the Data Risk Provision
What is the data risk provision?
In accounting, provisions represent funds put aside by a company to cover anticipated losses in the future. In other words, a provision is a liability of uncertain timing and amount. The data risk provision can be used by eligible companies to provide a safety net to cover the cost of compensation claims that company has exposed itself to via historic non-compliance with the GDPR and other data privacy legislation.
What can the provision be used for?
The provision is designed to cover costs relating to data exposure claims. Non-compliance with the data privacy legislation can result in compensation claims and fines from the ICO. At CTR, we recommend the funds be used to remedy the issues we identify in your compliance - after all, once you have been made aware of a security breach it is your legal responsibility to address it.
What form is a provision given in?
Incorporating a provision into your accounts deducts that amount from your corporation tax due. Where the corporation tax is due, the rebate is mitigated from the amount owed. Where corporation tax has been paid, the provision is received as a cash rebate to a business bank account. HMRC usually process the rebate in 6-8 weeks.
How can I add a data risk provision to my accounts?
If you wish to add a data risk provision to your accounts, please contact CTR today and we will assess you eligibility. The simple 3 step process is detailed below.
How our comprehensive, 3 stage Process Works
Our legal and financial experts handle all of the technical aspects of generating a data risk provision for legal non-compliance, and the process requires minimum time and effort on the part of the customer.
A Simple Guide
Stage 1
Stage 1
Stage 1
After a short chat to determine your eligibility for the provision, CTR complete a 1 to 2 hour interview over Zoom, telephone or in person, to assess your current compliance with GDPR, the Data Protection Act 2018 and PECR regulations.
Stage 2
Stage 1
Stage 1
We produce a comprehensive report detailing your legislative breaches and remediation advice. This report also contains the provision we suggest you implement to cover your exposure, and we will work with you to determine if this should be altered.
Stage 3
Stage 1
Stage 3
Our accounting team submit your accounts to HMRC with the agreed data risk provision in place.
When the provision generates a corporation tax rebate, this is usually paid within 6-8 weeks.
Our fees will be due once your provision has been accepted by HMRC.
Moving forward
Remediation Works
Remediation Works
Remediation Works
The report we generate following your interview will contain advice on how to remedy your breaches with all data privacy legislation.
Where breaches are significant, we may advise the use of a specialist third party. Though you are under no obligation to contract out your remediation, once you have been made aware of your breaches and put a provision in place you are required to address the issues. The provision can be of financial assistance to your remediation.
Annual Reviews
Remediation Works
Remediation Works
The data risk provision is an ongoing process and CTR will contact you when your review is due. We will conduct another interview to assess your remediation works and assess how your provision has changed.
