-
Why Grant Thornton
Whether you’re growing in one market or many, looking to operate more effectively, managing risk and regulation, or realising stakeholder value, our firms can help.
-
Culture and experience
Grant Thornton’s culture is one of our most valuable assets and has steered us in the right direction for more than 100 years.
-
Global scale and capability
Beyond global scale, we embrace what makes each market unique, local understanding on a global scale.
-
Join our network
In a world that wants more options for high quality services, we differentiate in the market to grow sustainably in today’s rapidly changing environment.
-
Leadership governance and quality
Grant Thornton International Ltd acts as the coordinating entity for member firms in the network with a focus on areas such as strategy, risk, quality monitoring and brand.
-
Africa
24 member firms supporting your business.
-
Americas
31 member firms, covering 44 markets and over 20,000 people.
-
Asia-Pacific
19 member firms with nearly 25,000 people to support you.
-
Europe
53 member firms supporting your business.
-
Middle East
8 member firms supporting your business.
-
Business consulting services
Our business consulting services can help you improve your operational performance and productivity, adding value throughout your growth life cycle.
-
Business process solutions
We can help you identify, understand and manage potential risks to safeguard your business and comply with regulatory requirements.
-
Business risk services
The relationship between a company and its auditor has changed. Organisations must understand and manage risk and seek an appropriate balance between risk and opportunities.
-
Cybersecurity
As organisations become increasingly dependent on digital technology, the opportunities for cyber criminals continue to grow.
-
Forensic services
At Grant Thornton, we have a wealth of knowledge in forensic services and can support you with issues such as dispute resolution, fraud and insurance claims.
-
Mergers and acquisitions
We work with entrepreneurial businesses in the mid-market to help them assess the true commercial potential of their planned acquisition and understand how the purchase might serve their longer-term strategic goals.
-
Recovery and reorganisation
Workable solutions to maximise your value and deliver sustainable recovery.
-
Transactional advisory services
We can support you throughout the transaction process – helping achieve the best possible outcome at the point of the transaction and in the longer term.
-
Valuations
We provide a wide range of services to recovery and reorganisation professionals, companies and their stakeholders.
-
Sustainability advisory
We can assist you with a variety of sustainability advice depending on your needs, ranging from initial strategy development, reporting and compliance support, through to carbon measurement and management.
-
IFRS
At Grant Thornton, our IFRS advisers can help you navigate the complexity of financial reporting from IFRS 1 to IFRS 17 and IAS 1 to IAS 41.
-
Audit quality monitoring
Having a robust process of quality control is one of the most effective ways to guarantee we deliver high-quality services to our clients.
-
Global audit technology
Our global assurance technology platform provides the ability to conduct client acceptance, consultations and all assurance and other attestation engagements.
-
Sustainability assurance
Our sustainability assurance services are based on our global network of specialists, helping you make more efficient decisions for the good of your organisation.
-
Corporate and business tax
Our trusted teams can prepare corporate tax files and ruling requests, support you with deferrals, accounting procedures and legitimate tax benefits.
-
Direct international tax
Our teams have in-depth knowledge of the relationship between domestic and international tax laws.
-
Global mobility services
Through our global organisation of member firms, we support both companies and individuals, providing insightful solutions to minimise the tax burden for both parties.
-
Indirect international tax
Using our finely tuned local knowledge, teams from our global organisation of member firms help you understand and comply with often complex and time-consuming regulations.
-
Transfer pricing
The laws surrounding transfer pricing are becoming ever more complex, as tax affairs of multinational companies are facing scrutiny from media, regulators and the public
-
Africa tax desk
A differentiating solution adapted to the context of your investments in Africa.
-
Sustainability tax
Through our sustainability tax advisory services, we can advise how environmental taxes, incentives, and obligations can impact your progress, requiring alignment with governmental and legislative pressures.
-
Banking Holding banking to account: the real diversity and inclusion pictureWe explore how the banking sector can continue to attract, retain and nurture women to build a more diverse and inclusive future.
