Read our insights, reports and more

When outsourcing accounting services, you can be sure that the work won't be left undone in case the accountant falls ill or goes on vacation.

The field of information security seems like a labyrinth full of abbreviations lately: NIS2, DORA, ISO 27001, E-ITS, SOC 2. Therefore, I will briefly advise on how to navigate information security regulations, standards, audits, and certifications.

In recent months, there has been much discussion about reducing the reporting burden of sustainability for companies and the European Commission's desire to simplify reporting.

The Estonian information security standard (E-ITS) is an Estonian-language standard compatible with the Estonian legal system and developed for ensuring protection for business processes and information systems used for fulfilling public functions.

We are already three months into 2025. Establishing a whistleblower channel has been obligatory for all companies with more than 50 employees for exactly that long – a requirement that stems from the Whistleblower Protection Act.

The Digital Operational Resilience Act (DORA), which came into effect on January 17 this year, aims to prevent cyber threats and reduce the impact of incidents on businesses and the broader European financial sector.

Whether the 2024 packaging report needs to be audited depends on whether the most recent audited packaging report was for 2020 or 2021.

How has the auditors’ market changed and why is it hard to find sufficiently qualified specialists? What sorts of trends will global competition, workforce shortage and sustainability reporting requirements bring about?

On 25 September 2024, the Estonian government submitted a draft law on the defense tax to the Parliament, which introduces a temporary defense tax consisting of three components, including a 2% tax on corporate profits. Most companies will have to pay the defense tax for the first time on 10 September 2026.

Matters concerning evaluation of the creditworthiness of consumers have returned to the focus during the last year. Discussions revolve around consumers’ increased loan burden and share of loans in default; there is lobbying for additional support from the establishment of a positive credit registry, and the Financial Inspectorate has started getting tougher with fines on market participants who don’t abide by the rules.

Those operating in the financial sector are bound by various laws along with requirements for internal audit arising from those laws. In addition, the Auditors Activities Act governs the provision of internal audit service, defining who is allowed to be engaged in the professional activities of an internal auditor.

The rules on the contact person underwent a facelift as part of company law reform, the majority of the amendments of which came into force on 1 February 2023.

Last year, an amendment to the Commercial Register Act was passed, which meant more fines for companies for the purpose of making the Estonian business environment more transparent.

In their work, internal auditors often come across a situation where clients want to have an internal audit done in their organization, but since they have no previous contact with an internal audit service, they have a number of questions.

A high-quality accountant who uses modern technological solutions – up to and including AI – can do more for a company than ever before. An accountant can be closer to a CFO’s skillsets than a data entry role.

Where to start if your company doesn’t have a human resources director and HR policy, and on top of it, has a negative employer net promoter score? Grant Thornton Baltic’s HR director Marge Litvinova and recruiter Kätlin Treima share some valuable experience.