Are compliance management systems (CMS) merely legal exercises with no real effect? Empirical evidence suggests that the effectiveness of CMS cannot be demonstrated. Suggestions on how to assess the effectiveness of CMS quantitatively or qualitatively do not, as things stand today, provide a reliable measurement, but only partial insights that tend to obscure the bigger picture. In the absence of reliable measurability, common standards (DIN, IDW PS 980, COSO, etc.), companies, and auditors are resorting to increasingly comprehensive and expensive mandatory programs - a “race to best practice” in order to avoid liability. This costs money that is lacking elsewhere, as well as time, systematically promotes risk aversion in companies beyond the realm of compliance, and is likely to dampen the quest for opportunities. All of this is often lamented, but accepted. However, the mentioned empirical findings have palpable legal consequences: Obligations that entail costs and other burdens must be evidence-based. Standards that are not empirically anchored are therefore not binding, especially since “CMS overinvestment” can itself be negligent. Instead of working through standards, company management can and must rely on their own intuition and trust, the latter all the more so the more “participatory” and “agile” the company is organized. This can—already at the level of legal application—further enhance corporate This can counteract further internal bureaucracy within companies, even at the level of legal application. The author has explained this in more detail in an article in the Journal of Commercial and Economic Law (ZHR 2025, 433 ff.) and in an interview in BOARD 2025, issue 3. The following blog post summarizes the considerations briefly. The BOARD can be found on the Blog.

According to a new CJEU ruling, fines under the General Data Protection Regulation are calculated based on group turnover. Does this also apply to the Digital Services Act and the Artificial Intelligence Act? Furthermore, the German Federal Court of Justice has referred to the CJEU the question of whether a company can seek recourse from responsible managers for corporate fines. In other words, the liability climate is becoming more challenging. This blog post explores these topics.

On a separate note I take licese to add the following: Economically speaking, it is the shareholders who bear the cost of corporate fines. This is inadequate and, in my opinion, violates EU fundamental rights. Increasingly harsher EU obligations also lead to ever more sophisticated, comprehensive compliance management systems, and systematically increase risk awareness and risk aversion in companies without correspondingly fostering the search for opportunities. This entails further high costs for companies and the economy at large and raises the question whether or not such costs are warranted in view of the few “black sheep” and the challenges which we presently face.

The number of D&O claims is rising - but why are more and more managers (including former managers) being targeted? This article provides an exclusive insight into current developments in manager liability: from typical project errors to antitrust violations and the recovery of state aid. With data from over 500 claims and concrete reasons for liability, the analysis shows how quickly a management error can turn into a risk worth millions - and why a good corporate strategy is more important today than ever.

The Wirecard case raises complex liability issues. No less difficult is the terrain of D&O insurance, in which the former Wirecard CEO Markus Braun has already initiated several court proceedings. Of more general interest for D&O insurers, however, is a new, detailed ruling handed down by the Higher Regional Court of Frankfurt on the claim of another Wirecard manager, namely the former head of accounting, who wanted to be reimbursed by the D&O insurer for the costs of his legal defense and for public relations consultants. The Higher Regional Court of Frankfurt dismissed the claim against the insurer because the sum insured had been exhausted, and in its ruling addresses key issues of D&O insurance coverage law, in particular, how insurance sums are to be distributed if they fall short of the total sum of damages Some of the issues dealt with often arise in practice and are neuralgic. The judgment is carefully and broadly reasoned. It is therefore outlined on our blog, even though the OLG has allowed an appeal, meaning that the last word has not yet been spoken.

Claims against managers for reimbursement of payments made to creditors after the company should have filed for insolvency are attractive from the perspective of the illiquidity administrator: Such claims can quickly accumulate into significant amounts and are usually covered by D&O insurance. From time to time, our blog therefore makes legal forays into practical aspects of this liability area. The following, third of these forays - like foray 2 - looks at the concept of illiquidity and takes up the new IDW S 11 standard of the German Institute of Auditors. There, the IDW only allows financial status to be used to calculate insolvency, increases the percentage “coverage gap” on this basis compared to the German Federal Supreme Court (BGH) and warns that a calculation based on the BGH would entail a risk of liability. In contrast, we set in our 2nd foray of 6 October 2024 that the IDW's position is not supported by the procedural context of the BGH rulings to which the IDW refers. What is more, the IDW's position also contradicts the substantive assessments underlying the fundamental rulings of the BGH from 2005 and 2017 regarding illiquidity. To follow IDW S 11 is thus not without risk.