Auditing of FinTech companies (persons under Article 1b BA)
Audit firms play a very important role in the ongoing regulatory auditing of FinTech companies. They assess compliance with the regulatory requirements. They also take account of the significant risks to which supervised institutions are exposed.
Risk analysis and audit strategy
Within four months after the financial year ends, audit firms perform an assessment of the risk situation to which the institution is exposed, and submit the resulting audit strategy to SFMA electronically using a standard form. Here, the frequency and depth of the audit to be performed are determined by the net risk exposure in the audit fields. The audit firm implements the audit strategy on site at the premises of the supervised institution.
Reporting
Once an audit firm has completed a regulatory audit of a licence holder, it communicates the findings and recommendations to SFMA in the form of a standardised report. The report contains general information about the conduct of the audit, a declaration of independence on the part of the audit firm, and further information as requested by SFMA. It is submitted electronically using a standard form.