GDPdU and Tax Audit – A brief overview for beginners
GDPdU (Grundsätze zum Datenzugriff und zur Prüfbarkeit digitaler Unterlagen) is a German tax law in effect since 1.1.2002. The Federal Ministry of Finance (BMF) published the “Principles of Data Access and Auditing of Digital Documents (GDPdU)” in its statement dated 16.07.2001
It’s an Audit Regulation recommended by German Fiscal Administration for usage in Germany.
A reference guide stated GDPdU as given below:
“By law the Tax payers must allow tax authorities to access all tax-relevant data in their data processing systems. The applicable regulations are described in a paper by the German Federal Ministry of Finance, 16 July 2001 – IV D2 – S 0316 – 136/01, published in the Bundessteuerblatt (Federal Tax Gazette) part I, page 415 as the German Principles of Data Access and Auditing of Digital Documents (GDPdU).”
Similar regulations in varied forms are being followed by some of the other EU Countries like Austria, France, Switzerland and Portugal etc for conducting Tax Audits.
GDPdU contains rules that allows tax authorities to access and verify the accounting data digitally from tax payer’s electronic bookkeeping process.
Audit requires all the relevant tax data like Ledger details, Accounts, Tax Codes, GL Transactions, AR/ AP Transactions, Master Data etc. Apart from this, based on the business terms auditor can also request extra pieces of information that is tax relevant. These tax data must be collected in a specific file format, so that it can be imported to the auditor’s audit environment. This end-to-end procedure is controlled and monitored by tax authorities.
GDPdU demands that the Tax Auditors should be given access to data processing system in any of the 3 different methods given below.
Z1: Direct Read-Only Access
Companies can provide auditors direct access to their electronic bookkeeping system. This direct access to data by the user is by means of online entries.Auditors can access the data in read-only mode(select, filter and sort) using the tax payer’s hardware and software. Only this hardware and software may be used by tax auditors to access the electronically stored data. Remote (online) access to the data processing system by the tax authority is therefore not allowed.
Z2: Indirect Access
Companies / authorized third party by the company will take charge of collecting and electronically processing the data based on tax auditor’s instructions. Tax auditor will then use the evaluation tools available in the data processing system.
Z3: Data Carrier Release/ Data media transfer
Companies take charge of extracting the tax data records for the tax audit and save it to a data storage medium that can be electronically processed. This data carrier shall then be handed over to the auditor for evaluation. This method provides auditor with read access to all the information relevant for an audit, such as financial reports, master data, documents and document flow, as well as user and access rights.
You can also refer the below URL for more clarity on applying the GDPdU:
Extracting tax audit specific data from SAP or another ERP requires a good knowledge of the tables associated with tax specific data. Most ERPs deliver tax specific reports and transactions that suits this requirement to a great extent. In cases where raw data has to be extracted from systems, then You can use SAP certified products like Smart Exporter or SAP DART(SAP AG solution for Z3 access) for extracting the tax specific data in GDPdU format. Most of these tools extracts the data into sequential files and provides subsequent tools for viewing the retained data in various ways.
I will be going through the extraction and GDPdU adaptation a bit more in detail in the part2 of this Blog :0