysed alongside indicators such as case frequency, loss per case, and average fraud duration. It may include both direct financial losses and, depending on scope, indirect costs such as reputational damage and investigation expenses.

Key measure of financial impact and a basis for risk prioritisation and decision-making.

Total loss from fake invoices.

Fraud Loss per Case refers to the average financial loss incurred per detected fraud case.

This metric is used as part of fraud KPIs and fraud risk assessment and is closely linked to average fraud duration, as longer undetected fraud typically results in higher losses. It enables comparative analysis across cases.

It supports risk prioritization by highlighting the financial impact of different fraud scenarios.

Average loss of 120,000 CHF per fraud case.

Measures designed to prevent fraud.

Fraud prevention includes organisational, procedural, and technical measures aimed at reducing fraud risks and is closely linked to internal controls, fraud risk assessment, and a strong tone at the top. It primarily addresses opportunity and rationalisation within the fraud triangle.

Effective fraud prevention reduces both the likelihood and impact of fraud and is generally more cost-efficient than reactive investigations.

Employee awareness training.

Percentage of recovered losses.

Fraud recovery rate is a key metric following internal investigations and is closely linked to fraud loss, regulatory reporting obligations, and legal recovery processes. It measures the effectiveness of actions taken to recover losses.

Indicates the effectiveness of investigation, legal enforcement, and loss recovery efforts after fraud incidents.

30 percent recovered.

Time between detection and reporting.

Fraud reporting timeliness is a key metric in incident and compliance management and is closely linked to internal investigations, regulatory reporting obligations, and tips and whistleblower reports. It measures the efficiency of escalation and reporting processes following the detection of irregularities.

Timely reporting reduces liability exposure, enables prompt response measures, and enhances the effectiveness of compliance and control systems.

Late escalation to compliance.

High-Risk Process Exposure refers to the proportion or identification of business processes that carry an elevated risk of fraud or compliance violations.

High-risk process exposure is assessed as part of fraud risk assessment and is closely linked to internal controls and the prioritization of monitoring and audit activities. Common high-risk areas include procurement, payment processes, and master data management.

It supports risk-based resource allocation by focusing control efforts on the most exposed processes.

Procurement processes identified as high-risk areas requiring enhanced controls.

Internal Audit Detection refers to the identification of Fraud or irregularities through independent internal audit activities within an organisation.

Internal Audit Detection occurs within risk-based audit engagements and covers both financial and operational processes. It is closely linked to Internal Control, Compliance, and Fraud, and helps identify systematic weaknesses and control deficiencies.

Internal Audit Detection is particularly effective in identifying process-related weaknesses and control gaps but does not detect all forms of Fraud, especially in cases involving collusion.

Internal audit identifies manipulated accounting entries.

Internal Controls are organisational, procedural, and technical measures designed to ensure reliable, efficient, and compliant business operations.

Internal Controls form the foundation of governance, risk management, and compliance frameworks. They are closely linked to segregation of duties, control activities, and monitoring mechanisms, and are used to prevent and detect fraud, errors, and regulatory violations.

Effective internal controls significantly reduce risks related to fraud, errors, and compliance breaches and are critical for reliable business processes and reporting.

Segregation of duties in payment approval processes.

Internal Investigation refers to a structured process to investigate suspected misconduct within an organization, including fraud.

Internal Investigations are a key component of compliance and fraud risk management. They are closely linked to forensic interviewing, forensic evidence handling, and the chain of custody, and typically involve the analysis of data, documents, and communications.

Internal Investigations are a primary response to fraud and other misconduct and form the basis for legal, organizational, and disciplinary actions.

Review of emails and transaction data during an internal investigation.

Time required to complete investigations.

Investigation duration is a key performance and efficiency metric in internal investigations, forensic accounting, and compliance investigations. It is influenced by case complexity, data availability, cross-border elements, and legal constraints (e.g. data protection, due process). The concept is closely linked to time to detection, case management, and resource allocation.

Key indicator of efficiency, resource utilisation, and operational effectiveness of investigative functions.

Investigation lasts six months.

Review activities performed by management.

Management review is a key component of internal controls, complementing automated and process-based controls through analytical oversight at management level. It is closely linked to fraud risk assessment, red flags, and operational performance monitoring.

Enables early identification of anomalies and strengthens the control environment through critical review and challenge.

Management questions cost deviations.

Override Frequency refers to the number of times established internal controls are overridden or bypassed within a given period.

Override Frequency is a key metric in fraud risk management and part of fraud KPIs. It is commonly analyzed in high-risk processes such as payment approvals, procurement, and access management to identify weaknesses in internal controls or unusual behavior patterns.

