• 1000

The requirements for the process and control landscape for you as a financial service provider are subject to constant change - essentially due to changing framework conditions resulting from regulatory innovations.

This is accompanied by an increased need for security on the part of the management and supervisory bodies in companies, which is reflected not only in the design of the individual controls, but rather in their monitoring with regard to adequacy and effectiveness on the second and third lines of defence - combined with corresponding reporting to the executive board and supervisory board.

In addition, the design of the process and control landscape should, as far as possible, also increase profitability and efficiency in processes, generate synergies and avoid redundancies - equally for the business processes in the market as well as for the processes of the internal audit.

In this context, it is essential for you to keep an overview and make the right decision for the future of your company by enabling you to recognise, control and monitor the relevant risks.

KPMG offers you company-specific advice on these topics relating to processes and controls - from analysis of the status quo, development of objectives and conception, through auditing and certification of selected issues, to optimisation, realisation and implementation.

Our range of services includes the following innovative solution portfolio for you

Efficiency & safety through the smart design & control of processes & controls

What moves you

The requirements for the process and control landscape for you as a financial service provider are subject to constant change.

These changes are essentially the result of changing framework conditions due to regulatory innovations and the pressure to increase efficiency.

In the process, financial service providers struggle with processes that sometimes remain in silos, outdated legacy systems and historically grown instruction systems as well as risk and control inventories. Traceability by third parties (both auditors and own employees) is therefore often not guaranteed. An overview of the essential process flows in your organisation, which could be used to structure the tasks of the control functions, is not available.

Nevertheless, the constant changes result in an increased need for security on the part of the management and supervisory bodies, which is reflected not only in the design of individual controls, but also in their monitoring by the individual control functions.

In this tension, growing cost pressure also emphasises the need for an efficient design of the necessary structures and the smart use of digital solutions for the collection/documentation, use, management and monitoring of processes, risks and controls.

What matters to you

In addition to fulfilling regulatory requirements and meeting increased security needs, the design of the process and control landscape is also intended to increase profitability and efficiency in processes, create synergies and avoid redundancies and unnecessary complexity - this applies equally to the business processes in the operational units as well as to the processes of the individual control functions, right down to the user-friendliness of the instruction system.

Consistent and comprehensible end-to-end process documentation and control structures

Transparency about the relevant processes and process-inherent risks and controls as a "single source of truth", which can be used equally by the operational units and the monitoring functions for various further developments (e.g. ICS, sfO, process optimisation), is of essential importance.

An end-to-end view of processes, their standardisation and correct data collection - equally for customer-related processes as well as for control and support processes - is the prerequisite for accessing possible further developments. In the target picture, you increase the quality and consistency of statements on process flows and risk situation in your house, enable efficiency increases in control functions through the common use of a uniform structure and create the basis for optimisation and workflow support efforts.

Interlocked cooperation in the control of processes, ICS and instruction system

The focused coordination and cooperation of the various control functions (e.g. through the use of governance risk compliance (GRC) solutions) also improves the assessment of the timeliness of the instruction system as well as the adequacy and effectiveness of the ICS and enables the provision of consistent reporting information to the executive board and supervisory board/board of directors.

Use of technologies that bring targeted and, above all, rapid benefits

It is crucial for the success of companies to harmonise the sharpened end-to-end processes with new technologies and thus develop the basis for sustainable structures. The intelligent use of IT solutions - regardless of whether they are GRC solutions, workflow platforms, simple robotics applications or even AI solutions - is a prerequisite for the optimisation, digitalisation and automation of processes and thus the basis for "efficiency & security"

Our Service

From inventory analysis to implementation: our solution portfolio

KPMG offers you company-specific advice on these topics relating to processes and controls - from inventory analysis, target development and conception, through auditing and certification of selected issues, to needs-oriented optimisation, implementation of identified use cases and implementation.

Our Digitised ICS solution portfolio covers the following topics for you:

  • Introduction or further development of an efficient, company-wide internal control system (ICS) up to a digitalised ICS
  • Restructuring and optimisation of the instruction system
  • ICS-related end-to-end optimisation of business processes.

