-
Privacy and Data Protection
Our digital risk team is made up of a combination of subject matter experts and technical specialists who can help your business comply with the GDPR.
-
Governance, Risk and Compliance (GRC)
While business goals and strategies evolve, our services support you wherever you are in your business cycle. The digital economy is simultaneously increasing the magnitude of new business opportunities while increasing the difficulty of getting it right.
-
ISO 27001 and ISO 27701
Grant Thornton’s ISO 27001 and ISO 27701 specialists will arrange and oversee the formal audit process.
-
SOC 1,2,3
As a service organization there are many ways to provide assurance to your customers and in turn other stakeholders over your control environment. One of the most effective and cost-efficient ways is to issue a Service Organization Control (SOC) Report.
-
Incident Response
Grant Thornton’s Cyber Incident Response Team can support your business in the event of a cyberattack or data loss event. We work alongside your existing IT and Legal teams to provide a co-ordinated, timely and efficient investigation and remediation.
-
Hacking Services
At Grant Thornton, our cyber security experts can develop a bespoke penetration testing plan to meet your business needs and unique IT environment. We can undertake the full suite of testing or conduct individual assessments, as required.
-
Cyber Health Check
Approximately 54% of organizations report that they have experienced at least one cyber-attack during the past year. Grant Thornton’s cyber health check provides you with an objective, jargon-free assessment of your current cyber security, drawing on both qualitative and quantitative elements.
-
Dark Web Threat Intelligence
We use a variety of dark and deep web monitoring tools that continuously scans illegal sites to discover any mention of your data, ranging from breached security credentials such as usernames and passwords to leaked confidential documents of your company.
-
Digital forensics and electronic discovery
We offer a full suite of digital forensics and data acquisition services in investigations related to cybercrime, disputes, fraud and regulatory investigations.
-
Insolvency
If you're facing a time of personal or corporate financial crisis you need advice from someone who listens, who understands your specific issues and deals with them in a supportive and sensitive manner.
-
Crisis stabilisation and turnaround
In periods of financial distress, management teams often face considerable challenges, with many directors having little or no experience of similar conditions.
-
Operational and financial restructuring
Companies challenged by underperformance often need support in identifying options for financial or operational restructuring. Tapping this type of advice helps them create a stable platform for business turnaround.
-
Accelerated M & A
Even fundamentally sound businesses run into difficulties. Cash flow can come under pressure from the loss of a big client, or a dip in performance can threaten a breach of banking covenants if there is insufficient headroom.
-
Indirect Tax
Our experienced VAT specialists are available to assist companies and entrepreneurs of all industries and sizes in meeting their obligations.
-
Direct Tax
We can help you ensure a bespoke balance between tax compliance and effective tax planning for your special circumstances.
-
Life at Grant Thornton
At Grant Thornton Cyprus, we are taking a holistic approach and reimagining the way we work, continually assessing it and making necessary changes to better support our people.
-
In the community
Unlocking the potential for growth in our local communities.
-
Diversity and inclusion
Diversity helps us meet the demands of a changing world. We value the fact that our people come from all walks of life and that this diversity of experience and perspective makes our organisation stronger as a result.
-
Global talent mobility
One of the biggest attractions of a career with Grant Thornton Cyprus is the opportunity to work on cross-border projects all over the world.
-
Learning and development
At Grant Thornton we believe learning and development opportunities allow you to perform at your best every day.
-
Our values
We are a values-driven organisation and we have more than 56,000 people in over 140 countries who are passionately committed to these values.
By the end of 2023, the EU Non-Financial Reporting Directive (NFRD) will be in force. The NFRD requires large public interest companies and listed companies to prepare and publish information related to their sustainability performance (society, environment, governance (ESG)) on an annual basis.
From 2024 onwards and for the reporting periods starting from 2025 onwards, the new Corporate Sustainability Reporting Directive (CSRD) comes into force, which will require a wider range of companies to disclose information about their sustainability policies and performance. At this stage, the European Council and the EU have reached a provisional political agreement on the CSRD, which is expected to be fully adopted at a later date, in the near future.
More specifically, from the 1st of January 2024, the new Directive will apply to companies already reporting under NFRD. From the 1st of January 2025, the Directive will also apply to large companies currently not within the scope of NFRD and lastly, from the 1st of January 2026, the Directive will apply for all listed small and medium-sized companies (SMEs). However, listed SMEs have exemption rights for a transitional period of 2 years and therefore will not be obliged to disclose any information until January 2028. This is because, SMEs are likely to struggle due to their size in obtaining resources to develop such strategies and implement the required actions.
The main differences of the two Directives regarding their scope of application are shown in the table below:
Non-Financial Reporting Directive (until Dec. 2023) |
Corporate Sustainability Reporting Directive (from Jan. 2024 onwards) |
Reporting requirements for listed and large public interest companies with more than 500 employees and which have either a balance sheet total of more than EUR20 million or a net turnover of more than EUR40 million. |
Reporting requirements for all Large Companies (Listed and not) which fulfil two of the three criteria listed below:
It also includes all companies with listed securities on EU-regulated markets, except micro-undertakings. |
As a result of these changes, it is estimated that the companies now obligated for such disclosures will be approximately quadruple in quantity (around 50,000 companies) than those within scope of the previous Directive.
Member States are currently being encouraged, regarding SMEs, to consider introducing supportive measures to help SMEs with the implementation of the optional reporting standards specifically being designed for their size and capabilities currently being prepared by EFRAG. This is to ensure that SMEs are not disproportionately affected by developments and allow them to remain competitive in the market. Listed SMEs are included in the scope of CSRD in order to protect and enhance their access to financial capital and avoid discrimination by financial market participants.
In the text of the new Directive under discussion, the European Commission requires, in addition to mandatory reporting on the environmental and social impacts of the business activities of companies within scope of the CSRD, an independent assurance of the non-financial information included in the report. In other words, sustainability reports should be accompanied by an independent confirmation of what the report includes, in order to limit the chances of unsubstantiated reports and to improve the quality and reliability of them. The Directive also aims to increase the quality of information and transparency regarding companies' sustainability issues and therefore support the transition to a sustainable economy, following the Paris Climate Agreement and the EU Green Deal. For many companies, the proposed timetable for CSRD means that they need to start preparing in order to be ready for reporting by 2025 and meet their obligations timely and effectively.
What may not be apparent when reading the new Directive for the first time, is the impact it may have on companies that are not based but operate in the EU. It is expected that information is disclosed from subsidiary companies operating in the EU concerning their ESG policies and strategies as well as their goals, progress, products and services, business relationships and supply chain, which subsequently relate to and will affect their parent companies as well. This will create multiple obligations which may not be foreseeable presently.
In order to prepare for the submission of the disclosure reports required by CSRD from 2024 onwards, companies will now need to familiarise themselves with the Directive and develop their sustainability strategy as well as identify the way in which they will respond to the respective requirements of the Directive that apply to them. A ‘Gap Analysis’ exercise against the Directive’s requirements can promptly assess the size of change that is required to take place from each company. Companies will also need to develop specific policies, systems and KPIs so that they are able to manage and assess their performance via KPIs tracking against a set baseline and targets.
More often than not, this procedure for most companies requires guidance from expert consultants which possess a combination of management and technical skills and are in a position to guide a company in the right direction. Also, along with sustainability reporting, many companies will have to prepare their carbon footprint measurements across Scopes 1, 2 and 3, and many others will have to develop circular designs for their products.
Our team of sustainability experts can contribute in this transition, utilising their multi-year applied technical and management expertise but also, the Grant Thornton network, with experts in more than 140 countries.