European Council Greenlights First Step of Omnibus – The ‘Stop-the-clock’ Proposal
On 26 March 2025, the European Council approved its position, known as a “negotiating mandate”, on a key element of the European Commission’s proposal to streamline corporate sustainability requirements which are captured in an “Omnibus”. Specifically, they approved a delay to the current timetable of the Corporate Sustainability Reporting Directive (“CSRD”) and Corporate Sustainability Due Diligence Directive (“CSDDD”), as proposed in a “Stop-the-clock” Directive, with the substantive changes to reporting requirements to be proposed in a separate Directive.
Specifically, EU Member States at the European Council have supported the European Commission’s proposal to postpone:
by two years the application of the CSRD requirements for large companies that have not yet started reporting, as well as listed SMEs. The effect is that companies expecting to prepare the first report for the financial year 2025, would instead have to prepare the first report for the financial year 2027, and
by one year the transposition deadline and the first phase of the application (covering the largest companies) of the CSDDD. As a result, companies would phase in from July 2028 rather than July 2027.
The support from the European Council to streamline the corporate sustainability reporting requirements has generally been enthusiastic. For example, Adam Szłapka, Minister for the European Union of Poland, said of the Stop-the-clock Directive, that “today’s agreement is a first step on our decisive path to cut red tape and make the EU more competitive”.
Now that the European Council’s negotiating mandate has been approved, interinstitutional negotiations can be entered into. The European Parliament is scheduled to vote on 1 April 2025 on the Stop-the-clock Directive which is being presented to Members of the European Parliament (“MEPs”) on an urgent procedure, requiring a simple majority of MEPs present to approve it. The overall expectation is that this vote is likely to pass, however, how the separate Directive that will cover the changes to the substantive requirements will progress well be hotly debated.
For U.S. companies in particular where there is a movement under a proposed PROTECT USA Act to prevent various U.S. entities from complying with “foreign sustainability due diligence legislation”, should the Stop-the-clock Directive be approved it would at least provide a reprieve. This would allow companies time to recalibrate their approaches to sustainability in the currently fractured political landscape.
EU Platform on Sustainable Finance Focuses on Usefulness of Taxonomy in Response to European Commission Proposal
On the 26 March 2025, the EU Platform on Sustainable Finance (“Platform”) responded to the European Commission’s call for evidence on the draft delegated regulation amending the Taxonomy Delegated Acts[1] (the “Taxonomy”).
The Platform welcomes many of the proposed amendments and notes that several of the Platform’s recommendations from their February 2025 report on the simplification of Taxonomy reporting has been taken into consideration. However, despite this positivity, the Platform has also flagged some serious concerns with respect to the European Commission’s proposed changes to reduce the scope of Taxonomy reporting, as set out in its “Omnibus” proposals to streamline the Corporate Sustainability Reporting Directive (“CSRD”).
The Platform considers that reducing the scope of the current CSRD requirements not only results in the loss of specific Taxonomy data, but also reduces the effectiveness of the Taxonomy generally in the market. As a result, the Platform has proposed a number of updates in relation to the draft regulation, including:
introducing a regime for all companies to report partial Taxonomy-alignment;
clarifying the materiality threshold to ensure that it applies to cumulative exposure and not individual economic activities;
reporting for non-SME companies below the 1,000-employee threshold should be focused on the most essential standards (including Taxonomy-alignment); and
postponing trading books, fees and commission as key performance indicators for banks to 2027.
Additionally, the Platform has also recommended that additional guidance could be issued to support simplifying the Taxonomy’s implementation and process.
Finally, the Platform recommends some form of mechanism to be introduced to allow for responses to Taxonomy-related queries to be dealt with in real time.
[1] The regulation proposed by the Commission contains amendments the Taxonomy Disclosures Delegated Act ((EU) 2021/2178), the Taxonomy Climate Delegated Act ((EU) 2021/2139) and the Taxonomy Environmental Delegated Act ((EU) 2023/2486).
Ch-ch-ch-ch-changes… Part 2
In our earlier blog on recent changes affecting the Competition and Markets Authority (CMA), we anticipated more changes to come. The month of March has lived up to our expectations. On 12 March, the CMA launched a “call for evidence” for the review of its approach to merger remedies as well as a “Mergers Charter” for businesses, stating that:
“Both the merger remedies review and the Mergers Charter are part of the CMA’s programme of work to implement the ‘4Ps’ – pace, predictability, proportionality and process – across all its work, helping to drive growth and enhance business and investor confidence.”[1]
The Mergers Charter[2]
The charter sets out principles as well as expectations for how the CMA will interact with businesses as well as their advisers during merger reviews – but also how the CMA expects businesses to act in return.
While carrying out merger reviews, the CMA is committed to four principles: process, proportionality, pace and predictability.
These principles are meant to help the CMA ensure they reach the correct decisions, as quickly as possible, while minimising the burden on businesses.
The “charter is a statement of intent”, but the document itself has no legal status.
In relation to the 4P’s, the following is said:
Pace – “The CMA is committed to reaching sound decisions as quickly as possible. Cooperation of businesses is a vital part of this process.”
Predictability –“Predictability is important for investor confidence and business decision-making. This includes being as clear as we can be to minimise uncertainty over whether we will review a particular deal or not.”
Proportionality – “The CMA is committed to acting proportionately in the conduct of its merger reviews.”
Process– “The CMA is committed to engaging directly with businesses during its merger reviews … Open and constructive engagement is a crucial part of this.”
The Call for Evidence[3]
This call for evidence will remain open until 12 May 2025.
“The CMA is seeking feedback on 3 key areas:
How the CMA approaches remedies, including the circumstances in which a behavioural remedy may be appropriate.
How remedies can be used to preserve any pro-competitive effects of a merger and other customer benefits.
How the process of assessing remedies can be made as quick and efficient as possible.”
Additionally, the CMA will also be running a series of outreach and roundtable sessions to gather input.
As Joel Bamford (executive director for mergers at the CMA) has stated:
“Casting the net widely for input for the merger remedies review is crucial to getting a range of views – to this end we’re going to be holding webinars and hosting roundtables so we’re gathering the best quality feedback directly from those impacted by UK merger control.”
“We’re moving rapidly to deliver on our commitment to update the UK’s mergers regime, focusing on pace, predictability, proportionality and process. The remedies review and charter represent crucial progress as we turn those principles into practice.”[4]
Sarah Cardell Speech[5]
Around the same time of the announcement of this call for evidence, a recent speech from Sarah Cardell (the CMA chief executive) also highlighted a paced and proportionate approach to two areas of focus for the CMA’s new consumer protection powers under the Digital Markets, Competition and Consumers Act 2024 (DMCCA): drip pricing and fake reviews.
