Australian companies with business in the European Union must comply with data protection laws that took effect there last month, broker Gallagher says.

The General Data Protection Regulation applies not only to the trade of goods and services, but also if businesses monitor the behaviour of individuals in the EU.

The global broker urges companies to run a five-point check to assess whether they are equipped to comply with the EU regulations.

This check covers legal and compliance support, data audits, breach response planning, security alarm systems, and data protection officers, which are recommended if the business processes large quantities of personal and sensitive data.

Businesses that breach the EU laws face fines of up to €20 million ($31.4 million) or 4% of annual global turnover.