Compliance, Audit & Regulatory2024-06-27T15:25:26+02:00

Compliance, Audit & Regulatory

Our services in the area of Compliance, Audit & Regulatory

Given increasingly complex regulatory requirements, developing, evaluating and optimising corporate compliance programmes is and remains a key challenge for modern corporate management. With a sustainable, up-to-date and holistic compliance management system, a company creates the necessary conditions for fulfilling its own corporate responsibility, maintaining the value of the organisation, meeting market requirements and ultimately identifying and avoiding the risks of misconduct. 

Our compliance experts will advise you individually on the development, implementation, evaluation and execution of holistic and sustainable compliance programmes. 

  • Setting up/implementing a Compliance Management System
  • Compliance with laws, ethical standards, etc.
  • Establishing and reviewing whistleblowing and ombudsman systems
  • Compliance-sustainability topics
  • Holistic compliance management system: from implementing and testing to reporting 

Internal Audit at Wavestone: your third line of defence and first point of contact in critical situations.

Today’s risk landscape is more complex and interconnected than ever before – a perfect environment for Internal Audit (IA) to realise its full potential. Internal audit supports the executive board and management in their monitoring function and at the same time strengthens the trust of companies and their stakeholders in their employees, processes and systems. In addition, internal audit enables new assessments of risk, faster responses and improved decision making.

Internal Audit offers a unique combination of objectivity, independence, risk awareness and organisational reach. At Wavestone, we believe that with the right vision and approach, IA can act as a “compass”. It helps organisations navigate a rapidly changing and uncertain environment and operate successfully through foresight.

  • External Quality Assessments (EQA): Certification and benchmarking of the internal audit function
  • Consulting or transformation of the internal audit function: establishment of the internal audit function, development of an internal audit strategy, development of the audit universe and the audit plan, restructuring of the internal audit function, interim management.
  • Audit performance: individual commissioning, co-sourcing, outsourcing
  • Training seminars: Organising numerous seminars on internal audit on behalf of the DIIR
Setting up and operating your own control and management system is time-consuming, labour-intensive and costly. As a result, non-compliance, fines and reputational damage are often accepted. Our outsourced compliance, data protection, information security and anti-money laundering services enable organisations in a wide range of industries to prepare for current and future regulatory challenges in an efficient and resource-effective manner.

Here you can find an overview of the subject areas and the corresponding companies in which we can support you:

  • Compliance Officer (MaComp; MaRisk; VAG – also key function)
  • Data protection officer
  • Information Security Officer
  • Outsourcing Manager
The increasing regulation of technology and IT-enabled processes requires a broad understanding of law and technology. The need to regulate digital and data-related issues is driven by regulatory requirements and corporate risk management. Our experts can help you integrate tailored solutions into your organisational and operational structure to meet the demands of the modern IT workplace.

Here you will find an overview of the areas in which we can support you:

  • Data protection, information security, AI, open source
  • Compliance concepts for digital topics, specific processes and applications in agile or traditional projects
  • Digital compliance auditing and consulting in accordance with industry standards (ISO 27001, ISO 37301, BSI SDM) or regulatory requirements (AI/Data/Digital Services Act, xAIT, DORA, GDPR, NIS2)
The financial services sector in particular is subject to extensive outsourcing requirements. Financial services companies, whether they are banks or insurance companies, are increasingly challenged by strict regulatory requirements. A central coordinating function to manage the entire outsourcing process is recommended. We can help you meet the requirements and advise you throughout the outsourcing lifecycle, providing not only regulatory clarity but also the reporting you need to make better management decisions.

We provide the following outsourcing management services:

  • Definition and implementation of legal and regulatory requirements throughout the outsourcing lifecycle
  • Operational support and advice on carrying out risk analysis and other activities as part of the outsourcing process  

We approach outsourcing from regulatory and strategic IT management perspectives.

In the fast-changing world of financial regulation, it’s not just about keeping up, it’s about being ahead of the game. Our speciality? Turning regulatory challenges into strategic advantages for your business. Whether it’s protecting the integrity of the financial system, preventing illegal activities such as drug trafficking and terrorist financing, or complying with global sanctions and embargoes, we make sure your organisation is not just compliant, but one step ahead. Discover how our expertise can enhance your confidence and reliability on the international stage.

Our experts can support you in the following areas, among others:

  • Identify money laundering, sanctions and embargo risks
  • Developing and optimising compliance programmes to ensure adherence to regulatory and business policy requirements
  • Reviewing business processes, assets and financial transactions
  • Planning and delivery of staff training programmes
Corruption, bribery, fraud and falsifications are the most common forms of white-collar crime (fraud). Scientific studies show that every second company in Germany is a victim of white-collar crime, regardless of the sector. In addition to financial losses, the damage includes loss of reputation and, in extreme cases, can threaten a company’s existence. The risk of fraud and its impact can be reduced by taking appropriate preventative measures, consistent detection and immediate action in the event of suspicion.

Our Forensics & Investigation team takes a holistic approach* and supports you in the prevention, detection and investigation of white-collar crime and the implementation of suitable countermeasures, including the following services:

  • Conducting internal investigations/forensic interviews
  • Preparation of fraud risk analyses
  • Carrying out forensic data analyses
  • Design of prevention strategies/implementation of fraud detection procedures

* We comply with all applicable data protection laws in all our activities and analyses.

Can we help you with your Compliance challenges?

With WAVESTONE, you have a strong partner at your side.
We look forward to your challenge!

News in the Area of Compliance

  • The amendment to the AMLA places greater obligations on those subject to the regulations. We will show you the main changes and explain how you can set up effective money laundering compliance step by step.

Money Laundering Compliance: Current Requirements and How to Meet Them

Our Partnerships in the Area of Compliance