Fake Reviews
The CMA confirmed that it is ready to take action against fake reviews under the new regime. However, Sarah Cardell went on to say:
“Although we can tackle fake reviews under our existing powers … we recognise that new provisions may require changes to systems and compliance programmes … so for the first 3 months of the new regime we will focus on supporting businesses with their compliance efforts rather than enforcement.”
Drip Pricing
In relation to drip pricing, Sarah Cardell mentioned how:
“I am announcing today that we will take a phased approach to the guidance here. In April, we will provide a clear framework for complying with the parts of the law which are already well understood and largely unchanged … These ‘dripped fees’ harm consumers, and fair dealing businesses, by hindering effective price competition – which we know primarily happens on headline prices.”
Conclusion
The CMA continues to adapt its approach in response to the UK government’s steer towards growth. Business should reflect how to adapt to these changes in turn, and the call for evidence provides a first opportunity for businesses to help the CMA put its 4P’s principles into practice.
[1] CMA launches review of merger remedies approach and publishes new mergers charter – GOV.UK
[2] Mergers charter – GOV.UK
[3] CMA launches review of merger remedies approach and publishes new mergers charter – GOV.UK
[4] CMA launches review of merger remedies approach and publishes new mergers charter – GOV.UK
[5] Promoting competition and protecting consumers in the digital age: a roadmap for growth – GOV.UK
Europe – Pay Transparency Directive: Preparing for the Great Unknown?
Over the last few months, we have done a lot of sessions with clients on the Pay Transparency Directive. Chief among the questions that inevitably comes up is implementation of the Directive in the different Member States. Clients wonder if and how they can prepare for June 2026 when – as per usual – most Member States are nowhere near presenting even draft legislation to translate the Directive into national legislation.
Our response to this entirely sensible question is always the same: while we will of course track local developments and keep you updated, please do not wait until there is more clarity from national legislators to take action on this topic. You don’t have to know about every nut and bolt of the finished product to know enough to start your preparation, especially as the Directive does set out very clear pointers on the likely direction of travel.
One of the main principles of the Directive is that Member States should take the necessary measures to ensure that “employers have pay structures ensuring equal pay for equal work or work of equal value”. These pay structures should be based on a job evaluation scheme which considers skills, effort, responsibility and working conditions (and, if appropriate, any other factors which are relevant to the specific job or position). There is no chance that those key indicators will be altered materially pre-implementation – while it is possible that some states may add further considerations, that will almost certainly be by way of illustration or expansion of those criteria, not variation of them. Making sure that the organisation has the right structures and schemes in place and determining the pay gaps in the organisation on this basis is a project that will likely take a couple of months, which does not leave an awful lot of time to remedy any gaps above 5% that would come out of the analysis.
And yes, the Directive does look to Member States to take the necessary measures to ensure that “analytical tools or methodologies are made available to support and guide the assessment and comparison of the value of work in accordance with the [above] criteria”. But in the current political climate, where even European Commission president Ursula von der Leyen has announced a drive for de-regulation, we do not expect that the Member States will be demonstrating excessive zeal when implementing this provision. Rather we expect that those which are already quite advanced on this topic – e.g. Spain, which has a public on-line job evaluation tool – will maintain what’s already in place, whereas those less prepared Member States (which is the large majority) will likely leave it at the level of the principles set out by the Directive, without much more.
The first Member States that have issued draft legislation seem to confirm this prediction:
Sweden’s existing legislation is already in line with the Directive’s requirements, requiring employers to conduct annual reviews of equal jobs and jobs of equal value. Under the existing legislation, companies with 10 or more employees must document the salary review in writing, including specific measures to address any identified pay gap issues, while companies with 25 or more employees must also produce annual equality plans. The draft legislation to transpose the Directive is in fact a set of amendments to existing legislation:
As per the Directive, employers must provide information to job applicants about the initial salary or range for the position. Sweden adds the obligation to offer information on any relevant collective bargaining agreement provisions on salary. Answering a question we also get quite often, the Swedish draft Bill specifies that this information does not need to be included in the job postings but should be provided in reasonable time to allow for an informed negotiation on pay. In line with the Directive, employers cannot ask prior salary history.
Employers must inform employees about the “standards and practices” for wages, to help employees understand the annual equal pay salary reviews being conducted.
Also in line with the Directive, employees must have rights to information on their individual pay level and average pay levels for workers performing equal work, broken down by gender.
Employers with 100 or more employees must report gender pay gaps during the calendar year for the overall workforce to the Equality Ombudsman, who will publish this information. Employers must also report to the Ombudsman pay gaps by groupings of employees performing equal work, explaining differences of 5% or more with objective reasons or actions to be taken.
Finally, the annual equal pay salary analysis must also include a comparison between women’s and men’s pay progression in connection with parental leave and pay progression for employees who perform equal work or work of equal value, compared to employees who have not taken a corresponding period of leave. This provision goes beyond Directive requirements, which only ask that family leaves be considered as part of a joint pay assessment (the further analysis imposed if the annual pay gap report shows a pay gap of 5% upwards in any given category).
Ireland’s draft bill is less ambitious (though all credit to them for at least having started) as it only entails a partial implementation of the Directive. The draft Bill has a wider scope than the transposition of the Directive and includes two provisions relating to pay transparency:
It requires employers to provide information about salary levels or ranges in the job advertisement. This requirement is slightly more restrictive than the Directive, which does not state that this information must be published (already) in the job advert. It is not clear in this stage exactly how detailed the information on pay range will need to be.
In line with the Directive, the second measure prohibits employers from asking job applicants about their own pay history or their current rate of pay.
