01 / Independent Advisory, Zurich
I help organizations strengthen internal controls and use AI safely, and help individual professionals use AI tools more effectively in their own work, so you can innovate without losing control.
Based in Zurich, working with clients across Switzerland and Europe.
Independent assurance, clear insight for management and the board, and stronger control environments grounded in proven Big 4 methodology.
Most organizations already have AI in daily use, with no training and no rules. I design AI literacy programs that are practical, safe, and built around how your teams actually work.
Most people are already using AI without any real training. I help individual professionals build a clear, safe, and genuinely useful way of working with LLMs and agents.
Formats: 1:1 sessions or small groups; a personal AI setup with recommended tools, workflows and safety rules for your context.
Learn More About Individual Coaching →What a typical engagement covers
Applies across both Corporate and Individual services, as one shared process.
Business model or personal workflow, regulatory context, existing controls and tools, current AI use.
Where controls quietly break, where AI could help and where it could hurt.
Audit plans, ICS improvements, AI training programs, usage guidelines, or personal AI routines.
Review, Q&A, refinement, and transfer of skills so clients can continue without heavy dependency.
Whether you're an organization or an individual, the process is the same: understand, identify, co-design, and support adoption. I bring audit rigor into AI education, and AI literacy into audit conversations.
All cases below are Corporate Services engagements.
Case · International NGO
A Swiss-based non-profit running digital support services for vulnerable populations, handling highly sensitive personal data and working with institutional donors and public officials under multi-year grant agreements.
A major donor agreement carried a material breach clause tied to anti-corruption compliance, with no written policy in place; in parallel, the organization processed high-risk personal data under both Swiss FADP and EU GDPR with no documented governance, exposing leadership to personal liability; restricted donor funds also needed clean separation and audit-ready tracking through a multi-year audit window.
Drafted and implemented a zero-tolerance Anti-Bribery & Corruption Policy (covering public officials, facilitation payments, gifts and hospitality thresholds, and a reporting process), a Data Protection Policy aligned with Swiss FADP and EU GDPR (including a 72-hour breach notification protocol), and a restricted-fund tracking process (dedicated project coding, expense tagging, and a standing audit folder) to meet donor reporting obligations.
Documented, board-ready governance covering anti-corruption and data protection risk; a defensible compliance position ahead of donor audits; and a clear, repeatable process for tracking restricted funds tied to institutional grants.
Case · Holcim Group
Fragmented controls and compliance exposure across a multinational footprint, with limited shared risk language between entities and service centers.
As Senior Internal Auditor, ran targeted audit missions mapped to FCPA, UK Bribery Act and Sapin II requirements, coordinated a cross-border data protection review with the Group Data Protection Officer, and helped standardize the rollout of Alteryx Analytics for supplier master data reviews.
Stronger, harmonized compliance coverage across business units and clearer assurance for the Group on anti-corruption and data protection risk.
Case · Amcor Group
A global SOX program required tight risk assessment, control design and stakeholder alignment, while informal AI usage was emerging across teams with no governance, policy, or enterprise-wide use rules in place.
As Audit & Risk Manager, led risk assessment, control design and stakeholder alignment for SOX implementation; built analytics solutions for journal entry testing and anomaly detection; and designed and rolled out an AI governance framework defining acceptable enterprise-wide AI use, alongside a third-party risk management program covering 25 vendors.
Full SOX compliance achieved, a 40% reduction in time spent on journal entry testing and anomaly detection through the analytics solutions built, and a board-ready AI use policy in place ahead of most peers in the sector.
I have 10+ years of experience in internal audit, internal control, risk management and compliance. I trained at KPMG as an Audit Supervisor, auditing major energy-sector groups including EDF, Veolia Environnement and Dalkia, before moving into internal audit and risk leadership roles at Holcim and Amcor.
I've worked across audit, transformation assurance and governance, from SOX implementation and ICS design to compliance reviews (FCPA, UKBA, Sapin II) and data protection reviews. I've seen how organizations really work from the inside: where controls quietly fail, where risk is misunderstood, and where processes can be simplified without losing assurance.
I use modern AI tools (LLMs and agents) daily in my own work, and I designed enterprise AI governance frameworks before most organizations had one. I've spent serious time learning what these tools do well, where they fail, and how to use them without leaking data or breaking process.
This is the perspective I bring to AI education: practical, safe usage rooted in real audit and governance experience, not theory.
I adapt to your use case and your needs. Executive committee, internal audit function, or a team that has never opened an LLM before, I adjust the language, depth and format so people stay engaged and actually learn.
Direct, calm and hands-on. I explain my reasoning, transfer skills, and leave clients better equipped than I found them.