Taxation

GoBD Requirements Regarding Accounting Obligations and Annual Audits

By Bernhard Schwechel, FACT GmbH Steuerberatungsgesellschaft, Wirtschaftsprüfungsgesellschaft

The fact that corporate operations are increasingly recorded electronically and all records legally requiring preservation are in fact preserved prompted fiscal authorities to issue a letter from the Federal Ministry of Finance (BMF) on 14 November 2014, which articulates proper accounting requirements for ITbased accounting systems (principles regarding the proper keeping and preservation of books, records and documents in electronic format and regarding data access (GoBD)).

This updated administrative directive combines the principles of proper DP-based accounting systems (GoBS) and the principles for data access and verifiability of digital records (GDPdU) and also adds some new principles.

The contents of the new additions included in the administrative directive are structured into requirements concerning record management, recording of transactions in chronological and thematic order, the requirement and format of an internal control system, data security, immutability and recording of changes, storage instructions and requirements of transparency, verifiability and data access.

The fiscal authorities define the scope of proper record keeping by means of a catalogue of information to be included in each transaction record. Meeting the requirements for timely accounting involves a distinction between cash and non-cash transactions. As a general rule, while non-cash transactions only require recording within 10 days, cash transactions must be recorded on the same day.

The fiscal authorities derive the necessity of an internal control system from Section 146 of the German Federal Tax Code [Abgabenordnung]. At the same time, the letter of the Ministry of Finance does represent a tightening of the law in that the description of the internal control system is to be included as a component in procedural documents. The Ministry also calls for protecting data processing (DP) systems within the scope of GoBD against loss.

Furthermore, the fiscal authorities tightened requirements on storing DPbased records. Electronic documents have to be preserved in a transparent manner over the entire retention period. The ministry also specified the requirements for immutability or mandatory recording of changes, so that a DP procedure has to ensure that no information that ever contributed to the processing of those changes can be suppressed or otherwise disguised or deleted.

One of the fiscal authorities’ major points of focus is the indispensable need for comprehensible structures in procedural documentation for each DP system. Procedural documentation not only comprises general documentation but also user documentation, technical documentation and operational documentation, and its chronological order should correspond to the actual one over the entire retention period. The significance assigned to procedural documentation by the administrative directive suggests that clients should prioritize creating and maintaining proper procedure documentation going forward.

However, the question as to whether GoBD compliance audits should be included in annual audits has not been finally settled. It will depend in particular on whether the GoBD should be regarded as principles of proper accounting. If we regard the GoBD as a more specific version of the GoB then it would come under the required scope of the audit and become a mandatory audit component. However, this interpretation is rejected by the Institute of Public Auditors in Germany (IDW), according to whom the GoBD is not a legislative provision pursuant to Article 120 para. 1 of the German Federal Tax Code. Hence, they fail to be binding for taxpayers and courts. At the same time, directives from the fiscal authorities have always guided certain business practices. Yet, according to the position represented here, taxpayers meeting fiscal authorities’ requirements in order to avoid possible legal action does not resemble business practices. Rather, the fiscal authorities’ competence is merely that of an auditing body, while the definition of legal regulation is a matter for lawmakers. Therefore, the GoBD is not to be regarded as a specification of proper accounting principles under trade law.

Regardless of the possibility that the GoBD might qualify as a specification of the GoB, thereby becoming a mandatory component of annual audits, the administrative directives may be regarded as a benefit for annual auditors. Due to the tightened documentation requirements from the GoBD, some control procedures in connection with accounting processes are already relegated to the taxpayer, so that audit activities in this area can essentially be reduced to an acknowledgement of taxpayers’ control procedures.

Furthermore, the GoBD requires auditors to advise their clients. Offering clients an audit simulation using the data analysis simulation software “IDEA” could therefore help to rectify possible inconsistencies or erroneous records ahead of an actual tax audit, and an external auditor’s professional skills may be of great help for composing procedure documentation.


