Internal Audit in the Financial Services Sector

Skip to content
Skip to navigation

Services

Audit control is an integral part of each company’s control procedures required for gaining the trust of clients and partners as well as managing the company.

See Overview

Other audit services
We help clients with the application and use of foreign financial aid of EU and other funds and help prepare financial reports.
Audit calculator
The calculator will answer if the company's sales revenue, assets or number of employees exceed the limit of an inspection or audit.

Corporate accounting and outsourcing

We offer full range of accounting and outsourcing services tailored to your needs.

See Overview

Payroll and related services
We perform payroll accounting for companies whether they employ a few or hundreds of employees.
Tax accounting
Grant Thornton Baltic's experienced tax specialists support accountants and offer reasonable and practical solutions.
Reporting
We prepare annual reports in a timely manner. We help to prepare management reports and various mandatory reports.
Consolidation of financial statements
Our experienced accountants and advisors help you prepare consolidation tables and make the consolidation process more efficient.
Consultancy and temporary staff
Our experienced specialists advise on more complex accounting transactions, rectify poor historic accounting, and offer the temporary replacement of an accountant.
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
Assessment of accounting processes
We help companies to implement accounting practices that are in compliance with local and international standards.
Accounting services for small businesses
We offer affordable service for small businesses. We help organize processes as smartly and cost-effectively as possible.
Cryptocurrency accounting
We keep up with blockchain technology to serve and advise crypto companies. We are supported by a network of colleagues in 130 countries.
Trainings and seminars
Our accountants have experience in all matters related to accounting and reporting. We offer our clients professional training according to their needs.

Related insights:

Outsourcing „On the first day, everyone said they were going on sick leave.” How the software change went wrong

In a smaller company, implementing new software can take three to four months, while in larger companies it can take a couple of years. Change management is exceptionally important for the transition to be successful

| 5 min read | 09 Jun 2025

Payroll

We perform payroll accounting for companies whether they employ a few or hundreds of employees. We do not offer one-size-fits-all packages, but always proceed...

See Overview

Legal advisory

We provide entrepreneurs with comprehensive legal advice to contribute to their economic success.

See Overview

Business advisory
We offer legal support to both start-ups and expanding companies, making sure that all legal steps are well thought out in detail.
Fintech advisory
Our specialists advise payment institutions, virtual currency service providers and financial institutions.
Corporate advisory
We advise on legal, tax and financial matters necessary for better management of the company's legal or organizational structure.
Transaction advisory
We provide advice in all aspects of the transaction process.
Legal due diligence
We thoroughly analyze the internal documents, legal relations, and business compliance of the company to be merged or acquired.
In-house lawyer service
The service is intended for entrepreneurs who are looking for a reliable partner to solve the company's day-to-day legal issues.
The contact person service
We offer a contact person service to Estonian companies with a board located abroad.
Training
We organize both public trainings and tailor made trainings ordered by clients on current legal and tax issues.
Whistleblower channel
At Grant Thornton Baltic, we believe that a well-designed and effective reporting channel is an efficient way of achieving trustworthiness.

Related insights:

Labor law Teleworking White Book: state of the art in 15 countries

An overview of remote work developments in 15 countries before, during and after the Covid-19 pandemic.

1 min read | 25 Nov 2024

Business advisory

Whether your company is just starting out, growing rapidly or in a stable stage of life - you need expert advice from time to time to make the right decisions.

See Overview

Business model or strategy renewal
In order to be successful, every company, regardless of the size of the organization, must have a clear strategy, ie know where the whole team is heading.
Marketing and brand strategy; creation and updating of the client management system
We support you in updating your marketing and brand strategy and customer management system, so that you can adapt in this time of rapid changes.
Coaching and development support
A good organizational culture is like a trump card for a company. We guide you how to collect trump cards!
Digital services
Today, the question is not whether to digitize, but how to do it. We help you develop and implement smart digital solutions.
Sales organisation development
Our mission is to improve our customers' business results by choosing the right focuses and providing a clear and systematic path to a solution.
Business plan development
A good business plan is a guide and management tool for an entrepreneur, a source of information for financial institutions and potential investors to make financial decisions.

