Regulatory Compliance

Regulatory Compliance

Data Protection

GDPR has taken the digital audience by storm in 2018 and it continues to make headlines with spectacular data breaches, skyrocketing fines, and deadlocks like the Save Harbour-Privacy Shield-Schrems II maze of ECJ decisions. We are not new to data protection and our labour and digital lawyers have long prepared for the privacy a-ha moment. To this end, the last years have been very busy for our data protection lawyers.

We routinely complete GAP analyses within M&A or compliance exercises and implement the identified necessary measures with our partner IT experts. We are often engaged to conduct audits of certain processing activities or structure the data protection addenda to contracts dealing with data automation or transfer.

Our cross-border data transfer experts map the appropriate safeguards depending on the specifics of each case to mitigate the clients’ potential legal and regulatory risks.
In case of large-scale processing or the introducing of new and privacy intrusive technologies, we take the client through the Data Impact Assessment flow-chart.

Our certified experts act as data protection officers for clients with intensive data processing activities.
We extend emergency advice, undertake the escalation and communication with authorities or data subjects/counterparties and recommend damage limitation and correction measures in the case of data breaches.

We draft consent pathways and propose legal design of data subjects’ information rights in digital environments.
We advise our clients on the interplay of:

  • GDPR & AML
  • GDPR & MiFIDII
  • GDPR & PSD2
  • GDPR & eIDAS
  • GDPR & Clinical Trials Regulation
    We draft privacy policies and communication scripts for privacy purposes for clients from the e-commerce, logistics, consumer finance and health and telemedicine services sectors.

 Algorithm Regulations/AI

Comprehensive algorithmic regulation in the EU most probably will become the norm. Yet, pending the outcome from the consultations on the adjustments of the EU regulatory framework relating to AI, our team consistently advises our clients active in this space based on the existing legal regime.

To the extent AI combines CPU with access to data and the use of algorithms, obviously all norms pertinent to data flows, privacy and IP in the digital space are applicable. Contracts concerning the manufacturing, deployment or utilisation of AI must all be drafted with the divergent EU-wide IP and liability national regimes in mind. Our team possesses the rare in-depth and comprehensive knowledge to advise on matters concerning the lawful use of AI and algorithms in the EU. Among our clients are natural language processing, text and data mining and facial recognition technology companies; we provide day-to-day advice on issues involving automation and profiling based on personal data in labour context. Our civil law capabilities align with our profound understanding of the way algorithms operate and interact with data to yield granular and articulate analysis of liability allocation between the various actors depending on the industry and level of risk associated with the use of respective algorithm. We have advised clients from various industrial sectors, including automotive, natural resources and energy producers on a range of environmental issues. The complexity and variety of environmental regulations require prior knowledge and very good understanding of the client’s business operations/development plants.

Our lawyers have evaluated and predicted the legality of environmental permits, assessed the risk from environmental damage claims due to legacy (privatisation) issues, drafted liability and price adjustment clauses in M&A agreements on environmental grounds.

One third of Bulgaria’s territory falling into the Nature 2000 network category, any new construction in freshly regulated land or large-scale project in the vicinity of protected zones must be carefully examined against possible environmental law challenges as early as possible to avoid losses and slowdowns. Our construction, regulatory and financing experts work hand-in-hand with our environmental lawyers to procure the smooth realisation of investment plans.

AML/KYC

The speed of the capital is such that anti-money laundering rules are here to stay, becoming more and more stringent each day.

The EU Anti-money laundering directive changed a lot – the parties that it covers, the types of the checks one has to make, the regular updates of the information, etc.
Since 2018 Bulgaria is speedily increasing its levels of AML measures. The topic is hot, opening a bank account is not what it used to be and almost every business operation is covered by the AML rules.
Our lawyers are well prepared to navigate you in the sea of measures and regulations. We can draft your company’s internal rules, advice you on the enhanced customer due diligence your company has to apply or simply explain you the pitfall of the AML law and its regulations.
Businesses like financial services, real estate, insurance, legal services, etc. have to apply internal measures for assessing clients’ source of funds, politically exposed managers and beneficial owners, origin of wealth.

Audits, GAP Analyses

Many of our lawyers have experienced business law and regulatory frameworks both as inside lawyers and as external legal advisors. Our regulatory/advisory experts have spent many hours in putting together adequate checklists, interviewing responsible employees, drafting detailed or red flag reports on the outcomes, and recommending preventive or corrective measures to meet the identified compliance gaps.

We have conducted compliance audits in the pharmaceuticals, financial services, logistics sector, businesses that are large employers, consumer electronics, consumer finance, artificial intelligence, and many others. We are often invited to carry out training of selected responsible employees or procure more general compliance fitness among wider groups of the company’s staff.

Our lawyers have experienced business law and regulatory frameworks both as inside lawyers and as external legal advisors. Our regulatory/advisory experts have spent many hours putting together adequate checklists, interviewing responsible employees, drafting detailed or red flag reports on the outcomes, and recommending preventive or corrective measures to meet the identified compliance gaps. We have conducted compliance audits in the pharmaceuticals, financial services, logistics sector, businesses that are large employers, consumer electronics, consumer finance, artificial intelligence, and many others.

As a follow-up to our reports following the internal checks, we are often invited to carry out training of selected responsible employees or procure more general compliance fitness among wider groups of the company’s staff.

Your Key Contact:
Choose local office

Austria

Bulgaria

Czechia

France

Germany

Hungary

Italy

Poland

Romania

Slovakia

Spain

The Netherlands

act legal Uniqueness

Here is why act legal is the first choice of law firm for international businesses, corporate clients, investors, entrepreneurs and executives.

Reasons to work with us