Board members and chief executive officers in general, and directors in particular, are required to establish a monitoring system that enables the determination of measures necessary for business continuity. One of the essential pillars of such a monitoring system is an effective internal control system. Internal control systems consist of rules for managing company activities (internal management system) and rules for monitoring compliance with these rules (internal control system). The internal monitoring system includes monitoring measures integrated into the process (organizational safeguards, controls) and monitoring measures independent of the process (such as internal audit).

In addition to oversight by the supervisory board, the internal audit's functional capability is also a standard component of the annual account and a focus of the regulatory review. The control activities of the various stakeholders must be aligned with MaRisk as enacted by BaFin for credit and financial services institutions, as well as with the analogous InvMaRisk for capital management companies and investment funds. One of the challenges here is dealing with the principle of proportionality, which can lead to a different conclusion about the effectiveness of the internal audit system depending on the business model and stakeholders.

In recent years, BDO has successfully established its market position as an independent audit firm to support the internal audit of credit and financial services institutions, as well as capital management companies and investment funds. Small institutions and companies have completely transferred the audit to BDO (outsourcing), other, usually larger, companies seek support in selected areas that require special expertise (Co-sourcing).

In addition, for several years now, we have been noticing an increasing demand from some institutions and their supervisory bodies for high-quality internal audit checks.