In Poland, quite interestingly, Members of Parliament presented in December 2024 their own draft Bill, not waiting for the results from the governmental working group tasked with preparation for the implementing law. In February, the Polish Parliament (by a scarce majority of votes of 229 to 201 and against the majority of Ministries and institutions which commented upon on the draft Bill) decided to proceed with this draft while the other is in the early preparatory stages. The current draft focuses on implementing only parts of the Directive focused on:
pay transparency: salaries and salary levels will not be confidential (no exceptions), and employees will have the right to request information on their individual salary levels and average salary levels; employer will not be able to prohibit or prevent an employee from disclosing information about their salary (not even if such disclosure may hurt business interest and is not necessarily focused on ensuring equal pay),
pay transparency in recruitment: the employer, publishing information on an open job position, shall identify the proposed level of salary, indicating its minimum and maximum amount; similarly to Ireland, the employer is required to publish salary proposals in the “information on possibility to hire an employee on a specific job position” (which we understand to mean the job advertisement), and there is no flexibility as to how and when this information is to be provided to the candidate.
pay progression information: employer shall provide the employee with access to the criteria used to determine employee salary and pay progression; such criteria must be objective and gender-neutral; the draft Bill suggests that employers with fewer than 50 employees “may be released from this obligation”. It is not, however, clear by whom.
new penalties will be imposed on employers in Poland for not informing employees of their salary level when requested, for not publishing information on salary in job advertisements and for employing an employee at a salary lower than stipulated in the job posting. This raises a number of questions, e.g. what if the salary is lower because the parties agreed to proceed with a part-time employment or to a reduction in scope of responsibilities? Will this still be a punishable offence?
The draft Bill is rather short and it does not touch upon sensitive topics such as job evaluation, objective or gender-neutral criteria for differentiation of salaries, or gender pay gap reporting. These matters are expected to be comprehensively regulated only in the governmental Bill, which is still a “work in progress” and not expected any time soon. It is fair to say that no guidance may be taken from the draft Bill as proposed, and at places it is actually quite confusing.
Finally, in Germany, the interim Minister for Family, Senior Citizens, Women and Youth, Lisa Paus, has apparently announced in a private meeting a couple of months ago that Germany will likely go for continued flexibility in setting categories of workers without imposed pay evaluation systems. Germany will also focus heavily on the Right to Information, which already exists but will be strengthened in the framework of the transposition process. This information is however not yet confirmed on the interim Minister’s website. At the moment, it is unclear whether this approach will be continued because the Green Party, of the which the interim Minister is a member, will no longer form part of the new government. It is uncertain what the priorities of the new government will be when implementing the Directive. We will keep you updated.
In summary, only four Member States have allowed us a view into their thinking on Pay Transparency Directive implementation, but in none of the four cases is the output of such a nature that it should prevent companies from making a start on the biggest chunk of the work, around fair job evaluation and the assessment and analysis of the gaps as they present themselves on the basis of such job evaluation. The time is now, more than ever.
Coming Soon: Coordinated Pan-European Enforcement of the ‘Right to Erasure’
The European Data Protection Board (EDPB) recently announced the launch of its 2025 Coordinated Enforcement Framework (CEF) action, which will focus on the right to erasure, also known as the “right to be forgotten,” or, in the United States, the “right to delete.”
This initiative marks a significant shift in enforcement priorities for Europe’s Data Protection Authorities (DPAs) and reflects an increased focus on ensuring compliance with Article 17 of the General Data Protection Regulation (GDPR), which grants individuals the right to have their personal data deleted in certain situations.
Quick Hits
EDPB’s 2025 Enforcement Focus: The CEF will prioritize enforcement of the right to erasure under Article 17 of the GDPR and involve coordination among thirty-two DPAs across Europe.
Increased Scrutiny of Compliance: Organizations may face increased information requests, investigations, and follow-up actions to evaluate their erasure practices and identify compliance gaps.
Preparing for Enforcement: Organizations will likely want to review and refine their erasure request processes to ensure timely responses, proper application of exceptions, and effective data deletion across all systems, including backup systems, and also review their broader GDPR compliance framework to mitigate possible risk in the event of a broader request for information.
The right to erasure is one of the most frequently exercised rights under the GDPR. However, it is also a common source of complaints to DPAs and, when exercised in conjunction with other rights, such as the right to portability, is one of the more visible areas of GDPR noncompliance. The 2025 CEF action involves thirty-two DPAs across the European Economic Area that will begin contacting organizations directly to engage in formal and informal activities aimed at evaluating how the organizations handle and respond to erasure requests. A particular focus of the CEF action will be:
assessing organizational compliance with the conditions and exceptions outlined in Article 17 of the GDPR;
identifying gaps in the processes used by data controllers to manage data subject requests to erase; and
promoting best practices for organizations’ handling of such requests.
Organizations across various sectors can expect increased scrutiny from DPAs. This may include simple information requests from DPAs to evaluate their current erasure practices and procedures, but will also, in some circumstances, result in formal investigations and regulatory follow-up actions. Because this is a coordinated, pan-European enforcement focus, organizations can expect more targeted follow-ups both nationally and internationally as the year progresses.
Organizations can prepare for the heightened attention due to be paid to their erasure request handling processes by taking proactive steps to ensure that their data management practices align with GDPR requirements, particularly regarding:
timely and accurate responses to erasure requests (i.e., within one month of the request);
accurate application of exceptions, such as when data retention is necessary for legal compliance, or tasks carried out in the public interest or in the exercise of official authority;
appropriate notification of erasure requests to other organizations where relevant personal data has been disclosed or made public;
comprehensive processes to effectively erase data, such as erasure of personal data on backup systems in addition to live systems; and
transparent communication with individuals who submit requests for erasure about their rights and the outcomes of their requests.
Organizations may also want to review their broader GDPR compliance frameworks, as a pulled thread on a single identified non-compliance issue could unravel further areas of scrutiny and potentially trigger a larger and broader investigation into the business’s compliance posture on the whole.
Kryptofonds in Deutschland – Was Verwahrstellen und Kapitalverwaltungsgesellschaften (voraussichtlich) beachten müssen
Das Inkrafttreten des Zukunftsfinanzierungsgesetzes markierte bereits 2023 die Geburtsstunde der „Kryptofonds“ in Deutschland, indem die unmittelbare Anlage in Kryptowerte auch für Publikumsfonds (i.S.d. §§ 221 bzw. 261 KAGB) ermöglicht wurde. Mit dem Ende 2024 in Kraft getretenen Finanzmarktdigitalisierungsgesetz hat man diese Idee vor dem Hintergrund der MiCAR mit einem Verweis auf dessen Kryptowerte-Begriff nun vollendet.
Da ein Investment in Kryptowerte mit neuen, spezifischen Risiken einhergeht, hat die BaFin den ersten Entwurf eines Rundschreibens zu den Pflichten von Verwahrstelle und Kapitalverwaltungsgesellschaft bei in Kryptowerte investierenden Investmentvermögen zur Konsultation (06/25) gestellt. Es soll einen grundlegenden Rahmen an regulatorischen Mindestanforderungen für Direktinvestitionen in Kryptowerte durch Fonds setzen und ist damit höchst praxisrelevant. Als Rundschreiben hat es nicht die Qualität einer echten Rechtsnorm bildet aber die von der BaFin angewandte Verwaltungspraxis ab.
