Auditing of FinTech companies (persons under Article 1b BA)

Audit firms play a very important role in the ongoing regulatory auditing of FinTech companies. They assess compliance with the regulatory requirements. They also take account of the significant risks to which supervised institutions are exposed.

Risk analysis and audit strategy

Within four months after the financial year ends, audit firms perform an assessment of the risk situation to which the institution is exposed, and submit the resulting audit strategy to FINMA electronically using a standard form. Here, the frequency and depth of the audit to be performed are determined by the net risk exposure in the audit fields. The audit firm implements the audit strategy on site at the premises of the supervised institution.


Once an audit firm has completed a regulatory audit of a licence holder, it communicates the findings and recommendations to FINMA in the form of a standardised report. The report contains general information about the conduct of the audit, a declaration of independence on the part of the audit firm, and further information as requested by FINMA. It is submitted electronically using a standard form.


2013/03 FINMA-Rundschreiben "Prüfwesen" (06.12.2012)

Prüfwesen (gültig bis 31.12.2023)

Updated: 04.11.2020 Size: 1.05  MB
Add to personal download list
2013/03 FINMA-Rundschreiben "Prüfwesen" (06.12.2012)

Prüfwesen (gültig ab 1.1.2024)

Updated: 07.12.2022 Size: 0.45  MB
Add to personal download list

Annexes to Auditing Circular

Regulatory Audit Report

Audit points

Audits for institutions seeking authorisation

Choice of the audit firm

The notification regarding the selection of an audit firm is made via the FINMA Survey and Application Platform (EHP). If your institution does not have access to the EHP, the form below can be used.