-
Sustainability From voluntary to mandatory ESG: How banks can future-proof their operationsAs we move from voluntary ESG initiatives to mandatory legislation, we explore what the banking sector needs to prioritise.
-
IFRS IFRS 9 - Audit of Expected Credit LossesGPPC releases The Auditor’s response to the risks of material misstatement posed by estimates of expected credit losses under IFRS 9
-
growthiQ Steering your company to long-term successHistory has something important to tell us about the difficulties of steering a business to long-term success – through seismic shifts in technology, consumer demands and product development. With that in mind it’s unsurprising that over half the world’s largest companies in the early 1900s had shut their doors by the late 1990s. Some, however, have endured.
-
International Financial Reporting Standards Implementation of IFRS 17 ‘Insurance Contracts’The auditor’s response to the risks of material misstatement arising from estimates made in applying IFRS 17 ‘Insurance Contracts’
-
IFRS Get ready for IFRS 17After twenty years of development the IASB has published IFRS 17 ‘Insurance Contracts’, find out more.
-
Global business pulse - industry analysis Mid-market recovery spreads to more industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Global business pulse - industry analysis A very uneven recovery across industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Global business pulse - Sector analysis Clear patterns of damage from COVID-19 across the industriesThe index results for 12 key sectors of the mid-market reveal just how much or little the various parts of the economy were impacted by COVID-19.
-
Not for profit Mission: possible – putting impact at the heart of charityGlobal charitable continues to decline and charity leaders are increasingly looking at their own unique impact journey.
-
Access to finance Raise finance to invest in changePrepare your business to raise finance to invest in change.
-
Private equity firms Private equity in the mid-market: reshaping strategies for 2021When the global COVID-19 pandemic stormed across the globe in early 2020, the private equity sector was hit hard but deals are coming back to the market.
-
Mid-market businesses Getting ready for private equity investmentOur specialists explore how private equity firms are now working with their portfolios and how the mid-market can benefit from investment.
-
Mid-market businesses Myth-busting private equityNervous about partnering with Private Equity? We explore some of the common myths we come across when speaking to mid-market businesses about PE investment.
-
Public sector Helping build the government of tomorrow, todayLearn about the Grant Thornton US public sector team.
-
Global business pulse - industry analysis Mid-market recovery spreads to more industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Global business pulse - industry analysis A very uneven recovery across industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Global business pulse - Sector analysis Clear patterns of damage from COVID-19 across the industriesThe index results for 12 key sectors of the mid-market reveal just how much or little the various parts of the economy were impacted by COVID-19.
-
Industries European Real Estate PodcastJessica Patel, Tax Partner at Grant Thornton UK speaks with tax partners and directors across the network to share their insights on the real estate market and some of the challenges.
-
Industries European Real Estate PodcastJessica Patel, Tax Partner at Grant Thornton UK speaks with tax partners and directors across the network to share their insights on the real estate market and some of the challenges.
-
Global business pulse - industry analysis Mid-market recovery spreads to more industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Global business pulse - industry analysis A very uneven recovery across industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
-
Global business pulse - industry analysis Mid-market recovery spreads to more industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Global business pulse - industry analysis A very uneven recovery across industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Retail How retail is positioning for successCOVID-19 provided some hard lessons for the retail industry. It is time to turn those into sustainable and well executed growth strategies in 2021.
-
Telecoms Can tech and telecom leverage economic headwindsAs most businesses brace for an economic downturn, tech and telecom could see new prospects. But, to turn the headwinds to your advantage, you need to find your unique opportunities and risks.
-
Technology Mid-market tech companies lead the way on diversity and inclusionWe explore how the mid-market tech sector can continue to build and nurture a culture that’s increasingly more diverse and inclusive for women.
-
Tax Resetting global tax rules after the pandemicBusinesses are seeing rising challenges, and finance heads are dealing with a range of new measures. To say the next 12 months are critical for businesses is an understatement.