Pflichten der Verwahrstelle
Grundsätzlich gelten die Pflichten der Verwahrstelle, die sich bereits aus dem Gesetz und dem Verwahrstellenrundschreiben ergeben, weiterhin und sollen durch das Rundschreiben ggf. vorrangig ergänzt werden.
Zusätzlich verlangt die BaFin laut dem Rundschreiben außerdem:
• Pflichten bereits vor der Übernahme eines Mandats. Insofern seien – angesichts der hohen Volatilität von Kryptowerten – bereits im Vorfeld Prozesse zu schaffen, die der Verwahrstelle ermöglichen, informiert das Marktrisiko zu erfassen und kontinuierlich zu bewerten.• Ausreichende sachliche und personelle Ressourcen. Dies betreffe grundsätzlich alle Ebenen und in besonderem Maße die fachliche Eignung der Geschäftsleiter. Hier erkennt die BaFin an, dass insbesondere praktische Vorerfahrungen in Bezug auf eine solch junge Asset-Klasse regelmäßig nur eingeschränkt vorhanden seien. Sie ermöglicht daher einen auf theoretischem Wissen fundierten Aufbau über einen Zeitraum von 6 Monaten.• Geeignete organisatorische Vorkehrungen und zwingend technische Vorkehrungen. Dies schließe IT-Systeme und -Prozesse ein und gelte in besonderem Maße, wenn die Verwahrstelle private Schlüssel zu den Kryptowerten verwahrt. Dann bedürfe es eines darauf ausgerichteten speziellen „Kryptokonzepts“.
Außerdem sei, wie auch bei anderen Assets, zu unterscheiden, je nachdem ob die Kryptowerte verwahrfähig i.S.d. §§ 72 bzw. 81 KAGB sind. Maßgeblich wird es hier auf die Einzelfallprüfung ankommen. Insofern fällt auf, dass die BaFin in ihrem Rundschreiben einen weiten „Kryptowert“-Begriff anwendet und etwa MiFID-Finanzinstrumente i.S.d. Artikel 2 Abs. 4 MiCAR nicht bereits von vornherein aussteuert. Die MiCAR unterscheidet hier konsequent zwischen „Kryptowerten“ und (ggf. auch auf DLT-Basis emittierten MiFID-)„Finanzinstrumenten“, für die die MiCAR entsprechend nicht gilt. Die überwiegend aus 2022 stammenden und inzwischen längst überholten Ausführungen der BaFin zu ihrem Verständnis von „Kryptotoken“, auf die die BaFin im Rundschreiben verweist, sind entsprechend wenig hilfreich.
Gleiches gilt mit Blick auf die Ausführungen zur Verwahrung von (BaFin-)Kryptowerten, weil eine begrifflich klare Unterscheidung verdeutlichen würde, dass DLT-basierte MiFID-Finanzinstrumente gleichsam MiFID-Finanzinstrumente und eben keine MiCAR-Kryptowerte sind. Wo das KAGB und die AIFMD auf den Begriff der MiFID-Finanzinstrumente zur Annahme der Verwahrfähigkeit abstellen, hätte es hier keiner Erörterungen bedurft.
Schließlich weist die BaFin darauf hin, dass ggf. zusätzliche Erlaubnisse erforderlich sein können, insbesondere für eine etwaige Erbringung des Kryptoverwahrgeschäfts in Bezug auf MiCAR-Kryptowerte.
Lautet das Ergebnis der Einzelfallprüfung, dass es sich um nicht verwahrfähige (MiCAR-)Kryptowerte handele, träfen die Verwahrstelle entsprechend die Pflichten für nicht-verwahrfähige Assets aus § 81 Abs. 1 Nr. 2 KAGB (bzw. § 72 Abs. 1 Nr. 2 KAGB). Diese umfassen eine Feststellungspflicht bzgl. des Eigentums bzw. einer entsprechenden Rechtsposition, die Prüfung und Sicherstellung der Zuordnung und Zugriffsmöglichkeiten des Kryptowerts (einschließlich etwaiger Rechte Dritter), die Erfassung in einem kontinuierlich gepflegten Bestandsverzeichnis. Zudem sei ggf. vertraglich sicherzustellen, dass die Verwahrstelle Zugang zu den Systemen des Kryptoverwahrers erhält.
Daneben würden die allgemeinen Kontrollpflichten der Verwahrstelle (vgl. §§ 76 und 83 KAGB) gelten. So müsse sie insbesondere prüfen, ob ein Erwerb von Kryptowerten mit den Anlagebedingungen vereinbar und ob die Erwerbsgeschäfte marktgerecht sind.
Pflichten der Kapitalverwaltungsgesellschaft
Die Kapitalverwaltungsgesellschaft („KVG“) muss den gleichen Risiken Rechnung tragen wie die Verwahrstelle, sodass in Bezug auf einen Direkterwerb von Kryptowerten auch ähnliche Konsequenzen folgen.
Zunächst sei ggf. eine Erweiterung der Erlaubnis zu beantragen, die den direkten Erwerb von Kryptowerten umfasst, weil bisherige Erlaubnisse auf andere Vermögensgegenstände lauten dürften. Insofern stellt die BaFin hier klar, dass der Katalog nach ihrem Verständnis statisch sei und Änderungen nicht von einer bisherigen Erlaubnis gedeckt seien. Insofern sei auch zu beachten, dass eine Verwahrung durch die KVG selbst nicht möglich wäre.
Auch in der KVG seien entsprechend hinreichende Ressourcen und Kenntnisse und Erfahrungen des Personals, ggf. unter Einstellung fachkundiger, externer Experten, sicherzustellen. Auch müssten die Geschäftsleiter ausreichende fachliche Eignung haben, wobei die gleiche Frist von sechs Monaten gelte wie für Geschäftsleiter der Verwahrstelle.
Zudem seien die Prozesse der KVG entsprechend anzupassen und zwingend vor der erstmaligen Investition in Kryptowerte ein Neue-Produkte-Prozess durchzuführen. Dieser müsste vor allem die einhergehenden ggf. erhöhten Risiken und deren Management abbilden sowie Vorgaben zur Best Execution und der Marktgerechtigkeitskontrolle und Wertermittlung machen.