This includes in detail:

  • Analysis of the status quo of the company-wide ICS, the process documentation and/or the written order and definition of further development or efficiency potentials.
  • Derivation of a target picture for a modern ICS and, based on this, a concept for the collection and documentation of process-inherent risks and controls in BPM tools.
  • Deriving a target image for an optimised sfO with the definition of a stringent document hierarchy and the structuring of documents according to a uniform pattern to increase the user-friendliness of the instruction system
  • Development of a process map and support in the introduction and use of BPMN 2.0 (Business Process Modelling Notation) and DMN (Decision Model and Notation) for the graphical mapping of processes in the required granularity as a single source of truth, as well as support in the recording and documentation of the process-oriented ICS
  • Further development of the concept and governance for efficient control and monitoring of the company-wide ICS; focus on cooperation within and between the 3 lines with regard to joint monitoring structures as well as reduction of non-financial risks and establishment of consistent (and, if necessary, cross-functional) reporting with regard to the appropriateness and effectiveness of the ICS for the executive board and supervisory or administrative board
  • ICS-related end-to-end optimisation of business processes, inter alia, with the help of automation / digitalisation of processes through the use of modern workflow technologies and process mining
  • Support for the selection and implementation of BPM (process management) and GRC tools
  • Digital offer to support the various control functions, e.g. by implementing a workflow for the ICS control loop, automation of controls, continuous control monitoring or "predictive analytics" in the risk simulation environment

The internal audit of the future

What moves you

Ever-increasing challenges for internal auditing lead to successive needs for adaptation

Due to increasing regulatory requirements, the digitalisation of business models and processes as well as the need for cost management, internal auditing continues to face major challenges. In addition, internal auditing is increasingly becoming the focus of supervisory audits in order to check the appropriateness and effectiveness of its function. Therefore, there is a constant need for further development of internal auditing in order to meet the changing requirements and expectations.

What matters to you

A modern auditing function that produces high-quality and resilient auditing results and is efficiently positioned

In addition to fulfilling regulatory and professional requirements, internal auditing must also take into account aspects of economy and efficiency. There is a requirement to produce high-quality and resilient results so that the significant risks in your institution can be identified, controlled and monitored in order to support management in making the right decisions. By taking into account profitability and efficiency aspects, internal audit can also add value to your company.

Our Service

From the classic audit to the (digital) further development of your internal audit - our solution portfolio

KPMG offers you holistic support for all topics relating to internal auditing - from audit execution to the (digital) further development of your internal auditing.

Co- and full-sourcing approach:

  • Support in the processing of the annual audit plan and/or assumption of all operational auditing tasks related to your internal audit.

Quality assessments according to DIIR Standard No. 3/ IIA Standards as well as audits of the internal audit system according to IDW PS 983:

  • Assessment of the adequacy and effectiveness of your internal audit, identification of weaknesses and optimisation potentials as well as presentation of recommendations for action

Preparation, support and follow-up of supervisory audits:

  • Carrying out a quick check and working through the identified potential for action, preparing the documents, accompanying the on-site audit, working through the findings of the supervisory authority.

Consulting and (digital) further development of your audit function:

  • Conducting a status quo analysis, target development, conception and implementation of concrete measures as well as support in the digitalisation of your standard audit process through the further development of a risk-oriented (multi-year) audit plan.
  • Further development and digitalisation of your audit methodology through the use of mass data analyses

Support services with regard to the consulting and auditing of governance systems

What moves you

The governance structure is an essential prerequisite for effective and efficient business operations

In order to establish an efficient governance system in which the functions are aligned with each other and thus risks can be effectively mitigated, the 3 lines model is usually used. This serves the structured separation of the operational management (1st line) from the management and control functions (2nd line) and the overall monitoring by the auditing and advisory function of the internal audit (3rd line).

Within the framework of the 3-lines model, it must be ensured, among other things, that the organisational structure clearly follows the specifications of the model, that independent control functions exist in the 2nd line and that sufficient communication channels exist between the three lines.

 

In addition, it must be determined that communication to leadership and management levels is ensured. Information flows to the executive board/management, supervisory board and other bodies must be established.   

What matters to you

Establishment of an effective and efficient governance structure

It is necessary to clearly define and implement structures and reporting processes in the organisational and operational structure in order to establish an effective and efficient governance structure at the various levels of the company (executive board, supervisory board or administrative board, committees, advisory boards and division head level), taking into account the organisation, responsibilities, allocation of tasks and staffing of the respective positions in order to comply with external (e.g. from §§ 93, 107 AktG; also in analogous application) and internal requirements. The goal of the established governance structure is to mitigate risks at all levels and to ensure adequate and effective controls to monitor them.

