Accountants and tax advisors: mandate agreement and client consent online

Accountants and tax advisors need a clear mandate agreement with every client. See how zipzipdoc speeds up signing and archiving these documents.

Accountants and tax advisors: mandate agreement and client consent online

An accountant works with clients’ most sensitive financial data — turnover, profit margins, tax returns, payroll records. Without a mandate agreement you have no clearly defined scope of responsibilities — and that can be a serious problem when a tax audit uncovers an error or a client claims you missed a deadline.

Legal framework for accountants and tax advisors

In Slovakia, tax advisors are regulated by the Slovak Chamber of Tax Advisors (SKDP) and must carry professional liability insurance. Mandate agreements with clients are required by the SKDP’s professional rules. The same applies in most EU member states — regulated professions require a written engagement letter before beginning work.

Additionally, accountants process personal data (employees’ salaries, health data for payroll, clients’ identification data) — making GDPR compliance mandatory. The lawful basis is typically the contract with the client, but additional consents may be required for specific processing activities.

For accountants and tax advisors, a properly structured mandate agreement and GDPR consent form protect against both professional and regulatory risk.

What accountants and tax advisors need

• Mandate agreement: scope of bookkeeping, deadlines, fees
• GDPR consent: processing the client’s personal and financial data
• Data Processing Agreement (DPA): if you use cloud-based accounting software
• NDA: protecting the client’s sensitive financial information
• Power of attorney: for representing clients before tax authorities and social insurance

What a mandate agreement must contain

1. Scope of services — specify exactly what is included: annual tax return, VAT reporting, payroll, monthly management accounts. If it is not listed, it is not included.
2. Client’s obligations — what the client must provide and when (bank statements by the 5th of each month, receipts within 3 working days).
3. Deadlines — statutory filing deadlines; the accountant’s responsibility for meeting them if the client provides documents on time.
4. Fees — monthly retainer or per-deliverable pricing. Include provisions for out-of-scope work.
5. Liability limitation — maximum liability capped at the annual fee or professional insurance limit.
6. Termination — notice period (typically 30 days) and procedure for handing over documents and data.

Why a mandate agreement protects you too

A client may later claim you were supposed to do something outside the agreed scope. A mandate agreement in zipzipdoc clearly defines what you are and are not responsible for. The audit trail proves the client read and signed the contract.

How it works in practice

A new client confirms the engagement — you send them a mandate agreement and GDPR consent in 3 minutes. The client signs on their phone. Documents are stored in the archive and available at any tax audit.

Related contract types: Mandate agreement · GDPR consent · NDA — non-disclosure agreement

Numbers that speak for themselves

| Statistic | What it means | |---|---| | 91 % | of accountants still use paper engagement letters | | 4.7 days | average time to obtain a signed power of attorney | | 30 min | saved per client per year through digitisation | | 100 % | of clients can sign online without assistance |

How it works step by step

Step 1: A new client contacts the accountant.

Step 2: The accountant opens zipzipdoc, sends an engagement letter, power of attorney and GDPR consent in one bundle.

Step 3: The client signs on their phone, the accountant receives the PDF and can start work — without waiting for an in-person meeting.

Liability protection for accountants: drafting the key clauses

Professional liability for accountants is a real and recurring risk. A missed filing deadline, an error in a tax return, or advice that leads to an unexpected tax liability — all of these can generate client claims. The mandate agreement is your first line of defence.

The liability limitation clause

Without a contractual liability cap, your exposure is theoretically unlimited. A client who suffers a €100,000 tax penalty due to an error in your work can claim the full amount — even if your annual fee was €3,000.

The liability clause should state:

• Cap amount: typically capped at the annual retainer or professional insurance limit (whichever is higher). Example: “Accountant’s liability is limited to the total fees paid in the 12 months preceding the claim.”
• Time limit for claims: claims must be brought within 2 years of the accountant becoming aware of the error (or within 2 years of the filing date for tax returns).
• Consequential damages exclusion: the clause should exclude indirect losses, lost profits, and penalties arising from the client’s own failure to provide accurate or timely information.

The client’s obligations clause

Many professional liability claims arise not from accountant error but from the client failing to provide accurate, complete or timely information. The mandate agreement should clearly state:

• The client’s obligation to provide all necessary documents by a specified deadline (e.g., 10 working days before each statutory filing deadline).
• The consequences of late provision: the accountant is not responsible for statutory penalties resulting from documents received after the agreed deadline.
• The client’s obligation to review and approve all returns before submission, with a defined approval period.
• The client’s obligation to inform the accountant of all significant business changes (new subsidiaries, acquisitions, changes to trading activities) within 5 days of occurrence.

These obligations are legally enforceable — and they shift the burden of proof in liability disputes.

GDPR compliance for accounting practices: the data they process

Accounting firms process highly sensitive personal data: employee salaries, bank account details, tax identification numbers, health insurance contributions, family circumstances affecting tax liability. This data is subject to full GDPR obligations.

Lawful bases for processing

| Data category | Lawful basis | |---|---| | Client business data (turnover, expenses) | Contract performance | | Employee payroll data | Contract performance (employer’s obligation) | | Tax identification numbers | Legal obligation (tax law) | | Health data for payroll (sick leave) | Legal obligation (labour law) | | Marketing communications | Consent |

Data retention schedules

Slovak accounting legislation requires:

• Accounting records: 10 years after the close of the accounting period (Act No. 431/2002 on Accounting, § 35).
• Tax documents and returns: 10 years after the tax period.
• Payroll records: 50 years for pension-relevant records under social insurance law.

The mandate agreement and GDPR documentation should specify these retention periods explicitly so clients understand why their data cannot be deleted immediately upon termination of the engagement.

DPA with cloud accounting software

Under GDPR Article 28, any cloud accounting platform you use (Pohoda Online, KROS Omega Cloud, Xero, QuickBooks Online) processes client personal data as a data processor on your behalf. A signed DPA with each provider is mandatory. Most reputable providers include a DPA in their standard terms of service or in account settings — but you must actively accept and document it.

Frequently asked questions

Is an electronically signed power of attorney valid for tax authorities?

In most EU member states, electronically signed powers of attorney are accepted by tax authorities for standard filings. For Slovakia’s Financial Directorate, QES (qualified electronic signature via eID) is required for submissions through the e-Gov portal. For paper-based submissions or agency representations, a standard electronically signed PoA is typically sufficient. Always verify current requirements with the specific authority.

Can I send engagement letters to multiple clients at once?

Yes. zipzipdoc supports bulk sending — send the same type of contract to multiple clients at once. Each receives a personalised document with their name, service scope and fee. The dashboard tracks who has signed and sends automatic reminders to those who have not.

How do I archive contracts for audit purposes?

All documents are automatically archived in an encrypted EU cloud. The archive is exportable in bulk for tax inspection or professional body audit needs. Each document includes its audit trail showing exactly when it was sent, opened and signed.

Must accountants have a DPA with their cloud software providers?

Yes. Under GDPR Article 28, if you use cloud-based accounting software (e.g. Pohoda, KROS, Xero) that processes client personal data, a Data Processing Agreement is required between you (controller) and the software provider (processor). Most reputable accounting software providers have a standard DPA available.

What happens if the client refuses to return documents at termination?

The mandate agreement should specify the client’s obligation to request the return of documents within 30 days of termination, and the accountant’s obligation to hand them over in a specific format. Without this clause, document handover becomes a negotiation. Include a provision that any documents not collected within 60 days may be destroyed.

“Clients sign engagement letters online before the first meeting. I’ve saved hours of unnecessary travel.” — Roman S., tax advisor

Try it free →