Associate Partner
Auditor for Internal Audit Systems (DIIR)
Governance Financial Services
BaFin-regulated institutions require governance structures that enable clear decisions and consistently meet supervisory requirements. We support credit institutions, investment firms, insurance companies, and other regulated entities in fulfilling fitness and propriety requirements, effectively designing internal control and management systems, and reliably implementing all governance obligations.
Clear Governance for Reliable Management of Regulated Institutions
Regulated institutions need answers that hold up in audits and function in daily operations. We know the requirements of BaFin, EBA, and ESMA and translate them into clear governance structures with comprehensible documentation. Our team supports you with tailored solutions for Fit and Proper, Internal Audit, Anti-Money Laundering (AML) according to GwG, internal governance and ICS according to MaRisk and MaGo, as well as for governance reviews and outsourcing management according to DORA.
Our services seamlessly integrate. This provides you with audit-proof documentation, robust processes, and a governance framework that secures decisions and strengthens the management of your institution.
Our services
Fit & Proper – suitability assessment & documentation
Assessment and documentation of the professional suitability and reliability of managing directors and supervisory bodies according to current BaFin requirements – for initial appointments, reappointments, and ad-hoc reassessments.
- Suitability Matrix
- Self-assessment Documentation
- Fit & Proper Process Manual
- Notification Documents to BaFin
Internal Audit / Internal Audit
Establishment, structuring, and quality assurance of Internal Audit. As an initial setup, within an outsourcing solution, or as an independent effectiveness review of existing audit structures.
- Audit Charter
- Audit Plan
- Audit Reports
- Quality Assessment
Anti-Money Laundering (AML)
Design and review of organizational obligations according to GwG – from risk analysis to the appointment and qualification of the AML Officer and internal security measures. Particularly relevant for institutions that are newly subject to GwG obligations or need to take corrective action after BaFin findings.
- AML Risk Analysis
- AML Officer Appointment Documentation
- Internal Policies & Control Processes
- Training Concept
Internal governance & ICS documentation
Design and documentation of internal management and control structures – from segregation of duties to the three lines of defense model and delegation of authority – in accordance with MaRisk, MaGo, and minimum supervisory requirements.
- Governance Manual
- Function Matrix (Three Lines of Defense)
- Policy Framework
- Signature Policy
Risk culture & code of conduct
Operationalization of risk culture requirements (MaRisk AT 3) and development of institution-specific behavioral and ethical standards, as lived governance, and not just a documentation obligation.
- Code of Conduct
- Risk Culture Assessment
- Whistleblowing Policy
- Training Concept
Governance review & supervisory review readiness
Independent review of your existing governance structures for conformity with current supervisory requirements, as proactive preparation for BaFin audits or following supervisory findings.
- Gap Analysis
- Action Plan
- Audit-ready Documentation
Outsourcing management
Establishment of compliant outsourcing management according to MaRisk, MaGo, and DORA – from materiality assessment to contractual requirements and ongoing monitoring of outsourced functions and service providers.
- Outsourcing Register
- Materiality Matrix
- Contract Check
- Service Provider Monitoring Process
- Contingency Plan
"We translate complex supervisory requirements into clear governance structures. This creates a framework that secures decisions and effectively manages your company."
Volker Hofmann
Associate Partner