Controls Assurance

ISAE 3402, SOC & Regulatory Reporting

Picture of risk consultants talking

Independent assurance your stakeholders can trust

For service providers, strong internal controls are no longer optional — they are expected by customers, regulators, and investors. 

Demonstrating that your control environment is robust has become a competitive requirement, as well as a regulatory obligation.

At BDO Jersey, we provide independent controls assurance that meets international standards and local regulatory expectations. Whether you are seeking an ISAE 3402 or SOC report, preparing for a regulatory review, or responding to client demands for evidence of controls, we deliver assurance that is reliable, recognised, and value-adding.

Why controls assurance matters

Controls assurance does more than prove compliance. It demonstrates to clients and counterparties that risks are managed effectively, data is secure, and services are reliable. In competitive sectors such as fund administration, corporate services, and hedge fund management, having credible assurance can differentiate you from your peers and strengthen client confidence.

Internationally recognised standards

Our reports are delivered under the most widely recognised frameworks, including:

  • ISAE 3402 – assurance on controls relevant to financial reporting.
  • SSAE 18 (SOC 1) – assurance on controls at a service organisation.
  • SOC 2 and SOC 3 – assurance on controls relevant to security, availability, confidentiality, processing integrity, and privacy.
  • AAF 01/06 – assurance specific to UK-based service providers.

These reports are increasingly requested during procurement processes and by counterparties seeking reassurance of your control environment.

a pale charcoal background
The risk advisory team discussing client challenges

Our services

BDO provides end-to-end support for controls assurance, including:

  • Readiness assessments – scoping, control design evaluation, and gap analysis.
  • Independent testing – assessment of design and operating effectiveness.
  • Reporting – independent opinions with clear, practical recommendations for improvement.
  • Ongoing assurance – support for annual reporting cycles and continuous improvement of controls.


Locally, we have particular experience working with financial services providers, including fund administrators, corporate service providers, and managers of managed entities.

Regulatory reporting and compliance

 Beyond formal assurance standards, businesses also face an expanding regulatory landscape. Financial and non-financial regulators expect organisations to demonstrate compliance not just with the law, but also with governance codes and best practice.

 We support regulated businesses by providing:

  • Assurance that regulatory requirements are being met.
  • Independent review of financial and non-financial reporting.
  • Advisory support for firms seeking regulatory authorisation.
  • Benchmarking of compliance processes, internal controls, and reporting quality.

By combining technical expertise with sector knowledge, we help you manage regulatory risk and operate with confidence.

Why BDO?

Clients choose BDO for controls assurance because we provide:

  • Independence and credibility recognised worldwide.
  • Senior involvement and director-led oversight.
  • Deep sector knowledge, particularly in financial services.
  • Local delivery backed by global resources.

With years of experience across industries and jurisdictions, we give you assurance that stands up to scrutiny and strengthens your reputation.

Assurance that builds confidence

With BDO, controls assurance and regulatory reporting are not just about compliance. They are about building trust, winning confidence, and demonstrating that your organisation is secure, resilient, and ready for the future.

Let’s start the conversation and help you thrive: