Read our insights, reports and more

In this article, we’ll explore how attackers are misusing trusted technologies - like OAuth and DKIM (more on these in a moment) - and why everyone should be cautious when a message or application requests access to user accounts.

From 1 July 2025 the standard VAT rate will be 24%.

Kristjan Järve and Madis Laas discussed the necessity of the recently published guidelines by the Tax and Customs Board and the process of their preparation in the show "Kasvukursil".

Lithuania is planning a comprehensive tax reform for 2026 aimed at strengthening national defense funding and supporting economic development. Grant Thornton Lithuania tax specialist Vykintas Valiulis has prepared a detailed overview on the topic.

When outsourcing accounting services, you can be sure that the work won't be left undone in case the accountant falls ill or goes on vacation.

The field of information security seems like a labyrinth full of abbreviations lately: NIS2, DORA, ISO 27001, E-ITS, SOC 2. Therefore, I will briefly advise on how to navigate information security regulations, standards, audits, and certifications.

In recent months, there has been much discussion about reducing the reporting burden of sustainability for companies and the European Commission's desire to simplify reporting.

The Estonian information security standard (E-ITS) is an Estonian-language standard compatible with the Estonian legal system and developed for ensuring protection for business processes and information systems used for fulfilling public functions.

We are already three months into 2025. Establishing a whistleblower channel has been obligatory for all companies with more than 50 employees for exactly that long – a requirement that stems from the Whistleblower Protection Act.

The Digital Operational Resilience Act (DORA), which came into effect on January 17 this year, aims to prevent cyber threats and reduce the impact of incidents on businesses and the broader European financial sector.

Whether the 2024 packaging report needs to be audited depends on whether the most recent audited packaging report was for 2020 or 2021.

How has the auditors’ market changed and why is it hard to find sufficiently qualified specialists? What sorts of trends will global competition, workforce shortage and sustainability reporting requirements bring about?

On 25 September 2024, the Estonian government submitted a draft law on the defense tax to the Parliament, which introduces a temporary defense tax consisting of three components, including a 2% tax on corporate profits. Most companies will have to pay the defense tax for the first time on 10 September 2026.

Matters concerning evaluation of the creditworthiness of consumers have returned to the focus during the last year. Discussions revolve around consumers’ increased loan burden and share of loans in default; there is lobbying for additional support from the establishment of a positive credit registry, and the Financial Inspectorate has started getting tougher with fines on market participants who don’t abide by the rules.

Those operating in the financial sector are bound by various laws along with requirements for internal audit arising from those laws. In addition, the Auditors Activities Act governs the provision of internal audit service, defining who is allowed to be engaged in the professional activities of an internal auditor.

The rules on the contact person underwent a facelift as part of company law reform, the majority of the amendments of which came into force on 1 February 2023.