A look back at the PMI event: Creating high-performing teams for your projects, February 8

Lively exchange, interesting topics and inspiring conversations at the event held by the Project Management Institute (PMI) and PwC Switzerland

Human capital research has given us some interesting insights over the last 30 years. Did you know, for example, that undermined motivation probably has a larger effect on productivity and quality than any other factor? And that after motivation, probably the largest influencer of productivity is the individual capabilities of members of a team or the working relationships among them? These and other facts have been discussed yesterday at the event on the subject “Creating high-performing teams for your projects”.

The interactive presentation has drawn on experience with building high-performing teams for IT projects, nationally and internationally. Attendees got insights into how to build teams that make the grade, what roles need to be included, and what factors influence behaviour and motivation.

We would like to say thank you to all attendees, colleagues, PMI and especially to our speaker Maarten Broekhuizen, senior manager in the Transformation Assurance division at PwC Netherlands, and would be delighted to have the pleasure of your company again soon.

About the next event: Artificial Intelligence & Project Management: Beyond human imagination!

Around 200 years ago the industrial revolution changed society for good. Today another revolution is under way, with potentially even farther-reaching consequences.

Artificial intelligence (AI) in industry, experts are predicting, will change everything about the way we produce, manufacture and deliver. Cognitive computing, machine learning, natural language processing – different terms have emerged as the technology has progressed in recent years. What they all encapsulate is the idea that machines could one day be taught to learn how to adapt by themselves, rather than having to be spoon-fed every instruction for every eventuality. Now, according to many, that day has arrived. AI will change the world.

Date: Thursday, April 12, 2018 from 6:00 PM to 9:30 PM (CEST)
Location: Geneva, Switzerland.



Marc Lahmann
Director and Leader Transformation Assurance
+41 58 792 27 99

Manuel Probst
Senior Manager Transformation Assurance
+41 58 792 27 62


Creating high-performing teams for your projects

An event by PMI Switzerland Chapter and PwC Switzerland

Human capital research has given us some interesting insights over the last 30 years. Did you know, for example, that undermined motivation probably has a larger effect on productivity and quality than any other factor? And that after motivation, probably the largest influencer of productivity is the individual capabilities of members of a team or the working relationships among them?

This interactive presentation draws on experience with building high-performing teams for IT projects, nationally and internationally. You’ll get insights into how to build teams that make the grade, what roles need to be included, and what factors influence behaviour and motivation. And you’ll find out what happiness and grit could possibly have to do with the success of a project.

About our speaker:

Maarten Broekhuizen is a senior manager in the Transformation Assurance division at PwC Netherlands. He has more than 10 years’ experience in advising firms on IT and business transformation challenges and troubled projects in the Netherlands, Europe, the US and South America. Maarten has a master’s in business administration and information management. One of the questions that has run through his career has been why some project teams are more successful than others. He looks forward to sharing his experience helping you create your own high-performing team for your project(s).


  • 18:00 Registration
  • 18.30 Presentation
  • 19:30 Q&A
  • 20:00 Networking Apéro

Event Language: English

Professional Development Units: 2

  • 0.5 Leadership
  • 1.0 Strategic & Business Management
  • 0.5 Technical Project Management

Please be aware that at the event photos of the audience are made and published on the PMI Switzerland Chapter homepage as well as on Facebook. The event may also be live broadcasted over Facebook. With your attendance you accept these conditions.

Event fee discounts
If your are PMI-CH member, please log in with your PMI-CH member account at www.pmi-switzerland.ch and enter the event from there in order to benefit from the membership discount.

Cancellation policy
100% refund is possible for a ticket if cancelled 5 days before the event.



Marc Lahmann
Director and Leader Transformation Assurance
+41 58 792 27 99

Manuel Probst
Senior Manager Transformation Assurance
+41 58 792 27 62


Rescuing struggling projects

When managing the project recovery process it’s crucial to avoid taking action for action’s sake, treating the situation as a fire drill, or only addressing the superficial symptoms rather than the real underlying issues. You have to take a structured approach, starting with stabilising the project on the basis of the visible symptoms, and going on to do an in-depth root cause analysis as the basis for defining a recovery plan. This will help the project move beyond mere survival to achieve a sustainable solution in the long term.

