Peter Hertlein

Director, Financial Services, IT Compliance & Cyber Security

KPMG AG Wirtschaftsprüfungsgesellschaft

Peter Hertlein is a Director in Financial Services and an expert in IT compliance and cyber security. Together with clients, he develops and implements concepts for the protection of information and compliance with regulatory requirements in IT. In doing so, he brings his extensive experience from advising and auditing financial companies to bear and brings together the requirements of clients and regulatory authorities in pragmatic solutions.

"Ensuring IT compliance and protection against cyber attacks - it's a marathon, not a sprint. I navigate the regulatory tide and empower my clients to manage the new risks brought about by digitalisation by design"

One focus of Peter's work is the preparation, monitoring and follow-up of IT regulatory audits of financial companies. In this context, FISG brings new challenges for the institutions' IT service providers: The Financial Market Integrity Strengthening Act (Finanzmarktintegritätsstärkungsgesetz) is intended to improve balance sheet control for companies and strengthen confidence in the German financial market - combined with a significant expansion of the audit powers of the financial supervisory authority BaFin. The law provides, for example, that the supervisory authority can issue orders directly to outsourcing companies such as IT service providers. Together with his team, Peter advises financial institutions and their service providers on how to prepare for such requirements and accompanies them through the examinations.


As Head of the Regulatory Hub for Security & IT Compliance at KPMG, Financial Services, Peter is responsible for the practical, technological and risk-mitigating implementation of regulatory requirements. Through the Regulatory Radar, he helps clients to identify new regulatory movements at an early stage, assess them and implement them in proportion to their business model.

  • Graduate in Business Informatics

  • CISA - Certified Information Systems Auditor

  • CISM - Certified Information Security Manager

  • Head of the Regulatory Security Hub (RSH) - incubator for the practical, technological and risk-reducing implementation of regulatory requirements in security

Further Information (in German only)