Publication

6 December 2018

GDPR: implications for auditors

Statutory auditors regularly process personal data obtained from their clients. They are therefore directly impacted by the General Data Protection Regulation (GDPR) that entered into force in May 2018.  

This publication aims to clarify what role auditors play under GDPR, i.e. whether they act as data controllers or as data processors. This distinction matters as the responsibilities allocated to each role are different. 

We conclude that in principle, statutory auditors qualify as data controllers. For non-statutory audit services, we encourage practitioners to analyse the processing of personal data on a case-by-case basis to determine whether they will be considered data controllers or data processors. Respective role and responsibilities should be stated in the engagement letter.

 

 

 

Related content

BlogGDPR one year on: its impact on auditors and accountants?

13 May 2019

Stories from PracticeWorried about the GDPR? Call your accountant!

3 December 2018

UpdateTechnology: GDPR extra

23 March 2018

BlogGetting your SME practice GDPR proof

25 January 2018

Stories from practiceInsights from SME accountants: from professional sports to environmental accounting

9 August 2022

Stories from PracticeInsights from SME accountants: practitioners help SMEs go green

25 July 2022

UpdateSME Update

12 July 2022

Stories from practiceInsights from SME accountants: how to keep bringing value to small businesses

6 July 2022

EventSustainability assurance under the CSRD: practical implications

22 June 2022

PublicationStronger internal controls to reduce corporate risks

17 June 2022

PublicationNon-audit services

30 May 2022

UpdateSME Update

27 May 2022

PublicationSustainability assurance under the CSRD

10 May 2022

Consultation responseEC’s consultation on VAT in the digital age

30 March 2022

EventIntellectual property for accountants – train the adviser

25 March 2022

UpdateSME Update

24 March 2022

PublicationHow IP can help build risk resilient SMEs

24 March 2022

PublicationWar in Ukraine – what European accountants need to know

9 March 2022

In the mediaAccountancy Europe & the EUIPO: working together to support and guide SMEs

1 March 2022

UpdateSME Update

25 February 2022

PublicationVAT rates – greater flexibility for Member States

14 February 2022

Consultation responseEC’s consultation on Listing Act: support for ambitious simplified SMEs prospectus

3 February 2022

PublicationSupply chain sustainability assessment

28 January 2022

EventBecause Green Recovery Counts

27 January 2022

Sign up for our newsletter

* indicates required
Would you like to subscribe to our newsletter?
On which topics would you like to receive news?