-
Audit approach overview
Our audit approach will allow our client's accounting personnel to make the maximum contribution to the audit effort without compromising their ongoing responsibilities
-
Annual and short period audit
At P&A Grant Thornton, we provide annual and short period financial statement audit services that go beyond the normal expectations of our clients. We believe strongly that our best work comes from combining outstanding technical expertise, knowledge and ability with exceptional client-focused service.
-
Review engagement
A review involves limited investigation with a narrower scope than an audit, and is undertaken for the purpose of providing limited assurance that the management’s representations are in accordance with identified financial reporting standards. Our professionals recognize that in order to conduct a quality financial statement review, it is important to look beyond the accounting entries to the underlying activities and operations that give rise to them.
-
Other Related Services
We make it a point to keep our clients abreast of the developments and updates relating to the growing complexities in the accounting world. We offer seminars and trainings on audit- and tax-related matters, such as updates on Accounting Standards, new pronouncements and Bureau of Internal Revenue (BIR) issuances, as well as other developments that affect our clients’ businesses.
-
Tax advisory
With our knowledge of tax laws and audit procedures, we help safeguard the substantive and procedural rights of taxpayers and prevent unwarranted assessments.
-
Tax compliance
We aim to minimize the impact of taxation, enabling you to maximize your potential savings and to expand your business.
-
Corporate services
For clients that want to do business in the Philippines, we assist in determining the appropriate and tax-efficient operating business or investment vehicle and structure to address the objectives of the investor, as well as related incorporation issues.
-
Tax education and advocacy
Our advocacy work focuses on clarifying the interpretation of laws and regulations, suggesting measures to increasingly ease tax compliance, and protecting taxpayer’s rights.
-
Business risk services
Our business risk services cover a wide range of solutions that assist you in identifying, addressing and monitoring risks in your business. Such solutions include external quality assessments of your Internal Audit activities' conformance with standards as well as evaluating its readiness for such an external assessment.
-
Business consulting services
Our business consulting services are aimed at addressing concerns in your operations, processes and systems. Using our extensive knowledge of various industries, we can take a close look at your business processes as we create solutions that can help you mitigate risks to meet your objectives, promote efficiency, and beef up controls.
-
Transaction services
Transaction advisory includes all of our services specifically directed at assisting in investment, mergers and acquisitions, and financing transactions between and among businesses, lenders and governments. Such services include, among others, due diligence reviews, project feasibility studies, financial modelling, model audits and valuation.
-
Forensic advisory
Our forensic advisory services include assessing your vulnerability to fraud and identifying fraud risk factors, and recommending practical solutions to eliminate the gaps. We also provide investigative services to detect and quantify fraud and corruption and to trace assets and data that may have been lost in a fraud event.
-
Cyber advisory
Our focus is to help you identify and manage the cyber risks you might be facing within your organization. Our team can provide detailed, actionable insight that incorporates industry best practices and standards to strengthen your cybersecurity position and help you make informed decisions.
-
ProActive Hotline
Providing support in preventing and detecting fraud by creating a safe and secure whistleblowing system to promote integrity and honesty in the organisation.
-
Accounting services
At P&A Grant Thornton, we handle accounting services for several companies from a wide range of industries. Our approach is highly flexible. You may opt to outsource all your accounting functions, or pass on to us choice activities.
-
Staff augmentation services
We offer Staff Augmentation services where our staff, under the direction and supervision of the company’s officers, perform accounting and accounting-related work.
-
Payroll Processing
Payroll processing services are provided by P&A Grant Thornton Outsourcing Inc. More and more companies are beginning to realize the benefits of outsourcing their noncore activities, and the first to be outsourced is usually the payroll function. Payroll is easy to carve out from the rest of the business since it is usually independent of the other activities or functions within the Accounting Department.
-
Our values
Grant Thornton prides itself on being a values-driven organisation and we have more than 38,500 people in over 130 countries who are passionately committed to these values.
-
Global culture
Our people tell us that our global culture is one of the biggest attractions of a career with Grant Thornton.
-
Learning & development
At Grant Thornton we believe learning and development opportunities allow you to perform at your best every day. And when you are at your best, we are the best at serving our clients
-
Global talent mobility
One of the biggest attractions of a career with Grant Thornton is the opportunity to work on cross-border projects all over the world.
-
Diversity
Diversity helps us meet the demands of a changing world. We value the fact that our people come from all walks of life and that this diversity of experience and perspective makes our organisation stronger as a result.
-
In the community
Many Grant Thornton member firms provide a range of inspirational and generous services to the communities they serve.
-
Behind the Numbers: People of P&A Grant Thornton
Discover the inspiring stories of the individuals who make up our vibrant community. From seasoned veterans to fresh faces, the Purple Tribe is a diverse team united by a shared passion.