Bernhard Schwechel

Bernhard Schwechel

FACT GmbH - Steuerberatungsgesellschaft, Wirtschaftsprüfungsgesellschaft, Kassel, Germany
T: +49 561 316 686 0
E: This email address is being protected from spambots. You need JavaScript enabled to view it.; W: www.fact-ks.de

FACT GmbH is a tax consultancy, public auditing company and law firm located in Kassel, known as the heart of Germany. FACT provides German and international accountancy and tax services to companies and individuals. The experienced team works on cross-border issues for German clients as well as for foreign clients. FACT works closely with its clients and responds rapidly to their needs.

Bernhard Schwechel is a Managing Partner of FACT. He is experienced in the field of International Taxation. His areas of expertise include Tax and Business Advice for large multinational corporations and mid-sized companies, as well as for internationally-oriented individual clients. He supports his clients in inbound and outbound M&A projects.


Published: November 2016 l Photo:  mooshny - Fotolia.com

GGI Logo 70x50px

GGI Geneva Group
International AG

Schaffhauserstrasse 550
P.O. Box 286
8052 Zurich
Switzerland

Contact

T: +41 44 2561818
F: +41 44 2561811
This email address is being protected from spambots. You need JavaScript enabled to view it.
www.ggi.com

Disclaimer

Disclaimer and Privacy Notice

Legal Disclaimer

This website is managed by Geneva Group International AG Zürich (hereinafter referred to as "GGI") on behalf of the member firms of GGI, a worldwide organization of independent Law, Accounting and Consulting Firms. GGI provides information and documentation on World Wide Web sites, such site(s) being known as the GGI Internet (hereinafter referred to as the "Website"). If you make any use of this Website, you confirm that you agree to each of the terms and conditions set forth below. You shall not be authorized to use this Website if you do not agree with any of the terms and/or conditions set forth below.

GGI, a company incorporated in accordance with the laws of Switzerland, provides no legal, audit or other professional services to clients. Such services are provided solely by GGI member firms in their respective geographic areas. GGI and its member firms are legally distinct and separate entities. They are not and nothing shall be construed to place these entities in the relationship of parents, subsidiaries, partners, joint ventures or agents. No member firm of GGI has any authority (actual, apparent, implied or otherwise) to obligate or bind GGI or any other GGI member firm in any manner whatsoever.

No action should be taken or omitted to be taken in reliance upon information contained in this Website. The information contained and accessed on this site is provided by the member firms of GGI for general guidance and is intended to offer the user general information of interest. The information provided is not intended to replace or serve as substitute for any accounting, legal (in those jurisdictions where GGI member firms are permitted to practice law), tax or other professional advice, consultation or service. You should consult with a professional from a GGI member firm in the respective legal, accounting, tax or other professional area. Based on specific facts or circumstances, the application of laws and regulations may vary.

Based on the fundamental universal condition of the electronic communication process, GGI does not guarantee, warrant and/or offer any assurance that this Website (including its functions, contents, downloadable files, software etc.) will be uninterrupted, without delay, error-free, omission-free, or free of viruses, free of Trojan horses, similar destructive software and/or free of harmful codes which may impair the proper functioning of any software, hardware or other equipment and/or materials of the user. GGI does not guarantee, warrant and/or offer any assurance that this Website is compatible with any user's computer equipment (hardware and/or software) or network through which access to this Website is gained. GGI does further not guarantee, warrant and/or offer any assurance that the use of this Website will not lead to viruses, Trojan horses and/or similar destructive software accessing any user's computer equipment.

Access to this Website may be interrupted or unavailable at any time, in particular during maintenance or upgrade procedures. Therefore, the information is provided "as is" without warranties of any kind, express or implied, including accuracy, timeliness and completeness. In no event shall GGI or partners, executives, principals, agents or employees of its member firms be liable for any direct, indirect, incidental, special, exemplary, punitive, consequential or other losses and/or damages of any kind (including, but not limited to, liability for loss of use, data, profits, other intangibles, the costs of procurement of substitute goods and/or services), without regard to the form of any action, including but not limited to contract, negligence or other tortuous actions, arising out of or in connection with this Website, any content on or accessed by use of this Website, or any copying, display or other use hereof even if GGI has been notified of the possibility of such loss and/or damage. All statements, information, downloadable data and files etc. on this Website are made available without liability or guarantee for their correctness, completeness, accuracy, durability, assurance of features, reliability, workability, merchantability, quality, fitness for a particular purpose, achievement of results, non-infringement of proprietary rights, absence of any deficiencies or something similar. GGI shall not be liable for any damage which a user may suffer as a result of any errors in content or arising from any virus or other destructive software. Users are responsible for ensuring that their computer equipment has appropriate security and virus protection features.

