Crypto Compliance Solutions

Secure your digital assets with expert compliance services designed for the blockchain era

Discover Our ServicesContact Us

Our Audit Process

Since 2021, we have specialized in supporting accounting firms by providing an external, independent audit of their Internal Control System (IKS) and IT General Controls (ITGC). Recognizing the growing complexity of the crypto ecosystem, we have streamlined our process to ensure comprehensive coverage while maintaining efficiency.

As an independent IKS auditor active since 2021, I've worked with some of the largest crypto foundations in Switzerland, helping them align with regulatory expectations under OR Art. 728a, PS 890, COSO, and evolving audit standards.

Our approach is designed to be thorough yet flexible, adapting to your specific needs while ensuring compliance with all relevant standards.

1. Requirements Assessment

We begin by understanding your specific needs and the regulatory environment you operate in. This involves a detailed discussion to identify critical control areas.

2. Audit Execution

Our team conducts a thorough review of your systems and controls, identifying potential vulnerabilities and assessing compliance with required standards.

3. Report Delivery

We provide a comprehensive report detailing our findings, including strengths, areas for improvement, and specific recommendations for addressing any identified issues.

4. Follow-Up Support

We offer ongoing support to help you implement our recommendations and continue to strengthen your control environment as technologies and requirements evolve.

Resources Hub

The Internal Control System (ICS) refers to the overarching framework of policies and procedures designed to ensure operational efficiency, financial reliability, and regulatory compliance.

ITGCs (IT General Controls) are a subset of the ICS and focus specifically on controls within the IT environment, including system access, change management, data backup, and recovery processes.

Yes, while we specialize in Swiss auditing standards and regulations, we serve clients globally who require compliance with Swiss standards or who seek to implement best practices in their internal control systems for crypto assets.

An ICS (Internal Control System) audit should be conducted at least once a year - especially for companies subject to an ordinary audit (according to Swiss CO Art. 728a). Additional event-driven reviews might be necessary, e.g., due to significant system changes, regulatory requirements, or suspected risks.

Best practice includes:

  • Annual audits by external auditors (mandatory for companies under ordinary audit)
  • Ongoing internal monitoring by compliance, finance, or internal audit functions
  • Ad hoc reviews in response to incidents, IT changes, or control failures

In fast-moving sectors like crypto and fintech, more frequent audits may be advisable to ensure control effectiveness in rapidly evolving environments.

To ensure an effective and smooth ICS (Internal Control System) audit, we recommend the following preparatory steps:

  • Document your existing control environment, particularly around financial processes, access rights, and key controls
  • Prepare access to relevant systems and documentation (e.g., user directories, logs, policies)
  • Identify key individuals who will be available for clarification or questions during the audit

Upon engagement, we will provide you with a structured pre-audit checklist to help you prepare efficiently and transparently.

Stay Updated

Subscribe to our newsletter for the latest updates on crypto compliance and security.