-
Fresh Graduates
Fresh Graduates
-
Students
Whether you are starting your career as a graduate or school leaver, P&A Grant Thornton can give you a flying start. We are ambitious. Take the fact that we’re the world’s fastest-growing global accountancy organisation. For our people, that means access to a global organisation and the chance to collaborate with more than 40,000 colleagues around the world. And potentially work in different countries and experience other cultures.
-
Experienced hires
P&A Grant Thornton offers something you can't find anywhere else. This is the opportunity to develop your ideas and thinking while having your efforts recognised from day one. We value the skills and knowledge you bring to Grant Thornton as an experienced professional and look forward to supporting you as you grow you career with our organisation.
Schedules
Schedule A - Definition of Terms and Construction
Definitions
Whenever used in this Policy, the following terms shall have the respective meanings as set forth below:
“Business Day” means any day that Philippine banks are open for business in Makati City, Philippines.
“DPA” means the Data Privacy Act of 2012 and its implementing rules and regulations, as well as the circulars issued by the National Privacy Commission from time to time.
“Person” means any natural or juridical person.
“Personal data” means personal information and sensitive personal information.
“Personal information” refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information, would directly and certainly identify an individual
“Policy” means this data privacy policy as may be amended, modified or supplemented from time to time.
“Processing” refers to any operation or any set of operations performed upon personal data including, but not limited to, the collection, recording, organization, storage, updating, or modification, retrieval, consultation, use, consolidation, blocking, erasure, or destruction of data. Processing may be performed through automated means, or manual processing, if the personal data are contained or are intended to be contained in a filing system.
“Sensitive personal information” refers to personal information:
(1) about an individual's race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
(2) about an individual's health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such individual, the disposal of such proceedings, or the sentence of any court in such proceedings;
(3) issued by government agencies peculiar to an individual which includes, but is not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; or
(4) specifically established by an executive order or an act of Congress to be kept classified.
Construction
Whenever the word, “include”, “includes” or “including” are used in this Policy, they shall be deemed to be followed by the words “without limitation”.
The meaning assigned to each term used here will be equally applicable to both the singular and plural forms of such term, and the words denoting any gender shall include all genders.
Schedule B - Personal data not covered
This Policy does not apply to the following information:
- Information processed for the purpose of allowing public access to information that fall within matters of public concern, pertaining to:
- Information about any individual who is or was an officer or employee of government that relates to his or her position or functions;
- Information about an individual who is or was performing a service under contract for a government institution, but only insofar as it relates to such service, including his name and the terms of his contract; and
- Information relating to a benefit of a financial nature conferred on an individual upon the discretion of the government, such as the granting of a license or permit, including the name of the individual and the exact nature of the benefit: Provided, that they do not include benefits given in the course of an ordinary transaction or as a matter of right.
- Personal information that will be processed for research purpose, intended for a public benefit, subject to the requirements of applicable laws, regulations, or ethical standards; and
- Information necessary in order to carry out the functions of public authority, in accordance with a constitutionally or statutorily mandated function pertaining to law enforcement or regulatory function, including the performance of the functions of the independent, central monetary authority, subject to restrictions provided by law.
Schedule C - Purposes for collection and processing of personal data
- General
The Company uses personal data to:
- comply with and exercise the Company’s rights under contracts and agreements, and the law, as may be required by the Company’s operations and in pursuit of the Company’s legitimate business and commercial objectives;
- perform and improve the Company’s services, and address concerns or questions about those services;
- implement efficiencies and best practices;
- obtain services and advice for theCompany’s operations and business;
- conduct surveys, research, and data gathering exercises;
- market, promote and share information about the Company and the Company’s services;
- communicate with data subjects; and
- allow audits and diligence for compliance and other reviews by advisers or third parties. In this regard, the Company will require such advisers or third parties to enter into a confidentiality agreement.
- Employee Data
The Company may collect and process personal data from current or prospective employees in order to initiate, carry out, or terminate an employment agreement, including the results of certain medical examinations that are part of conditions of employment, and for other purposes set forth in Schedule D.
For job applicants, the Company may process personal data required in order to initiate the employment application process. The collected personal data of any applicant, who may not have been hired, may be retained by the company for purposes of future selection process.
The Company may share an applicant's or an employee's personal data when expressly authorized by law or when the applicant or employee concerned has given consent, as when the Company is provided as a reference.
Company files, records (whether or not electronic), computers, devices, and facilities are the property of the Company, and the Company may examine and review their contents at any time, whether or not an officer, employee or other staff have personal data, property or other information stored therein.
Schedule D - Employee Personal Information Collection Statement
(1) The terms used in this Schedule and not otherwise defined in this Schedule have the same definition as used in the Policy. “Employee” refers to an employee of the Company.
(2) The Employee's personal data will be collected and held by the Company in its manual and automated filing systems in accordance with the DPA and DPA IRR as may be amended from time to time.
