Support for on-site inspections

• General organisation of governance
• Organisation and process of the internal control functions
• Group supervision of branches/subsidiaries, performed by the Luxembourg entity
• Remuneration policy
• Outsourcing activities, including Business, IT and Cloud computing

• Investor protection, from the information provided, the client profile, the transaction cycle to the client reporting
• MiFIR including for example Systematic internaliser threshold calculation, the associated pre- and post-trade transparency or the transaction reporting requirements
• Advisory services
• Knowledge and competence requirements for client-facing employees
• Role of the compliance and internal audit function as well as other organisational requirements
• MiFID II controls

• Internal AML/CFT risk assessment
• Risk-based approach for your client-acceptance process
• Ongoing monitoring of client identification
• Ongoing monitoring of client transactions
• Due-diligence process for distribution networks
• Role of the compliance and internal audit functions
• Staff training

• General organisation of the depositary function (including conflicts of interest)
• Ongoing monitoring/oversight of the activity
• Delegated activities and the supervision/monitoring duties
• The new client-acceptance process
• The different processes of your activity, depending on the asset type
• IT systems

Our assistance in the following aspects:

• IT governance framework (i.e. IT strategy);

• IT risks management framework (i.e. risk assessment, risk appetite and tolerance);

• IT outsourcing management and oversight (including cloud computing)

• Outsourcing service provider management (i.e. SLA, register, Service KPIs);

• Information security management system (i.e. information security policy, testing);

• Business continuity and crisis management measures, process and documentation (i.e. Business impact analysis and risk analysis, BC&DR plans;