Financial advisory

Failure to provide sufficient attention to corporate development and financial planning may trigger difficulties.

See Overview

Due diligence
We perform due diligence so that investors can get a thorough overview of the company before the planned purchase transaction.
Mergers and acquisitions
We provide advice in all aspects of the transaction process.
Valuation services
We estimate the company's market value, asset value and other asset groups based on internationally accepted methodology.
Forensic expert services
Our experienced, nationally recognized forensic experts provide assessments in the economic and financial field.
Business plans and financial forecasts
The lack of planning and control of cash resources is the reason often given for the failure of many businesses. We help you prepare proper forecasts to reduce business risks.
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
Reorganization
Our experienced reorganizers offer ways to overcome the company's economic difficulties and restore liquidity in order to manage sustainably in the future.
Restructuring and reorganisation
We offer individual complete solutions for reorganizing the structure of companies.

Tax

With more than 25 years of experience, our team offers wide range of tax services in close cooperation with colleagues from the Grant Thornton network.

See Overview

Corporate taxation
We advise on all matters related to corporate taxation.
Value added tax and other indirect taxes
We have extensive knowledge in the field of VAT, excise duties and customs, both on the national and international level.
International taxation
We advise on foreign tax systems and international tax regulations, including the requirements of cross-border reporting.
Transfer pricing
We help plan and document all aspects of a company's transfer pricing strategy.
Taxation of transactions
We plan the tax consequences of a company's acquisition, transfer, refinancing, restructuring, and listing of bonds or shares.
Taxation of employees in cross-border operations
An employee of an Estonian company abroad and an employee of a foreign company in Estonia - we advise on tax rules.
Tax risk audit
We perform a risk audit that helps diagnose and limit tax risks and optimize tax obligations.
Representing the client in Tax Board
We prevent tax problems and ensure smooth communication with the Tax and Customs Board.
Taxation of private individuals
We advise individuals on personal income taxation issues and, represent the client in communication with the Tax and Customs Board.
Pan-Baltic tax system comparison
Our tax specialists have prepared a comparison of the tax systems of the Baltic countries regarding the taxation of companies and individuals.

Mergers and acquisitions

Should you wish to buy out a competitor to boost your business, or, rather, to dispose of your company, the advisers of Grant Thornton Baltic will provide you...

See Overview

Business risk services and internal audit

Our experienced specialists help your organization to regularly assess risks that threaten the fulfillment of goals.

See Overview

Internal audit
We assist you in performing the internal audit function, performing internal audits and advisory work, evaluating governance, and conducting training.
Internal Audit in the Financial Services Sector
We provide internal audit services to financial sector companies. We can support the creation of an internal audit function already when applying for a sectoral activity license.
Audit of projects
We conduct audits of projects that have received European Union funds, state aid, foreign aid, or other grants.
Prevention of money laundering
We help to prepare a money laundering risk assessment and efficient anti-money laundering procedures, conduct internal audits and training.
Risk assessment and risk management
We advise you on conducting a risk assessment and setting up a risk management system.
Custom tasks
At the request of the client, we perform audits, inspections and analyzes with a specific purpose and scope.
External Quality Assessment of the Internal Audit Activity
We conduct an external evaluation of the quality of the internal audit or provide independent assurance on the self-assessment.
Whistleblowing and reporting misconduct
We can help build the whistleblowing system, from implementation, internal repairs and staff training to the creation of a reporting channel and case management.

Information security services

Our experienced and certified experts guarantee high quality services that precisely meet the specific needs and characteristics of each client.

