Publication

6 December 2018

GDPR: implications for auditors

Statutory auditors regularly process personal data obtained from their clients. They are therefore directly impacted by the General Data Protection Regulation (GDPR) that entered into force in May 2018.  

This publication aims to clarify what role auditors play under GDPR, i.e. whether they act as data controllers or as data processors. This distinction matters as the responsibilities allocated to each role are different. 

We conclude that in principle, statutory auditors qualify as data controllers. For non-statutory audit services, we encourage practitioners to analyse the processing of personal data on a case-by-case basis to determine whether they will be considered data controllers or data processors. Respective role and responsibilities should be stated in the engagement letter.

 

 

 

Related content

BlogGDPR one year on: its impact on auditors and accountants?

13 May 2019

Stories from PracticeWorried about the GDPR? Call your accountant!

3 December 2018

UpdateTechnology: GDPR extra

23 March 2018

BlogGetting your SME practice GDPR proof

25 January 2018

PublicationFAQs: all you need to know about the Corporate Sustainability Reporting Directive

23 November 2022

UpdateSME Update

17 November 2022

EventSMEs’ sustainable transition: how to support it?

15 November 2022

PublicationSME risk management – cyber risks & resilience checklist

10 November 2022

NewsEC’s proposal to ban products made using forced labour

28 October 2022

EventMembers’ Engagement Day

19 October 2022

Stories from practiceInsight from SME accountants: sustainability matters for the new generation

12 October 2022

EventThe impact of bribery and corruption on SMEs

11 October 2022

UpdateSME Update

30 September 2022

Stories from practiceInsights from SME accountants: taking up the sustainability challenge to help SMEs

29 August 2022

Stories from practiceInsights from SME accountants: from professional sports to environmental accounting

9 August 2022

Stories from PracticeInsights from SME accountants: practitioners help SMEs go green

25 July 2022

UpdateSME Update

12 July 2022

Stories from practiceInsights from SME accountants: how to keep bringing value to small businesses

6 July 2022

EventSustainability assurance under the CSRD: practical implications

22 June 2022

PublicationStronger internal controls to reduce corporate risks

17 June 2022

PublicationNon-audit services

30 May 2022

UpdateSME Update

27 May 2022

PublicationSustainability assurance under the CSRD

10 May 2022

Consultation responseEC’s consultation on VAT in the digital age

30 March 2022

Sign up for our newsletter

* indicates required
Would you like to subscribe to our newsletter?
On which topics would you like to receive news?