-
Financial statements audits
Financial statements audits
-
Financial statement reviews
Financial statement reviews
-
Financial statements compilations
Financial statements compilations
-
IFRS
IFRS
-
Audit quality monitoring
Audit quality monitoring
-
Global audit technology
Global audit technology
-
Systems and risk assurance
Systems and risk assurance
-
General business consulting
General business consulting
-
Market research
Market research
-
Sustainability
Sustainability is indeed a broad concept. Aside from mitigating the environmental changes caused by the interaction of the industrial world and society with nature, social and governance matters are subjected to increased public and government scrutiny, calling for the promotion of a sustainable performance agenda.
-
Business planning and performance improvement
Business planning and performance improvement
-
Change and program management
Change and program management
-
Business intelligence and analytics
Business intelligence and analytics
-
Business valuation and litigation support
Business valuation and litigation support
-
Business process outsourcing and consulting
Business process outsourcing and consulting
-
Family business consulting
Our business solutions for family businesses center on alignment of all aspects of the family and business, including culture, vision, mission, values, governance, ownership, leadership, communication and policy development.
-
Quantitative small caps
Grant Thornton has a wide professional network with a vast array of technical skills that is coupled with a drive to understand the business problem; we can set up the most efficient financial risk management structure that fits your underlying business structure and your risk appetite.
-
Data analytics
Data analytics is the process through which businesses leverage data to gain actionable insights and enhance their performance. This is based on a solid foundation of well-organised and accurate data. Many businesses have a large amount of data at their disposal however, most of them do not have the expertise to analyse the available data.
-
Bookkeeping & financial accounting
Bookkeeping & financial accounting
-
Payroll and personnel administration
Payroll and personnel administration
-
Direct and Indirect tax compliance
Tax compliance within outsourcing
-
Compilation of financial statements
Compilation of financial statements
-
Business process outsourcing
Business process outsourcing including back office and secretarial
-
Family business consulting
Family business consulting
-
Startups
Startups
-
Company formation
Company formation
-
BOR
Entities in Malta, including companies, partnerships, foundations, trusts and associations, have an obligation to disclose the ultimate beneficial owner/s (physical person) of the entities. A beneficial owner is defined as the individual (s) who ultimately owns or controls a legal entity or arrangement through direct or indirect ownership of a sufficient percentage of the shares or voting rights or ownership interest in that entity.
-
Internal audit
Internal audit
-
Risk management and internal controls consulting
Risk management and internal controls consulting
-
Governance and risk management
Governance and risk management
-
Regulatory services
Regulatory services
-
Risk modelling services
Risk modelling services
-
Forensic and investigation
Forensic and investigation
-
Compliance audit
A compliance audit is a detailed review which focuses on whether an organisation is in conformity with statutory laws as well as internal rules and decisions. This type of audit also assesses the effectiveness of an organization’s internal controls by identifying weaknesses in compliance processes whilst finding measures to enhance such processes.
-
Citizenship by naturalisation
The Maltese Citizenship Act (Cap 188) establishes who may become a citizen of Malta by naturalisation, provided that the applicant satisfies the relative provisions.
-
Citizenship for Exceptional Services by Direct Investment
With the continuously changing global dynamics and evolving geopolitics, there is an ever-growing number of highly-talented high-net-worth individuals who are willing to invest and relocate to give themselves and their family members the chance to broaden their horizons and become part of a welcoming community.
-
Grant of Citizenship for Exceptional Services
Malta has enacted legislation which extends to individuals providing excellent or manifestly superior contributions in the fields of science, research, sports, arts and culture as well as people of exceptional interest to the Republic of Malta, the right to become Maltese citizens.
-
Acquisition of citizenship by registration
The Maltese Citizenship Act (Cap 188) establishes who can register as a citizens of Malta. The Act was amended on 1st August 2007, this making it possible for second and subsequent generations born abroad to acquire Maltese citizenship by registration.
-
Maltese Family Businesses Resource Centre
For over 30 years Grant Thornton’s advisory teams have assisted family businesses in navigating the challenges of leadership and succession across generations
-
Grooming
Preparing the next generation for leadership and ownership is an integral part of any succession process. Grant Thornton can help formulate the necessary grooming plan for all the potential successors.
-
Tax services
Using a combination of reason and instinct, we can work with clients to develop a strategy that helps them understand and manage their tax liability in a transparent and ethical way.
-
Governance
Having a proper governance structure is essential to ensure that the family and business strategies are achieved. Grant Thornton can advise on this, and facilitate the implementation of the ideal governance structure based on the exact scenario.
-
Ownership succession
Letting go of your family business is difficult for all owners and even more so for founders; however, in a family business the additional challenge presented by the family component increases the complexity of this process. Our team of family business advisors will ensure that such ownership issues are dealt with in an effective and structured approach.
-
Exit strategies
There are many 'exit strategies' that need to be considered to minimise the risk of conflict. They can arise from the eventual exit of a family member from the ownership ranks and can have many causes. See how we can help.
-
Management succession
By implementing our family business guidelines to family succession and a proper governance structure, the management succession process can be completed with minimal conflict and will result in the most competent successor being chosen.
-
DORA Consultancy
Firms within the financial sector face a critical imperative to fortify their operational resilience in the digital sphere. Get ahead & prepare for DORA!
-
Cyber security Consultancy
Whether you are a multinational corporation, a small business, or an individual, the digital realm holds equal importance for us all.
-
Digital Transformation
Build a solid foundation to fuel business reinvention and gain the flexibility you need to succeed through digital transformation.
-
IT Audit and Assurance
Information systems procedures have evolved drastically, but so have hacking techniques. Assess your IT resilience & protect your firm!
-
Fintech and Innovation
Are you ready to explore the fintech space? Grant Thornton is able to guide you from start to finish.
-
Case Studies
Digital transformation has transitioned from being an option to a necessity. The race is on... The question is, are you ready?
-
Operational and financial restructuring and reorganisation
Operational and financial restructuring and reorganisation
-
Recovery
Recovery
-
Financial regulatory services
Financial regulatory services
-
GDPR consultancy
The General Data Protection Regulations (GDPR) have transformed the way we handle personal data. This regulation is a game-changer for businesses operating within the EU, or the handling of EU citizens' data worldwide.
-
Ship and aircraft registration
Ship and aircraft registration
-
Medical cannabis licensing in Malta
A study published in 2018 by market intelligence and strategic consultancy firm Prohibition Partners, has forecasted that the European cannabis market will be valued €115.7 billion by 2028. According to the same study, while patient numbers are currently below 100,000 across the region, their number is set to grow to over 30 million in the next decade. In 2018 Malta introduced a bill to legalise the use of medical marijuana and attract companies willing to produce high-grade medical cannabis for the European market.
-
Trust and trustee services
As an entrepreneur, business owner, parent or guardian, you will want to ensure that whatever happens in the future, the rewards from your hard work can be protected as efficiently as possible. Grant Thornton Fiduciaire Limited (Grant Thornton) understands this and provides a professional and holistic trust management service.
-
Family trusts
The law establishes the requirement of a license for one to be able to act as a trustee subject to certain limited exceptions. One such exception is found in the Rules for Trustees of Family Trusts which provide for an exception to this rule where a trust is set up to hold property settled by a settlor or settlors for the present and future needs of family members or of family dependants who are clearly identifiable.
-
Programmes
Grant Thornton is authorised and regulated by the Government of Malta to handle and submit applications for both citizenship applications as well as residence permits under the various residence programmes available in terms of Maltese law.
-
Ordinary residency in Malta
Any EU, EEA or third country national who resides in Malta for more than 3 months is obliged to apply for a Residence Permit. There are various grounds upon which an applicant may apply to require a residence permit, including: Self-Sufficiency, Employment or Self-Employment, Family Members, Permanent Residence, Study Purposes.
-
Qualifying Employment in Aviation Rule
Malta provides qualified persons employed in the field of aviation with an opportunity to enjoy a 15% flat personal tax rate on income generated from their direct employment in Malta. For a candidate to qualify, their annual income must exceed €45,000. This does not include the value of fringe benefits and applies to the derived income received from an eligible office.
-
Qualifying Employment in Innovation and Creativity (Personal Tax) (Amendment) Rules, 2019
These Rules allows persons employed in a role directly engaged in carrying out, or management of research, development, design, analytical or innovation activities, to enjoy a 15% flat personal tax rate on income generated from their direct employment in Malta.
-
Qualifying Employment in Maritime and Offshore Oil & Gas Industry Rule
Malta provides qualified persons employed in the field of aviation, with an opportunity to enjoy a 15% flat personal tax rate on income generated from their direct employment in Malta.
-
Nomad Residence Permit
The NOMAD residence permit, which was launched in June 2021, allows third-country nationals who would normally require a Visa to travel to Malta, to retain their current employment based in another country whilst legally residing on the island.
-
Direct international tax
Direct international tax
-
Indirect international tax
Indirect international tax
-
Global mobility services
Global mobility services
-
Transfer pricing
Transfer pricing
-
Estate planning
Estate planning
-
Wealth advisory
Wealth advisory
-
Regulatory and legal
Regulatory and legal
-
Corporate tax services
Corporate services
-
VAT
At its simplest, VAT is a tax on consumption and is a multi-stage tax (ie applied at every stage of the production process), which is applied to both goods (ie tangible property) and services. Additionally, although the tax is ultimately borne by the consumer (by getting included in the price paid), responsibility for charging, collecting and passing the tax on to the tax authorities, rests with the supplier.
-
2018 Amendments of the Income Tax Act
The following is a brief overview of the new tax provisions introduced in 2018 by the Budget Implementation Act (Act VII of 2018) and other legislative enactments
-
Mergers and acquisitions
Mergers and acquisitions
-
ESEF Reporting
Our ESEF reporting service is tailored to assist listed companies in complying with the European Single Electronic Format (ESEF) requirements. As of 2020, ESEF is mandated for annual financial reports of issuers with securities listed on regulated markets. We provide services for mapping the taxonomy and generating audit/regulator-ready xHTML reports.
-
Prospects MTF
As of 2016, small and medium-sized enterprises in Malta can access the capital markets through Prospects - a market of the Malta Stock Exchange (MSE) designed specifically for Small and Medium sized Enterprises (SME). Prospects offers a cost-effective opportunity for entities looking to raise up to €5 million per issue.
-
Project financing
Project financing
-
Due diligence
Due diligence
-
Valuations
Valuations
-
Foreign direct investment
Foreign direct investment (FDI) is the category of international investment that echoes the objective of obtaining a lasting interest by an investor in one economy in an enterprise resident in another economy.
-
Wholesale Securities Market
WSM is a joint venture between the Malta Stock Exchange and the Irish Stock Exchange, combining the best of each partner’s processes and technical skills.
-
Aviation
The Maltese Government is constantly remaining to improve the position as the best place to do business within the aviation industry through exhaustive tax agreements, powerful legislation, and many aviation professionals. This is the best time for airlines, financiers and aircraft owners to be located in Malta.
-
Maritime
For Maritime, Grant Thornton provide direction with regards to VAT guidelines for yacht leasing, as well as ship and aircraft registration.
-
Automotive
We offer a broad range of services relating to automotive, ranging from Transaction advisory, access to finance, business advisory, process and inventory management, tax advisory, audit and advisory, outsourced support services.
-
Gaming Regulations
Malta recently overhauled the framework regulating the iGaming sector. Going forward operators will still be required to obtain authorisation to carry out regulated activities.
-
Licensing Process
Prior to submission all applicants are advised to go through a pre-application process with one of the MGA’s Licensing Officers. This will ensure that the application has been correctly compiled and all the key ingredients are present.
-
Malta Real Estate Investment Trust (REIT)
As part of the 2019 budget, the government has pledged to introduce a Real Estate Investment Trust (REIT) framework in Malta.
-
The Markets in Financial Instruments Directive (MiFID) II
MiFID II aims to protect investors and make sure that financial markets operate in the fairest and most transparent way possible. Building on stock and investment trading regulation introduced in 2007 it sets to ensure a more integrated financial market.
-
Fintech and Innovation
At Grant Thornton we help innovative firms and entities operating in the fintech space launch new propositions and grow their business. We also help established businesses transform and take advantage of the fintech revolution.
-
Asset Management
At Grant Thornton we help innovative firms and entities operating in the fintech space launch new propositions and grow their business. We also help established businesses transform and take advantage of the fintech revolution.
-
Banking
Grant Thornton combines local insight with global scale to help banks meet regulatory expectations, improve technology, and finance the right companies. If you’re looking for a partner in the banking industry, our expertise can make a difference
When it comes to the way companies handle and protect data, things are soon going to change thanks to a new set of rules that are coming into force as of May 2018. Better known as the General Data Protection Regulation (GDPR), the new legal framework is meant to harmonise data protection standards across the 28 EU member states and is expected to ultimately reduce compliance costs, complexity, risks and uncertainty, ensuring that people’s data is adequately protected.
Here are the top ten key features that the new rules will bring about.
