Risk & Governance in New Zealand 
Right-sized controls and governance for growing NZ companies and their offshore parents.
Risk & Governance, tuned to New Zealand.
Right-sized controls and governance for growing NZ companies and their offshore parents.
Reporting framework: IFRS (NZ IFRS). Primary regulator: the IRD. Company registry: the Companies Office. Everything runs remotely, on New Zealand's calendar, in NZD.
What's included.
The complete risk & governance scope — all of it available to New Zealand clients.
SOX 404 & internal controls over financial reporting
Designing, documenting and testing the controls US-listed (and pre-IPO) companies must certify — scoped so the effort matches the risk.
Internal audit (outsourced / co-sourced)
A full internal audit function — plan, fieldwork, reporting — for companies that need the assurance without a department.
Audit-readiness assessments
A dry run before your external auditors arrive: reconciliations, support files and positions checked so the audit doesn't become an archaeology project.
Enterprise risk management
A practical risk register and response plan — the version a board actually uses, not a shelf document.
Policy & process design
Finance policies (delegation of authority, procurement, expense, close) and SOPs written for how your company actually works.
Fraud risk reviews
Segregation, access and payment-flow reviews that find the gaps before someone else does — plus support when something has already gone wrong.
Regulatory compliance mapping
The finance-relevant obligations in each market you operate in, mapped to owners and calendars so nothing is discovered late.
IT general controls coordination
The ITGC layer (access, change, backup) documented and tested in step with your financial controls.
Corporate governance reviews
Board structures, charters and reporting lines benchmarked and tightened — especially ahead of investment or listing.
Board & audit-committee reporting
Clear, decision-ready reporting packs for boards and audit committees, on a fixed cadence.
Process & quality control.
Scoping & risk assessment
We agree which processes and controls matter — materiality first, checklists second.
Documentation
Narratives, flowcharts and control matrices in a format your auditors accept.
Testing
Design and operating-effectiveness testing with clearly stated samples and results.
Remediation & reporting
Gaps ranked by risk, with owners, deadlines and retest dates.
Risk & Governance in New Zealand — FAQs
How does Risk & Governance work for a New Zealand company specifically? +
We're not listed — is SOX relevant to us? +
Will our external auditors accept your work? +
How disruptive is the testing? +
Can you fix the gaps you find? +
Risk & Governance for your New Zealand business.
Book a discovery call — or send this exact page to whoever needs it.