All intellectual property rights (in particular copyrights, trademark rights, design rights and patent rights) to the contents of this Website shall be reserved. As content on the site is protected by intellectual property laws (such as for instance copyright, trademark, patent laws) as well as by unfair competition laws, any unauthorised use of any materials on the site may violate copyright, trademark, patent and other laws. Pictures, texts, graphics, computer software etc. which are contained, featured and/or downloadable on this Website may not be copied, downloaded or used in any other way unless indicated otherwise on this Website. Should a user download and/or print the materials on this Website for personal or non-commercial use, the user must retain all copyright and other proprietary notices contained in the original materials on any copies of the material and the source must be indicated completely. The complete and/or partial reproduction, transmission (electronically and/or otherwise), modification, public display, performance, distribution, linking, framing or other use of this Website for any public and/or commercial purposes shall not be allowed without the prior written consent of GGI and the complete indication of the source. GGI does not grant the users of this Website any rights (in particular no intellectual property rights), except for the rights that are necessary to use this Website for purposes permitted under these conditions.
Some links on this Website refer to other websites which have been set up and are operated by third parties. Such links are provided only as a convenience to users. GGI does not control and is not responsible for any of these sites or their content. GGI explicitly disclaims any endorsement or recommendation of and guarantee or liability for such websites of third parties.
This Website is not intended for persons who are subject to a jurisdiction that prohibits the publication of and/or access to this Website (be it because of the nationality, their age, the domicile or for any other reason). If you are affected by such restrictions, you may not access this Website.

GGI data protection policy

This privacy policy describes the collection and use of your personal data made by GGI Geneva Group International AG Zürich as data controller, a joint-stock company incorporated under Swiss law with Swiss company registration number CH-170.3.020.433-0 whose registered offices at Schaffhauserstrasse 550, 8052 Zurich, Switzerland (hereinafter referred to as "GGI"). GGI’s data protection manager is Mr. Marco IZZO, who can be contacted by email at the following address: izzo@ggi.com.

A. Which data does GGI collect?

In the context of your organisation’s membership in GGI (or potential membership) or collaboration or your participation to a GGI event, GGI may collect the following information about you: name, gender, title, date of birth, position, email address, phone number, key competences, practice area, special interests, CV, picture, social media pages (such as your LinkedIn profile), memberships, languages spoken, private, political and business positions, insurances, signature, address, travel arrangement details, accommodation preferences, credit card details, identity card or passport copy, visa information, participation in meetings, participation in optional activities, information about transactions and deals concluded.

GGI may also collect data about your (minor) children when they accompany you to events organised by GGI. In that case, GGI may collect their names, photo, accommodation dates, travel arrangement details, participation in optional activities and their identity card or visa when it is necessary.

This information may qualify as personal data under the applicable legislation (including the General Data Protection Regulation (GDPR) n° 2016/679).

GGI may also collect “special categories” of personal data, such as health condition, allergies and dietary preferences.
The collected personal data are considered useful or even necessary for GGI to provide its services to its members and events’ participants. Some data are mandatory (such as name, e-mail address, picture, address, accommodation dates, participation in meetings, participation in optional activities, your company name: without these data, you will not be able to benefit from GGI’s services. Other data is optional and will allow GGI to provide a better service.

