Skip to main content
Contact
Submit RFP

      The requirements for the process and control landscape for you as a financial services provider are subject to constant change - mainly due to changing framework conditions resulting from regulatory innovations.

      This is accompanied by an increased need for security on the part of management and supervisory bodies in companies, which is reflected not only in the design of individual controls, but also in their monitoring in terms of appropriateness and effectiveness on the second and third lines of defence - combined with corresponding reporting to the Executive Board and Supervisory Board.

      Recognising, managing and monitoring relevant risks

      In addition, when designing the process and control landscape, the aim is to increase the cost-effectiveness and efficiency of processes, generate synergies and avoid redundancies - both for business processes in the market and for internal audit processes.

      In this context, it is essential for you to maintain an overview and make the right decisions for the future of your company by enabling you to recognise, manage and monitor the relevant risks.

      KPMG offers you customised advice on these topics relating to processes and controls - from analysis of the current situation, development of objectives and conceptual design to auditing and certification of selected issues through to optimisation, realisation and implementation.

      Ready to talk? Contact us

      Our range of services

      Our range of services includes the following innovative solution portfolio for you:

      Efficiency & safety through the smart design & management of processes & controls

       

      The requirements for the process and control landscape for you as a financial services provider are subject to constant change

      These changes are mainly the result of changing framework conditions due to regulatory innovations and the pressure to increase efficiency.

      Financial service providers are struggling with processes that are sometimes stuck in silos, outdated legacy systems and historically grown instruction systems as well as risk and control inventories. As a result, traceability by third parties (both auditors and own employees) is often not guaranteed. There is no overview of the key processes in your organisation that could be used to structure the tasks of the control functions.

      Nevertheless, the constant changes result in an increased need for security on the part of the management and supervisory bodies, which is reflected not only in the organisation of individual controls, but also in their monitoring by the individual control functions.

      In this tense relationship, growing cost pressure also emphasises the need for efficient design of the necessary structures and the smart use of digital solutions for the collection/documentation, use, management and monitoring of processes, risks and controls.

       

      What matters

       
      In addition to fulfilling regulatory requirements and meeting increased security needs, the design of the process and control landscape should in particular also increase cost-effectiveness and efficiency in processes, generate synergies and avoid redundancies and unnecessary complexity - this applies equally to the business processes in the operating units as well as to the workflows of the individual control functions, right through to the user-friendliness of the instruction system.

      Consistent and comprehensible end-to-end process documentation and control structures

      The transparency of the relevant processes and process-inherent risks and controls as a "single source of truth", which can be used equally by the operating units and the monitoring functions for various further developments (e.g. ICS, sfO, process optimisation), is of key importance.

      An end-to-end view of processes, their standardisation and correct data collection - for customer-related processes as well as for control and support processes - is the prerequisite for accessing possible further developments. In the target picture, you increase the quality and consistency of statements on process flows and the risk situation in your company, enable efficiency increases in control functions through the joint use of a uniform structure and create the basis for optimisation and workflow support efforts.

      Interlinked cooperation in the management of processes, ICS and instructions

      The focussed coordination and cooperation of the various control functions (e.g. through the use of governance risk compliance (GRC) solutions) also improves the assessment of the timeliness of the instruction system and the appropriateness and effectiveness of the ICS and enables the provision of consistent reporting information to the Executive Board and Supervisory Board/Board of Directors.

      Use of technologies that bring targeted and, above all, rapid benefits

      It is crucial for the success of companies to harmonise the sharpened end-to-end processes with new technologies and thus develop the basis for sustainable structures. The intelligent use of IT solutions - regardless of whether they are GRC solutions, workflow platforms, simple robotics applications or even AI solutions - is a prerequisite for the optimisation, digitalisation and automation of processes and therefore the basis for "efficiency & security"

       

      Our services

       

      From inventory analysis to implementation: our solution portfolio

      KPMG offers you customised advice on these topics relating to processes and controls - from status analysis, target development and conceptual design to auditing and certification of selected issues, needs-based optimisation, implementation of identified use cases and implementation.

