Digital Transformation

SMEs are increasingly finding that they (alongside large corporations) also need to set up their own compliance departments to adequately deal with the multitude of regulatory requirements. It is, however, complicated for compliance officers to sufficiently screen all of the company’s business processes. Using the latest technologies provides effective support, for example by monitoring global processes or optimally designing a compliance management system.

Internal Investigations

The internal investigation of criminal offenses or other compliance violations is one of the important tasks of the compliance department.

Practice Group White Collar & Criminal Compliance

In some cases, entire e-mail or document databases have to be examined for these purposes, which quickly pushes the department’s own personnel resources to their lim-its. Today, innovative software applications are able to provide effective sup-port for such forensic analyses. And even after the violations have been re-solved, such systems offer the possibility of preventing or quickly detecting fu-ture violations and other compliance risks through effective monitoring. Of course, such processing must comply with data protection regulations. We support you in the internal investigation as well as in the development and implementation of the above compliance systems and ensure the legal con-formity of the implemented measures. 

Compliance Management & Whistleblower Systems

The large number of regulatory requirements usually necessitates the use of an IT-supported compliance management system. 

Practice Group White Collar & Criminal Compliance

Compliance management systems

This system must be aware of and be able to control all internal business pro-cesses so that the personal liability of managers and board members can be reduced to a minimum. We have already assisted clients in a large number of cases with introducing compliance management systems and are familiar with the problem areas that arise in this context.

Whistleblower systems

An important task of the Compliance department is also the internal transposi-tion of the new EU Whistleblower Directive. As of December 17, 2021, com-panies with more than 250 employees are obligated to set up an internal re-porting channel that ensures the confidentiality of the identity of whistleblow-ers. When setting up a whistleblower system, requirements under co-determination law and data protection law must be observed, not least to en-sure that the reporting threshold is particularly low. The need for anonymity of the whistleblower must be balanced against the need to notify the affected party in a legal and documented manner. We support our clients in this pro-cess from a legal point of view.

Cyber Crime and Remediation

Cyberattacks on companies have increased massively in recent years. Ac-cording to Article 32 GDPR, companies are obligated to take appropriate tech-nical and organizational measures to prevent such attacks as best as possible and to document this. 

Practice Group White Collar & Criminal Compliance   Practice Group IP, Media & Technology

Procedures must be developed and introduced in the company to enable rap-id restoration of systems (remediation). Violations of the above obligations re-sult in severe penalties from the supervisory authorities. We support our cli-ents in setting up an IT security management system and the technical and organizational measures required under the GDPR, as well as in responding to cyberattacks, including reporting data protection incidents to supervisory authorities, initiating criminal proceedings, and handling insurance claims against providers of cyber insurance.

Get in contact


You are currently using an outdated and no longer supported browser (Internet Explorer). To ensure the best user experience and save you from possible problems, we recommend that you use a more modern browser.