B. Use of personal data

1. Purposes of the processing and legal bases for processing

GGI processes the above-mentioned information for the following purposes:
- Compiling and using general or specific mailing lists for sending newsletters, announcements (e.g. new members) and information emails (e.g. related to a particular conference)
- Listing in the GGI global directory publicly accessible online at www.ggi.com
- Organising and executing GGI activities (e.g. contacting members for participating in GGI projects such as writing articles for the newsletter or publications on social media, matchmaking and networking, organising social events, invoicing)
- Analysis of the activities and the functioning of the GGI organisations (e.g. post-event analysis based on the attendance of the delegates of the various sessions)
- Business development activities related to candidates for GGI membership, potential partnerships and/or collaborations
- Announcements on new members on social media and sharing of members’ articles on social media
- Inclusion in the GGI’s website internal area downloadable Excel files (including the contact details)
- Publication of tombstones related to members’ transactions

Where possible GGI requests your consent for the processing of your personal data. GGI will also ask for your specific consent when it processes sensitive data (e.g. dietary requirements). However, it is not always possible to process your personal data on the basis of your consent. GGI will process your personal data where you act as the contact person or representative of your organisation, for the performance of the contract that GGI has with your organisation (e.g. organisations of meetings, networking or conferences); such processing will serve the legitimate interest of GGI, your organisation and third parties involved. GGI also has a legitimate interest in processing the personal data of representatives or contact persons of prospects on the basis of its legitimate interests, i.e. for promoting GGI’s activities and membership. Similarly, prospects have a legitimate interest in being informed about GGI opportunities. Such processing has a limited impact on your rights and freedoms (as a representatives of your organisation), considering the non-sensitive nature of the data and the limited data processing involved.
Concerning the processing of special categories of data, you have given your explicit consent for such processing.

2. Recipients of personal data

GGI may share your personal data with other GGI members (e.g. for referrals or recommendations or in the context of Practice Group activities).

GGI may share your data with processors and GGI partners, such as genevents GmbH, GGI North America Services Corp., Geneva Group International (Latin America) S.A., Geneva Capital Group AG, Geneva Consulting Group AG, and GCG International AG. GGI will only transfer your data in the pursuit of purposes such as the organisation of events and conferences, networking, matchmaking or business development activities.

GGI may also share your personal data (in particular your name and contact details), when it communicates publicly on the (new) membership of organisations (e.g. for marketing purposes and for the listing in the global rankings). Recipients of your personal data will be organisations such as Association of International Law Firms Network (AILFN), European Group of International Accounting Networks (EGIAN), International Accounting Bulletin (IAB), Accountancy Magazine and Accountancy Age.

Your personal data may also be communicated to the general public when GGI sends newsletters or posts announcements via social media.

3. Transfer outside the European Economic Area

Your data will be processed outside the European Economic Area, i.e. in Switzerland, and transferred to and within the European Economic Area, the United States, Argentina and and Uruguay. These countries have been recognised as providing an adequate level of protection of personal data, by the adoption of an adequacy decision by the European Commission (see
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en).

Your data may also be transferred to Thailand and the United Arab Emirates. Your rights as a data subject are guaranteed on the basis of the standard data protection clauses (as proposed by the European Commission).

4. Retention of your personal data

GGI will process your personal data as long as your data are useful for the listed purposes. In principle, it will store and use your data as long as your organisation is a member or a prospect of GGI and you remain a representative for your organisation. Where the processing is based on consent, GGI will stop processing your data when you withdraw your consent.

5. Your rights as data subjects

In addition to the information contained in this data protection policy, you have the right to access the personal data which GGI processes regarding you. Should the personal data that GGI has regarding you be incorrect or incomplete, you are entitled to have the data rectified.

You have the right to request from GGI the erasure of your personal data, when they are no longer necessary for the listed purposes, when you withdraw your consent or when you object to the processing (if GGI or third parties have no overriding legitimate grounds for the processing), when GGI has unlawfully processed the personal data or when GGI is subject to a legal obligation to erase the data. GGI will honour your request, unless it is subject to a legal obligation requiring it to process your personal data, the processing is done for reasons of public interest (public health), for archiving or statistical purposes and for the establishment, exercise or defence of legal claims.

You are entitled to request the restriction of processing (temporarily) if the accuracy of the personal data is contested, the processing is unlawful and you prefer the restriction of the processing to the erasure of your data, if GGI no longer needs your data except for the establishment, exercise or defence of legal claims or while it is being verified whether your legitimate interests override GGI’s.

