-
Business valuations
We offer expert valuation advice in transactions, regulatory and administrative matters, and matters subject to dispute – valuing businesses, shares and intangible assets in a wide range of industries.
-
Capital markets
You need corporate finance specialists experienced in international capital markets on your side if you’re buying or selling financial securities.
-
Complex and international services
Our experience of multi-jurisdictional insolvencies coupled with our international reputation allows us to deliver the best possible outcome for all stakeholders.
-
Corporate insolvency
Our corporate investigation and recovery teams can help you manage insolvency situations and facilitate the best outcome.
-
Debt advisory
An optimal funding structure for your organisation presents unprecedented opportunities, but achieving this can be difficult without a trusted advisor.
-
Expert witness
Our expert witnesses analyse, interpret, summarise and present complex financial and business-related issues which are understandable and properly supported.
-
Financial models
A sound financial model will help you understand the impact of your decisions before you make them. Talk to us about our user-friendly models.
-
Forensic and investigation services
We provide investigative accounting and litigation support services for commercial, matrimonial, criminal, business valuation and insurance disputes.
-
Independent business review
Is your business viable? Will it remain viable in the future? A thorough independent business review can help your organisation answer these fundamental questions.
-
IT forensics
Effective ESI analysis is integral to the success of your business. Our IT forensics experts have the technical expertise to identify, preserve and interrogate electronic data.
-
Mergers and acquisitions
Grant Thornton provides strategic and execution support for mergers, acquisitions, sales and fundraising.
-
Raising finance
Raising finance - funders value partners who can deliver a robust financial model, a sound business strategy and rigorous planning. We can guide you through the challenges that these transactions can pose and help you build a foundation for long term success once the deal is done.
-
Relationship property services
Grant Thornton offers high quality independent advice on the many financial issues associated with relationship property from considering an individual financial issue to all aspects of a complex settlement.
-
Restructuring and turnaround
Grant Thornton’s restructuring and turnaround service capabilities include cash flow, liquidity management and forecasting; crisis and interim management; financial advisory services to companies and parties in transition and distress
-
Transaction advisory
Our depth of market knowledge will steer you through the transaction process. Grant Thornton’s dynamic teams offer range of financial, commercial and operational expertise.
-
Virtual asset advisory
Helping you navigate the world of virtual currencies and decentralised financial systems.
-
Corporate tax
Grant Thornton can identify tax issues, risks and opportunities in your organisation and implement strategies to improve your bottom line.
-
Employment tax
Grant Thornton’s advisers can help you with PAYE (payroll tax), Kiwisaver, fringe benefits tax (FBT), student loans, global mobility services, international tax
-
Global mobility services
Our team can help expatriates and their employers deal with tax and employment matters both in New Zealand and overseas. With the correct planning advice, employee allowances and benefits may be structured to avoid double taxation and achieve tax savings.
-
GST
GST has the potential to become a minefield and can be expensive when it goes wrong. Our technical knowledge can help you minimise the negative impact of GST
-
International tax
International tax rules are undergoing their biggest change in a generation. Tax authorities around the world are increasingly vigilant, especially when it comes to global operations.
-
Research and Development
R&D tax incentives are often underused and misunderstood – is your business maximising opportunities for making claims?
-
Tax compliance
Our advisers help clients manage the critical issue of compliance across accountancy regulations, corporation law and tax. We also offer business and wealth advisory services, which means we can provide a seamless and tax-effective offering to our clients.
-
Tax governance
Mitigate tax risks and implement best practice governance that will stand up to IRD scrutiny and audits.
-
Transfer pricing
Tax authorities are demanding transparency in international arrangements. We businesses comply with regulations and use transfer pricing as a strategic planning tool.
-
Audit methodology
Our five step audit methodology offers a high quality service wherever you are in the world and includes planning, risk assessment, testing internal controls, substantive testing, and concluding and reporting
-
Audit technology
We apply our audit methodology with an integrated set of software tools known as the Voyager suite. Our technology has been developed to produce quality audits that are effective and efficient.
-
Financial reporting advisory
Our financial reporting advisers have the expertise to help you deal with the constantly evolving regulatory environment.
-
Business architecture
Our business architects help businesses with disruptive conditions, business expansion and competitive challenges; the deployment of your strategy is critical to success.
-
Cloud services
Leverage the cloud to keep your data safe, operate more efficiently, reduce costs and create a better experience for your employees and clients.
-
Internal audit
Our internal audits deliver independent assurance over key controls within your riskiest processes, proving what works and what doesn’t and recommending improvements.
-
IT advisory
Our hands on product experience, extensive functional knowledge and industry insights help clients solve complex IT and technology issues
-
IT privacy and security
IT privacy and security should support your business strategy. Our pragmatic approach focuses on reducing cyber security risks specific to your organisation
-
Payroll assurance
Our specialist payroll assurance team can conduct a review of your payroll system configuration and processes, and then help you and your team to implement any necessary recalculations.
-
PCI DSS
Our information security specialists are approved Qualified Security Assessors (QSAs) that have been qualified by the PCI Security Standards Council to independently assess merchants and service providers.
-
Process improvement
As your organisation grows in size and complexity, processes that were once enabling often become cumbersome and inefficient. To maintain growth, your business must remain flexible, agile and profitable
-
Procurement/supply chain
Procurement and supply chain inputs will often dominate your balance sheet and constantly evolve for organisations to remain competitive and meet changing customer requirements
-
Project assurance
Major programmes and projects expose you to significant financial and reputational risk throughout their life cycle. Don’t let these risks become a reality.
