Audit firms carry out annual audits on a risk-oriented basis. They also perform an advance risk analysis to provide FINMA with a proposed audit strategy, which FINMA then uses to determine the type of auditing measures to be carried out for each licence holder, such as more intensive audits or additional audits. The audit firm executes the auditing measures on site at the premises of the licence holder.
The audit areas to be assessed for licence holders under CISA are defined in FINMA Circular 2013/3 "Auditing" and its annexes. Audit companies check whether licence holders comply with the legal, contractual, statutory and regulatory provisions and record their findings in an annual audit report which is submitted to the licence holders and to FINMA.
Submission of Auditing Circular