Audits

Our team of experienced auditors have conpetency required to carrying out compliance audits in areas such as:

·       AML - Act on Prevention of Money Laundering and Financing of Terrorism

·       GDPR – General Data Protection Regulation and

ISO 27001 compliance

·       BCP - Business continuity security in

accordance with ISO 22301

·       Compliance standard ISO 37001 / ISO 19600 for a compliance management system. At the client's

request, based on expertise and many years of practical experience in compliance risk management, we carry out compliance audits tailored to the size of the organisation and the legal environment in which it operates. Our audit reports for supervisory boards or other bodies representing the owner clearly and transparently present the results of the review of the compliance function in

the audited  organisation, and at the same time identify areas where the effectiveness and efficiency of the tools and procedures used can be improved.

Consulting & law

AML- our experts advise banks, insurers, asset managers and other entities subject to money laundering and financing of terrorism regulations.  We assist with legal and regulatory issues and support the implementation of AML solutions

during the product development. We collaborate with entities which fulfil the obligations under the Act on Prevention of Money Laundering and Financing of Terrorism to develop documentation, policies and leading practice including the development of mechanisms for effective client assessment based on individual KYC models.

GDPR - personal data protection is currently one of the key compliance systems implemented and maintained in organisations. While conducting a project at a client site, we engage our experienced

experts who identify processes in which personal data is processed, prepare relevant documents including policies and information clauses, and help

implement them. As part of our projects, our experts also carry out security audits and trainings for employees.

BCP/BCM – the climate change, Covid-19 epidemic, the war in Ukraine are just a few examples of events that can disrupt business continuity and pose new challenges for organizations of all types. We collaborate with banks, insurers, and manufacturing companies to develop business continuity and crisis management plans. We help draw up appropriate procedures, as well as support the implementation of new tools to increase the resilience of business processes to various types of threats. We also write

test scenarios for the employees to gain the skills to quickly recover critical resources and to be able to fully restore the business operations after an

incident in the shortest possible time. 

Compliance Procedures - our experts working with entities operating in various market segments, help develop procedures and align the internal regulations with the legal requirements, and thus mitigate the compliance risk. Procedures for preventing corruption and fraud, accepting internal reports from whistleblowers, preventing conflicts of

interest, corporate social responsibility or fulfillment of requirements for reporting beneficial owners are examples of issues that should be addressed by compliance policies.

Training and certification

Training - our team of trainers are persons having solid practical knowledge in the subject matter of the training. Quality is our priority, therefore our trainers develop tailor made trainings, and their scope is always pre-arranged and discussed with the client. We also conduct open trainings for larger groups of participants. Our trainers have been

delivering classroom, hybrid and online training for over 15 years. On individual request, we can also design training courses in electronic form, which

can be easily implemented into your own online learning platform. To confirm the acquisition

of new skills by trainees, as part of our service we can also carry out a knowledge test and issue individual certificates. We provide training in

compliance and information security. Our clients most often attend trainings on GDPR, AML, whistleblowing, information security or anti-corruption procedures.

Subscription services

DPO - Data Protection Officer

is a service provided by a dedicated expert having a minimum 15 years of experience in the particular field, with legal and IT security knowledge who

performs the tasks in accordance with GDPR requirements.  Due to the legal requirements related to incident handling our experts can be reached 24/7. When appointing a dedicated expert,

we always recommend a person familiar with the industry in which our client operates. We have experts in the following business areas:

·       finance (banks and insurers)

·       telecommunications

·       construction and real estate

·       commerce and e-commerce

·       industry

·       tourism

·       film, theatre and art

·       education

·       public entities

Our Data Protection Officers also provide services for multinational companies having their registered office in the EU/EEA and outside, e.g. in Ukraine or

the USA.

Whistleblowing - according to Directive

2019/1937 of the European Parliament and of the Council of 23 October 2019, a system has to be set up in each member state to receive reports of breaches whereby legal protection should be given to whistleblowers.  Checkbox as an external, impartial entity can provide a secure system for receiving reports, recording and providing feedback

while keeping the whistleblower's personal data confidential. Our system can support the activities of internal units in any organisation in which an

internal whistleblowing procedure has been established. Due to the fact that our company has compliance experts, our team can also, upon the client's request, conduct internal investigation and prepare recommendations to prevent further breaches of law, as well as recommendations concerning the modification of the existing procedures in such a way as to mitigate the risk of such incidents in the future.

AML- our experts have over 15 years of experience

in performing tasks related to AML Officer function. We collaborate with banks, lending institutions and other obliged entities in areas such as update of

policies, development and implementation of  KYC programmes or periodic employee trainings.

We assist with the implementation of tools used for counterparty and client monitoring, as well as in cooperation with supervisory authorities in the area

of reporting suspicious transactions, and transactions exceeding the threshold.