Compliance & Resilience

Internal Audit at Wavestone: Your Third Line of Defense and First Point of Contact in Critical Situations.

Today’s risk landscape is more complex and interconnected than ever – creating ideal conditions for Internal Audit (IA) to realize its full potential. Internal Audit supports the Board and Executive Management in their oversight function while strengthening the confidence of companies and their stakeholders in employees, processes, and systems. Additionally, IA enables different risk assessments, faster responses, and optimal decision-making.

Internal Audit offers a unique combination of objectivity, independence, risk awareness, and organizational reach. At Wavestone, we believe that IA – with the right vision and approach – can serve as a “compass.” IA helps organizations navigate a rapidly changing and uncertain environment and operate successfully through foresight.

• External Quality Assessments (EQA): Certification and benchmarking of Internal Audit departments
• Internal Audit Consulting and Transformation: Establishing the Internal Audit function, IA strategy, development of audit universe and audit plan, IA restructuring, interim management
• Audit Performance: Individual assignments, co-sourcing, outsourcing
• Seminars: Conducting numerous seminars on Internal Audit topics on behalf of DIIR

Establishing and operating an internal control and management system is time-, personnel-, and cost-intensive. As a result, violations of regulatory requirements, potential fines, and reputational damage are often knowingly accepted. Through our outsourcing services in compliance, data protection, information security, and anti-money laundering, we enable companies across various industries to efficiently prepare for current and future regulatory challenges while conserving resources.

Here’s an overview of the areas and positions where we can support you:

• Compliance Officer (MaComp; MaRisk; VAG – including key function)
• Data Protection Officer
• Information Security Officer
• Outsourcing Manager

The increasing regulation of technologies and IT-supported processes requires a broad understanding of both law and technology. The need for regulation of digital and data-related topics stems from legal requirements and corporate risk management. Our experts help you integrate tailored solutions into your organizational and operational structure to meet the demands of the modern IT workplace.

Here’s an overview of areas where we can support you:

• Data protection, information security, AI, open source
• Compliance concepts for digital topics, specific processes, and applications in agile or traditional projects
• Digital compliance testing and consulting according to industry standards (ISO 27001, ISO 37301, BSI SDM) or regulations (AI Act/Data Act/Digital Services Act, xAIT, DORA, GDPR, NIS2)

In the financial services sector, outsourcing faces extensive requirements. Strict regulatory rules pose increasing challenges for financial service providers – whether banks or insurance companies. A central coordinating function is recommended to manage all outsourcing activities. We support you in meeting these requirements, provide guidance throughout the entire outsourcing lifecycle, and create not only regulatory clarity but also establish a foundation for sound management decisions through reporting.

Our Outsourcing Management services include:

• Definition and implementation of legal and regulatory requirements throughout the outsourcing lifecycle
• Operational support and consulting in conducting risk analyses and other activities within the outsourcing process

We examine outsourcing matters from both regulatory and strategic IT management perspectives.

In the rapidly evolving world of financial regulation, staying ahead rather than just keeping pace is crucial. Our specialty? We transform regulatory challenges into strategic advantages for your business. Whether it’s protecting financial system integrity, preventing illegal activities like drug trafficking and terrorism financing, or ensuring compliance with global sanctions and embargos – we ensure your company isn’t just compliant, but ahead of the curve. Discover how our expertise can strengthen your credibility and reliability in the international arena.

Our experts support you in the following areas:

• Identification of risks related to money laundering, sanctions, and embargos
• Development and optimization of compliance programs to ensure adherence to regulatory and business policy requirements
• Review of business transactions, portfolios, and financial operations
• Planning and implementation of employee training