(3) The Employee consents to the processing and disclosure of his personal data both inside and, where necessary, outside the Philippines in accordance with the DPA and DPA IRR as may be amended from time to time for the purposes set forth in Schedule C and in this Schedule D.
(4) Throughout the course of the Employee’s employment with the Company, the Company may receive personal data and will need to collect personal data from the Employee and about the Employee.
(5) The purposes for processing of Employee’s personal data include:
(a) To evaluate applications for employment;
(b) To manage and administer all aspects of employment such as:
(i) Negotiation, preparation, and execution of instruments, documents, and agreements necessary or desirable for the purpose of entering into, or in the context of, an employer-employee relationship between the Employee and the Company (e.g. for administrative and management purposes, including but not limited to: recruitment, performance evaluation and appraisal, training, promotion, career development, remuneration, health and safety, discipline, review of human resource policies and/or statistical purposes);
(ii) Administration of payroll, benefits, incentives, rewards, expenses and reimbursements;
(iii) Administration of learning, training and development;
(iv) Attendance and absence monitoring (including sickness and maternity); and
(v) Performance appraisal, disciplinary and grievance processes and other general administrative and human resource related processes;
(c) For the protection of the safety and security of guests, employees and property (including controlling and facilitating access to and monitoring activity in secured premises and activity using the Company’s computers, communications and other resources);
(d) For the protection of the safety and security of the property, premises, facilities, and equipment of the Company and its clients/customers;
(e) For the lawful pursuit of the Company's business or the provision of services to clients/customers;
(f) For the protection and/or enforcement of the Company’s rights and obligations;
(g) To comply with any applicable laws, rules and regulations, codes of conduct or practice, and guidelines issued by any legal or regulatory body;
(h) To comply with a legal obligation on the part of the Company or as mandated by competent governmental or judicial authorities;
(i) To protect vitally important interests, including individual life and health;
(j) To respond to national emergency, to comply with the requirements of public order and safety, or to fulfill functions or public authority which necessarily includes the processing of Personal Information for the fulfillment of its mandate;
(k) To prevent fraud or other illegal activities, such as but not limited to willful attacks on the Company’s information technology systems;
(l) In case of corporate restructuring in the normal course of business, including, but not limited to, mergers and acquisitions;
(m)For the purpose of any potential sale of the shares of the Company or any holding Company of the Company or other change of control or any potential transfer of the Employee’s employment.
(6) In order to carry out the purposes outlined above, the Employee’s personal information will be disclosed to human resources staff, line managers, consultants, advisers and other appropriate persons in the Company.
(7) The Company may disclose, share and transfer personal data to any relevant third party pursuant to the purposes set forth above, for any employment-related purposes, and/or whenever necessary to achieve the lawful purposes of interests of the Company. Relevant third parties include but not limited to:
(a) The Company’s affiliates or subsidiaries, any other Company within the Punongbayan & Araullo and/or Grant Thornton Group;
(b) The Company’s insurance providers;
(c) The Company’s banks;
(d) The Company’s external advisors and other professional advisors, such as auditors, tax advisors, legal advisors;
(e) The Company s contractors, sub-contractors, and service providers;
(f) The Company’s clients/customers; and
(g) Potential buyer/transferee of the Company’s business, assets or shares of stocks, and/or successor of the Company ;
The above classes of persons are situated in the Philippines as well as in locations where the Company has business operations and where its staff and data processing agents may perform duties for the Company. However, in some of these locations, there may not be in place data protection laws which are substantially similar to, or serve the same purpose as the data protection law in the Philippines.
The Company requires and ensures that the foregoing persons to which personal data may be disclosed, shared and transferred shall also implement the security measures required by the DPA and the DPA IRRs, through the appropriate contractual arrangements as may be necessary.
(8) The Employee shall use all reasonable endeavors to keep the Company informed of any changes to the Employee's personal data.
(9) The Employee acknowledges that in the course of his employment, the Employee may have access to personal data relating to other employees and persons, and the Employee agrees to comply with the Company's Data Privacy Policy at all times.
(10) If the Employee does not provide complete and accurate personal data to the Company as and when it is required, there may be potentially serious consequences for the Employee and, depending on the circumstances, the Employee’s employment relationship with the Company.
(11) It is the Company policy to retain certain personal data of employees when they cease to be employed. This data may be required for any residual employment-related activities, including for example, provision of references, processing of applications for re-employment, matters relating to retirement benefits and allowing the Company to fulfil any of the Company's contractual or statutory obligations.
(12) The Company’s Protecting Information Assets Policy is deemed an integral part of this Policy. It is understood that the most current version of the Protection Information Assets Policy shall apply and supersede all previous versions of the same.
