The future-proof compliance management system: protecting assets, preserving reputation.

23 July, 2019

What does future-proof compliance management mean, and what are the related challenges?

Compliance management stands for measures to ensure and comply with legal requirements, regulatory standards and the fulfillment of key internal and external stakeholder requirements. The regulatory landscape has continued to become more complex, most recently with the GDPR and upcoming regulations on whistleblowing.

The increase of regulatory requirements and the government’s implementation and prosecution of violations does not only affect Germany, but also the USA, Great Britain, Brazil, Russia and China, and accordingly our customers’ key markets. Simultaneously, the digital transformation is changing the business models of many companies and thereby the associated risks.

This requires organizations to “keep up” via strong compliance measures and ultimately set up a future-proof compliance management system. 

PwC supports companies in further developing their tailored compliance management system. Our experts develop individually suitable measures to handle compliance risks. On this basis, companies can use the challenges of current developments in the market to their advantage.

The key points in 30 seconds

What PwC can do for your company in detail:

  • Sound compliance risk analysis taking into account the current legal developments and business model of your company 
  • Further development of your CMS in the context of the digital transformation
  • Bundling of all compliance measures in an efficient system as part of an integrated governance, risk & compliance approach
  • Assessment of the status quo of your Compliance Management System
  • Identification of improvement potential and support through recommendations from our experts  

Our approach in detail

1.) Understand the compliance risk landscape

Compliance experts and PwC employees will support you in the compliance risk analysis. We make sure you know the relevant issues pertaining to legal and compliance risks and help you be compliant in the long term. In addition, we develop and integrate a risk assessment methodology into company-wide risk management. On this basis, you can take appropriate action. In detail, our services include:

High-level and detailed risk assessment for all relevant legal areas

  • Anti-corruption according to national and international regulations (e.g. FCPA, UK BA, Sarbanes-Oxley Act)
  • Antitrust and competition law
  • Product/Technical compliance
  • Data protection and management of confidential information
  • IT security and digital risks
  • Export control and sanctions
  • Anti-money laundering
  • Human Rights/Social Compliance
  • Conflicts of interest

2.) Prepare for the changes of digital transformation

PwC experts accompany compliance officers in the further development of their CMS as part of the digital transformation. This includes, for example, the following tasks:

  • Ensure integrity and ethical standards in the programming and use of Artificial Intelligence
  • Use of apps and chat bots for compliance training and advice
  • Understand the impact of 3D printing on product compliance and appropriate associated actions
  • Integrate data protection management system into existing CMS

3.) Use the strengths of technology and standardization

Our experts help you bundle compliance measures in an efficient system and organize them for the entire company. In doing so, we rely on the strengths of innovative technologies. Our offer includes:

  • Integration of Risk and Compliance Management and Internal Controls into an Organization (iGRC)
  • Integrity-driven Performance
  • Use of GRC software
  • Business Partner Compliance Management (4.0)
  • Standardized compliance controls as part of the company-wide internal control system (ICS)
  • Digitization and automation of compliance processes and controls (e.g. robotics-based controls)
  • (IT-supported) contract management system
  • Guideline management

4.) Know the maturity level of the compliance management system and act accordingly

We evaluate the status quo of your compliance system – as an overall concept or for selected elements. On this basis, we enable transparent reporting to internal and external stakeholders.

PwC experts identify potential for improvement and make appropriate recommendations.

  • We will prepare a “readiness check” for your compliance management system, so you can further develop it, or prepare for internal and external audits, such as PS980, ISO 7001, ISO 19600 or US guidelines such as “Evaluation of Corporate Compliance Programs”
  • We conduct full audits of the compliance management system according to IDW PS980 for all relevant basic elements and areas of law
  • We also benchmark your compliance management system or selected items to help you see where you stand compared to other companies
  • We conduct compliance due diligence on companies that you acquire so that you can consider relevant legal and compliance risks in the valuation

State of the Art Compliance Officer

Infographic about the tasks of a Compliance Officers

We take your compliance management system to the next level

Your benefit

The interdisciplinary PwC team of experts in law, business processes and technology gives your company real competitive advantages in the field of compliance. Our specialists are leaders in their field. They have contributed to the development of standards, for example as members of the Institute of Public Auditors in Germany, Incorporated Association (IDW), COSO (Committee of Sponsoring Organizations of the Treadway Commission) or the German Institute for Compliance e.V. (DICO). They regularly publish current market studies on compliance issues. Examples include the Digital Ethics White Paper, the Global Crisis Study, our Digital Risks and Ethics study, and the State of Compliance 2018 publication.

Our PwC experts have operational expertise regarding the relevant challenges and circumstances, especially in the following areas:

  • The need for an efficient organization of processes and systems in order to optimally take advantage of synergies
  • Reporting on the effectiveness of the CMS to the Audit Committee/Supervisory Board
  • Targeted revision of the CMS in the event of violations, suspected cases and/or investigations by authorities
  • Preparing for a (potential) external monitor or acting under supervision
  • Expansion into new markets and countries
  • M&A transaction of a target with non-transparent compliance measures

The PwC team brings company and industry specific experience and frameworks. These include, for example, standardized toolkits for young and fast-growing companies to accelerate the introduction of a CMS, such as the preparation of an initial public offering or the requirements of lenders. Last but not least, the PwC team has global reach and hands-on expertise to implement the actions in every unit of your group around the world.


The trend towards stricter regulation has intensified further. Uncertainties cannot be completely ruled out in today’s business environment. However, it is possible to turn them into a controllable risk. PwC is your trusted partner in the field of compliance, compliance management, compliance organization, as well as the implementation of measures and their successful realization.

Contact us

Dr. Robert Paffen

Dr. Robert Paffen

Leader Risk & Regulatory, PwC Germany

Carsten Hasemeier

Carsten Hasemeier

Director, Contract Management & Compliance, PwC Germany

Follow us