Non-core activities

It is possible for capital management companies and (financial services) institutions to adjust to the regulatory details of the technical and personnel organization. This can be done via the outsourcing of non-core activities which correspond to the type, scope, and complexity of their business as well as the type and range of their services and activities. Service providers are also obliged to adhere to regulatory regulations.

This results in optimized processes and increased quality. Whether the decision is made to only outsource certain services, partial tasks or outsource in full to an external specialist; the ultimate responsibility for any action remains solely with the client.

Our extensive and proven range of services includes:

Money-laundering function

  • Consultation with staff and management
  • Set-up and maintenance of the written guidelines
  • Execution of money laundering risk analyses
  • (Online) training for employees
  • Execution of money laundering audits
  • Analysis of (internal) money laundering suspicions activity reports
  • Transfer of money laundering suspicious activity reports to the FIU
  • Reporting to the Executive Board
  • Contact for internal/external auditors and supervisory authorities

Compliance function

  • Monitoring of regulatory requirements
  • Set-up and maintenance of the written guidelines
  • Relevance analysis
  • Execution of compliance risk analyses
  • Advice and monitoring of conflicts of interest
  • Monitoring of insider information/ employee transactions
  • (Online) training for employees
  • Consultation with staff and management
  • Execution of compliance audits
  • Reporting to the Executive Board
  • Contact for internal/external auditors and supervisory authorities

Whistleblowing function

  • Set-up and maintenance of the written guidelines
  • (Factual and legal) examination of incoming information
  • Initiation of measures
  • Contact person for all employees via various communication channels

Information Security

  • Set-up and updating of the information security guideline
  • Implementation of an Information Security Management System (ISMS) and Business Continuity Management System (BCMS)
  • Exaltation and analysis of infrastructure components and information interconnection
  • Execution of risk and safety needs analysis
  • Examination of information security breaches
  • Monitoring of roll-out progress
  • Consideration of the BSI IT basic safety, IT-security law and ISO 27001
  • Consulting and training for employees and management
  • Contact person for internal and external auditors as well as authorities

Data Security

  • Monitoring of the respective laws, compliance of DSGVO /BDSG
  • Handling of specialist requests of employees, customers etc.
  • Support in risk evaluation and data security breaches
  • Set-up and updating of the data security guideline
  • Exaltation and updating of the process guideline
  • Training of the employees
  • Examination of data security breaches
  • Registration of data security breaches with the authorities
  • Checking the adherence to requirements with service providers
  • ad-hoc and annual reporting
  • Contact person for the regional data security official

Risk Management

  • Set-up and updating of the risk management guideline
  • Evaluation of risks
  • Calculation of risk factors
  • Asset planning
  • Checking investment limits
  • Preparation and execution of stress tests
  • Risk reporting
  • Training of the employees

Well-known institutions take advantage of our extensive experience with the outsourcing of non-core activities in the daily operations. It will be our pleasure to take care of your compliance, anti-money-laundering und whistleblowing tasks as well as the data and information security functions. A lot of customers profit greatly from the outsourcing of these functions and have named us with the respective authorities. Considering the described tasks and functions our services are also subject to different internal and external audits.

To efficiently execute these mandates, we use our proven (VIVACIS) software toolsets. We also communicate directly with the auditors if so desired. Additionally, we support risk managers and information security officers in their recurring yearly tasks. All involved VIVACIS experts are regularly trained and certified.