Ninety two percent of European businesses are not ready for the EU’s General Data Protection Regulation (GDPR), effective in May 2018, according to a RSM survey of European businesses.
Only 8% of the 400 European businesses surveyed made the necessary changes to be compliant with the forthcoming regulation, while 28% of respondents were not even aware of the rule to be followed by next year.
Although half of the respondents agreed on the importance of increased regulation around the use of personal data, half of the respondents also believe GDPR is too complex for SMEs and middle market businesses. In fact, one in four business leaders already familiar with GDPR, admit their organisation will not be compliant by the 2018 deadline and could therefore face fines of up to 4% of global turnover or €20m ($23.5m), whichever is higher.
Implementing GDPR has started to weight on European businesses as the survey highlights that a number of them are cutting back in other areas, such as international expansion or innovation, while others are paying for external expertise to deliver their compliance project by the deadline.
RSM CEO Jean Stephens commented: “In less than 7 months, businesses across the continent will have to adhere to GDPR. We have seen an increase in clients asking us about GDPR consulting services; however, it is clear from this research that many businesses do not fully comprehend the hurdles they will have to overcome ahead of the fast-approaching deadline.”