-
TECHNOLOGY International tax reform: the potential impact on the technology industryIn this article, we’ve summarised key elements of the global tax reform proposals, their potential impact on technology industry and advice from our digital tax specialists on what technology companies can do to prepare.
-
Telecoms Can tech and telecom leverage economic headwindsAs most businesses brace for an economic downturn, tech and telecom could see new prospects. But, to turn the headwinds to your advantage, you need to find your unique opportunities and risks.
-
TMT TMT industry: Fully charged or on standby?Our research revealed five key trends that resonated with Technology, Media and Telecoms (TMT) industry leaders around the world. We asked a panel of our experts from UK, US, India Ireland and Germany, to give us their reaction to the findings.
-
Cybersecurity One size fits nothingTechnology companies must adopt a new approach to digital risk: those that successfully develop a reputation for digital trust by demonstrating an unwavering commitment to cyber security and data privacy will be able to carve out a competitive advantage.
-
Technology, media & telecommunications Why it’s time for a 5G reality checkFigures suggest the mobile sector is maturing. While data usage continues to soar, mobile revenues are expected to flatten out over the next few years.
-
International business Mid-market businesses lifted by rising tide of optimismOptimism among global mid-market business leaders rose to 67% in the first half of this year and they are markedly more optimistic about their prospects with global optimism having increased by 8%.
-
Global business pulse - industry analysis Mid-market recovery spreads to more industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
-
Hotels COVID-19: Checking in with the hotel industry one year onCOVID-19 provided some hard lessons for the hotel sector. It is time to turn those into sustainable and well executed growth strategies.
-
Global business pulse - industry analysis A very uneven recovery across industriesThe index results for 13 key industries of the mid-market reveals a very uneven recovery from COVID-19
- By topic
-
Women in Business 2024
2024 marks the 20th year of monitoring and measuring the proportion of women occupying senior management roles around the world.
-
COP28: Mid-market firms should seize the opportunity from adaption and innovation
COP28 was the first time there has been a global stocktake on progress against the Paris Agreement.
-
Scanning the horizon: Mid-market sets sights on global trade growth
The latest International Business Report (IBR) data shows that mid-market businesses have high expectations for global trade.
-
Mid-market sees business optimism reach record high
Grant Thornton's latest International Business Report (IBR) sees optimism among mid-market business leaders reach a record high with 74% optimistic about the outlook for their economy over the next 12 months.
-
Women in tech: A pathway to gender balance in top tech roles
Grant Thornton’s 2024 Women in Business data suggests we are far from achieving parity within the mid-market technology sector.
-
Women in leadership: a pathway to better performance
What makes the benefits of gender parity compelling is the impact it can have on commercial performance.
-
Women in Business 2024
2024 marks the 20th year of monitoring and measuring the proportion of women occupying senior management roles around the world.
-
Women in business: Regional picture
We saw an increase in the percentage of senior management roles held by women, on a global level, but there are some significant regional and country variations.
-
Pathways to Parity: Leading the way
To push towards parity of senior management roles held by women, who leads within an organisation is vital.
-
Generating real change with a long-term focus
The most successful strategy to achieve parity of women in senior management is one which stands alone, independent of an ESG strategy.
-
People at the heart of great business
Businesses have started to put guidelines and incentives in place, focused on driving employees back to the office.
-
Focusing and developing a solid strategy around diversity, equity and inclusion
Grant Thornton Greece is pioneering a growing set of diversity, equity and inclusion (DE&I) initiatives that centre around three strategic pillars.
-
Ten considerations for preparing TCFD climate-related financial disclosures
Insights for organisations preparing to implement the International Sustainability Standards Board (ISSB)’s Standards.
-
COP28
COP28 was the first time there has been a global stocktake on progress against the Paris Agreement.
