Follow Us

Follow us on Twitter  Follow us on LinkedIn
 

06 December 2018

Accountancy Europe: GDPR - implications for auditors


Statutory auditors regularly process personal data obtained from their clients. They are therefore directly impacted by the General Data Protection Regulation (GDPR) that entered into force in May 2018.

This publication aims to clarify what role auditors play under GDPR, i.e. whether they act as data controllers or as data processors. This distinction matters as the responsibilities allocated to each role are different. 

Accountancy Europe concludes that in principle, statutory auditors qualify as data controllers. For non-statutory audit services, Accountancy Europe encourages practitioners to analyse the processing of personal data on a case-by-case basis to determine whether they will be considered data controllers or data processors. Respective role and responsibilities should be stated in the engagement letter.

Full press release



© Accountancy Europe


< Next Previous >
Key
 Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information



Add new comment