- Outsourcing of internal auditing, regulatory reporting, financial accounting, and legal issues, on a complete or partial basis
- Advising on setting up planning and controlling
- Preparing applications for permits and for permit expansions
- Quick Checks – Identifying potential for improvement in processes of internal auditing and risk management, such as the implementation of the new Minimum Risk Management Requirements that took effect on January 1, 2013.
- Assessment (on an audit basis) of rating concepts
Internal auditing that is independent of an institution’s own processes is indispensable in the financial services industry. Additionally, in the Minimum Risk Management Requirements, the Federal Financial Supervisory Authority (BaFin) has laid down specific requirements for the organization and working procedures of internal auditing. It’s common practice to outsource all or part of internal auditing – depending on the institution’s size – to auditors who specialize in the field. Corporate management gets added value when it can make use of high-performance auditing that provides risk-oriented oversight and broad experience.
Anyone who wants to provide financial services in Germany must have a permit from BaFin. The application for the permit must also include complete business plans and organizational principles. As a part of the further regulation of capital markets, the Investments Code provides that fund management by investment management companies, formerly unregulated, will also be subject to permits by July 22, 2014. Permit requirements vary depending on the investment assets being managed. An entirely new list of obligations will apply to companies managing closed-end assets. They will need to adjust their procedures and structures in time to meet the new requirements. We’ll be happy to prepare the applications for you or with you.
The new Minimum Risk Management Requirements released in December 2012 require institutions to implement a capital planning process, and to reinforce their organizations for the special functions of risk controlling and compliance. Processes and organizations must be developed further by the end of 2013.