-
Transition Plan Taskforce publishes its final disclosure framework
As organisations in the private sector make commitments and plans to reach net zero, there's a growing need for stakeholders to be able to assess the credibility of their transition plans.
-
Promoting ESG excellence through tax
ESG considerations have never been more important for an organisation’s long-term success, but how can tax be used to add value to an ESG agenda?
-
International business: Mid-market growth and expansion
The mid-market looks to international business opportunities for growth.
-
Top five constraints to international business in the mid-market
Top five major constraints that are testing the mid-market’s ability to grow their businesses internationally.
-
Brand and international marketing – breaking global barriers
Brand has been identified as a key driver of mid-market success when looking to grow and develop international business.
-
The key to international business: Investing in people
How can recruitment and retention help grow international business?
-
Building resilience in international business
Evolving supply chains and trade patterns amid ongoing global uncertainty.
-
IFRS Alerts
IFRS Alerts covering the latest changes published by the International Accounting Standards Board (IASB).
-
Example Financial Statements
General guidance for preparers of financial statements that supports the commitment to high quality, consistent application of IFRS.
-
Insights into IFRS 2
Insights into IFRS 2 summarises the key areas of the Standard, highlighting aspects that are more difficult to interpret and revisiting the most relevant features that could impact your business.
-
IFRS 3
Mergers and acquisitions are becoming more common as entities aim to achieve their growth objectives. IFRS 3 ‘Business Combinations’ contains the requirements for these transactions.
-
IFRS 8
Our ‘Insights into IFRS 8’ series considers some key implementation issues and includes interpretational guidance in certain problematic areas.
-
IFRS 16
Are you ready for IFRS 16? This series of insights will help you prepare.
-
IAS 36
Insights into IAS 36 provides assistance for preparers of financial statements and help where confusion has been seen in practice.
-
IFRS 17
Explaining the key features of the Standard and providing insights into its application and impact.
-
Pillar 2
Key updates and support for the global implementation of Pillar 2.
-
Global expatriate tax guide
Growing businesses that send their greatest assets – their people – overseas to work can face certain tax burdens, our global guide highlights the common tax rates and issues.
-
International indirect tax guide
Navigating the global VAT, GST and sales tax landscape.
-
Global transfer pricing guide
Helping you easily find everything you need to know about the rules and regulations regarding transfer pricing and Country by Country reporting for every country you do business with.
Technology companies must adopt a new approach to digital risk
Jutting out into Austria’s skyline, emerging from the surrounding forest, lies an ancient medieval wonder – Hochosterwitz Castle. The thousands of tourists that flock here every year soon learn a surprising fact: it is one of only a very small number of castles around the world that has never been breached.
Like Khevenhüller, they must identify the assets that are most important, consider the most likely lines of attack, and tailor a defensive strategy accordingly.
Of course, a holistic digital risk strategy (which should span cyber security and data privacy risk across the enterprise) must incorporate more than defending against cyberattack. Ever stricter data protection regulation, not to mention the public’s growing awareness of privacy, means technology companies must regularly reexamine privacy controls. Data asset categorisation is essential in this process too.
Five recommendations for building and maintaining digital trust
Technology companies are most vulnerable
The annual global cost of cybercrime is estimated to hit US$6tn in 2021, up from US$3tn in 2015.(i) James Arthur, partner and head of cyber consulting at Grant Thornton UK agrees. “Technology companies are particularly impacted.”
“It is important for technology companies to develop a digital risk strategy based on their most strategically important data assets,” says James. “After all, they typically hold more data than non-tech companies and often lead the way in adopting new technologies, which can create cyber vulnerabilities.”
B2C technology companies also house and process huge volumes of sensitive, personal information. It is therefore no surprise that IT was the most targeted sector for web application cyber-attacks last year.(ii)
Added together (and as revealed in our previous cyber research) this means that technology companies are now more vulnerable to cyber attacks and customer data breaches than ever before. This not only exposes them to hefty regulatory fines, but also business-crippling reputational damage.