Rundschreiben als Leitplanke
Sowohl Verwahrstellen als auch Kapitalverwaltungsgesellschaften, vor allem wenn sie bereits etablierte Prozesse für andere Finanzinstrumente haben, sollten anhand der Vorgaben des Rundschreibens als Leitplanke und unter Berücksichtigung der spezifischen Risiken von Kryptowerten funktionierende und aufsichtsfeste Strukturen für Direktinvestments schaffen können.
Wer Kryptofonds in Deutschland anbieten will, sollte zunächst prüfen, ob die dahingehende Erlaubnis ausreicht. Besonderes Augenmerk ist dann auf die (technischen) Ressourcen und das Know-How der Mitarbeiter zu legen – und darauf, in welcher Form der Entwurf nach Abschluss der Konsultation veröffentlicht wird.
“Glass Ceilings Have Been Shattered”: Analysing the Impact of Kirsty Coventry’s Election as the Next IOC President
“Seismic”, “groundbreaking”, “landmark”. These are all words that have been used to describe Kirsty Coventry’s appointment as the next IOC President, after she swept to victory in the leadership election on 20 March 2025, winning more votes than the other six male candidates combined. The 41-year-old Zimbabwean will become the second youngest[1], first female and first African to hold the role in the IOC’s 130-year history.
“I hope that this vote will be an inspiration to many people… Glass ceilings have been shattered today, and I am fully aware of my responsibilities as a role model.”
(Kirsty Coventry, 20 March 2025)
The reaction of the global sports community to Ms Coventry’s election has largely been positive, with her rivals magnanimous in defeat. However, as outlined below, there are some commentators who point to the alleged airbrushing of political controversies, and others who say that her appointment will ensure a “continuation of the same” given that Ms Coventry is already on the IOC Executive Board[2] and was acknowledged as the favoured candidate of outgoing President Thomas Bach.
In this article I will examine:
Why Ms Coventry’s electoral success has divided opinion in some quarters;
The bases on which she campaigned, and how her manifesto differed to those of her rivals;
The potential impact of her appointment on a practical level; and
What Ms Coventry’s immediate challenges may be when she formally takes up the IOC Presidency in June.
Immediate reaction to Ms Coventry’s “landslide” victory
Only one round of voting was required for Ms Coventry, a five-time Olympic swimmer herself, to win the election outright. She secured more than 50% (49 votes of the total 97 votes), with Juan Antonio Samaranch Jr (28 votes) and Lord Sebastian Coe (8 votes) second and third respectively. Whilst Ms Coventry was one of the favourites, the emphatic nature of the result did come as a surprise to many.
Few, if anyone, can deny that the appointment of a woman from Africa to the most senior executive position in international sport sends a positive message. In the immediate aftermath of the election, Ms Coventry herself remarked that “it’s a really powerful signal; a signal that we’re truly global, and that we have evolved into an organisation that is truly open to diversity.”
Amongst those who have publicly praised Ms Coventry’s appointment have been:
President of the New Zealand Olympic Committee, Liz Dawson, who commented that “her fresh perspective and innovative approach will enhance the Olympic Movement and strengthen its global influence“.
President of the Brisbane 2032 Organising Committee, Andrew Liveris, who said that the vote was a “resounding proclamation of [Ms Coventry’s] leadership” and that she had “been incredibly positive, supportive and instrumental in promoting Brisbane 2032’s progress across the IOC movement and beyond”.
The African Paralympic Committee, who stated: “her election to the highest office in the global sports community is a source of pride for Africa. As the continent’s first daughter and a former athlete, [she] symbolise[s] the resilience of African women, breaking barriers and inspiring generations across the continent and beyond”.
However, not everyone has been so effusive. Questions have been raised about to her connections to the Zimbabwean Government, a regime that remains under both UK and US sanctions. First, she reportedly accepted a $100,000 cash reward from former President Robert Mugabe for winning four medals (including Gold in the 200m backstroke) at the 2008 Beijing Olympics. And then, in September 2018, she accepted a governmental position as Zimbabwe’s Minister of Youth, Sport, Arts and Recreation under current President Emmerson Mnangagwa[3]. The risk of being tarnished by association is a real one, but Ms Coventry has defended her connection with President Mnangagwa’s government, publicly stating:
“I don’t believe you can really create change if you don’t have a seat at the table… Having to navigate very sensitive issues has definitely given me extra ‘armour’ if I can put it that way for what [the IOC] will face in in the future, and we’re going to have to navigate difficult leaders that have different opinions on things.”
Away from Zimbabwean politics, some have questioned Ms Coventry’s impact within IOC circles to date, particularly as a member of the IOC’s Athletes’ Commission (which she chaired from 2018-2021). Indeed, notwithstanding that Ms Coventry has pledged to protect the female category (see below), former British swimmer Sharron Davies MBE took aim at her apparent passivity on this issue, stating “sadly for me Kirsty Coventry has… not spoken up before to protect female athletes coming behind her”.
Ms Coventry’s manifesto vs her rivals
Ms Coventry’s election manifesto, titled “Unleashing the Transformative Power of Sport” (with an accompanying strapline, “A Stronger, Sustainable, Relevant Olympic Movement”) emphasised challenging the status quo, embracing modernity, promoting sustainability and, in particular, protecting female sport. Below are key elements she campaigned on:
Empowering and protecting female athletes: Implementing stronger safeguards against gender-based violence and increased support for athlete mothers, including facilities like dedicated nursing rooms during the Games. On the complex issue of transgender participation, she advocated for policies that ensure fairness in women’s competitions based on current scientific research.
Technological integration: Emphasis on the integration of new technologies, such as online streaming and artificial intelligence, to keep the Olympics relevant and accessible to a broader audience.
Financial prioritisation: Reallocation of prize money to programmes that benefit a larger segment of the athlete community, focusing on access to training, health, and mental health support.
Inclusive participation: Highlighting the importance of IOC neutrality, she opposes the exclusion of athletes from the Olympics due to their nationality.
Embracing new regions: Expanding Olympic hosting regions, particularly in Africa and the Middle East. This would increase global engagement, create new revenue opportunities and make the Olympics more inclusive.
Unsurprisingly, there was a degree of overlap between most of the candidates’ campaigns on certain issues, with almost all highlighting environmental sustainability and recognising the challenges to hosting the Games in a changing climate. Nevertheless, each manifesto had its own particular focus or USP, as summarised below:
Juan Antonio Samaranch Jr (IOC Member and son of a former IOC President, 28 votes): Focused on strengthening the role of IOC members, ensuring sustainability, and maintaining political neutrality. He proposed extending the retirement age of IOC members, conducting operational reviews to optimise resources, and creating a $1 billion investment fund for the IOC’s sustainability.
