Auditing of banks and securities firms

Audit firms play a very important role in the ongoing regulatory auditing of banks and securities firms. They assess full compliance with basic regulatory requirements from both a qualitative and quantitative perspective. They also take account of all significant risks to which supervised institutions are individually exposed.

Within four months after the financial year ends, audit firms perform a thorough assessment of the risk situation to which each supervised institution is exposed, and submit this assessment to FINMA on a standard form. The risk analysis covers all audit fields with a view to determining net risk from a combination of the different risk factors.

Audit strategy matched to risk analysis

A standard audit strategy is applied for supervised institutions in FINMA Supervisory Categories 3 to 5. Here, the frequency and depth of the audit to be performed are determined by the net risk exposure in the audit fields. For supervised institutions in FINMA Supervisory Categories 1 and 2, FINMA exercises greater influence on the audit fields to be assessed by defining the audit strategy in a dialogue with the audit firm. The audit firm implements the audit strategy on site at the premises of the supervised institution.

Supervised institutions in FINMA Supervisory Categories 4 and 5 with no heightened risk situation and without any significant weaknesses can apply for the audit frequency to be reduced. If the application is approved by FINMA, the audit firm will then only carry out regulatory on-site audits every two or three years.


Audit firms provide the findings from their audits to FINMA in a standardised report on the regulatory auditing of banks and securities firms which includes general information about the audit procedure, a statement of the auditors’ independence and other information about the development of the respective institution’s business activity and its organisation. The report also contains a commentary on any irregularities discovered or on recommendations for improvements.

Audit mandataries

In specific circumstances, FINMA may appoint an audit mandatary. Audit mandataries may be other authorised audit firms or independent third parties in possession of the necessary experience and specialist expertise.


2013/03 FINMA-Rundschreiben "Prüfwesen" (06.12.2012)


Updated: 04.11.2020 Size: 0.99  MB
Add to personal download list

Annexes to Auditing Circular

Guidelines for Auditing Circular

Wegleitung zur reduzierten Prüfkadenz

Updated: 24.02.2020 Size: 0.13  MB
  • Language(s):
  • DE
  • FR
Add to personal download list

 Regulatory Audit Report

Report on the regulatory auditing of banks and securities firms 2021

Anwendbar für die Berichterstattung ab 1.1.2021

Updated: 17.09.2021 Size: 0.33  MB
Add to personal download list

Audits for institutions seeking authorisation

Choice of the audit firm

The notification regarding the selection of an audit firm is made via the FINMA Survey and Application Platform (EHP). If your institution does not have access to the EHP, the form below can be used.