You have the right to object to the processing, when the processing is based on GGI’s or third party’s legitimate interests, on the basis of your particular situation. You also have the right to object when your data are processed for direct marketing purposes by clicking the “unsubscribe” link in the newsletters that you receive.

You are entitled to receive the data concerning you in a structured, machine-readable format that is commonly used and you have the right to have the data transmitted to a controller of your choice (data portability).

You can exercise these rights by sending an e-mail to the data protection manager, Mr. Marco IZZO at izzo@ggi.com.
Should you have a complaint concerning the processing of your personal data, you have the right to lodge a complaint with the competent national supervisory authority.

Cookie Policy

A cookie is a small text file containing data for technical session logging and enabling GGI to store information related to the user's computer and/or device for the duration of the user's use of the Website.

Below you will find specifically the list of cookies used on the website:

Session (Necessary)

Google Analytics:
Cookies:
_ga
_gid
_gat

Cookies related to the analysis and monitoring of the software in question anonymously collect some data about the use of the site as page views, time spent on site etc. Also in this case no sensitive data that can connect the user to the navigation is stored, in this way respecting the privacy of the public web.

Google GoubleClick For Publishers - Small Business:
Cookies:
__gads

This cookies serve purposes such as measuring interactions with the ads on that domain and preventing the same ads from being shown to you too many times (banner GGI Members).

JB Cookies:
Cookie:
jbcookie

This cookie documents the declaration of consent to the use of cookies when using the homepage.

Locking or deleting Cookies

Users can set the computer's browser so that it accept / reject all cookies or to display a warning whenever a cookie is offered, in order to assess whether or not to accept.

The user is allowed, however, to change the default configuration ( default ) and disable cookies ( ie block a final ), by setting the security level higher. You can find information about how to manage cookies in your browser to the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Windows Explorer.

If you disable the cookies that we use, this could affect navigation on our site, or prevent you from visiting certain sections or to use certain services offered by the site.

Security of information

GGI has implemented accepted standards of technical measures and security policies that are aimed at protecting the personal data it has under its control from:

  • unauthorized access
  • improper use or disclosure
  • unauthorized modification
  • unlawful destruction or accidental loss

All GGI personnel are required to keep personal information confidential and only authorised persons have access to such information. Please note that the Website contains links to other sites (including sites maintained by Partners) which are not governed by this privacy statement.

Choices

You have several choices regarding your use of the Website. In general, you are not required to submit any personal information when you visit our websites, but GGI may require you to provide certain personal information in order for you to receive additional information about our services and events. If you opt-in for particular services or communications, such as an e-newsletter, you will be able to unsubscribe at any time by following the instructions included in each communication or on the website.

Additional general conditions governing the Privacy Statement

The rejection of any liability and/or responsibility regarding the Website and its content and other terms and/or conditions contained in this Privacy Statement are also applicable to all companies associated or affiliated with GGI, particularly GGI member firms (Partners).

GGI reserves the right to change all and/or any of the regulations mentioned above at any time without any prior announcement. Unless explicitly indicated otherwise, the new regulations shall immediately apply to all information, indications etc. featured on the GGI Website. By continuing to use the GGI Website, you accept all changes of such regulations.

The invalidity or unenforceability in any jurisdiction of any of these terms shall not affect the validity or enforceability of any other of these terms. If any term is held to be invalid or unenforceable it shall be deemed to be amended to the minimum extent required to render such term valid or enforceable, such amendment to be determined by GGI.

The Privacy Statement indicated above shall be governed by and are construed in accordance with Swiss substantive laws (excluding the rules of the conflict of laws) and the courts of Zurich, Switzerland shall have exclusive jurisdiction in any possible dispute.


Copyright pictures

The copyright of the photos is published here or under the articles.