Lord Sebastian Coe (President of World Athletics, 8 votes): Proposed decentralising power within the IOC, leveraging the talents of its members, and enhancing the organisation’s efficiency. He also focused on sport as a powerful social tool and highlighted his extensive experience in athletics and sports administration.
David Lappartient (Head of International Cycling Union and French NOC, 4 votes): Advocated for greater involvement of IOC members in decision-making processes and proposed achieving gender parity among the IOC membership by 2036. He also emphasised the need for the IOC to lead on sustainability and climate initiatives, arguing that it should tie financial support to international federations, at least in part, to their commitment to climate issues.
Morinari Watanabe (President of International Gymnastic Federation, 4 votes): Offered unique ideas, such as hosting the Summer Games across five cities on five continents simultaneously to reduce the burden on host cities and provide continuous global coverage. He also proposed a bicameral governance system within the IOC to enhance decision-making processes.
Prince Feisal al Hussein (President of Jordan Olympic Committee, 2 votes): His manifesto centred on modernising the Olympic movement through technology and innovation. He proposed integrating esports into the Olympic framework, utilising artificial intelligence to improve sports experiences, and engaging youth throughout the Olympic cycle.
Johan Eliasch (President of International Ski Federation, 2 votes): The only candidate to broach the idea of a rotational Winter Games to address environmental concerns and ensure the event’s future viability. He offered the most “restrictive” proposal regarding the ring-fencing of women’s sport, proposing that only athletes born female should be permitted to compete in that category.
The likely impact of Ms Coventry’s election on a practical level
For all the talk of, to use Ms Coventry’s own phrase, “challenging the status quo”, a common thread in the media is that her success was built on positioning herself as a “continuity candidate”, rather than a “reformer”. She has fulfilled a number of IOC roles[4] (including being on the IOC Executive Board) since first becoming a member in 2013, and is therefore regarded as an “IOC insider”. Reuters journalist Karolos Grohmann suggested that Ms Coventry’s election ensures “smooth continuity for the IOC after Bach” as she has “towed the company line and is not expected to rock the IOC boat”.
That said, Ms Coventry should certainly enable the IOC to present itself as a progressive, diverse and “relevant” organisation. We know sport can have a unifying power, some of which can be intangible and difficult to measure, at least in the short term.
It obviously remains to be seen which elements of her manifesto she will prioritise (curating proposals can be much easier than implementation), but one area we might expect to see robust action concerns the protection of women’s sport. As it stands, the IOC permits each international federation to set its own gender eligibility rules, which has led to a range of approaches as they try to navigate inclusion on one hand, and concerns regarding fairness and safety on the other.
Ms Coventry has pledged to implement a ban on transgender athletes competing in the women’s category at the Olympics, stating in February 2025:
“I want to ensure that front and foremost, we protect (the) female category. I don’t believe that transgender female athletes should be competing at the Olympic Games [in female categories]”… I do believe everyone has the right to play sport, 100%, but when it comes to the Olympic Games … being a former female athlete and having two young girls, I want to ensure that category is protected.”
Although Ms Coventry has previously not been as outspoken on gender issues as the likes of Lord Coe[5], her position on transgender Olympic participation is an emphatic one, drawing on her own experiences as a former female athlete. In the short-term, we know that she intends to set up a taskforce to address how best to protect women’s sport. Looking further ahead, it would not be surprising if the IOC decided to take some of the decision-making authority away from the international federations and implement tighter, more uniform, rules.
In terms of the impact on the continent of Africa, Michael Payne, the former IOC Director of Marketing, commented: “there is no doubt that the influence of Africa in world sport will grow because of [Ms Coventry’s] appointment.” Historically, African nations have faced challenges in influencing Olympic policies, but Ms Coventry’s leadership could bring more attention to the continent’s needs and priorities, including the development of grassroots and youth programmes. One of her key manifesto points was expanding the Olympic hosting regions and her leadership could accelerate efforts to bring major sporting events (and ultimately, maybe even an Olympic Games) to her home continent, improving infrastructure and investment in African sports.
The immediate challenges
When Ms Coventry takes up her new role in June, the 2026 Milan-Cortina Winter Olympics will be just eight months away. The climate crisis has raised a number of existential questions for winter sports, as well as the need for greater flexibility around scheduling major events within the existing sporting calendar. Amongst other pressing items in her in-tray will be the selection of the host nation for the 2036 Summer Olympics (India, Qatar, Turkey, South Africa and others have all expressed interest) – specifically, how that process will work.
Perhaps her biggest immediate challenge of all will be one of diplomacy, given the complex and unpredictable geopolitical landscape she will be inheriting. It is virtually impossible to divorce sport and politics, regardless of Olympic ideals around neutrality, and the status of Russia and Belarus continues to loom large. Ms Coventry’s manifesto expressly referenced her opposition to banning any countries from the Games but, as it stands, only a handful of Russians will be competing as neutral athletes in the 2026 Winter Olympics. Sean Ingle, writing in The Guardian, contemplated whether Russia’s reintegration into Olympic sport could be part of a potential peace deal with Ukraine.
And finally, of course, Ms Coventry will need to engage, and build a relationship with, President Donald Trump ahead of the 2028 Los Angeles Games. The US President has reportedly threatened permanent visa bans on trans athletes based on sex markers. When asked about the prospect of engaging with Trump, Ms Coventry said “I have been dealing with, let’s say, difficult men in high positions since I was 20 years old… we will not waiver from our values”.
Ms Coventry’s meteoric rise from swimmer to IOC President has been remarkable and is widely welcomed, but even bigger challenges lie ahead.
[1] Pierre de Coubertin was 33 years old when he was appointed the second President of the IOC in 1896.
[2] Ms Coventry has been on the IOC Executive Board from 2018-2021 and 2023-present.
[3] Ms Coventry was re-appointed to the role in September 2023, following President Mnangagwa’s re-election. Ahead of the 2023 election, Human Rights Watch found that “rights critical for Zimbabwe’s election, such as to freedom of expression, association, and assembly, [were] imperilled… the environment for a credible, free, and fair election has been grossly diminished.”
[4] The full roster of Ms Coventry’s IOC roles since 2013 are set out on page 2 of her manifesto, which include: IOC Executive Board Member (2018-2021, 2023-present), Chair of the Coordination Commission for the 2032 Brisbane Olympic Games (2021-present), Chair of the Games Optimisation Working Gorup (2022-present), and Chair of the Athlete Commission (2018-2021).