Get ahead of regulators
In the last three years, technology companies made great efforts to comply with new data privacy and protection regulations, not least GDPR. Most large technology companies are now compliant, but they must remain vigilant. Data protection regulations are becoming stricter and the penalties for non-compliance are increasing. What’s more, customers are becoming more aware of privacy issues and are prepared to punish companies for not taking it seriously.
Technology companies must respond by going above and beyond the minimum required by the regulator on privacy. “Tech companies today need to go beyond the basics to ensure compliance because these companies service their clients in a regulated industry and are largely data controllers, while their clients may be data processors,” confirms Akshay Garkel, advisory partner at Grant Thornton India.
“Cloud service providers may be required to maintain 10 out of 20 (for example) data controls for minimum compliance. But they shouldn’t stop there. In the spirit of ensuring security and privacy they might want to go at least four or five notches above the minimum expected from the regulator because clients will demand it.”
The tightrope between privacy and analytics
But a careful balance must be struck. Customers will appreciate technology companies going the extra mile on privacy, but not if it restricts their ability to receive personalised offers or the development of products tailored to their individual needs.
Individual companies aside, overbearing privacy law prevents the use of data to drive positive societal outcomes, be that in relation to healthcare, disease monitoring or traffic accident reduction. So, governments and regulators must also be careful not to enact overly restrictive privacy laws.
“The balance between data protection and using data for the public good is a key debate for society,” says Nick Watson, partner and technology sector lead at Grant Thornton UK. “Germany has very strong privacy rules, but this has resulted in traffic accident data not being collected on particular stretches of roads. Therefore, they weren’t able to collect data that would have pinpointed a particular accident hotspot. You could take data privacy to a level where even non-personalised data is not collated on a group-wide, anonymous basis. In this case society would lose out.”
The middle-man in surveillance
Judging how far to go on privacy has become more complex because, like it or not, many technology companies are now surveillance intermediaries. Whether it be messages sent on social media, recordings from Echo devices or location data stored on smart phones, technology companies possess information that is useful for fighting crime.
There is no question that they must comply with the law regarding requests for information, but they have discretion over how swiftly they reply and the depth of information they provide.
Many now wonder whether law enforcement data requests should be processed without question, or heavily scrutinised in the interest of preserving privacy.
In the past, some technology companies resisted rather than cooperated with law enforcement. But as technology companies unwittingly accumulate more and more vital evidence, there is controversy in some markets about which data is shared, how much and for what purpose.
After all, being perceived as uncooperative with counter-terrorism forces is far more damaging than not adhering to the absolute strictest privacy standards.
Strengthen protection of digital assets
How should technology businesses respond to rising digital risk? First and foremost, they must classify, categorise and map out their digital assets to understand the specific risks and value associated with them.
Armed with this insight, they should develop and implement a nuanced, risk-based digital risk strategy that fortifies the digital crown jewels – those deemed most critical to the business and its customers.
Of course, one company’s most valuable data may be completely unimportant to another. For example, fintech companies highly value customers’ financial information, entertainment technology companies place high importance on consumer preference data and high-tech companies treasure their IP.
This approach sounds sensible. But a surprisingly large number of technology companies do not do this, and instead rely on an outdated one-size-fits-all approach to cyber security and data privacy based on perimeter security.
Orus Dearman, managing director of risk advisory services at Grant Thornton US, explains how this classification process can lead to practical change that reduces vulnerability.
“We assisted a technology company client in performing a data categorisation process to enable them to efficiently identify sensitive and personal information within their databases and networks as part of an overall data inventory. This allowed the company to deploy data protection resources where they are needed and would have the most impact,” he says. “Now, if anyone wants to change anything to do with this data or these systems, the privacy team is brought into the process as part of the workflow.”
Bin useless data
In contrast, data revealed to be not at all useful to the business and not required for regulatory and compliance purposes should be deleted or appropriately anonymised. This reduces the risk of it being compromised.
