Businesses across Europe are unprepared for the EU’s General Data Protection Regulation (GDPR), which comes into law in May 2018, according to new research conducted for RSM, the audit, tax and consulting network, by the European Business Awards.

The survey, completed by 400 of Europe’s successful business leaders, asked about their preparedness for GDPR and how the new regulation will impact their operations.

Less than 12 months before the new regulation comes into effect, only 8% of business are ready for GDPR, and have made the necessary changes to be compliant with the regulation.

Meanwhile, one in four business leaders (28%) are completely unaware of the regulation they will have to adhere to. Worryingly, 26% of business leaders familiar with their GDPR strategy, admit their organisation will not be compliant by the May 2018 deadline.

Businesses that fail to comply before the deadline could face fines of up to 4% of global turnover or €20 million, whichever is higher.

Many businesses do not fully comprehend the hurdles they will have to overcome ahead of the fast-approaching deadline

The process of preparing for GDPR is already impacting business operations. The survey highlights that a concerning number of businesses are cutting back in other areas including plans to create innovative new products (23%) or to fuel growth through international expansion (22%).

Jean Stephens, CEO, RSM, commented: “In less than seven months, businesses across the continent will have to adhere to GDPR. We have seen an increase in clients asking us about GDPR consulting services. However, it is clear from this research that many businesses do not fully comprehend the hurdles they will have to overcome ahead of the fast-approaching deadline.

"Business leaders need to understand that this is not a simple tick-box exercise. They will likely need to implement significant changes that could impact their organisation as a whole and so the sooner they begin to prepare, the better.”

Commenting about this new regulation RSM Malta’s managing partner, Maria Micallef said: "Business leaders need to look into the possibility of updating and introducing new processes and raising awareness across employees handling personal data."

The complexity of the GDPR regulation is starting to weigh on European businesses. Of those that are looking at the regulation, 51% believe it is too complicated for SMEs and middle market businesses. Two out of five companies (41% of those involved in or aware of their organisation’s strategy) believe the requirements of the GDPR regulation will significantly increase their business expenditure, including spending on consulting services.

The use of external expertise is increasingly prevalent, with 60% of businesses looking for external support in order to deliver their compliance project before the May 2018 deadline.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.