Are compliance management systems (CMS) merely legal exercises with no real effect? Empirical evidence suggests that the effectiveness of CMS cannot be demonstrated. Suggestions on how to assess the effectiveness of CMS quantitatively or qualitatively do not, as things stand today, provide a reliable measurement, but only partial insights that tend to obscure the bigger picture. In the absence of reliable measurability, common standards (DIN, IDW PS 980, COSO, etc.), companies, and auditors are resorting to increasingly comprehensive and expensive mandatory programs - a “race to best practice” in order to avoid liability. This costs money that is lacking elsewhere, as well as time, systematically promotes risk aversion in companies beyond the realm of compliance, and is likely to dampen the quest for opportunities. All of this is often lamented, but accepted. However, the mentioned empirical findings have palpable legal consequences: Obligations that entail costs and other burdens must be evidence-based. Standards that are not empirically anchored are therefore not binding, especially since “CMS overinvestment” can itself be negligent. Instead of working through standards, company management can and must rely on their own intuition and trust, the latter all the more so the more “participatory” and “agile” the company is organized. This can—already at the level of legal application—further enhance corporate This can counteract further internal bureaucracy within companies, even at the level of legal application. The author has explained this in more detail in an article in the Journal of Commercial and Economic Law (ZHR 2025, 433 ff.) and in an interview in BOARD 2025, issue 3. The following blog post summarizes the considerations briefly. The BOARD can be found on the Blog.

According to a new CJEU ruling, fines under the General Data Protection Regulation are calculated based on group turnover. Does this also apply to the Digital Services Act and the Artificial Intelligence Act? Furthermore, the German Federal Court of Justice has referred to the CJEU the question of whether a company can seek recourse from responsible managers for corporate fines. In other words, the liability climate is becoming more challenging. This blog post explores these topics.

On a separate note I take licese to add the following: Economically speaking, it is the shareholders who bear the cost of corporate fines. This is inadequate and, in my opinion, violates EU fundamental rights. Increasingly harsher EU obligations also lead to ever more sophisticated, comprehensive compliance management systems, and systematically increase risk awareness and risk aversion in companies without correspondingly fostering the search for opportunities. This entails further high costs for companies and the economy at large and raises the question whether or not such costs are warranted in view of the few “black sheep” and the challenges which we presently face.

The number of D&O claims is rising - but why are more and more managers (including former managers) being targeted? This article provides an exclusive insight into current developments in manager liability: from typical project errors to antitrust violations and the recovery of state aid. With data from over 500 claims and concrete reasons for liability, the analysis shows how quickly a management error can turn into a risk worth millions - and why a good corporate strategy is more important today than ever.

Legal violations related to to delayed insolvency filings represent the most frequent basis for managerial liability claims. At the same time, the number of insolvency proceedings is once again on the rise. For this reason, our blog from time to time makes legal forays into practical aspects of delayed insolvency filing matters that may carry significant weight in court proceedings or settlement negotiations. The following post is the fifth in this series. It addresses a decision of the German Federal Supreme Court, pursuant to which managers remain liable for delayed insolvency filing even after end of their office and for contracts with new creditors. This is a substantial extension of liability and also has an impact on D&O insurance.

Legal violations due to delayed insolvency filing constitute the majority of cases in manager liability. Therefore, we periodically make legal forays into this topic on our blog. The focus of our fourth foray is a ruling handed down by the German Federal Court of Justice (BGH) dated January 25, 2025, which addresses one of the key issues in the liability of company directors for payments made when insolvency is imminent—namely, the "cessation of payments" as an indicator of insolvency. The ruling confirms: The concept of "illiquidity" is complex, proving it in court is challenging, and it remains a central issue in many disputes in this area.