[5] Oliver Brown, ‘Lord Coe’s defeat by “Mugabe’s golden girl” proves IOC has no desire to change’ (The Telegraph, 21 March 2025): “[Lord Coe] has consistently argued that biology trumps gender, while accusing the IOC of caving in to “second-rate sociologists” in its pursuit of inclusion of all costs.”
High Court Upholds Use of Omnibus Claims in Mass Motor Finance Litigation
A recent High Court decision in claims brought by thousands of claimants against motor finance providers has reaffirmed the validity of using omnibus claim forms in large-scale consumer litigation. The ruling has implications both for the many motor-finance mis-selling claims pending before the courts and also for mass claims in a variety of other contexts.
Background
The case involved eight omnibus claim forms issued on behalf of over 5,800 claimants against eight defendants. While the claims were at an early stage procedurally, the core allegations were that the defendants had paid undisclosed, variable commissions to motor finance brokers (car dealers), creating conflicts of interest which the claimants argued rendered the ensuing credit agreements unfair under Section 140A of the Consumer Credit Act 1974 (CCA).
Shortly after the claims were issued, and before filing any defence, the defendants objected to the use of omnibus claim forms and invited the court to sever the claims, such that the claimants’ solicitors would need to issue a separate claim form (and pay a court fee) for each claim.
Initially, a County Court judge ruled that the claims should be severed into individual cases, following Abbott v Ministry of Defence [2023] 1 WLR 4002. This would have required a separate claim form to be issued (and court fee paid) for each case. The claimants appealed, arguing that the claims could and should more appropriately be commenced under omnibus claim forms, as contemplated by CPR 7.3 and CPR 19.1.
Key Legal Considerations
CPR 7.3 allows a single claim form to be used for multiple claims if they can be “conveniently disposed of” in the same proceedings. CPR 19.1 provides that any number of claimants may be joined as parties to a claim.
In Morris v Williams & Co Solicitors [2024] EWCA Civ 376 the Court of Appeal clarified that no gloss should be put on the words of CPR 7.3 and 19.1, which should be given their ordinary meaning. The exclusionary “real progress,” “real significance,” and “must bind” tests proposed in Abbott were factors to consider but should not be viewed as exclusionary tests – the omnibus claim form jurisdiction was not as restrictive as the Group Litigation Order regime in CPR 19.21-28, and should not be treated as “GLO-light”. Abbott was overruled.
Factors Supporting Omnibus Claims
The High Court carried out a detailed analysis of the factors to be taken into account in deciding whether the claims could conveniently be disposed of together per CPR 7.3. Key points cited in favour of allowing omnibus claims to proceed included:
The large number of claimants and small number of defendants.
The claims arose from the same or similar transactions, with broadly common allegations and the same legal causes of action, raising a number of common legal and factual issues.
The likelihood that case managing the cases together by way of lead or test cases would likely facilitate the disposal of many or all of the following cases. Whereas if separate claims were issued it would be random chance which claims were heard first and whether they were appropriate test cases.
Managing the claims together would be more efficient and just, in line with the CPR 1.1 overriding objective. Costs would likely be saved overall, and court time would likely be reduced. The imbalance of financial power between individual claimants and defendants would be mitigated. There were advantages to omnibus claims management in terms of the timing and usefulness of disclosure, and the availability of expert evidence.
Practical Implications
For Defendants facing mass claims this ruling will be a concerning precedent for the use of omnibus claim forms by claimants as a strategy, with obvious advantages for claimant law firms in terms of cost, use of case management applications to gain early disclosure, and selection of common issues and test cases.
For Claimants and their advisers the decision will encourage the use of omnibus claims over the impracticality of litigating individual cases, and the relative restrictiveness of the GLO regime.
For the Courts omnibus claim forms could see large volumes of individual claims taken out of the County Courts and case managed collectively and in a less haphazard fashion than has so far been the case, with potential for many following cases to be settled out of court once lead claims have been determined. This may help with significant delays and backlogs often experienced in the County Courts.
Wider Significance
The significance of this decision in the context of motor finance claims may to some extent be rendered moot by the outcome of the Supreme Court appeal in Johnson v FirstRand and the FCA’s decision on a whether and to what extent to impose a consumer redress scheme. But in reaffirming the broad scope and flexibility of CPR 7.3 and 19.1, the ruling may pave the way for more mass claims in financial services and other contexts.
OFAC Final Rule Extends Recordkeeping Requirements to 10 Years
Highlights
U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) published a new final rule to extend recordkeeping requirements to 10 years, effective March 21, 2025
The new recordkeeping requirement is consistent with last year’s statute of limitations extension for most OFAC violations from five years to 10 years
OFAC affirmed that a conflict such as EU regulations mandating a shorter recordkeeping period would not excuse compliance
On April 24, 2024, former President Joe Biden signed into law the 21st Century Peace through Strength Act. Section 3111 of the Act extends the statute of limitations for civil and criminal violations of the International Emergency Economic Powers Act (IEEPA) and the Trading with the Enemy Act (TWEA) from five years to 10 years. These two statutes govern most sanctions programs enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC).
Pursuant to this executive order, OFAC issued a final rule on March 21, 2025, extending recordkeeping requirements for covered parties from five to 10 years. This final rule, which was effectively immediately, followed an interim final rule published by OFAC in September 2024 soliciting public comment.
The newly extended recordkeeping requirements apply to all companies and persons engaging in transactions and holding blocked property subject to OFAC oversight. Such persons are required to keep a full and accurate record of transactions and blocked property and to ensure that these records are available for examination for at least 10 years.
OFAC also made clear that a conflict in law would not excuse compliance with these requirements. The final rule specifically addresses a scenario in which the 10-year recordkeeping period may conflict with the European Union’s regulations on anti-money laundering and counterterrorism financing that mandate deletion of records after five years. In such a scenario, OFAC points to its prior guidance that said although it would consider a conflict of law on a case-by-case basis when determining the appropriate administrative action or penalty, full compliance with OFAC requirements is still expected.
Takeaways
This rule is the most recent example of the U.S. government’s increasing use of sanctions in recent years in support of its foreign policy and national security objectives. Companies may experience higher costs related to compliance with this rule, especially as standard business record retention periods are usually shorter. Additionally, companies should consider updating training, compliance programs, and due diligence checklists to reflect the extended recordkeeping period.
