This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our PRIVACY POLICY for more information on the cookies we use and how to delete or block them.
  • Risk Advisory Services

Compliance Services

Organisations are facing increasingly complex regulatory changes and BDO Risk Advisory can help you in managing and meeting your compliance requirements. Through our global network team, we can help your organisation in designing and implementing a compliance program, in assessing its effectiveness and providing regulatory consulting.


OWN RISK AND SOLVENCY ASSESSMENT (ORSA) is at the heart of Solvency II and is a bespoke strategic analysis process cycle that links all pillars of Solvency II. Its purpose is to help the Board to make sound strategic decisions, to define the value created and to embed risk awareness throughout the whole organisation.

Our Risk Advisory professionals have helped clients across the globe re-direct and develop their ORSA framework by tailoring solution to each of the following components:

  • Actuarial
  • Internal Audit
  • Compliance
  • Finance and planning
  • Risk
  • Investment
  • IT
  • Underwriting


Our approach to FATCA and the CRS is consistent with our delivery of other regulatory consulting requirements, enabling you to achieve compliance synergies.

How we can help:

  • Classification
  • Registration and Implementation
  • Annual Reporting
  • Ad hoc Advisory
  • Documentation Requirements
  • Internal Audit/ Remediation


BDO assists financial services companies in identifying money laundering risk, detecting suspicious activity and complying with regulations and leverage technology. Our BDO approach also helps clients carefully consider important trade-offs for additional investments in AML programs and technology solutions.

We were approached to perform an independent review of the compliance framework of an offshore management company, including its client acceptance procedures and training of its staff. We assessed the adequacy and effectiveness of the various compliance pillars and investigated the management of suspicious activity monitoring. We also assessed the responsibilities of the Money Laundering Reporting Officer (MLRO) and the compliance framework with regards to the Board’s risk appetite and best industry practices and provided the necessary recommendations for a better performing framework.



ISO 22301 – Business Continuity management

We help organisations implement and manage an effective business continuity plan (BCP) enabling seamless recovery from a disaster. The solution:

  • Provides an integrated and flexible framework for embedding BCP in the risk management model
  • Aligns BCP and BCM processes with industry standards such as ISO 22301
  • Provides the capability to build policies, processes, controls and reporting templates


ISAE 3402 - International Standard on Assurance Engagements

ISAE 3402 differentiates the service organisation from its peers by demonstrating the establishment of effectively designed control objectives and control activities.

BDO helps you to deliver an ISAE 3402 report to your clients by providing hands on approach. We:

  • Assist clients through workshops and training programmes
  • Evaluate the design and operating effectiveness of the ISAE 3402 control framework and report
  • Issue an ISAE 3402 report and a management letter containing findings and recommendations


ISO 9001 - Quality Management

BDO’s ISO 9001 Quality Management Software System (QMS) is a flexible set of software applications that addresses each component of the internationally recognised ISO 9001 standard.

The user-friendly, web-based software applications allow your organisation to easily manage, track and report your quality metrics and data in real time. Your organisation will benefit for example from:

  • Reduction in costs
  • Provision of a complete view of the quality performance of the organisation and your suppliers through reports and KPI dashboards
  • Continual improvement of product and service quality by easily identifying quality non-conformance and areas for improvement


OHSAS 18001 - Health & Safety Management

With BDO’s risk management software, you can reduce your health and safety compliance and risk management costs, reduce incidents and optimise your health and safety investments. BDO’s Injury Reporting - OHSAS (Occupational Health & Safety Advisory Services) software allows you to record, track and instantly produce OHSAS ready reports for all of your organisation’s work-related injuries and illnesses. Management and relevant personnel will be able to log into the system and spot trends using graphical dashboards.


ISO 14001 - Environmental Management

Organisations can implement the BDO software applications to achieve ISO 14001 compliance and certification. ISO 14001:2004 provides assurance to company management and employees as well as external stakeholders that environmental impact is being measured and improved. The software application will also allow your organisation to:

  • Reduce risk and improve environmental stewardship by ensuring that all employees can access the company’s environmental policies
  • Ensure preparedness for environmental audits
  • Reduce administration and resource costs by storing all environmental policies in a centralised software system
  • Identify, rank and track significant environmental aspects and impacts


ISO 27001 - Information Security Management

An Information Security Management System (ISMS) provides a systematic approach to managing sensitive company information so that it remains secure. ISO/IEC 27001:2005 (ISO 27001) is the standard for Information Security Management System (ISMS).

BDO provides assistance to help your organisation achieve compliance with ISO 27001 through risk assessment methodology such as Mehari and OCTAVE. Our objective is to analyse, remediate, and assess adherence to the ISO standard in a cost effective manner. An ISO 27001 certification provides assurance to customers that your organisation has defined and put in place effective information security processes.