See Overview

Information security management
We provide you with an information security management service that will optimise resources, give you an overview of the security situation and ensure compliance with the legislation and standards.
Information security roadmap
We analyse your organisation to understand which standards or regulations apply to your activities, identify any gaps and make proposals to fix them.
Internal audit of information security
Our specialists help detect and correct information security deficiencies by verifying an organization's compliance with legislation and standards.
Third party management
Our specialists help reduce the risks associated with using services provided by third parties.
Information security training
We offer various training and awareness building programmes to ensure that all parties are well aware of the information security requirements, their responsibilities when choosing a service provider and their potential risks.
Digital Operational Resilience Act (DORA)
We will help you create a DORA implementation model that meets your company's needs and ensures that you meet the January 2025 deadline.

Related insights:

Information security services When trust becomes a threat: how Google and Microsoft are being exploited in cyberattacks

In this article, we’ll explore how attackers are misusing trusted technologies - like OAuth and DKIM (more on these in a moment) - and why everyone should be cautious when a message or application requests access to user accounts.

Artti Aston

| 6 min read | 21 May 2025

Sustainability services

We support businesses and investors in conducting business responsibly

See Overview

ESG advisory
We help solve issues related to the environment, social capital, employees, business model and good management practices.
ESG audit
Our auditors review and certify sustainability reports in line with international standards.
Sustainable investments
We help investors conduct analysis of companies they’re interested in, examining environmental topics, corporate social responsibility and good governance practices.
Sustainable tax behaviour
Our international taxation specialists define the concept of sustainable tax behaviour and offer services for sustainable tax practices.
ESG manager service
Your company doesn’t necessarily need an in-house ESG manager. This role can also be outsourced as a service.

Related insights:

Omnibus package Will sustainability reporting be easier in the future?

On 26 February 2025, the European Commission (EC) released a new package of proposals (the Omnibus) to amend some key pillars of the European Green Deal. The overall goal of the Omnibus is to reduce reporting burdens, particularly for smaller and mid-sized entities, and increase efficiency in sustainability reporting.

6 min read | 11 Apr 2025

Human resources and recruitment services

We offer to outsource the HR services in the exact amount and precisely in the section of work that you need.

See Overview

Recruitment services – personnel search
We help fill positions in your company with competent and dedicated employees who help realize the company's strategic goals.
Recruitment support services
Support services help to determine whether the candidates match the company's expectations. The most used support services are candidate testing and evaluation.
Implementation of human resource management processes
We either assume a full control of the launch of processes related to HR management, or we are a supportive advisory partner for the HR manager.
Audit of HR management processes
We map the HR management processes and provide an overview of how to assess the health of the organization from the HR management perspective.
HR Documentation and Operating Model Advisory Services work
We support companies in setting up HR documentation and operational processes with a necessary quality.
Employee Surveys
We help to carry out goal-oriented and high-quality employee surveys. We analyse the results, make reports, and draw conclusions.
HR Management outsourcing
We offer both temporary and permanent/long-term HR manager services to companies.

Related insights:

Company culture Experience: a working group dedicated to supporting values-based corporate culture

Where to start if your company doesn’t have a human resources director and HR policy, and on top of it, has a negative employer net promoter score? Grant Thornton Baltic’s HR director Marge Litvinova and recruiter Kätlin Treima share some valuable experience.

Helen Roots

| 7 min read | 03 May 2024

Digital services

Grant Thornton Digital helps you develop and deploy smart digital solutions that lead your business into the future.

See Overview

Digital strategy
We help assess the digital maturity of your organization, create a strategy that matches your needs and capabilities, and develop key metrics.
Intelligent automation
We aid you in determining your business’ needs and opportunities, as well as model the business processes to provide the best user experience and efficiency.
Business Intelligence
Our team of experienced business analysts will help you get a grip on your data by mapping and structuring all the data available.
Cybersecurity
A proactive cyber strategy delivers you peace of mind, allowing you to focus on realising your company’s growth potential.
Innovation as a Service
On average, one in four projects fails and one in two needs changes. We help manage the innovation of your company's digital solutions!

Related insights:

Case study We advised German company RAUMEDIC

Grant Thornton Baltic OÜ advised German company RAUMEDIC AG on the acquisition of aktsiaselts A&G. RAUMEDIC AG is a leading developer and manufacturer of systems and components and a partner to medical and pharmaceutical industries. Core business of aktsiaselts A&G is production of medical supplies.

2 min read | 13 Jan 2022

Services for crypto companies

As one of the few advisory companies in Estonia, we are competent to offer virtual currency service providers (VASP) support services, such as accounting, tax...

See Overview

Starting business in Estonia?

We know that global expansion is the natural evolution for a thriving business. Whether you’re expanding into new markets, entering Estonia or maximising the...

See Overview

In addition to credit institutions and insurance companies, internal audit is also mandatory for:

creditors and credit intermediaries
payment institutions and electronic money institutions
fund managers

Information of the internal auditor must be submitted already upon application for the activity license from FSA, the functioning and procedures of internal audit activity must be described in the internal rules and policies.

As the internal auditor cannot perform tasks that cause or may cause a conflict of interest within the company, it is not possible to create a position where one employee would be both the internal auditor and act in other areas of management decision-making. Therefore, the company has essentially two options - either to hire an internal auditor or to outsource the service.

The main topics for internal audits in financial sector are:

the compliance of creditworthiness assessment procedures, their implementation in practice and effectiveness
compliance with anti-money laundering (AML), counter-terrorist financing (CTF) and know your customer (KYC) procedures in accordance with the law and guidelines, their implementation in practice and effectiveness, including analysis of due diligence measures, risk assessment and risk appetite
auditing of other processes related to the granting or intermediation of credit, fund management, payment service provision
information security and personal data protection audits
compliance audit of financial services advertising
outsourcing or relying on someone else's activities
personnel management and remuneration

In addition, as internal auditors, we can advise on assessing the risks of the organization, describing the activities of the internal audit function in internal rules, etc.

Send us your inquiry

TESTIMONIAL

"Thanks to the observations, we were able to discuss several possible solutions in our team, and the audit will definitely help us to further develop new solutions. It was very pleasant and smooth to work with Grant Thornton Baltic's internal auditors. The whole process went really smoothly."

Kadri Erm
Placet Group OÜ
Head of Legal and Compliance

Client stories

Check out other client projects

December 2023

Primero Finance: our choice of internal auditor ticks all the boxes

Internal auditor services

“Our partnership with Grant Thornton Baltic’s internal auditors started in 2016 and it’s clear we hit the nail on the head with our selection,” says CEO of Primero Finance OÜ, Marti Küttis.

January 2023

An outside set of eyes gives additional assurance

Internal audits in ESTO AS

ESTO Group, a credit provider founded in 2017 that expended to Latvia and Lithuania in 2021, went the outsourcing route and partnered with Grant Thornton Baltic for internal audit services.

January 2023

For the e-Governance Academy, an internal auditor is seen as a good colleague

Internal audits at E-Governance Academy

Each year, the eGA’s large-scale projects that are supported by various financing sources around the world mean it has to comply with legal acts on the organization’s activity as well as follow internal procedures both in project management and financial accounting.

January 2023

Internal auditors help keep companies trustworthy

Internal audits at Hüpoteeklaen AS

With more than 30 employees, Hüpoteeklaen AS is a credit provider operating in Estonia since 2009, issuing real estate secure loans to individuals and companies.

February 2023

For Estateguru, having an internal auditor is a sign of quality

Internal audits at Estateguru

Founded in 2013, Estateguru OÜ combined these two qualities when it launched a platform for quick and flexible capital secured by real estate for small businesses and real estate-secured investing opportunities for investors.

May 2023

Erasmus+: we highly value the cooperation of the internal auditors

Internal audits for Estonian National Agency for the Erasmus+ and European Solidarity Corps

For two consecutive years, Grant Thornton Baltic’s business risk and internal audit team served as the independent auditor of the programmes of the Estonian National Agency for the Erasmus+ and European Solidarity Corps.

Which companies operating in the financial sector in Estonia must have an internal auditor?
What are the requirements for the qualification and activities of the internal auditor?

The financial sector can be divided into four main groups:

banking and credit
insurance
payment services
investment

These, in turn, are divided into subgroups, each of which is subject to a different law and statutory requirements for the internal audit function. In addition, the provision of internal audit services is regulated by the Auditors Activities Act, which defines who may engage in the professional activities of an internal auditor.

See the table below for more information

In addition to the professional qualifications, the internal auditor is also required to have an impeccable business reputation, the knowledge, skills, experience and education necessary to perform the duties of an internal auditor, and professional suitability. The internal auditor may not perform any other duties which give or may give rise to a conflict of interests.

In addition to special laws mentioned in the table above, the requirements for internal auditors are also regulated by the Auditors Activities Act, according to which the internal auditor must be objective and competent in his or her professional activities, maintain professional secrecy, act with due diligence, act in accordance with the internal auditor's profession and meet the internal auditor's professional standards.

Do you have any questions?

Send us your inquiry

Related Insights

Market participants	Regulatory law	Necessity of internal audit	Requirements to the head of the internal audit unit / internal auditor
Banking and credit
Credit institutions (banks)	Credit Institutions Act, § 59	Mandatory	Certified Internal Auditor
Creditors	Creditors and Credit Intermediaries Act, § 45	Mandatory	No specific professional level is required
Credit intermediaries	Creditors and Credit Intermediaries Act, § 45	Mandatory	No specific professional level is required
Insurance
Insurance companies	Insurance Activities Act, § 103	Mandatory	Certified Internal Auditor
Payment Services
Payment institutions	Payment Institutions and E-money Institutions Act, § 51	Mandatory	Certified Internal Auditor
e-money institutions	Payment Institutions and E-money Institutions Act, § 51	Mandatory	Certified Internal Auditor
Investment
Fund managers	Investment Funds Act, § 349	Mandatory if necessary and proportionate	Certified Internal Auditor
Investment firms	Securities Market Act, § 83²	Mandatory if necessary and proportionate	Certified Internal Auditor

Internal Audit in the Financial Services Sector

The main topics for internal audits in financial sector are:

TESTIMONIAL

Kadri Erm
Placet Group OÜ
Head of Legal and Compliance

Client stories

Primero Finance: our choice of internal auditor ticks all the boxes

An outside set of eyes gives additional assurance

For the e-Governance Academy, an internal auditor is seen as a good colleague

Internal auditors help keep companies trustworthy

For Estateguru, having an internal auditor is a sign of quality

Erasmus+: we highly value the cooperation of the internal auditors

Which companies operating in the financial sector in Estonia must have an internal auditor?
What are the requirements for the qualification and activities of the internal auditor?

Do you have any questions?

Internal audit obligation in financial sector companies

Market participants

Regulatory law

Necessity of internal audit

Requirements to the head of the internal audit unit / internal auditor

Banking and credit

Insurance

Payment Services

Investment

CONNECT

ABOUT

LEGAL

Internal Audit in the Financial Services Sector

The main topics for internal audits in financial sector are:

TESTIMONIAL

Kadri ErmPlacet Group OÜHead of Legal and Compliance

Client stories

Primero Finance: our choice of internal auditor ticks all the boxes

An outside set of eyes gives additional assurance

For the e-Governance Academy, an internal auditor is seen as a good colleague

Internal auditors help keep companies trustworthy

For Estateguru, having an internal auditor is a sign of quality

Erasmus+: we highly value the cooperation of the internal auditors

Which companies operating in the financial sector in Estonia must have an internal auditor? What are the requirements for the qualification and activities of the internal auditor?

Do you have any questions?

Realated specialists

Related Insights

Internal audit obligation in financial sector companies

Market participants

Regulatory law

Necessity of internal audit

Requirements to the head of the internal audit unit / internal auditor

Banking and credit

Insurance

Payment Services

Investment

Kadri Erm
Placet Group OÜ
Head of Legal and Compliance

Which companies operating in the financial sector in Estonia must have an internal auditor?
What are the requirements for the qualification and activities of the internal auditor?