(Art. 62 para. 2 and 3 FinIA)
- When defining the audit frequency and the intensity of supervision, the supervisory organisation shall be guided by the risks associated with the activity of those supervised and the risks associated with their organisation.
- In years in which no regular audit takes place, the supervisory authority shall collect standardised data on the risks associated with those supervised.
- It shall assess the self-declared data collected and take further measures where necessary.
- FINMA shall set down for, and in consultation with, the supervisory organisation guidelines for conducting an assessment in accordance with paragraphs 1–3.