      • Our Digitised ICS solution portfolio covers the following areas for you:Introduction or further development of an efficient, company-wide internal control system (ICS) through to a digitised ICS
      • Restructuring and optimisation of the instruction system
      • ICS-related end-to-end optimisation of business processes

      These include in detail:

      • Analysing the status quo of the company-wide ICS, the process documentation and/or the written rules and defining further development and efficiency potentials
      • Derivation of a target image for a modern ICS and, based on this, a concept for the collection and documentation of process-inherent risks and controls in BPM tools
      • Derivation of a target image for an optimised SFO with the definition of a stringent document hierarchy and the structuring of documents according to a uniform pattern to increase the user-friendliness of the instruction system
      • Development of a process map and support for the introduction and use of BPMN 2.0 (Business Process Modelling Notation) and DMN (Decision Model and Notation) for the graphical mapping of processes in the required granularity as a single source of truth as well as support for the recording and documentation of the process-oriented ICS
      • Further development of the concept and governance for efficient management and monitoring of the company-wide ICS; focussing on cooperation within and between the three lines with regard to joint monitoring structures as well as reducing non-financial risks and setting up consistent (and, if necessary, cross-functional) reporting on the appropriateness and effectiveness of the ICS for the Executive Board and Supervisory Board or Board of Directors
      • ICS-related end-to-end optimisation of business processes, including with the help of process automation/digitalisation through the use of modern workflow technologies and process mining
      • Support in the selection and implementation of BPM (process management) and GRC tools
      • Digital offering to support the various control functions, e.g. by implementing a workflow for the ICS control loop, automation of controls, continuous control monitoring or predictive analytics in the risk simulation environment

      The internal audit of the future



      Constantly increasing challenges for internal auditing lead to successive adaptation requirements

      Due to increasing regulatory requirements, the digitalisation of business models and processes and the need for cost management, internal audit continues to face major challenges. In addition, Internal Audit is increasingly becoming the focus of regulatory audits in order to review the appropriateness and effectiveness of its function. As a result, there is a constant need for internal audit to develop further in order to meet changing requirements and expectations.

       

      What matters

       
      A modern auditing function that produces high-quality and reliable audit results and is efficiently organised

      In addition to fulfilling regulatory and professional requirements, the internal audit function also has to take account of profitability and efficiency aspects. The aim is to achieve high-quality and reliable results so that the main risks in your organisation can be identified, managed and monitored in order to support management in making the right decisions. By taking profitability and efficiency aspects into account, internal audit can also deliver added value for your company.
       

      Our services

       
      From traditional auditing to the (digital) further development of your internal audit - our portfolio of solutions

      KPMG offers you comprehensive support for all internal audit-related topics - from conducting the audit to the (digital) further development of your internal audit.

      Co- and full-sourcing approach:

      • Support in processing the annual audit plan and/or assumption of all operational audit tasks relating to your internal audit

      Quality assessments in accordance with DIIR standard no. 3/ IIA standards and audits of the internal audit system in accordance with IDW PS 983:

      • Assessment of the appropriateness and effectiveness of your internal audit, identification of weaknesses and optimisation potential as well as recommendations for action

      Preparation, monitoring and follow-up of supervisory reviews:

      • Carrying out a quick check and processing the identified potential for action, preparing the documents, accompanying the on-site inspection, processing the findings of the supervisor

      Consultancy and (digital) further development of your audit function:

      • Conducting a status analysis, developing objectives, designing and implementing specific measures and supporting the digitalisation of your standard audit process by further developing a risk-oriented (multi-year) audit plan
      • Further development and digitalisation of your audit methodology through the use of mass data analyses

      Support services with regard to consulting and auditing of governance systems

       

      The governance structure is an essential prerequisite for effective and efficient corporate processes

      In order to establish an efficient governance system in which the functions are harmonised and risks can therefore be effectively mitigated, the 3 lines model is generally used. This serves the structured separation of operational management (1st line) from the management and control functions (2nd line) and the overall monitoring by the auditing and advisory function of Internal Audit (3rd line).

      As part of the 3-line model, it must be ensured, among other things, that the organisational structure clearly follows the requirements of the model, that independent control functions exist in the 2nd line and that sufficient communication channels exist between the three lines.

      In addition, it must be established that communication with management and executive levels is ensured. Information flows to the Executive Board/management, Supervisory Board and other committees must be established.   

       

      What matters

       
      Establishment of an effective and efficient governance structure

      It is necessary to clearly define and implement structures and reporting processes in the organisational and operational structure to establish an effective and efficient governance structure at the various levels of the company (Executive Board, Supervisory Board or Administrative Board, committees, advisory boards and division head level), taking into account the organisation, responsibilities, allocation of tasks and staffing of the respective positions in order to comply with external (including from Sections 93, 107 AktG; also in analogous application) and internal requirements. The aim of the established governance structure is to mitigate risks at all levels and to ensure that appropriate and effective controls are in place to monitor them.

