The internal audit function and external audit are two mandatory requirements applicable to Luxembourg banks.

The former is defined in Circular CSSF 12/552, as amended by Circular CSSF 13/563. Its purpose is to perform a critical assessment of the adequacy and effectiveness of the central administration, internal governance and business and risk management of the credit institution as a whole. The internal audit function assists the Board of Directors and Authorised Management of the credit institution and enables them to better control their activities and the risks related thereto and thus to protect their organisation and reputation.

The external auditor issues an audit opinion on the annual accounts and ensures that internal processes are conform to regulatory provisions. His role is detailed in Circular CSSF 01/27 as amended.

We can assist you in both internal and external audit requirements and related challenges, being your trusted business partner in these areas.

Governance / Internal Audit

Your organisation has a unique combination of strategy, goals, markets, operations and people. Therefore the assurance you need to obtain through your internal audit function will also be unique.

How you work with our internal audit experts it’s entirely your choice. You can either outsource your internal audit function or set-up a collaboration between your internal audit team and our experts. We’ll make sure every hour we spend with you has impact, addresses the right risks, unlocks opportunities and seeks to add maximum value to your organisation.

Discover more:


Pierre-François Wéry
Tel: +352 49 48 48 2017

Internal control framework

Regulatory standards, comprehensive risk identification and quantification, risks calculation methods, risk mitigation measures, action plans and documentation for assessments - here are just some of the elements to take into account when it comes to broad risk management.

We help you cover several areas, like transfer agent, fund accounting and custodian bank, as well as capital management companies, to analyse and optimise your processes. Our people's expertise goes from risk management through Outsourcing-Controlling (including cross-border issues) to aspects of the internal control system.

We do inspection reports according to ISAE 3402 or similar standards and guidelines. We help you identify weaknesses, improve the control environment and thus reduce the risk for all parties involved in the investment process, including the investor.

Our experts support you in the implementation of an efficient risk management approach for supervisory standards, in which the transition to the compliance function and the entire control landscape is seamless.

Discover more:


Birgit Goldak
Tel: +352 49 48 48 5687

Contact us

Olivier Delbrouck

Audit Partner, Banking Assurance Leader, PwC Luxembourg

Tel: +352 49 48 48 2630

Stay Connected: