How do you approach managing legal aspects during periods of instability or crises, and how does your legal strategy align with the broader business strategy to ensure the organisation’s resilience?

In times of instability or crises, my approach is to anchor the legal strategy firmly within the broader organisational goals to safeguard resilience. The focus begins with a rapid but comprehensive and interdisciplinary risk assessment (the mini(e)-taskforce). This includes identifying legal, regulatory, and contractual vulnerabilities that may surface during a crisis while also considering cross-functional impact areas like supply chain, finance, and operational continuity. By establishing a transparent response framework, which includes communication with Headquarters, close work with the managing directors as well as with business leaders – I call it “mingling the legal” – to ensure alignment between our legal response and the company’s strategic objectives, and above all, customer satisfaction, creating a balance between regulatory adherence and business flexibility. I prioritise transparent communication across the board, ensuring that key stakeholders are well-informed of ongoing developments and potential legal implications. This way, I can adapt legal measures to support business needs while mitigating risks, especially during project crises – in terms of disruptions in the supply chain, manufacturing issues, EOT requests, carefully reviewing contracts for renegotiation opportunities, cascading down our risks. This holistic approach ensures that legal strategies enable the company to make business decisions and reach targets based on informed decisions and mitigated risks.

How have you integrated technology into your legal processes, and what impact has this had on efficiency and compliance?

Due to budget constraints but conscious of the fast-paced demands of the business to increase efficiency within the legal and compliance department, I started integrating technology into our legal processes by searching for available tools in the company that were already being used by other departments. Together with the IT department, we engineered a Legal Help Desk that also serves as a contract management system. The system differentiates between compliance and legal tasks, ensuring higher efficiency through request-appropriate workflows. The expansion of the system to become a proficient contract lifecycle management system, which automates contract creation and approval processes, is a work in progress, as well as the legal blog via Yammer. The system has helped the legal and compliance department in establishing clear and measurable KPIs and also identifying the areas of law that are in higher demand within the business units, recognising weaknesses either in terms of response time or internal knowledge, and creating transparency across the company on the tasks and workload of the Legal and Compliance department. The assessment will lead to new measures that help us to reduce long lead times through targeted digitalisation. Additionally, the new MS Office 365 with integrated AI in all the common applications has increased efficiency in back-office tasks, such as creating presentations, agendas, and summaries with relevant facts, decisions, and pending actions from the last project-related meetings and emails. Hence, the legal department can dedicate additional time to complex matters. On governance matters, all relevant documents have been digitalised and integrated into the Legal Help Desk, increasing transparency across the company and ensuring compliance. In terms of compliance (training), I must recognise that all digital tools available, including AI, do not produce the same results as those achieved by means of personal training with a short, strong, and humorous message that catches attention and stays in mind.

What do you see as the major legal challenges for businesses in Germany over the next five years, and how are you preparing to address them?

The legal landscape in Germany is rapidly evolving, and the coming five years will bring several critical challenges caused by the increasing over-legislative activity of the EU. The regulatory framework is consuming industries that were not previously regulated, occupying legal & compliance departments with exceptional reporting obligations that require proper clauses in contracts to obtain such information. Yet the legislator has forgotten that some other laws, such as data privacy, business trade secrets, IP law, etc., in several cases oppose the disclosure of the information needed to comply with other regulations (e.g., Supply Chain Due Diligence). The rise of regulation towards the use of AI will also place a high toll on legal departments, with the implementation of NIS4, the AI Act, and the Cyber Resilience Act (CRA) complicating the panorama and potentially jeopardising the digitalisation process, as well as increasing the reporting activities of the legal and compliance departments, leading to long lead times, reducing efficiency and leaving less time to enable business opportunities by eliminating or mitigating associated risks. Additionally, bureaucracy will continue to be a significant challenge, as even governmental attempts to reduce it have shown no significant improvement, while over-legislation is burdening companies, particularly small legal departments.