Partner
Attorney at Law (Germany), Auditor, Compliance Officer (TÜV)
Compliance Management System (CMS)
A CMS comprises all compliance measures, structures, and processes established for this purpose in a company and is intended to protect executive board members (supervisory board, executive board, or management) from criminal and liability risks. The implementation, further development, and monitoring of a CMS is no longer just a task for large companies – increasingly, SMEs and the public sector are also the focus of investigations for tax and property offenses. In addition, the legal requirements are becoming increasingly complex.
Write to us without obligation:
Get in touch now
Tailor-made Compliance Management System
The requirements for a compliance management system vary greatly depending on the type, industry, size, legal form, risk suitability and internationality of the company. Therefore, a tailor-made setup of the CMS is required. However, there are also basic elements that should be considered regularly when a compliance management system is to be implemented in a company:
- Compliance goals such as the identification and monitoring of the relevant legal norms
- Risk analysis (identification and assessment of obligations and risks)
- Risk measures
- Organization/Compliance Officer (organizational structure and processes)
- Communication (reporting, whistleblower system)
- Documentation (code of conduct/guidelines/job descriptions)
- Monitoring (responsibilities/processes/sanctions)
We advise you on the conception and implementation of an effective compliance management system. We focus specifically on the particularities of your company – in particular on legal and statutory regulations, for example IT security, money laundering prevention, antitrust and competition law, tax law (Tax CMS), etc. In doing so, we work in an interdisciplinary manner with colleagues from other specialist areas (IT auditors, lawyers).
In addition, we audit compliance management systems in accordance with the requirements of IDW PS 980, which includes the principles for auditing the appropriateness and effectiveness of a compliance management system. We also involve colleagues from other specialist areas (IT auditors, lawyers) in such audits in order to identify weaknesses and be able to make recommendations for improvements.
BIC – Business Integrity Culture GmbH
In cooperation with BIC, we offer the scientifically validated measurement of the integrity culture. Based on employee surveys, a detailed culture index is calculated. Make your internal compliance and Speak Up culture visible – e.g. for reporting to the management and supervisory boards. Identify weaknesses in the CMS in a targeted manner and measure its effectiveness. Compare your corporate culture systematically for the first time – internally between company divisions and externally in a benchmark with comparable companies. With the measurement of the corporate culture, we complete the risk audit – based on a well-founded bottom-up method. We see this as a groundbreaking innovation in the area of GRC in order to be able to provide our clients with exactly the support that advances their company.