How do you approach managing legal aspects during periods of instability or crises, and how does your legal strategy align with the broader business strategy to ensure the organisation’s resilience?   

After Covid-19, companies became more focused on adopting plans and strategies to manage instability and crises. The legal department is integral to this process, playing a crucial role in assessing risks, identifying potential threats, and developing and implementing relevant mitigation strategies. 

In terms of regulatory monitoring and compliance, in periods of urgency and instability, governments often rely on urgent regulatory provisions, and the legal framework is frequently subject to unpredictable changes. This can have a significant impact on business operations. The legal department is responsible for helping other areas of the business understand these changes and adjust their strategies to remain compliant with the law. This requires collaboration across the organisation, implementation of strong compliance programmes, regular employee training, and fostering a resilient corporate culture. 

Contract management has also been directly affected by emergency regulations, particularly in relation to the stability of partners and suppliers. During Covid-19, legal departments were heavily involved in discussions around Force Majeure clauses and other provisions aimed at creating flexibility in contract terms during crises, such as extensions or renegotiation clauses. Additionally, there was an increase in due diligence activities regarding suppliers and partners to assess their stability and preparedness for crises. 

Data protection and cybersecurity are particularly vulnerable during periods of crisis and instability, making them prime targets for cybercriminals. It is essential to build a strong foundation of awareness and expertise around these sensitive topics. Implementing advanced cybersecurity measures, alongside constant staff training to improve technological proficiency, is key to safeguarding sensitive information and business data from cyber threats. Within this context, three key aspects are critical: confidentiality, integrity, and availability. The legal strategy must provide specific guidelines to help the company anticipate potential risks and prepare to meet the challenges head-on. 

What are the main cases or transactions that you have been involved in recently?   

I was materially involved in several notable transactions, including: the sale of renewable energy projects, an acquisition of a 50% stake in factories linked to the renewable energy sector, and the acquisition of a UK-based developer of renewable energy projects, followed by the integration of its entire team into the Starlight structure. Additionally, I managed multiple seed or pre-seed venture capital transactions—around eleven—focused on start-ups investing in sectors such as renewable energy, the circular economy, and sustainability. 

What do you see as the major legal challenges for businesses in Italy over the next five years, and how are you preparing to address them?   

I see three key challenges that will specifically impact the renewable energy sector: 

The first is the need for a stable regulatory framework. A worrying trend is emerging where governments are overregulating business sectors like renewable energy, creating uncertainty and confusion in the investment landscape. 

The second challenge revolves around decarbonisation and climate protection. Italy is committed to achieving the objectives agreed upon at both EU and international levels. Government regulations, such as those concerning carbon emissions, combined with increasing consumer demand for sustainable products, directly affect businesses. They will need to invest in new technologies and ensure their supply chains adhere to low-carbon standards. 

The third challenge is cybersecurity. Recent global events, such as technological outages that disrupted sectors like airlines, hospitals, and banks, reveal the fragility of global technology infrastructure. This highlights the extent to which organisations rely on this infrastructure, raising serious concerns about its security and resilience. 

I believe these challenges will continue to affect business in Italy, and beyond, for at least the next five years. Market players will need to prepare by adopting flexible strategies that can manage regulatory changes and overregulation, by committing to sustainable practices through solid investment, and by ensuring their organisations are well-equipped to meet cybersecurity demands, including regulatory compliance and resource allocation.