60% of European business leaders have admitted they are not prepared for the forthcoming General Data Protection Regulation (GDPR) rules as the May deadline inches closer.
The figure comes from California-based tech outfit Senzing, which has published a study detailing the views of 1000 senior executives from companies in the UK, France, Germany, Spain and Italy.
It found that a quarter of respondents (24%) deemed themselves to be "at risk" when it comes to being GDPR compliant.
A further 36% classified themselves as "challenged" by the regulation, with only 40% describing themselves as “ready”.
GDPR will bring sweeping changes to the marketing industry. The directive from the Information Commissioners Office (ICO) looks to ensure any company handling personal identifiable information complies with legislation around consent, data portability and cyber security or face fines of up to 4% of their turnover or €20m (£18m) – whichever is higher.
The latest figures, when taken as a proportion of all businesses operating within the EU, could translate into tens of billions in fines, though the ICO has stressed it will not embark on a witch hunt come 25 May.
Nonetheless, 44% of all businesses said they were "concerned" about their ability to be GDPR compliant by the deadline.
Despite concerns over compliance, it appears that some businesses are still demonstrating a lack of awareness about the implications of failing to comply with GDPR.
Just 35% of companies are of the financial fines for non-compliance, while 30% said they believed financial penalities would have no impact on their business.
The research follows on from a separate study conducted last year which claimed that almost a fifth of companies in the marketing and advertising sector would go out of business if they were to be hit by a fine for flouting GDPR rules.
The Interactive Advertising Bureau (IAB) Europe recently unveiled a technical standard designed to help marketers meet requirements relating to user content, recognising the challenges for companies in navigating some of the tenets in GDPR.
Brands and agencies have differed in their approached to GDPR. Cancer Research, for instance, started is hoping to reap the rewards of opt-in marketing process that it started rolling out in 2016, while Huawei is building technology into its mobile devices to safeguard itself.
Senzing's report also found that on average an EU company is set to get around 89 GDPR enquiries per-month after the deadline, which could take up to 172 hours to complete.