       

      Our services

       
      From inventory analysis to implementation support - our solution portfolio

      KPMG offers you customised advice on all aspects of corporate governance. This primarily comprises the focal points listed below:

      • Carrying out a governance quick check to identify potential areas of development in the system and to derive areas for action
      • Analysing governance with regard to external regulatory requirements (e.g. BASEL I - IV, Solvency I - II, FISG, EBA
      • Guideline on Internal Governance and/or the German Corporate Governance Code) and/or the appropriateness and effectiveness of management systems
      • Analysis of the internal target requirements (own sfO) for the design of the operational units on the first, second and third lines of defence
      • Analysis of the reporting lines in the context of the structural and procedural organisation of operating units to the Management Board (Section 90 AktG), from the Management Board to the Supervisory Board (Section 107 AktG) and from the Supervisory Board to the shareholders

      Identify risks and create security

       

      The requirements for the process and control landscape for you as a financial services provider are subject to constant change

      The current dynamic economy is characterised by great uncertainty. Companies are operating in an increasingly complex environment characterised by growing global competition, new risks and new regulatory requirements.

      This is accompanied by an increased need for security on the part of management and supervisory bodies, which is reflected not only in the design of individual controls, but also in their monitoring in terms of appropriateness and effectiveness on the second and third lines of defence - combined with corresponding reporting to the Executive Board and Supervisory Board.

       

      What matters

       
      Identify risks and create security.

      While the content and procedure for external audits of annual financial statements are fixed, issues often arise in areas of the company that are not part of the traditional audit or other regular mandatory audits.

      This is precisely where we can provide an assurance service tailored to your assurance requirements in accordance with national and international auditing standards. The audit results obtained can therefore also be a significant decision-making aid for business management and liability issues, both for internal and external reporting recipients.
       

      Our services

       
      There is no standard solution in business.

      KPMG offers you innovative, comprehensive and freely scalable solutions to create security in times of change! We have extensive expertise in the various service spectrums and offer you support in the following areas, among others:

      • Focussing on your "one-off" issues, individually adapted to your needs or other business audits based on a target/actual comparison [e.g. ISAE 3000].
      • Audit of the internal service-related control system [e.g. ISAE3402/ IDW PS 951]
      • Confirmation of the correctness of implemented governance systems [e.g. compliance, risk management, internal audit in accordance with IDW PS 980 to IDW PS 983]
      • Business management analyses and preparation of expert opinions on selected topics

      From accounting-related issues to audit assessments of individual matters

       
      High demands require excellent expertise

      National and international accounting requirements are becoming ever more complex and at the same time the demands on internal compliance are increasing. Against this backdrop, there are also individual questions relating to complex accounting issues, irrespective of large conversion projects or the introduction of new standards.

      In this context, the (first-time) application of regulatory accounting requirements is also associated with new challenges. We support you in mastering these, especially when it comes to meeting the challenges posed by regulation. Based on an interdisciplinary project team, we offer you a project portfolio ranging from the development and implementation of accounting logic and the assessment of individual issues to complex data analyses, which ensures that your annual financial statements are based on a solid foundation. Our catalogue of services also includes support in the preparation of annual financial statements.

       

      What matters

       
      Maximum security for all accounting-related issues

      In addition to meeting regulatory requirements in this challenging environment, we offer efficient and solution-oriented support for all accounting-related issues, making optimum use of the benchmark expertise available within FS Assurance and the entire KPMG organisation thanks to close integration with all areas of KPMG.

       

      Our services

       
      From consulting to implementation - our solution portfolio

      Specialist support in the preparation and processing of complex accounting-related issues

      • Preparation of expert opinions or argumentation papers
      • Quality assessment
      • Implementation of booking logics

      Audit assessment of individual circumstances

      • Business audits according to § 2 WPO, IDW PS 490/ 480, ISAE 3000

      Quality assurance support for the preparation of annual financial statements

      • Accounting-related consulting and quality assurance
      • Preparation of annual financial statements with plausibility check
      • Holistic approach to dovetailing r-IKS and company-wide ICS

      Your contacts