A high override frequency may indicate control abuse, ineffective processes, or systematic circumvention of controls and is therefore considered a significant red flag.

Frequent manual overrides of payment approval controls outside the standard process.

Override of Approval Limits refers to the deliberate structuring or splitting of transactions to bypass defined approval thresholds and control mechanisms.

Override of approval limits is commonly associated with red flags, weak internal controls, and insufficient segregation of duties. It frequently occurs in procurement and payment processes and is often enabled by inadequate monitoring of exceptions.

It indicates intentional control circumvention and represents a significant fraud risk.

Multiple payments are split into amounts just below the approval threshold.

Percentage of repeat fraud offenders.

The repeat offender rate is a metric used in fraud risk management, compliance monitoring, and internal control systems. It measures the extent to which identified individuals or organisational units are involved in recurring incidents. The concept is closely linked to root cause analysis, control effectiveness, and disciplinary actions.

Indicates insufficient remediation, weak controls, or ineffective enforcement of corrective actions.

Repeat fraud in same unit.

Segregation of Duties (SoD) refers to the separation of critical tasks and responsibilities across different individuals or roles.

Segregation of Duties (SoD) is a fundamental principle of internal controls and a key component of compliance and governance frameworks. It is widely applied in high-risk processes such as procurement, payment processing, and access control models, and plays an important role in fraud risk assessment.

Segregation of Duties (SoD) reduces the risk of fraud and errors by ensuring that no single individual can execute all steps of a critical transaction.

A user responsible for vendor creation cannot approve payments.

Substantiated Case Rate refers to the percentage of reported or investigated cases that are confirmed as valid.

The substantiated case rate is used as part of fraud KPIs and is closely linked to tips and whistleblower reports and the effectiveness of internal investigations. It helps assess the quality of reporting and investigation processes.

It serves as a key indicator of report quality and investigation effectiveness.

40 percent of reported cases are substantiated after investigation.

Time required to detect fraud.

Time to detection is a key metric in fraud risk assessment and the monitoring of fraud detection methods. It is often analysed alongside average fraud duration and fraud loss to assess the effectiveness of controls and whistleblowing mechanisms.

Short detection times limit potential losses and indicate effective control, monitoring, and reporting mechanisms.

Fraud identified within two weeks.

The ethical example and leadership set by senior management.

Tone at the Top is a key component of internal controls, fraud risk assessment, and compliance frameworks. It strongly shapes organizational culture and is closely linked to red flags, particularly in behavioural and decision-making patterns.

Consistent leadership behavior significantly reduces fraud risk.

Leadership enforces expense rules consistently.

Percentage of employees trained.

Training coverage rate is a key metric within fraud prevention and compliance programmes and is closely linked to tone at the top, fraud risk assessment, and awareness initiatives. It measures the extent to which employees are trained on risks, controls, and expected behaviours.

Indicator of the maturity of prevention measures and the organisation’s level of awareness regarding fraud and compliance risks.

90 percent complete fraud training.

Whistleblower Retaliation refers to any adverse action taken against individuals who report misconduct or irregularities.

Whistleblower retaliation occurs in the context of tips and whistleblower reports and is closely linked to organizational culture, compliance frameworks, and legal protections. It is a key concern addressed in whistleblower protection regulations.

Retaliation discourages reporting, reduces transparency, and weakens fraud detection mechanisms.

An employee is demoted after reporting misconduct through a whistleblower system.

Whistleblower Usage Rate refers to the number of reports submitted relative to the size of the workforce, typically measured per employee base or time period.

The whistleblower usage rate is closely linked to tips and whistleblower reports, organizational culture, and trust in compliance mechanisms. It is often used as part of fraud KPIs and fraud risk assessment to evaluate the effectiveness of reporting systems.

Low usage rates may indicate fear of retaliation, lack of awareness, or low trust, while appropriate usage levels suggest effective reporting channels.

2 reports per 1,000 employees per year.

Whistleblowing involves reporting misconduct within an organization.

Whistleblowing refers to the reporting of misconduct or legal violations within organisations by internal or external whistleblowers. It is closely linked to compliance, whistleblower protection, internal investigations, and regulatory frameworks (e.g. EU Whistleblower Directive). Whistleblowing systems are a core element of modern governance structures and enable early identification of risks such as fraud, corruption, and compliance violations.

One of the most effective mechanisms for early detection of fraud and misconduct, particularly where trusted reporting systems are in place.

Anonymous report via a whistleblower hotline.