The 2026 audit is not the same as the 2016 audit. Risk-oriented selection, digital data submission, AI-supported anomaly detection — the tax office is technically upgraded. Those who rely on old routines will be caught off guard.
What has changed
1. Risk-oriented audit selection
The tax administration no longer selects randomly, but risk-oriented. The risk management of the federal states analyzes key figures from electronically submitted balance sheets (E-balance), VAT advance returns, and payroll tax returns. Irregularities lead to audits.
Typical trigger points:
- High cash receipts with noticeable fluctuations
- Strongly varying gross profit margins
- Transactions between affiliated companies without documentation
- High other expenses without detailing
- Accumulation of asset withdrawals
2. Digital audit instead of paper
Auditors work with IDEA, ACL, and now also their own AI tools. Data is requested in machine-readable format requested (DSFinV-K, GDPdU/GoBD data carriers). Those who cannot provide this risk estimated additional results.
3. Linking with third-party sources
The tax office links data from control notifications, international information exchange (CRS), customs processing, ELSTER, and social security. An isolated view of your balance sheet is no longer possible.
4. Shorter audit periods
Instead of 4–5 years of subsequent audits, the trend is towards timely external audits (zPrüf): audit of the current financial year within 12 months. For clients, it is mandatory to document continuously in an audit-proof manner.
What does an audit cost on average?
For medium-sized companies (revenue of €5–50 million), additional results from an audit statistically average between €15,000 and €80,000 plus 6% late payment interest per year. In cases of delayed issues, additional results of €200,000+ are not uncommon.
Most additional results do not arise from 'tricks', but from missing or poor documentation — in hospitality, gifts, transfer pricing, equity loans, deferral of income. Those who document properly throughout the year manage 80% of the audit risk.
Preparation: The 6 most important levers
- GoBD-compliant accounting: Documents must be digital, immutable, and complete. Software must meet the requirements.
- Procedural documentation: Written documentation on how documents are recorded, checked, and archived. Mandatory, but rarely adhered to.
- Transfer pricing documentation: Document thoroughly for affiliated companies (even just a holding + GmbH) to withstand audits.
- Cash management: TSE-compliant cash registers, daily Z-reports, complete recording. Focus on audits in cash-intensive sectors.
- Entertainment and travel receipts: Occasion, participants, business justification — always document.
- Plausibility of profit margins: If you fall below industry benchmarks, prepare a statement.
When the audit notice arrives
In case of an audit order: stay calm, involve your advisor immediately, and release files unilaterally. not The first 7 days determine the tone of the entire audit. We recommend clients cooperate with the auditor from the start — but in a controlled manner: What is being asked, what is being delivered, what is being commented on verbally.
BP check before the order.
Before the tax office calls, we examine the typical BP risks of your mandate — and sort where documentation is needed. Preventive effort saves tenfold in back payments.
Request BP check →