Court of Appeal Reaffirms Stance on Fiduciary Duties in Half-Secret Commission Cases
Some years it seems like there are no cases of any real importance. 2025 is not one of those years.
Last week a strong Court of Appeal doubled down on a key element of the landmark Johnson v FirstRand decision on secret commissions in motor finance (about to be heard before the Supreme Court). In Expert Tooling and Automation Ltd v Engie Power Ltd [2025] EWCA Civ 292 the Court held that an energy broker owed fiduciary duties not to accept half-secret commissions for broking an energy supply agreement without getting fully informed consent from its client.
Although the client was aware that the broker would be paid a commission, it was not told the amount (which was substantial) or that the commission would be funded by increasing the energy unit rate paid by the client (an arrangement not dissimilar to the discretionary commission agreement in Johnson).
The key findings were:
Fiduciary duty: the broker, as the client’s agent, owed strict fiduciary duties including not profiting from the relationship without fully informed consent. The Court held that the broker breached this duty by failing to disclose material facts about the commission structure.
Informed consent: The Court confirmed that a principal’s informed consent requires full disclosure of all material facts – not mere awareness that a commission would be paid. The fact that the client could have asked for more information did not excuse the lack of disclosure.
Accessory liability: the energy supplier, which was the party paying the commission, could only be liable for procuring the broker’s breach if it acted dishonestly. As the client had not pleaded dishonesty or run that case at trial, the claim failed on that procedural point.
Limitation: The Court held that the cause of action accrued upon payment of the commission, not entry into the underlying contract. The decision of the first instance judge that the claim in respect of the first energy supply contract was time-barred was therefore overturned.
With the Supreme Court about to have its say on the Johnson appeal, this decision underlines the clear line at Court of Appeal level that brokers will commonly owe strict fiduciary obligations requiring clear, proactive disclosure of commission arrangements that may be said to give rise to conflicts of interest. That disclosure needs to be fulsome in order to obtain informed consent.
More hopefully for half-secret commission payers (be they lenders or energy suppliers) the judgment also confirms that accessory liability in equity (where third parties are said to have induced a breach of fiduciary duty) requires proof of dishonesty, consistent with established principles in Brunei and Twinsectra. This issue will inevitably be a key battleground in the Johnson appeal and other cases targeting the payers of half-secret commission instead of the receiving brokers.
The decision may well be subject to further appeal given the pending Supreme Court consideration of Johnson.
New U.S. Import Tariffs on Certain Automobiles and Parts
On March 26, 2025, President Trump signed an executive order directing new 25% tariffs on certain automobiles and automobile parts imported into the U.S. from all countries on or after April 3, 2025. This executive order comes as businesses await the outcome of the broader reciprocal trade plan also expected to be released on April 2.
The executive order builds on an investigation undertaken during President Trump’s first term focused on U.S. imports of passenger vehicles (sedans, sport utility vehicles, crossover utility vehicles, minivans and cargo vans), light trucks (collectively, automobiles) and certain automobile parts (engines and engine parts, transmissions and powertrain parts and electrical components — collectively, automobile parts) and their effect on the national security of the U.S. under Section 232 of the Trade Expansion Act of 1962, as amended (19 U.S.C. 1862) (Section 232). When the U.S. Department of Commerce (DOC) issued findings and recommendations to the President in February 2019, the President did not take any tariff action in response to the DOC’s determination that those imports threatened to impair the national security of the United States. Now, however, President Trump has determined that changes in import trends since the initial investigation and 2019 report have exacerbated risks to U.S. manufacturing, noting that “[t]oday, only about half of the vehicles sold in the United States are manufactured domestically[.]”
These new 25% tariffs, building on the prior investigation, will largely be effective for certain automobiles (to be identified in a subsequent notice in the Federal Register) on or after 12:01 a.m. Eastern Daylight Time on April 3, 2025. The effective date for parts could be deferred; the executive order specifies an effective date to be published in the Federal Register “but no later than May 3, 2025.
Automobiles and parts eligible for the U.S.-Mexico-Canada free trade agreement (USMCA) preferential treatment will be treated differently than all other imports. Where automobiles qualify for preferential tariff treatment under USMCA, importers of those automobiles may be permitted to submit documentation identifying or substantiating the amount of U.S. content in each model imported into the United States and pay duties only on the remainder. Where automobile parts qualify for preferential treatment under USMCA, those parts will be exempted from duties until such time that the DOC, in consultation with Customs, establishes a process to apply the tariff exclusively to the value of the non-U.S. content of such automobile parts and publishes notice in the Federal Register. “U.S. content” refers to the value of the automobile attributable to parts wholly obtained, produced entirely or substantially transformed in the United States.
The duties imposed by this order will be supplemental to duties on imports already imposed pursuant to other legal tools, including IEEPA (e.g. Canada, China and Mexico), Section 232 of the Trade Expansion of 1962 (e.g. steel and aluminum), Section 301 of the Trade Act of 1974 (e.g. China) and any other authority.
These duties will be imposed concurrent with other action taken under the President’s Reciprocal Trade Plan, which is expected to announce new tariffs on April 2, 2025, and with any new tariffs imposed under the President’s March 25, 2025 executive order granting the State Department discretion to impose 25% import duties on U.S. imports from countries that themselves import Venezuelan oil on or after April 2, 2025.
AI Governance: Steps to Adopt an AI Governance Program
There are many factors to consider when assisting clients with assessing the use of artificial intelligence (AI) tools in an organization and developing and implementing an AI Governance Program. Although adopting an AI Governance Program is a no-brainer, no form of a governance program is insufficient. Each organization has to evaluate how it will use AI tools, whether (and how) it will develop its own, whether it will allow third-party tools to be used with its data, the associated risks, and what guardrails and guidance to provide to employees about their use.
Many organizations don’t know where to start when thinking about an AI Governance Program. I came across a guide that I thought might be helpful in kickstarting your thinking about the process: Syncari’s “The Ultimate AI Governance Guide: Best Practices for Enterprise Success.”
Although the article scratches the surface of how to develop and implement an AI Governance Program, it is a good start to the internal conversation regarding some basic questions to ask and risks that may be present with AI tools. Although the article mentions AI regulations, including the EU AI Act and GDPR, it is important to consider state AI regulations being introduced and passed daily in the U.S. In addition, when considering third-party AI tools, it is important to question the third-party on how it collects, uses, and discloses company data, and whether company data is being used to train the AI tool.
Now is the time to start discussing how you will develop and implement your AI Governance Program. Your employees are probably already using it, so assess the risk and get some guardrails around it.