GERMANY Trends and Developments Contributed by: Rainer Wilke, Ingo Theusinger and Ralph Schilha, Noerr
Action (BMWK) now examines foreign direct investments more closely to ensure national security and strategic economic interests. AML Companies must comply with AML regulations. They must stay alert to regulatory changes and address their money-laundering risks. To further strengthen the fight against money laundering and terrorism financing at the EU level, the Anti- Money Laundering Authority (AMLA) was estab- lished by the EU. It will commence operations in Summer 2025. Certain national laws, such as Section 5 of the German Anti-Money Laundering Act ( Geldwäs- chegesetz , or GwG), mandate a risk analysis for money laundering and terrorism financing. Fol- lowing the Financial Action Task Force report for 2022, which identified gaps despite recent reforms, the German government proposed stricter measures, including the creation of a Data protection also remains a priority in Ger- many. Companies must comply with the EU General Data Protection Regulation (GDPR) ( Datenschutz-Grundverordnung , or DSGVO). Non-compliance can result in significant fines for the company involved. Cybersecurity laws have also become more stringent with the intro- duction of the Network and Information Secu- rity Directive (NIS2), requiring that companies improve their digital infrastructure security. The national implementation law was passed as a government draft in summer 2024, though this law has yet to be promulgated. Cybersecurity is a major challenge for the risk management of companies and their board members. Unfortunately, the operational risks Federal Agency for Financial Crime. Data protection and cybersecurity
are still often underestimated. The rapid pace of digitalisation, the increasing use of person- al devices as well as the rise in remote work confront businesses with potential cyber-risks. Cyber-attacks and the malevolent use of AI are increasing, making cybersecurity a crucial aspect of companies’ compliance systems. Cyber-attacks therefore also need to be reflect- ed in a company’s risk management plan. At the same time, the use of AI tools can also support companies by helping to identify crises and act quickly. To enhance cybersecurity, companies should conduct “ethical hacking” simulations to train for cyber-attacks and data breaches. ESG The increasing importance of ESG presents legal risks for businesses. This global trend reflects society’s increasing focus on sustainability, which is leading to greater scrutiny and potential legal consequences for companies. The intro- duction of the German Supply Chain Due Dili- gence Act ( Lieferkettensorgfaltspflichtengesetz , or LkSG) requires that businesses with more than 1,000 employees ensure human rights and environmental standards throughout their sup- ply chains. The Corporate Sustainability Reporting Directive (CSRD) has also increased transparency require- ments, forcing businesses to enhance their reporting on ESG factors. Germany has not yet transposed the CSRD into national law despite the expiry of the transposition deadline and the infringement proceedings initiated by the EC, which presents potential legal uncertainty for companies that fall within this scope. Critics assume that both Directives place an extraor- dinary burden on SMEs due to the obligations they impose.
104 CHAMBERS.COM
Powered by FlippingBook