1. Significant penalties
The penalties for businesses or organisations that do not comply are hefty. Any company holding the personal data of EU individuals (commonly referred to as data subjects in the GDPR) will have to ensure they are compliant.
The penalties for breaching the legislation can be high, with fines of up to €20M or up to four percent of a company’s annual revenue, whichever is higher, depending on the circumstances.
2. The right to be forgotten
Thanks to very restrictive data handling guides, the GDPR puts additional emphasis on the right of an individual to request that unnecessary personal data is deleted, which necessitates that the organisation ensures it has the processes and technologies in place to tackle such requests efficiently.
Organisations are also required not to hold data for any longer than required, and not to change the use of the data from the purpose for which it was originally collected.
3. Enhanced obligations for organisations
Data subjects need to have access to more information on how their data is being processed and where requests are specifically made, these have to be fulfilled within one month of receipt of the request. Where requests to access data are manifestly unfounded or excessive, organisations will be able to charge a fee for providing access.
Subject access requests must also give all the information relating to purposes that should have been provided upon collection, such as publishing detailed fair processing notices to inform individuals of their data protection rights, the way their information is used and for how long.
4. Stringent consent requirements
For marketers in particular there has been much debate about the type of consent that might be required under this new regulation. The GDPR require that consent must be explicit, freely given for a specific purpose and easy to retract. The purpose for which the consent is obtained needs to be obvious to the data subject, including what their data is going to be used for at the point of data collection.
Furthermore, the GDPR stipulate that consent should be demonstrable – in other words organisations need to be able to show clearly how consent was obtained and when.
Consent must also be freely given; the controller cannot insist on data that is not required for the performance of a contract as a pre-requisite for that contract.
5. Stricter breach reporting
The GDPR is meant to bring into line various data breach notification laws in Europe and is aimed at ensuring organisations constantly monitor for breaches of personal data.
Significant data breaches will need to be notified to the local data protection authority within 72 hours and sometimes also to the individual. For many businesses, this may require quite a bit of training. It may require making changes to internal data security policies and how this is promoted in the organisation to ensure data breaches are properly understood and will be recognised easily.
6. Increased privacy impact assessments
The GDPR requires organisations to carry out privacy impact assessments and formally identify emerging privacy risks, particularly for new projects. This means before organisations can even begin projects involving personal information, they will have to conduct a privacy risk assessment and work with the DPO to ensure they are in compliance as projects progress.
7. Thinking of privacy in advance
Termed as Privacy by Design, data protection safeguards must be designed into products and services from the earliest stage of development. Data controllers already need to implement appropriate technical and organisational processes to protect data against unlawful treatment. This, however, leaves room for privacy considerations to be reduced to a mere afterthought in the development process. The GDPR requires organisations to consider privacy from the very beginning of the planning process.
8. Increased record keeping
Organisations must maintain registers of the processing activities they carry out, with mandatory DPIAs for high-risk data processing. This applies to all organisations with more than 250 employees as well as smaller enterprises where the data processing is likely to result in a risk to the rights of affected employees, the processing is not occasional or the processing includes special categories of data (e.g. health data, biometric data, data related to political or philosophical beliefs) or personal data relating to criminal convictions and offences. Therefore, in practise, most small and medium size enterprises will be obliged to keep a record.
Extensive detailed information needs to be recorded covering the controller, data processes, categorisation of data and data subjects, erasure periods and data protection measurements.
9. Appointing DPOs
Any business that depends on processing personal information will have to appoint a Data Protection Officer (DPO), who will be an extension of the data protection authority to ensure personal data processes, activities and systems conform to the law by design. According to a study by the International Association of Privacy Professionals (IAPP), this requirement means that, in Europe alone, 28,000 DPOs will have to be appointed in the next two years.
10. Wider regulatory scope
The GDPR allows any European data protection authority to take action against organisations, regardless of where in the world the company is based. In the past, only data controllers were considered responsible for data processing activities, but the GDPR extends liability to all organisations that process personal data. What’s more, the controller processor relationships must be documented and managed with contracts that mandate privacy obligations.
Properly implementing a data security policy will help your organisation prepare for the upcoming regulation.
How can we help?
Our GDPR experts can help identify the impact of the GDPR on your organisation and shape, mobilise and assist in delivering transformation programmes to achieve compliance, embed privacy within your organisation and ultimately generate business benefits.
We boast of a multi-disciplinary team of specialists covering data protection, cyber security, regulation and compliance, risk management and business change who can help design and implement a sustainable privacy and data protection programme.
Contact us today for to find out more.