-
Risk management
We understand that growing companies need to establish robust internal controls, and use information technology to effectively mitigate risk.
-
Robotic process automation (RPA)
RPA is emerging as the most sophisticated form of automation used to help businesses become more agile and remain competitive in the face of today’s ongoing digital disruption.
The festive season means shopping, celebrating, and going on holiday – but unfortunately, it’s also Christmas time for the bad guys. When we conduct our business online, we give them more opportunities than ever to steal our money and our information.
New Zealanders lost $17 million to scams and fraud in 2020, with a 65% increase in the number of incidents reported compared to the previous year, according to CERT. Because so many scam victims are too embarrassed to report their experiences, this is only the tip of the iceberg. Cybercrime is rampant, so as you pay your end-of-year invoices or supercharge your digital presence for the holiday season, now is a good time to ensure your business has the best protections in place. Here’s five ways your business can be more cyber secure.
1. Take time to scrutinise every invoice your business receives
Yes – every invoice. Invoice fraud is low hanging fruit for cyber criminals, and it’s been surging over the past two years.
It’s all too easy to approve an invoice from a trusted supplier without giving it a second thought. For example, we know of an organisation where an AP clerk received a payment request and approval from the CFO for an invoice from a fictious supplier. Fortunately, red flags were raised when the eagle-eyed clerk noticed the ‘Sent from my Samsung’ note at the bottom of the email, and knew the CFO was an iPhone user. Closer inspection of the invoice confirmed it was fake, and the sender was an impostor; the clerk saved the company $50k.
It is no coincidence the person who approved the invoice was at a conference at the time, and had posted about attending the event on his Facebook page. This is a common scam known as a “Man in the Middle” attack. Cybercriminals will eavesdrop and monitor email flows, social media accounts and other platforms to ascertain when key personnel are out of the office so they can then pose as the absent employee.
It’s critical to closely inspect email addresses, bank account numbers - and per the example above – even the format used to send the invoice. Businesses consistently paying large volumes of invoices should also be vigilant when it comes to the actual name and bank account details of the supplier. During the busy lead-up to Christmas or over the holiday period, scammers are known to send invoices that appear to be from your suppliers or from non-existent companies; at this time of year, they’re banking on the fact you’re either too busy or too relaxed to pay close attention.
You can read more about how invoice fraud occurs here and how to protect your business against it.
2. Take a closer look at any link before clicking
Try to get out of the habit of quickly clicking links you receive via emails and text messages without reading them carefully – it’s so easy to do, and sometimes you realise you shouldn’t have tapped it even before it opens.
Spelling errors are often a giveaway, although it might be as subtle as a single letter. For example, you might have ordered a package that’s being delivered by DHL, and you get a text about your order from dhi.com. At a glance it looks right, but that letter ‘i’ is a clear giveaway it’s not legitimate.
By clicking on these links, you are exposing your business to malware and ransomware attacks which are more often than not very costly.
3. Increase your security
There are lots of simple ways to increase your protection against cybercrimes:
- Use multi-factor authentication for any site or application your business uses like banking or Xero. It gives employees two layers of security for a scammer to pass through; for example, even if they crack your login and password, they’ll be tripped up by the text authentication.
- Switch to e-invoicing for your business to prevent invoice fraud scams.
- You’ve heard it before, but it bears repeating: use complex passwords, not your birthday, your pet’s name, your kids’ names or birthdays, or anything that would be easy to guess. In the second quarter of 2021, CERT found almost 4,500 device attacks that targeted weak usernames and passwords.
4. Consider your digital footprint
So, how do cyber criminals crack your passwords and know things like who your suppliers are? You might be surprised at how much information you’re volunteering online. For instance, the names of your kids, spouse and pets (helpful for those easy passwords), when you’re on holiday, and your business relationships. It’s not uncommon for people to complain online about their bank too, which can tip off a scammer as to which bank phishing email you’re most likely to fall for.
Perhaps it’s time to change your social media privacy settings to restrict what you share and who you share it with. And in general, think twice before you post – is your digital footprint turning into an entire photograph of your life and leaving you vulnerable to phishing and credential harvesting?
5. Last but certainly not least - train your team
It only takes one person in an organisation to click a malicious link and a scammer could have access to all your business’s sensitive information. It’s important your team receives security awareness training and regular refreshers so malware and ransomware scams can be avoided, and those fraudulent invoices remain unpaid. It’s also a good idea to provide cyber security training as part of your onboarding process for new staff.
Not sure where to start?
Of course, this article isn’t a comprehensive guide about every type of cyber scam out there, so if it has given you some food for thought, it’s probably time to review the protections your company currently has in place. A good place to start is Grant Thornton’s cyber security maturity assessment – a cost-effective review of how your business operates online, and the effectiveness of your current policies, tools and practices. The key output from the assessment is some high-level advice about any weaknesses in your IT environment and how to prioritise them. We can also dig deeper into your IT security set up with our penetration testing and vulnerability scanning services which identifies all of the weak spots scammers could find in your apps, devices, servers and cloud systems; our experts can identify areas of improvement and outright risk. And of course, we can provide the training team members need to protect your business.
