Our Risk Services

Crowe professionals can help you reassess your company objectives based on current business environment.

Our Unique Risk Approach


„Does your decision making process includes all risks that your company is facing? At Crowe you can find professionals that can assist you in identifying risks that impact your company objectives and taking the most effective route towards your long-term goals.

Take a look at our brief prospect to discover how we can improve your risk management and decision making process.“ 

View Brochure


Risk management process is applicable to all companies, regardless of their size, stage of development or ownership structure. Small and medium-sized firms often lack the resources to quickly react to internal and external threats, leading to potentially large losses. On the other hand, large companies often experience numerous changes caused by their growth while business processes remain the same despite these changes. Risk management process is therefore a key tool used to identify and evaluate arising risks, as well as to make informed decisions on their acceptance, mitigation or elimination.

Crowe team sees risk management as a choice of options to achieve long-term goals instead of reacting to changes that cause unforeseen risks. At Crowe you will find professionals that can assist in reassessing your company objectives based on current business environment. This step is fundamental in establishing the risk management process before defining policies, procedures and practical activities to identify, assess and monitor risks.

Crowe professionals have experience in various industries, allowing us to adapt the risk management process to existing resources and company/market specifics. As a result, the advantage of effective risk management is avoidance of additional costs and resources that have no visible benefit to businesses. Our ambition is to be your long-term advisors in creating a risk aware environment that contributes to the regional market sustainability and well-being.

Why should any company implement effective risk management?

The point of risk management is not to incur additional costs for the company, but to implement optimal and purposeful process that allows:

  • a greater certainty in achieving strategic and business objectives,
  • adding business value for all interested parties, including owners, employees, customers, regulators and society at large,
  • efficient allocation of company capital and resources,
  • more efficient decision-making process and effective operational management.  


Risk Management

Set up/Upgrade of Risk Management Process

Our experts have significant experience with the largest domestic and regional companies in setting up the basics for the risk management process. After assessing business environment and recognizing potential for improvement of clients' business processes, we are able to design a formal framework, implement organizational arrangements and adjust human and technological capacities for the needs of risk management activities. While setting up the process, we are guided by the requirements of internationally accepted standards (ISO 31000 and COSO framework) and relevant regulatory institutions. 

The benefits of establishing an efficient risk management process include:

  • a greater certainty in achieving strategic and business objectives while minimizing threats to their achievement,
  • favorable conditions for raising new capital and easier access to capital markets,
  • efficient reporting on achieved KPIs and financial results, thus enabling transparency in companies' operations,
  • efficient planning and budgeting system, decision-making process and effective operational management,
  • continuity in production and trading on the market,
  • promotion and reputation of the company. 


Design of control environment

The control environment is basic element of risk management consisting of a set of policies and procedures that define processes and relevant control activities. The degree to which management is able to rely on control environment affects the quality of their business decisions and efficiency of employee activities. Therefore, the established control environment must be in accordance with the size and capabilities of the company.
Policies and procedures in the area of risk management should contain basic principles, mechanisms and a framework for controlling and managing significant risks faced by employees and company managers. With extensive experience in designing risk management processes in various industries, our team can assist you in formalizing documents that govern the entire process, including: 

  •  A draft of Risk Management Policy that contains at least the basic principles of risk management, the area of application (to which organizational units, job positions and risks the policy applies), risk management objectives, the internal organization of the risk management process, the established connection between the company's objectives and risk management, 
  •  A draft of Risk Management Procedure with defined activities and methodologies for risk identification, evaluation, treatment and monitoring. 

The benefits of having formal documents that govern the risk management process include:

  • clear and measurable strategic and operational objectives defined,
  • formal division of roles and responsibilities in the process of risk management,
  • uniform understanding of the concept of risk, business objectives, sources of risks and prevention activities that reduces risk to a reasonable extent,
  • securing conditions in which risk management process can be applied.




Internal Controls / Process Optimization

Optimization of internal control activities

Control activities are performed at all levels of the company, in different phases of company business, processes and technological capabilities, and their main purpose is to reduce identified risks. The wide range of industries in which the Crowe team has acquired previous experience allows us to comprehend and analyze current control acitivities implemented in our clients' business processes. The aim of our analysis is to determine the weaknesses in internal control system based on internal audit best practices and standards specific to certain industries. Our team also provides professional assistance and independent support in the implementation of recommendations for improvement of business processes. 



The benefits of improving internal control activities include:

  • developing an internal control system adapted to our clients' technological and other processes (entries, access, automatic/manual controls),
  • identifying existing bottlenecks that affect the achievement of clients' objectives,
  • upgrading control activities in the most important business processes with clearly defined responsibilities,
  • insurance of property and other resources against losses caused by unwanted events,
  • identifying functions necessary for further growth. 


Control environment design

The owners and/or company management establish the "tone at the top" in terms of the importance of internal control activities. The effectiveness of internal controls has significant impact on management decisions, since it determines the extent to which data will be complete, accurate and up-to-date. Our advisors can assist you in developing policies and procedures that allow management to secure effective internal control system and thus enable informed decision-making. When drafting procedures, we emphasize clear description of control activities embedded in business processes while being wary of limited resources and their cost efficiency. 

The benefits of having formal documents that regulate process activities include:

  • establishing a control environment that provide a basis for performing internal control activities,
  • implementing defined activities in practice by formally defining:
  • organizational structure,
  • key business processes,
  • decision making process in terms of daily operations and strategic development,
  • internal control activities that define roles and responsibilities and safeguard assets and capital,  
  • adequate communication of established processes to employees and their application throughout the company,
  • basis for strict monitoring of formally adopted processes, instructions and methodologies.


Internal Audit 

Outsourcing of internal audit function

Primary purpose of our work is to determine the extent to which client' management and employees are aware of material risks that threaten the company's strategic and operational objectives in various business areas. Furthermore, the scope of internal audit services include evaluation of internal control system in terms of adequate compensation for material risks. Accordingly, our team tests and validates the design and effectiveness of the internal control system, and provides feedback to management on the quality of key controls. In case of deficiencies, our team provides recommendations for corrective actions, control activites and policies/procedures update, thereby encouraging improvement of business processes. Our services include a qualitative and quantitative approach to internal audit, with adequate data that support the results of the internal audit. Client benefits from outsourcing internal audit services include greater availability of human resources for other tasks and addressing risks in a proactive manner. 

External assessment of internal audit function

Our team evaluates internal audit activities based on the Practice Advisory 1312-1 requirements and the International Professional Practice Framework of Internal Audit ("IPPF"), that include:

  • degree of compliance with the Definition of Internal Audit, the Code of Ethics, IPPF and the Internal Audit Charter, plans, policies, procedures and applicable legal and regulatory requirements,
  • management expectations from internal audit activities and a sample of organizational parts or processes that are subject to audit,
  • integration of internal audit activities within the clients' management system, including relationships between and within key functions involved in internal audit processes,
  • tools and techniques used in internal audit activities,
  • combination of employee knowledge, experience and discipline, including their engagement in internal audit aimed to improve processes and controls,
  • capabilities of internal audit in terms of adding value and improving business processes.

We present our observations, identified practices, weaknesses in comparison to best practices and Internal Audit Standards, as well as recommendations in areas that are integral to the client's internal audit activities. 

The benefits of internal audit function external assessment include: 

  • compliance with Practice Advisory 1312-1 and IPPF;
  • continual improvement of internal audit function and added value to the company in terms of identifying opportunities to improve internal audit process, improving its efficiency and raising credibility of these activities;
  • improving company reputation by securing evidence to potential investors that risk management and control activities are subject to internal auditors attention.
Corporate Governance

Corporate governance assessment

Corporate governance implies a set of rules by which the internal organization of the company functions, selection of directors and board members, supervision of owners, planning and reporting system and evaluation of results. These rules should be designed to secure the transparency of companies' operations. International financial institutions and potential investors analyze and evaluate the quality of corporate governance when weighing on investment decisions. Therefore, the established corporate governance rules enable the attraction of financial capital and highly qualified personnel, while at the same time providing confidence to investors about the efficiency of the organization, management and business processes. 

The Chambers of Commerce in the SEE region have developed Codes of Corporate Governance that contain principles and recommendations for setup of sustainable business environment. The Code rules are not binding, however they complement the existing legal framework with an aim to make companies more competitive, efficient and transparent. In addition to the locally defined regulatory framework and the aforementioned Code, there are also simplified versions of best management practices tailored to the different needs of small and medium-sized companies. The Crowe team provides services that include review and analysis of ownership relationships, decision-making processes, financial management, business transparency, culture and commitment to effective management, operational activities and digitalization, in an effort to identify corporate governance areas that are non-compliant with relevant codes and practices. 

Potential improvements in the field of corporate governance that we have identified so far include: 

  • need to develop a formal corporate management strategy,
  • process development and management transparency,
  • management reporting,
  • communication with owners and investors,
  • risk management process,
  • compliance of internal audit with international standards,
  • internal control system,
  • adequacy of remuneration policy. 

The direct benefits of effective corporate governance include:

  • favorable conditions for raising new capital, reputation and easier access to capital markets,
  • improvement in planning, reporting and evaluating achieved results,
  • setup of rules defining the internal organization, selection of directors and board members and owner supervision.

Contact Us

We provide the expertise you need to grow, control, defend, and, if necessary, restructure your assets. Contact Crowe today.
Leo Djakovic
Director / Advisory
Crowe RS Advisory d.o.o.