Move beyond mere survival to find a sustainable path to recovery

Businesses today are facing challenges like never before which is driving an increased demand for transformation projects, each one more complex than the last. Over half of projects fail completely or exceed their budget significantly. It is no longer about if a project struggles, but when. Is your project is in trouble? What will it take to rescue it for the long-term? Read more …


Marc Lahmann
Director and Leader Transformation Assurance
+41 58 792 27 99

Manuel Probst
Assurance Senior Manager
+41 58 792 27 62

Get on the safe side: train your hotel staff to prevent payment card fraud

Any company can be targeted by payment card fraud. Luckily, there are effective ways of substantially reducing the risk. Most incidents have a common denominator: human behaviour. So the most effective action you can take to reduce the risk is training your staff in best practice.

This has prompted us to team up with Lobster Ink, the leading online education company specialising in the hospitality industry, to develop an online training course in PCI DSS Awareness for the hospitality industry. It’s a highly focused programme for end-users that will help your staff understand and apply the principles of PCI compliance.

Payment card fraud is a massive and growing problem that needs to be addressed as a matter of urgency. The consequences for the businesses affected are severe, ranging from penalties and disruption of daily operations to reputation damage and lost customers.

The scale of the problem is also extreme: payment card fraud resulted in losses of USD 21.8 billion in 2015, and a Nilson Report predicts that this will rise to more than USD 31 billion by 2020. Verizon’s ten year Payment Card Industry Data Security Standard (PCI DSS) compliance investigation has shown that no company was fully PCI DSS compliant at the time of the breach.

As the pace of technological development accelerates, especially in
payment systems, the risk of security breaches is higher than ever.

How can you protect your business?

With PwC’s expertise in cybercrime and compliance and Lobster Ink’s experience in innovative training, your staff will soon be up to speed with best practices. We’ve designed individual courses for customer-facing staff, back-of-house staff and management to ensure every employee is aware of the risks and mitigating actions relevant to their particular level and department.

The course will help you and your employees to identify and minimise the risks associated with handling sensitive payment card data. They’ll also learn about best practice for reducing risk to acceptable levels and systematically protecting your customer’s data.

Your employees are the first line of defence. Get them trained today!

Contact us to find out more about PCI DSS Awareness:

Nicolas Mayer
PwC Partner & Global Industry Leader
Lodging & Tourism Clients
E-mail: nicolas.mayer@ch.pwc.com

or via

Lobster Ink

“Many people aren’t aware of the risks of using credit cards. This course was so useful for all of us – to protect our guests and ourselves.” – existing PCI DSS learner

Uncharted waters: Tackling reinsurers’ riskiest exposures

There are no tried and tested strategies for dealing with the banana
skins that have shot to the top of reinsurers’ risk registers – cyber
risk, change management and political upheaval. How can you get
to grips with these highly unpredictable and disruptive exposures?

Insurance Banana Skins is a unique survey of the issues at the top of the industry’s risk register and how these perceptions change over time. The
biennial report is produced by the The Centre for the Study of Financial Innovation (CFSI) in association with PwC.

What’s most striking about the latest set of results is how far and how fast the risk landscape is shifting. Having for many years been dominated by the familiar headaches of solvency regulation and a challenging market environment, the risks that now cause the most sleepless nights are rooted in the shock and uncertainty of the new.

At number one is cyber risk, reflecting both the anxieties of underwriting a risk that’s constantly shifting and the rising threat to reinsurers themselves. Far from being just a technology risk, cyber is now a huge reputational and systemic concern. At number two is the industry’s ability to address a formidable agenda of new technology and shifting customer and conduct expectations, along with the associated pressure on service, performance and costs. Signs of the upheaval are all around us, from new forms of underwriting and risk transfer, to increased automation and inroads from InsurTech right along the value chain. And even more disruption is coming up on the horizon in areas ranging from artificial intelligence (AI) to driverless cars.

