In der unternehmensinterne Compliance wird Künstliche Intelligenz (KI) zunehmend eingesetzt. Besonders in der Exportkontrolle und im Zollrecht lassen sich durch KI signifikante Zeit- und Effizienzgewinne erzielen, etwa bei der automatisierten Zuordnung von Produkten zu Zolltarifnummern, dem Abgleich von Kunden mit Sanktionslisten oder der Identifizierung relevanter Regelwerke. Eine besonders sorgfältige, rechtlich einwandfreie Vorgehensweise ist unerlässlich. In diesem Briefing erläutern wir, wie KI auch in reaktiven Compliance-Prozessen der Exportkontrolle und des Zollrechts Chancen bietet. Die rechtlichen Herausforderungen, die dabei berücksichtigt werden müssen, haben wir bereits in unserem Briefing „KI in internen Untersuchungen“ aufgezeigt.

Auf grundlegende technologische Innovationen folgen oft spezialisierte Anwendungen – so seit einigen Jahren auch im Bereich der künstlichen Intelligenz (KI). KI gewinnt auch für interne Untersuchungen zunehmend an Bedeutung. Unternehmen stehen unter wachsendem regulatorischem, gesellschaftlichem und wirtschaftlichem Druck, Compliance-Verstöße frühzeitig zu erkennen und angemessen zu adressieren. Gleichzeitig explodieren die unternehmensintern erzeugten Datenmengen, die mit herkömmlichen Mitteln kaum noch zu durchdringen sind. KI-Systeme versprechen hier eine große Hilfestellung: Sie können riesige Datensätze analysieren und Muster erkennen, die Menschen übersehen würden. Zudem bieten sie neue Möglichkeiten der Automatisierung, Skalierung und Effizienzsteigerung.

Two months after the European Commission published its Competitiveness Compass, we take a deeper look into its strategic vision to enhance the EU’s economic resilience and global competitiveness (following up on our first overview), namely the competi-tion law aspects. The Commission is rather clear that it seeks to establish Europe’s competitiveness as the new “North Star”. However, what is not so clear: Through which paths will the Commission lead us on our journey to this North Star?

After the Oscar-worthy performance in its opening act, the DMA series is back with a brand-new season, packed with twists, turns, and regulatory cliffhangers. On March 19, 2025, the European Commission stepped into the spotlight with two decisive moves: First, it handed Apple a script rewrite, demanding new specified measures to meet interoperability obligations under the DMA. Second, it preliminarily found Alphabet in breach of the DMA by self-preferencing in Google Search and enforcing restrictive steering rules in Google Play.

In view of the increasingly acute threat situation, driven in particular by growing doubts about the US' loyalty to NATO and the resulting restriction of the conventional and nuclear deterrence, the question arises: How well prepared is Germany for a further escalation of conflicts, especially that with Russia? Should asymmetric warfare - including against Germany - have even more far-reaching consequences, what legal instruments are available to the state in order to remain capable of acting in an external or internal emergency (innerer oder äußerer Notstand)? This briefing sheds light on the security and precautionary laws (Sicherstellungs- und Vorsorgegesetze), which have been rather neglected to date, and which (should) provide the necessary instruments for such situations.

BLOMSTEIN, together with lindenpartners, supported DiliTrust, a leading CLM provider in Europe, on its acquisition of the legal tech startup PACTA. The BLOMSTEIN team, led by Roland Stein and Anna Huttenlauch, advised on investment control and merger control aspects of this transaction.

Trump is back and so are his tariffs (see our previous briefing on his return to office). As the EU has once again entered his crosshairs, the trading bloc is gearing up to defend its economy. For instance, President Trump has announced 25 % tariffs on steel and aluminium imports (set to kick in early March) as well as “reciprocal” tariffs, likely implying tariff hikes to match trading partners’ tariff rates for US goods. Meanwhile, domestic EU industries are already under considerable pressure, notably due to Chinese imports such as electric vehicles (EVs).

On the third anniversary of Russia's large-scale invasion of Ukraine, the EU has once again tightened its sanctions regime against Russia and Belarus. The most important amendments concern Regulation (EU) No 833/2014 (the Russia Regulation) and Regulation (EC) No 765/2006 (the Belarus Regulation). The respective amending Regulation (EU) 2025/395 and Regulation (EU) 2025/392 introduce additional and largely parallel restrictions on Russia and Belarus. While the extension of sanctions against the Russian “shadow fleet” or the import ban on Russian aluminium was already reported in the press, the sanctions package includes additional measures that deserve closer attention. We detail the most important aspects of these changes below.

Up until this point, there has been a strong emphasis on collaboration and unison for the EU and U.S. sanctions issued to address Russia’s aggression towards Ukraine. Now, while U.S. sanctions will not disappear overnight, there appears to be some increasing daylight in the approaches taken by the U.S. versus the EU, chiefly due to the new Trump administration’s dramatic shift in foreign policy and diplomacy. We provide highlights of the changed dynamics and potential trajectory for U.S. sanctions with respect to Russia below.

With the start of 2025, the European Union has entered a new phase of technology regulation. Over the recent past, AI competition policy has already undergone significant shifts, with increased scrutiny on Big Tech investments, ‘acqui-hires’ being treated as mergers, and growing concerns over algorithmic collusion. This is the scene that Teresa Ribera has stepped foot on as the EU's new competition chief. She has inherited a regulatory framework built on robust AI oversight from her predecessor Margrethe Vestager. However, given that her mandate is broader than just competition enforcement and now includes the ambitious goals of the European Green Deal, the crucial question is: How will Commissioner Ribera's blend of competition oversight and environmental vision shape Europe's AI industry?

Last week it became official: Germany’ will not implement the Directive (EU) 2022/2555 (known as the NIS-2 Directive) to improve cybersecurity in the EU under the current administration. See below for some guidance on what that means: