Europe Archives

In ESG

Luxembourg: EU Omnibus Simplification Package — implications for Luxembourg entities and investment funds

March 15, 2025 by Jean-François Findling, Catherine Martougin, Laurent Fessmann and Elodie Duchêne 5 Mins Read

On 26 February 2025, the European Commission adopted the Omnibus Simplification Package, aimed at reducing regulatory burdens related to sustainability reporting for European companies. This initiative amends several key directives, including the Corporate Sustainability Reporting Directive, the Corporate Sustainability Due Diligence Directive and the EU Taxonomy Regulation.
These proposals aim to streamline reporting obligations, enhance competitiveness and adjust the scope and timelines of existing regulations.

In Cybersecurity, Data and Tech

Hungary: Software procurement – Considerations to prevent legal problems

March 15, 2025 by Dr. Gaál András LL.M. 5 Mins Read

Digital transformation has become a priority for all major companies. This is being driven only further by the spread of artificial intelligence’s commercial use cases and ever-tightening data protection and cybersecurity regulations. However, procuring enterprise software (concerning both the development of custom-made software and “off-the-shelf” software developed for mass use) may give rise to various legal issues. Promptly identifying and addressing these issues can help prevent considerable legal and operational expenses, as well as other inconveniences.

In Employment

United Kingdom: Dismissal following expression of gender critical and marriage beliefs online was discriminatory

February 27, 2025 by Monica R. Kurnatowska, Annabel Mackay and James Brown 8 Mins Read

The Court of Appeal has held that dismissing an employee for a social media post expressing gender critical beliefs and beliefs on same sex marriage was disproportionate, and therefore discriminatory. This decision confirms the legal tests for balancing conflicting protected beliefs, underscoring the basic principle that employees have the right to manifest their religious or philosophical beliefs, subject only to limited, objectively justifiable exceptions. While the post was arguably offensive to some gay and/or trans people, expressing a protected belief that is offensive to others does not by itself justify disciplinary action; there must be something objectively objectionable in the manner of expression. This is a high threshold; merely “intemperate” language is not sufficient.

In AML & Financial Services Regulatory

United Kingdom: The FCA’s PEP Review – Considerations for Family Offices

February 21, 2025 by Caitlin McErlane and Kimberly Everitt 6 Mins Read

On 18 July 2024, the UK Financial Conduct Authority (FCA) published the findings of its multi-firm review on firms’ treatment of politically exposed persons (PEPs). This review is likely to be of interest to family offices and their advisers for the following reasons:
• UBOs of family offices are often treated as being within the scope of the PEP categorization.
• An overly restrictive approach to KYC and AML controls on the part of financial institutions can create friction and delays for family offices and their UBOs, and the FCA’s findings may provide some basis to push back on or query the approach on this point (see below).
• Given the FCA’s strong public stance on the PEP issue, we may see other global regulators following the UK’s lead in the future.

In Cybersecurity, Data and Tech

European Union: Who does NIS2 apply to and what are the key obligations?

February 21, 2025 by Dr. Lukas Feiler, Dr. Michaela Nebel (geb. Weigl), Caroline Heinickel LL.M. and Silvia Grohmann 2 Mins Read

Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (“NIS2 Directive”) entered into force on 16 January 2023. It had to be transposed into national law by 17 October 2024. Only a small number of member states (among them Hungary, Belgium and Croatia) have transposed the provisions of the NIS2 Directive into national law so far, and it is likely that a significant number of member states will need some time.

In Cybersecurity, Data and Tech

European Union: Navigating the New EU Regulation on Digital Operational Resilience (DORA)

February 21, 2025 by Paula De Biase 6 Mins Read

Regulation (EU) 2022/2554, commonly known as the Digital Operational Resilience Act (DORA), represents a significant step forward in enhancing the digital resilience of the financial sector within the European Union. Adopted by the European Parliament and the Council on 14 December 2022, DORA aims to establish a comprehensive framework to ensure that financial entities can withstand, respond to, and recover from all types of ICT-related disruptions and threats. The regulation entered into force on 17 January 2025, and applies directly across all EU member states.

In Product Regulation & Liability

Ukraine: Further ACCA implementation — new Ukrainian standards on market surveillance and e-commerce

February 19, 2025 by Ario Dehghani 4 Mins Read

The Agreement on Conformity Assessment and Acceptance of Industrial Products (ACAA) is an intermediary step for Ukraine to benefit from the mutual recognition of product quality between the EU and Ukraine until our country becomes a full EU Member State. The ACAA covers 27 groups of industrial goods/technical regulations. Ukraine’s ACAA implementation plan was sequenced in priority sectors to allow a step-by-step sectoral implementation of the ACAA.

In Corporate Compliance

Luxembourg: Reform on conversions, mergers and divisions in the wake of the Mobility Directive

February 19, 2025 by Jean-François Findling and Elodie Duchêne 1 Min Read

On 23 January 2025, the Luxembourg parliament adopted draft Bill No. 8053 (“Law”), transposing Directive (EU) 2019/2121 on cross-border conversions, mergers and divisions, commonly known as the Mobility Directive, into Luxembourg law.
This Law introduces significant changes to Luxembourg’s legal framework on corporate conversions, mergers and divisions, particularly for cross-border operations within the European Economic Area (EEA), while providing certain clarifications on domestic and non-EEA cross-border transactions, which are otherwise maintained.

In AML & Financial Services Regulatory

Luxembourg: Restricted access to the Register of Beneficial Owners — a shift toward confidentiality

February 19, 2025 by Jean-François Findling, Elodie Duchêne, Jean-François Trapp, Annie Elfassi, Laurent Fessmann and Catherine Martougin 7 Mins Read

On 27 January 2025, the law deriving from draft Bill No. 7961 (“Law”) introducing significant changes to the laws governing the Register of Beneficial Owners (Registre des Bénéficiaires Effectifs (RBE)) and the Trade and Companies Register (Registre de Commerce et des Sociétés) was published in the Luxembourg official journal.
These changes align with the ruling of the Court of Justice of the European Union of 22 November 2022, aiming to balance transparency for anti-money laundering and countering the financing of terrorism purposes with enhanced privacy protections.

In ESG

European Union: European Commission releases its Competitiveness Compass – implications for sustainability reporting

February 17, 2025 by Eva-Maria Ségur-Cabanac and Gabrielle Galdino-Glaeser 2 Mins Read

The European Commission’s Competitiveness Compass was published on 29 January 2025. It sets forth the European Commission’s priorities for the next five years with a clear ambition to make Europe a leader in future technologies, services, and clean products. The policy priorities are defined around three pillars: (i) Innovation, (ii) Decarbonization and (iii) Security.