We also focus on what the Banana Skins survey describes as ‘political interference’ on account of its rapid rise up the risk rankings and particular relevance to prominent reinsurance centres, notably the UK and Bermuda. As a global industry, reinsurance faces considerable challenges from the political developments, changes in trading arrangements and the shift towards more nationalistic rather than global approaches. Our analysis of the implications looks in particular at the implications of Brexit and an uncertain US tax agenda.

Download Full Report

PwC Actuarial Services Newsletter – August 2017

The pace of change in the Financial Services industry is accelerating. New products and services are being developed and emerging technologies, such as Artificial Intelligence (AI) and Internet of Things (IoT) evolve the way of doing business.

Key points in brief:

  • Article #1: Data driven KYC
  • Article #2: Machine learning and text mining
  • Article #3: Smart Price Architecture

Download the PwC Actuarial Services Newsletter here.

PwC’s guide to making your controls landscape more effective and efficient front to back

Within the financial services industry, one of the conventional wisdoms since the global financial crisis goes like this: Regulators imposed new regulations that forced financial institutions to introduce policies, controls and other risk-management-related activities to minimise risk and be compliant. Having lived through a few of these major exercises ourselves, we know first-hand how dominant this topic has been in the past. Financial institutions instantly responded to every new regulatory requirement or major industry incident by layering on yet more controls, policies, governance and other rules – without considering the impact across the business or what was already in place.

Internal controls became the critical component of risk and regulatory projects and a major investment in themselves. Budgets were allocated generously and transferred from strategy- and business-related projects.

These days, the same institutions are going through tough cost-cutting exercises touching all aspects of the bank and its business, with risk and compliance no longer exempt. Improving the efficiency and effectiveness of controls without increasing the risk profile is now one of the greatest challenges and opportunities a financial institution has to face. The key to success is to respond to escalating regulatory demands wisely by optimising the necessary controls while reducing or at least containing costs.

The first hurdle to overcome when addressing this topic is a reticence when it comes to reducing or re-engineering control activities. Despite the high pressure to reduce the cost of controls, the cost of non-compliance is still prohibitively high in many cases. A key success factor to any control streamlining exercise is to demonstrate that you’re able to do so safely and within your risk appetite. We recommend opening the narrow focus of a division or risk taxonomy and concentrating on a broader front-to-back view of controls. The goal is to establish an efficient separation of duties, determine and invest internal control resources in top priority issues, and increase reliance on automated and system-supported controls.

We encourage everyone to dive deep into the topic right now, starting by asking…

Some key questions related to controls:

  • Does your control landscape reflect your current risk appetite?
  • How can the effectiveness and efficiency of controls be measured and made transparent?
  • Have you struck the right balance between preventive, detective and reactive controls?
  • Are there too many control layers?
  • Are controls performed by the right resources, functions and locations?
  • What controls-related activities can be automated or outsourced?

The drivers for a control review vary, but typically include improving client experience by shortening lead and lag times, and streamlining the effort that goes into controls-related activities in all parts of the organisation while remaining within risk appetite. The key is to determine the right balance between the cost of controls and the cost of being non-compliant − or in other words the cost of execution, monitoring and testing, and the frequency of events and their financial impact. The following four-step approach will give you some guidance once you’re ready to start improving your controls efficiency and effectiveness:

Objectively analyse and score the current state

The first step is to identify the controls that are currently in place and understand how they map to the underlying front-to-back process selected for review. This is not always easy, as many institutions organise their controls by other dimensions such as risk taxonomy or regulatory requirement. The controls identified are then assessed and scored based on their importance, efficiency and effectiveness. On the basis of this analysis you can identify the opportunities for improvement and state the case for change.

Design the future state and work out opportunities for improvement

One key aspect has to be considered before starting with the design: As soon as the various opportunities have been identified, the respective stakeholders should be involved to recognise the opportunities as such. Only once you have a common understanding of the opportunities does it make sense to start designing the future state and analysing the cost/benefit relation by including the current baseline and the expected benefits case. As a result, every opportunity gets its own ‘mini initiative business case’, to be considered when follow up decisions are made the opportunities are finally prioritised.

Define the necessary measures and activities

When preparing descriptions of the initiatives, you need to clearly define ownership and responsibilities right at the beginning. As every control streamlining initiative is a little project in itself, the underlying goals and KPIs for measuring the initiative’s success have to be confirmed by its owner. After this step, the activities and the corresponding timeline, as well as any change-management-related activities and communication, can be planned, and the immediate next steps initiated.

Implement the changes

Implementation should follow a roadmap that considers the prioritisation of activities and divides delivery into the short and medium term. Typically, a tight timeline will be chosen to ensure that any improvements in control efficiency and effectiveness are rapidly visible. Obviously you have to differentiate between mandatory changes or quick wins and more complex, long term improvements that contain technical adjustments or the automation of manual procedures.

Last but not least, there must be enough time to lead the people involved through the improvement- related transformation phase and ensure that they start acting according to the new standards and procedures.

In this kind of exercise it’s important to make sure that interests are aligned across divisions, the people affected are involved early on, and that everything is communicated properly. This way you’ll be able to generate demand, be in a position to replicate the approach, and establish a systematic and continuous process of improving controls efficiency and effectiveness.


Dr. Milena Danielsen
Advisory Director
+41 58 792 44 47

Alexandra Burns
Assurance Director
+41 58 792 46 28

Are public projects doomed to failure from the start? – Transformation Assurance

Public projects have a bad reputation. Is it deserved, or more a matter of expectations and the way success and failure are defined? In this critical review we take a close look at what makes public-sector IT and transformation projects different from those in other areas, the specific challenges they face, and tried-and-tested approaches to making them a success. Read more…


Marc Lahmann
Director and Leader Transformation Assurance
+41 58 792 27 99

SWIFT Customer Security Programme – mandatory specifications to protect your local SWIFT infrastructures

The growing number of cyber-attacks, including those on the local infrastructures of SWIFT participants, has prompted SWIFT to create a security programme for its participants in order to fight together against cyber threats.

SWIFT published its Customer Security Programme in April 2017. It defines specific requirements to be met by all connected participants. The programme aims to improve the exchange of information within the SWIFT community, to ensure a high level of security for the local SWIFT infrastructure of participants, and to put in place an assurance framework to counter the ever growing number of cyber threats and strengthen the ability of SWIFT participants to combat cyber-attacks.

SWIFT Customer Security Programme

The programme calls upon all SWIFT participants to implement a control and assurance framework. The control framework consists of a set of 16 mandatory and 11 advisory security controls. The controls are based on existing SWIFT security guidelines, and are in line with good practice standards such as NIST, ISO/IEC 27002 and PCI-DSS. The mandatory controls establish a security baseline for the entire SWIFT community. SWIFT also recommends implementing the advisory controls to provide optimal protection for local SWIFT infrastructures.

Demands placed on SWIFT participants

The SWIFT Customer Security Programme will come into force on 1 January 2018. As well as applying to financial service providers, it is also valid for all companies that participate in the SWIFT network. Before the introduction of the programme, each SWIFT participant must conduct a self-assessment and notify SWIFT of its status regarding compliance with the controls (by the end of 2017). From 2018, all participants must confirm their compliance with controls on an annual basis. This confirmation can be provided via a self-assessment (self-attestation), internal audit (self-inspection) or external audit (third-party inspection). Participants are free to choose the type of confirmation they wish to submit. SWIFT will however also carry out regular spot checks of confirmations via internal or external audits for quality assurance purposes.

SWIFT participants must consider the following points in particular:

  • Should only the mandatory controls be implemented, or also the advisory ones?
  • How should the assurance framework be structured? Is self-assessment sufficient, or should an internal or external audit be conducted on a regular basis?
  • Should the status regarding compliance with controls be made public to other SWIFT participants?
  • How can it be ensured that controls continue to be adhered to in the future?

The support we offer you

SWIFT Readiness Assessment

We can help make sure you comply with the SWIFT requirements by 1 January 2018 by assessing your current status and highlighting any gaps.

SWIFT control support

We can provide support for the implementation of controls by means of a post-implementation review.

SWIFT compliance confirmation

We can assist you with your annual confirmation of compliance with SWIFT requirements.

Please feel free to contact our experts if you are interested in the topic.

More information


Jens Probst
Director, Systems & Process
+41 58 792 29 59

Claudia Hösli
Senior Manager, Specialist Cyber Security
+41 58 792 14 85

Marco Schurtenberger
Senior Manager, Specialist Cyber Security
+41 58 792 22 33

Auditing Corporate Culture

Recent ethical scandals have put corporate culture in the spotlight. They reveal that a weak or toxic corporate culture may encourage inappropriate behavior across the organization. PwC held an Internal Audit Roundtable in Geneva to take on this topic. Here are some pieces of advice and best practices from the roundtable to help you achieve a healthier and stronger culture.

What is the role of Internal Audit in restoring trust in and within the organization?

There is an increasing expectation from the Board and Senior Management for Internal Audit functions to provide cultural assurance to the organization. Indeed, Internal Audit functions are well positioned to provide an independent assessment of corporate culture, while leveraging on their understanding of the organization.

How should it be performed?

As there is no “one size fits all” approach to auditing culture, Internal Audit plays a key role in helping the Board define the scope of the assessment (e.g. culture, risk culture), the framework to assess against (e.g. corporate values, behaviors, strategic priorities, etc.) and design the approach. To get a good coverage across high cultural risk areas, Internal Audit will likely use a combination of approaches including discrete culture reviews, thematic reviews and/or incorporating a cultural component into regular audits. It can also draw on a variety of data from different sources such as focus groups, employee surveys, desktop reviews and behavioral observations.

What value does it bring to the organization?

Culture assessments help the Board identify how the ‘intended’, ‘expressed’ and ‘actual’ culture is aligned within the organization. The ultimate value delivered to the business is the identification of behaviors having positive or detrimental impact and the drive for embedding positive behaviors across all layers of the organization.

In short, auditing corporate culture is not so much a one-time audit but rather a tool to assess the existing corporate culture and to start the journey for a healthier and stronger culture.

What Internal Audit Leaders in Switzerland think about it:

“ Our corporate culture is not strong enough. However, the organization is not yet ready for this type of assessment. ”

“ When I audited this local entity, I could feel that people wanted to talk to me about something that was wrong. ”

“ In my organization, this could work if we do not call it an audit, but rather an assessment. ”

“ We already started this type of cultural audit through a thematic review on fraud. ”

“ This type of assessment would probably highlight that our intended culture (purpose, vision, values) is not aligned with our expressed culture (leadership action, objectives, etc). ”

What are the top 3 questions you may ask yourself if you want to further explore this topic within your organization?

  1. Where is there cultural risk in my organization?
  2. What criteria do I assess against and what is in scope?
  3. How do I get Management buy-in and establish the mandate?

In our Internal Audit roundtable in Geneva, it was noted that not very many Internal Audit functions in Switzerland have actively addressed culture within their audit plans. At the same time, Chief Audit Executives recognize the value of culture and how it can play a key role in fostering good governance and a healthy control environment. A diverse array of approaches and techniques can be used by Internal Audit to assess culture and provide additional value add for Management and Boards.

Download the PDF version of this article here:

To learn more about this topic, please feel free to contact our Internal Audit Services team.

Dominique Perron
Partner, Internal Audit Services, PwC Geneva
dominique.perron@ch.pwc.com / +41 58 792 94 48

Richard Thomas
Partner, Internal Audit Services, PwC Zurich
richard.j.thomas@ch.pwc.com / +41 58 792 27 82

Nicolas Gaillard
Director, Internal Audit Services, PwC Geneva
nicolas.gaillard@ch.pwc.com / +41 58 792 98 52

Céline Hartenberger
Manager, Internal Audit Services, PwC Geneva
celine.hartenberger@ch.pwc.com / +41 58 792 96 23