(13) The consent hereby given supplements but does not supersede or replace any other consents the Employee may have previously provided or will provide to the Company in respect of the Employee’s personal data, or the existence of a lawful basis or bases for the collection, processing, disclosure and transfer of the Employee’s personal data.
(14) The Company reserves the right to amend and modify the Data Privacy Policy including this Schedule D. Employees are expected to regularly review the same. Employees will also be notified and informed of material changes thereto through the Company website and/or by email. Whenever required, the Company will obtain consent from the Employees. The most updated version of the Policy and Schedule shall apply and supersede all previous versions thereof.
Schedule E - Client Personal Information Collection Statement
(1) The terms used in this Schedule and not otherwise defined in this Schedule have the same definition as used in the Policy. “Client” refers to an individual who is a current or prospective client, of the Company. Where the current or prospective client of the Company is a juridical person, “Client” refers to the individual representative or liaison of such client to, or personnel of such client who communicates with, the Company.
(2) The Client's personal data will be collected and held by the Company in its manual and automated filing systems in accordance with the DPA and DPA IRR as may be amended from time to time.
(3) The Client consents to the processing and disclosure of his personal data both inside and, where necessary, outside the Philippines in accordance with the DPA and DPA IRR as may be amended from time to time for the purposes set forth in Schedule C and in this Schedule E.
(4) Throughout the course of the Client’s engagement of, and relationship with, the Company, the Company may receive personal data and will need to collect personal data from and about the Client.
(5) The purposes for processing of Client’s personal data include:
- To manage and administer all aspects preparatory to, during, and following the rendering of services by the Company, as may be necessary in the normal course of business, such as the negotiation, preparation, and execution of instruments, documents, and agreements necessary and desirable for the purpose of entering into, or in the context of, a business relationship between the Client and the Company;
- For the protection of the safety and security of Clients, guests, and property (including controlling and facilitating access to and monitoring activity in secured premises and activity using the Company’s computers, communications, and other resources);
- For the protection of the safety and security of the property, premises, facilities, and equipment of the Company and the Client;
- For the lawful pursuit of the Company’s business or the provision of services to Client;
- For the protection and/or enforcement of the Company’s rights and obligations;
- To comply with any applicable laws, rules, and regulations, codes of conduct or practice, and guidelines issued by any legal or regulatory body;
- To comply with a legal obligation on the part of the Company or as mandated by competent governmental or judicial authorities;
- To protect vitally important interests, including individual life and health;
- To respond to national emergency, to comply with the requirements of public order and safety, or to fulfill functions or public authority which necessarily includes the processing of Personal Information for the fulfillment of its mandate;
- To prevent fraud or other illegal activities, such as but not limited to willful attacks on the Company’s information technology systems;
- In case of corporate restructuring in the normal course of business, including, but not limited to, mergers and acquisitions;
- For the purpose of any potential sale of the shares of the Company or any holding Company of the Company or other change of control in the Company.
(6) In order to carry out the purposes outlined above, the Client’s personal information will be disclosed to officers, employees, staff, consultants, advisers and other appropriate persons in the Company.
(7) The Company may disclose, share and transfer personal data to any relevant third party pursuant to the purposes set forth above, for any business-related purposes, and/or whenever necessary in accordance with the business relationship between the Client and the Company. Relevant third parties include but not limited to:
- The Company’s affiliates or subsidiaries, any other Company within the Punongbayan & Araullo and/or Grant Thornton Group;
- The Company’s insurance providers;
- The Company’s banks;
- The Company’s external advisors and other professional advisors, such as auditors, tax advisors, legal advisors;
- The Company’s contractors, sub-contractors, and service providers;
- Potential buyer/transferee of the Company’s business, assets or shares of stocks, and/or successor of the Company;
The above classes of persons are situated in the Philippines as well as in locations where the Company has business operations and where its staff and data processing agents may perform duties for the Company. However, in some of these locations, there may not be in place data protection laws which are substantially similar to, or serve the same purpose as the data protection law in the Philippines.
The Company requires and ensures that the foregoing persons to which personal data may be disclosed, shared and transferred shall also implement the security measures required by the DPA and the DPA IRRs, through the appropriate contractual arrangements as may be necessary.
(8) The Client shall use all reasonable endeavors to keep the Company informed of any changes to the Client's personal data.
(9) The consent hereby given supplements but does not supersede or replace any other consents the Client may have previously provided or will provide to the Company in respect of the Client’s personal data, or the existence of a lawful basis or bases for the collection, processing, disclosure, and transfer of the Client’s personal data.
(10) The Company reserves the right to amend and modify the Data Privacy Policy including this Schedule E. Clients will be notified of material amendments and modifications through the Company website and/or by email, and they are expected to keep themselves apprised of such amendments and modifications. Whenever required, the Company will obtain consent from the Clients. The most updated version of the Policy and Schedule shall apply and supersede all previous versions thereof.