GERMANY Law and Practice Contributed by: Rainer Wilke, Ingo Theusinger and Ralph Schilha, Noerr
the financial circumstances of their borrow- ers. • Though primarily focused on ESG aspects, the Corporate Sustainability Reporting Direc- tive (CSRD) requires large companies to report on their sustainability and resilience strategies, including those related to crisis situations. The CSRD has yet to be imple- mented into national law. • Furthermore, the German Supply Chain Due Diligence Act ( Lieferkettensorgfaltspfli - chtengesetz , or LkSG) mandates that com- panies report on their efforts to identify and mitigate human rights and environmental risks within their supply chains. As part of their due diligence obligations, companies must pub- licly disclose actions taken to address these risks, which can also include crisis-related measures. • In the public sector, Germany has the IFG, which allows citizens to request information from federal authorities. This contributes to transparency by enabling public access to government-held information, including crisis response actions. These mandatory mechanisms ensure that both private and public entities remain accountable and transparent about their crisis response actions, thereby enhancing the overall resilience and preparedness of German society. 2.6 Sectorial Requirements Germany has established specific regulatory requirements for crisis management and pre- vention across key sectors such as healthcare, finance, and critical infrastructure. Healthcare Hospitals are mandated to enhance their IT security measures in order to comply with the standards of the BSI. By the end of 2021, all hos-
pitals were required to upgrade their IT systems accordingly. Furthermore, each state has its own health authority to supervise public health crisis management, requiring the development of guidelines and response protocols for health crises. Finance Financial institutions must adhere to stringent crisis management protocols as outlined by the BaFin. These include maintaining robust risk management frameworks and ensuring liquidity to handle potential crises. Critical Infrastructure Since 2009, Germany has a National Strategy for Critical Infrastructure. The Critical Infrastructure Umbrella Law (KRITIS-DachG) should introduce cross-sector requirements for operators of criti- cal infrastructures, necessitating comprehensive risk management strategies. Companies are required to register and implement protective measures to comply with this legislation. The KRITIS-DachG has not yet been adopted. Once implemented, this legislation aims to enhance the resilience of critical infrastructures, ensur- ing that vital sectors such as energy, water and transportation can withstand crises and con- tinue to operate effectively. Monitoring and evaluation of these actions are conducted through regular audits and assess- ments by relevant regulatory bodies. Non-com- pliance can result in penalties, emphasising the importance for companies to proactively imple- ment and maintain effective crisis management and prevention measures. 2.7 Public-Private Co-Operation In Germany, there are several pre-structured public-private co-operation frameworks to enhance crisis prevention and response.
84
CHAMBERS.COM
Powered by FlippingBook