Geneva Group International; Rieder Media - Uwe Rieder
Fotolia.com: Kurhan; lagom; Abou Jaoude, Siegmar; Jürgen Effner; magcom; Maksim Šmeljov; Gilles Paire; david hughes; clayllama; robynmac; Dan Marsh; daphot75; Suzanne E.; Pierre-Yves Babelon; QQ7; Fotokon; reinobjektiv; cienpies; Alterfalter; Mark Yuill; Flying-Tiger; Katja Wickert; sk19; fazon; Andy Dean; Immo Schiller; Pavla Vanicka; jamesdavidphoto; sysiphus; Kirill_M; Herbert Esser; djama; Rafael Ben-Ari; ollirg; bruder jakob; soleg; Kobby Dagan; Chris Boswell; Hagit Berkovich; Ruzanna Arutyunyan; lilufoto; zybilo; Esther Wagner; pixelfux; Jim Parkin; Zacarias da Mata; Martina Berg; Konstantin Yuganov; Gail Johnson; maudanros; auremar; swisshippo; tobago77; rudi1976; tagstiles.com; detlef menzel; Luftbildfotograf; FotolEdhar; Temistocle Lucarelli; ErnstPieber; synto; ZINQ Stock; Tupungato; Barbara Helgason; Aleksey Khripunkov; Lucian Milasan; Gabriela; JonaSanpo Tokyo; Leonid Tit; Sven Hoppe; sborisov; denys_kuvaiev; G.J. Prozee; Andrey Burmakin; Digitalpress; gemenacom; arsdigital; deusexlupus; travelwitness; Alison Cornford; gena96; anyaivanova; spiritofamerica; G. Mönks Photografie; Moreno Novello; Picture-Factory; Galyna Andrushko; endostock; Thomas Röske; carlos; Mezzalira Davide; griangraf; laur7410; simon gurney; sborisov; ChantalS; th-photo;kbuntu; maudanros; apops; JR Photography; Josemaria Toscano; luanka; Tyler Olson; Jörg Hackemann; drubig-photo; AlfaSirius; arenaphotouk; vvoe; rolffimages; Ross Kummer; dabldy; silver-john; Wimbledon; nitroshoprod; Moreno Soppelsa; piccaya; Hawkeye; Horváth Botond; motodan; fazon; Minerva Studio; Digishooter; Mapics; TMAX; Fanchy; JFL Photography; kichigin19; Nmedia; fotofuerst; Henri FRONTIER; Marcin Kubiak; pitrs; goldencow_images; habrda; nattanan726; dmitrydesigner; PackShot; swisshippo; michaeljung; Friedberg; Rawpixel; bluedesign; Ralf Gosch; Forgiss; Frankix; Jörg Hackemann; Gilles Paire; JaimeP; peresanz; lumen-digital; Stefano Garau; AlexF76; industrieblick; sborisov; chris2766; mitifoto; kamonrat; Rainer Plendl; peresanz; Vojtech Vlk; scabrn; Luftbildfotograf; Andrew Kazmierski; bruno135_406; pressmaster; vandertens; Tom-Hanisch; Alexey Stiop; Patrik Stedrak; Jiri Foltyn; kosmos111; Tomfry; S.Alias; beerkoff; Peter Marble; forcdan; Henryk Sadura; TTstudio; samott; Nordreisender; QQ7; imagineilona; 072618; aroberlin; lunamarina; whitelook; Pavel Parmenov; Jeff; jcfotografo; Jiri Foltyn; JS; Robert Wilson; SNEHIT; Sergii Figurnyi; mandritoiu; tilialucida; rabbit75_fot; IRStone; stockphoto mania; saiko3p; zoltangabor; E. Adler; lovegtr35; kiravolkov; davidevison; Kruwt; alexandro900; Rafael Ben-Ari; Frédéric Prochasson; Halfpoint; fotoherkules; eddygaleotti; mandritoiu; Mik Man; ALCE; LUNYANSKIY; Sondem; heyengel; forcdan; IRStone; gianliguori; Henryk Sadura; .shock; SNEHIT; alex9500; mpodrucki; KarenDMartin; mimadeo; SNEHIT; IRStone; lena_serditova ; Friedberg; pixelABC; peshkov; Klaus Heidemann; photofang; frakala; Beboy; vacant; Noppasin; : Leonid Andronov; surangaw; dennisvdwater; Chris Lofty; Robert Kneschke; Gajus; chrisdorney; samografy; DOC RABE Media; vichie81; everythingpossible; Rafael Ben-Ari; Eisenhans; bakerjarvis; stokkete; hankimage9;