Compliance management systems (CMS) have become established in business practice in order to fulfil legal and regulatory requirements. In view of the numerous compliance cases that can be observed, CMS are advisable as an integral part of good corporate governance. KPMG's Compliance Assurance examines the status quo of your CMS and identifies any need for action.

Answer questions about appropriateness and effectiveness

As an entrepreneur, how can I ensure that my CMS is always in line with regulatory requirements and is designed in a contemporary way? Our audit approach is based on the audit standard (PS) 980 published by the Institute of Public Auditors in Germany (IDW) and takes into account its seven compliance elements. The compliance management system comprises one or more sub-areas (e.g. anti-corruption, antitrust law, export control, data protection, etc.). KPMG has developed a tried-and-tested methodology for carrying out such an audit and answering the question of appropriateness and effectiveness.

KPMG's tried-and-tested methodology distinguishes between phases that build on one another: Readiness check, conceptualisation, appropriateness and effectiveness check. Our approach ranges from determining the status quo (point in time) of a CMS to the effectiveness statement (period-related). Centralised audit procedures are the key to our audit approach.

Ready to talk? Contact us

How important is an effectively designed CMS for your company?

Reduction of the risk of reputational damage and possible liability damage for the company and the executive bodies in the event of compliance violations.
Fulfilment of the increasing demands on a CMS, both due to regulatory requirements and due to the expectations of the public and business partners.
Avoidance of significant asset losses.
Fulfilment of the requirements of the German Corporate Governance Code for the Management Board to ensure compliance.

What are the advantages of having the CMS audited by KPMG?

Proof of fulfilment of due diligence and organisational obligations in relation to compliance.
Supporting the Supervisory Board and Audit Committee in fulfilling the monitoring requirements of the German Accounting Law Modernisation Act.
Identification of weak points in your CMS and recommendations for action derived from this as a basis for improving your existing CMS.
Professional reporting and high quality through the use of KPMG specialists. Our reporting is documented proof of the status of the CMS that can be presented to committees.
Audit opinion of an independent third party and assurance on the design, appropriateness and effectiveness of the CMS.
Proof of the cultivation of a risk culture and diligence within the company, which leads to a positive reputation of the company.

As a reliable partner, we offer you customised solutions tailored to your needs. In a quick scan, we can carry out an initial inventory of the CMS set up and determine the readiness of the CMS for testing as part of a readiness review.

Our range of services

KPMG has a strong team of compliance experts with a broad range of expertise and many years of extensive auditing experience. These qualities form the basis of our advisory services - and through active memberships in working groups (e.g. IDW, DICO) we ensure that our professional expertise is continuously expanded. With our interdisciplinary team, we meet your specific questions and requirements with the highest quality and practical orientation so that you can maximise your potential - please contact us!

Interested in our services? Contact us

Our range of services at a glance:

In order to compare your CMS with other companies, benchmarking can be carried out in addition to the Quick Scan or Readiness Review.
Our audit approach distinguishes between consecutive phases: Readiness check, conceptualisation, appropriateness and effectiveness check.
Our approach ranges from determining the status quo (point in time) of a CMS to the effectiveness statement (period-related). Audit procedures at a centralised level are the key to our audit approach.
The audit may extend to certain defined sub-areas. This may relate to specific areas of law or business units.
Our reporting takes the form of an audit report with certification in accordance with IDW PS 980. Alternatively, we can assess the CMS and report in the form of a memorandum (highlighting weaknesses and recommendations for action).
During the process of setting up your CMS, we can also assess individual elements of the CMS (such as compliance culture or compliance risk management).

Compliance & Integrity Advisory

Compliance Monitorship

Compliance Strategy & Transformation

Compliance Solution Übersicht

What characterises KPMG as a strong partner at your side?

Benchmarking Know-how

We offer knowledge transfer and a head start in expertise based on our market leadership in CMS audits of national and international companies of all sizes and sectors (e.g. DAX40 companies, MDAX, TecDAX, SMEs).

We pool our experience from the Advisory and Audit divisions as well as from KPMG Rechtsanwaltsgesellschaft and can thus put together interdisciplinary teams according to your needs.
Compliance experts

In our team, we combine the expertise of experienced IDW PS 980 auditors with the specialist knowledge of lawyers and experts in the relevant area of law (e.g. anti-corruption, antitrust law, data protection, export control).
Well-established audit methodology

We know what we are doing and have access to optimised documents (e.g. pbc lists, test programs) and (digital) tools.
Project management

We are experienced in planning and conducting international audits and regularly involve you, e.g. in status meetings.
Global presence

Wherever you are, we are there too: We can bring in teams at your international locations or combine our own teams with colleagues from KPMG's foreign offices.