Businesses across Europe are unprepared for the EU’s General Data Protection Regulation (GDPR), which comes into law in May 2018, according to new research conducted for RSM, the sixth largest audit, tax and consulting network, by the European Business Awards.

The survey, completed by 400 of Europe’s successful business leaders, asked about their preparedness for GDPR and how the new regulation will impact their operations.

Less than 12 months before the new regulation comes into effect, only eight per cent of businesses are ready for GDPR and have made the necessary changes to be compliant with the regulation. Meanwhile, one in four business leaders (28 per cent) are completely unaware of the regulation they will have to adhere to. Worryingly, 26 per cent of business leaders familiar with their GDPR strategy, admit their organisation will not be compliant by the May 2018 deadline.  Businesses that fail to comply before the deadline could face fines of up to four per cent of global turnover or €20 million, whichever is higher.

The process of preparing for GDPR is already impacting business operations. The survey highlights that a concerning number of businesses are cutting back in other areas including plans to create innovative new products (23 per cent) or to fuel growth through international expansion (22 per cent).

Jean Stephens, CEO, RSM, commented: “In less than seven months, businesses across the continent will have to adhere to GDPR. We have seen an increase in clients asking us about GDPR consulting services, however, it is clear from this research that many businesses do not fully comprehend the hurdles they will have to overcome ahead of the fast-approaching deadline.

This is not a simple tick-box exercise

“Business leaders need to understand that this is not a simple tick-box exercise. They will likely need to implement significant changes that could impact their organisation as a whole and so the sooner they begin to prepare, the better.”

Commenting about this new regulation, RSM Malta’s managing partner, Maria Micallef said: “As one of Malta’s leading audit, tax and advisory firms we encourage local firms to inform themselves on how the GDPR will impact their businesses in order to have sufficient time to address the necessary compliance gaps and issues that such a complex regulation will bring about. Furthermore, business leaders need to look into the possibility of updating and introducing new processes and raising awareness across employees handling personal data.”

The complexity of the GDPR regulation is starting to weigh on European businesses. Of those that are looking at the regulation, 51 per cent believe it is too complicated for SMEs and middle market businesses. Two out of five companies (41 per cent of those involved in or aware of their organisation’s strategy) believe the requirements of the GDPR regulation will significantly increase their business expenditure, including spending on consulting services.

The use of external expertise is increasingly prevalent, with 60 per cent of businesses looking for external support in order to deliver their compliance project before the May 2018 deadline.

Despite the complexity of the regulation, businesses do appreciate the necessity of GDPR. Business leaders across Europe support the changes with the majority (52 per cent) agreeing that regulation to monitor the use of personal data is necessary.

Adrian Tripp, CEO, European Business Awards, said: “While most European businesses support the need for change around personal data, it is clear that many firms are either finding the GDPR regulations challenging or are unaware of the requirements to them. As the clock is ticking, it is important these businesses review the legislation, seek help if needed or risk facing large-scale fines next year.”

The European Business Awards is the largest cross-sector business competition in Europe. Its primary purpose is to support the development of a stronger and more successful business community.

RSM is currently advising companies on GDPR planning and compliance and will hold a GDPR webinar on November 30.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.