Our Service

From inventory analysis to implementation support - our solution portfolio

KPMG offers you individual advice on all aspects of corporate governance. This primarily includes the focal points listed below:

  • Conducting a governance quick check to identify possible areas for development of the system and to derive fields of action
  • Analysis of governance with respect to external regulatory requirements (e.g. BASEL I - IV, Solvency I - II, FISG, EBA
  • Guideline on Internal Governance and/or the German Corporate Governance Code) and/or on the appropriateness and effectiveness of management systems
  • Analysis of the internal target requirements (own sfO) for the design of the operational units on the first, second and third line of defence
  • Analysis of the reporting lines in the context of the structural and procedural organisation of operating units to the executive board (§90 AktG), from the executive board to the supervisory board (§107 AktG) and from the supervisory board to the shareholder

Identify risks and create security

What moves you

The requirements for the process and control landscape for you as a financial service provider are subject to constant change.

The current dynamic economy is characterised by great uncertainties. Companies are operating in an increasingly complex environment that is determined by growing global competition, new risks and new regulatory requirements.

This is accompanied by an increased need for security on the part of the management and supervisory bodies, which is reflected not only in the design of the individual controls, but rather in their monitoring with regard to adequacy and effectiveness on the second and third lines of defence - combined with corresponding reporting to the executive board and supervisory board.

What matters to you

Identify risks and create security.

While the content and procedure of external audits of annual financial statements are defined, issues often arise in areas of the company that are not part of the classic audit of financial statements or even other regular mandatory audits.

This is precisely where we can provide an assurance service tailored to your assurance needs, in accordance with national and international auditing standards. The audit results obtained can thus also be an essential aid to decision-making on business management and liability issues, both for internal and external reporting addressees.

Our Service

There is no standard solution in business.

KPMG offers you innovative, comprehensive and freely scalable solutions to create security in change! We convince through extensive expertise in the various service spectrums and offer you support in the following areas, among others:

  • Focusing on your "one-off" issues, individually adapted to your needs or other business audits based on a target-performance comparison [e.g. ISAE 3000].
  • Audit of the internal service-related control system [e.g. ISAE3402/ IDW PS 951].
  • Confirmation of the regularity of implemented governance systems [e.g. compliance, risk management, internal audit according to IDW PS 980 to IDW PS 983].
  • Business analyses and preparation of expert opinions on selected topics

From accounting-related issues to auditing assessments of individual matters

What moves you

High demands require excellent expertise

National and international accounting requirements are becoming increasingly complex, and at the same time the demands on internal compliance are rising. Against this backdrop, single-issue-related questions arise in complex accounting matters, even independently of large conversion projects or the introduction of new standards.

In this context, the (initial) application of regulatory accounting requirements is also associated with new challenges. We support you in mastering these, especially when it comes to meeting the challenges posed by regulation. Based on an interdisciplinary project team, we offer you a project portfolio ranging from the development and implementation of accounting logic, the assessment of individual facts to complex data analyses, which ensures that your annual financial statements are built on a solid foundation. Our catalogue of services also includes support in the preparation of annual financial statements.

What moves you

Highest possible security for all accounting-related issues

In addition to fulfilling regulatory requirements, we offer efficient and solution-oriented support in this challenging environment for all accounting-related issues, making optimal use of the benchmark expertise available within FS Assurance and the entire KPMG organisation through close integration with all KPMG divisions.

Our Service

From consulting to implementation - our solution portfolio

Technical support in the development or processing of complex accounting-related issues

  • Preparation of expert opinions or argumentation papers
  • Quality assessment
  • Implementation of accounting logics

Auditing assessment of individual issues

  • Business audits according to § 2 WPO, IDW PS 490/ 480, ISAE 3000

Quality assurance support in the preparation of annual financial statements

  • Accounting-related consulting and quality assurance
  • Preparation of annual financial statements with plausibility check

Holistic approach to dovetailing r ICS and house-wide ICS

Get in touch. Our experienced colleagues will be happy to help you develop customised, long-term solutions for your business.

Further information (in German only)