Naturally, technology companies can be reluctant to delete information due to concerns they might need it for an audit or that it is essential for something they are unaware of. Data mapping helps realise interdependencies, which can assist in deleting data.
But data asset categorising doesn’t just reduce risk. It also creates value. This exercise might identify a dataset or combination of datasets that can be used to improve the efficiency of internal operations or gain insight into customer preferences.
When strategy changes, so should data categorisation
Technology companies must remember two things when profiling data assets. First, it is not a one-off exercise. They must constantly map out their digital assets as the nature of the threat changes and as their business priorities evolve.
Second, this task cannot be left to the information security officer or head of IT. It is a critical business decision that must align to business objectives. Senior business leaders must be involved in the process.
Drive competitive advantage through trust
There is a real opportunity for B2B technology companies to market themselves around digital trust. Those that demonstrate readiness to respond to a cyber threat, responsibly handle customer data and empower customers to manage privacy controls stand to gain a competitive advantage.
To start building trust, technology companies must offer value-added cyber security solutions such as malware and ransomware screening that plugs vulnerabilities as part of their core offering. Customers will also be impressed with suppliers that conduct comprehensive cyber security audits and produce independent assurance reports.
“Reports that demonstrate capability, security, and a serious commitment to risk management (such as SOC2 or ISAE3402) are without question a way for technology companies to differentiate themselves from the competition,” says Matthew Green, technology advisory partner at Grant Thornton Australia. “The more astute clients are now starting to ask for the validation and the ongoing assurance that the organisation is maintaining an appropriate level of data security and are requesting those reports as a way of demonstrating it.”
There are a number of security standards that technology companies can use to demonstrate best practice digital resilience. But because every technology company is different, these merely provide a starting point. Technology companies should evaluate what their customers want when it comes to privacy and security and prioritise this.
Consumers value control
The jury is out on whether B2C technology can truly differentiate themselves through digital trust. Still, there is no harm in making it incredibly easy for customers to identify and delete data that is held about them and manage privacy settings.
B2C technology companies must also make privacy policies crystal clear. Today, most are displayed in tiny lettering across multiple pages, making them impossible to decipher.
“Privacy should be an enabler and not hinder innovation. Companies who have embraced good privacy practices should use that as a branding platform in the market,” confirms Orus.
“Clearly communicating privacy policies in a transparent way is essential. The general trend for technology companies is to develop a user hub that allows users to see what data is being held about them and allows them to opt in and out of various things."
"Privacy regulations such as the GDPR and upcoming California Consumer Privacy Act (CCPA) require clear and concise privacy notices for applicable data subjects. However, for those of us that don’t fall into the GDPR or CCPA buckets, many user agreements are over a hundred pages long, so they can still be made more user-friendly.”
Our five recommendations
Technology companies should implement the following recommendations to build and maintain digital trust:
- Categorise data assets according to their strategic importance. Those that will disrupt the business or customer experience or cause untold reputational damage if compromised should be heavily protected.
- Regularly review your data asset categorisation in collaboration with senior business leaders. This categorisation must align with business objectives, which may change over time.
- Don’t just think about the minimum required from the regulator when implementing data protection controls. Instead, consider what regulations may look like in the future.
- Collaborate fully with valid requests for data and information and know the extent to which data should be provided.
- Demonstrate your commitment to data protection by having your cyber risk practices tested regularly by an independent third-party. This will help to build trust.
When it comes to protecting your business to become immune to a cyber attack or data breach, one size does not fit all. However, technology companies can bolster their resilience by applying some or all of these recommendations so long as they tailor their actions to suit their unique position, and that of their clients.
Find out more about managing digital risk by contacting one of our advisors or find your local Grant Thornton firm.
Footnotes
(i) Cybersecurity Ventures 2018
(ii) Positive Technologies 2018
Contact our people
Steven Perkins
National managing director of technology, media and telecommunications industries
Grant Thornton US