• 1000

Compliance Management Systems (CMS) have become established in corporate practice to meet legal and regulatory requirements. CMS are advisable as an integral part of good corporate governance in view of the numerous compliance cases to be observed. KPMG's Compliance Assurance reviews the status quo of your CMS and reveals any need for action.

As a business owner, how can I be sure that my CMS is always in line with regulatory requirements and up-to-date? Our audit approach is based on the auditing standard (PS) 980 published by the Institute of Public Auditors in Germany (IDW) and takes into account its seven compliance elements. The compliance management system comprises one or more sub-areas (e.g. anti-corruption, antitrust law, export control, data protection, etc.). KPMG has developed a tried and tested methodology for this purpose, which carries out such an audit and can answer the question of adequacy and effectiveness.

KPMG's tried and tested methodology distinguishes between phases that build on each other: Readiness Check, Conceptual Review, Adequacy Review and Effectiveness Review. Our approach ranges from the determination of the status quo (point in time) of a CMS to the effectiveness statement (period in time). Audit procedures at the central level are key to our audit approach.

What is the importance of an effectively designed CMS for your company?

  • Reduction of the risk of reputational and possibly liability damage for the company and the executive bodies in the event of compliance violations.
  • Fulfilment of the increasing requirements for a CMS, both due to regulatory and due to the expectations of the public and business partners.
  • Avoidance of significant asset losses.
  • Fulfilment of the requirements of the German Corporate Governance Code for the Executive Board to ensure compliance.

What are the benefits of having KPMG audit the CMS?

  • Evidence of the fulfilment of due diligence and organisational duties with regard to compliance.
  • Supporting the supervisory board or audit committee in fulfilling the monitoring requirements from the Accounting Law Modernisation Act.
  • Identification of weaknesses in your CMS and recommendations for action derived from this as a basis for improving your existing CMS.
  • Professional reporting and high quality through the use of KPMG specialists. Our reporting is a documented proof of the status of the CMS that can be presented in committees.
  • Independent third party audit opinion and assurance on the design, adequacy and effectiveness of the CMS.
  • Evidence of the cultivation of a risk culture and due diligence in the company, which leads to a positive reputation for the company.

As a reliable partner, we offer you individual solutions tailored to your needs. In a Quick Scan, we can carry out an initial inventory of the CMS set up and determine the audit readiness of the CMS as part of a Readiness Review.

Our service offer at a glance:

  • In order to compare your CMS with other companies, a benchmarking can be carried out in addition to the Quick Scan or Readiness Review.
  • Our audit approach distinguishes between phases that build on each other: Readiness Check, Conceptual Review, Adequacy Review and Effectiveness Review.
  • Our approach ranges from the determination of the status quo (point in time) of a CMS to the effectiveness statement (period in time). Audit procedures at the central level are key to our audit approach.
  • The audit may cover specific delimited sub-areas. This may relate to specific legal areas or corporate units.
  • Our reporting takes the form of an audit report with certification in accordance with IDW PS 980. Alternatively, we can assess the CMS and report in the form of a memorandum (identifying weaknesses and recommendations for action).
  • During the process of setting up your CMS, we can also assess individual elements of the CMS (such as compliance culture or compliance risk management).

What makes KPMG stand out as a strong partner at your side?

  • Benchmarking Know-how: 

We offer knowledge transfer and a head start in know-how on the basis of our market leadership in CMS audits carried out at national and international companies of all sizes and sectors (e.g. DAX40 companies, MDAX, TecDAX, medium-sized companies).

We combine our experience from the Advisory and Audit divisions as well as from KPMG Rechtsanwaltsgesellschaft and can thus put together interdisciplinary teams according to your needs.

  • Compliance experts: 

Our team combines the skills of experienced IDW PS 980 auditors with the expertise of lawyers and experts in the respective sub-area of law (e.g. anti-corruption, antitrust law, data protection, export control).

  • Well-rehearsed audit methodology: 

We know what we are doing and can draw on optimised documents (e.g. pbc lists, audit programmes) and (digital) tools.

  • Project management:

We are experienced in planning and conducting international audits and regularly involve you, e.g. in status meetings. 

  • Worldwide presence:

Wherever you are, we are too: We can bring in teams at your international locations or combine our own teams with colleagues from KPMG offices abroad.

KPMG has a strong team of compliance experts who bring with them a broad range of know-how as well as many years of extensive auditing experience. These qualities form the basis of our advisory services - and through active memberships in working groups (for example IDW, DICO) we ensure that our professional expertise is continuously expanded. With our interdisciplinary team, we meet your specific questions and requirements with the highest quality and practical orientation, so that you can achieve your greatest possible potential - feel free to contact us!