cms.law
Recht
Wien
Keine Jobs für junge Talente
Dieses Unternehmen bietet aktuell keine Jobs für junge Talente
Social Media
Use our transposition tracker to stay ahead of the EU’s tightening banking regulations. Article 21c of the Capital Requirements Directive (“CRD”), as inserted by the sixth Capital Requirements Directive (“CRD6” or “CRD VI”), will impose new restrictions on certain third country undertakings intending to provide “core banking services” within an EU Member State. Under the new rules, such undertakings will be required to establish a regulated branch in the EU (a “third country branch” or “TCB”), unless an exemption applies. EU Member States must transpose the Article 21c third country branch requirement into their national laws by 10 January 2026, with the rules taking effect from 11 January 2027. We are monitoring the latest developments from the UK and across our EU offices. Click here to access our transposition tracker from contributors across CMS: https://lnkd.in/e7khqd4w Key contacts: Tom Callaby , Ben Maconick , Aurélia Viémont , Moritz Gerstmayr
This ESMA public statement continues the multi-staged, and sometimes confusing, implementation of the MiFID II / MiFIR review, which has often involved Level 1 deadlines front-running Level 2 changes. It is also an interesting example of the approach ESMA is now taking in the absence of certain Level 2 being adopted, given the EU Commission’s recent sweeping de-prioritisation of “non-essential” Level 2. The approach of requesting that firms should use non-finalised Level 2 standards for the position management controls, position reporting and SI regime may put firms in the uncomfortable position of relying on informal guidance for compliance, in some cases seemingly contrary to Article 54(3) MiFIR which indicated existing Level 2 should remain in place until revised. Firms should carefully consider their MiFID II / MiFIR review implementation plans in light of this statement. Read our full article here: https://lnkd.in/eK6FWS9z Key contacts: Ben Maconick , Tom Callaby , Ash Saluja , Aurélia Viémont
ISO 42005 represents a significant step forward in the governance of AI systems, providing a practical, internationally recognised framework for assessing and managing their impacts. For in-house legal and commercial professionals, the standard offers a valuable tool for navigating the complex risks and opportunities presented by AI. Organisations are encouraged to review their current AI governance practices, benchmark against the new standard, and engage with legal and technical experts to assess readiness and plan for implementation. Read more: https://lnkd.in/eBwHWedn Sam De Silva , Ana-Maria Curavale
The ECB issued the final wording of its new guide on outsourcing cloud services to cloud service providers (CSPs) in July. The Guide is not legally binding and is not intended to introduce new rules over and above the DORA Regulation. It does, however, set out the ECB’s expectations on the requirements of DORA, including from the ECB’s observations of good practices. For the largest of European banks, the Guide effectively introduces an additional layer of complexity that must be addressed to ensure that its compliance with the DORA Regulation meets the ECB’s expectations. “Significant Institutions” directly supervised by the ECB are already required to review and potentially uplift their DORA controls mere months after DORA became applicable. Read more: https://lnkd.in/eV3hMS-Z Key contacts: Dora Petranyi , Katalin Horváth , Angela Greenough , Caoimhe Crowley
We would like to inform you about an important development that may impact your organisation: the European Accessibility Act ( #EAA ), adopted as Directive (EU) 2019/882 of the European Parliament and of the Council of 17 April 2019 on the accessibility requirements for products and services. This legislation is now in force throughout the European Union and marks a significant milestone in creating a more inclusive digital society in Europe. Our latest Law-Now article explores the key aspects of the European Accessibility Act, including: - What is the EAA? - Who must comply with the EAA? - Which products and services are covered by the EAA? What can you do now? Access our full article for practical steps on how to assess your obligations, identify affected products and services, and start preparing for compliance with confidence: https://lnkd.in/gR4XGxar Do you have questions, or would you like more information about the impact of the EAA on your organisation? Please feel free to contact the authors: Tiffany Perna , Valeska De Pauw , Tom De Cordier , Tom Heremans #CMSLaw
The EU Agency for Cybersecurity (ENISA) has recently released two detailed technical guidelines that translate the NIS2 Directive’s legal obligations into practical measures companies can adopt. In this article, we discuss both publications and how these might be relevant for your organisation: https://lnkd.in/eYYsYmWy Authors: Tom De Cordier , Thomas O. Dubuisson , Arthur Sabbe #CMSLaw
On 8 August the EU Commission published a draft delegated regulation and consultation on amendments to Regulation (EU) 2017/567 (the “MiFIR Delegated Regulation”). These amendments follow on from the MiFID/MiFIR review (also known as MiFID III and MIFIR II), and the EU Commission is proposing changes to the MiFIR Delegated Regulation to reflect the changes made to the “Level 1” provisions. This also follows on from the European Securities and Markets Authority (“ESMA”) delivering its technical advice to the Commission on potential changes to the MiFIR Delegated Regulation in December 2024. Read more to understand what’s changing and how it may affect your business: https://lnkd.in/eim2DKu4 Authors: Ash Saluja , Tom Callaby , Ben Maconick , Aurélia Viémont #CMSLaw
The EU AI Act’s provisions for new GPAI models apply from 2 August 2025. From this date, providers of new GPAI models must be ready to: - Publish technical documentation and model summaries - Share transparent information with users and regulators - Ensure compliance with EU copyright rules and training data transparency - For systemic-risk models: implement risk mitigation, incident reporting, and cybersecurity safeguards Explore the AI Act section in our Digital Regulation Tracker and follow GPAI-specific requirements in real time: https://lnkd.in/eEDJzNMV #CMSLaw #AIAct #GPAI #DigitalRegulationTracker #DigitalCompliance
Social Media
Use our transposition tracker to stay ahead of the EU’s tightening banking regulations. Article 21c of the Capital Requirements Directive (“CRD”), as inserted by the sixth Capital Requirements Directive (“CRD6” or “CRD VI”), will impose new restrictions on certain third country undertakings intending to provide “core banking services” within an EU Member State. Under the new rules, such undertakings will be required to establish a regulated branch in the EU (a “third country branch” or “TCB”), unless an exemption applies. EU Member States must transpose the Article 21c third country branch requirement into their national laws by 10 January 2026, with the rules taking effect from 11 January 2027. We are monitoring the latest developments from the UK and across our EU offices. Click here to access our transposition tracker from contributors across CMS: https://lnkd.in/e7khqd4w Key contacts: Tom Callaby , Ben Maconick , Aurélia Viémont , Moritz Gerstmayr
This ESMA public statement continues the multi-staged, and sometimes confusing, implementation of the MiFID II / MiFIR review, which has often involved Level 1 deadlines front-running Level 2 changes. It is also an interesting example of the approach ESMA is now taking in the absence of certain Level 2 being adopted, given the EU Commission’s recent sweeping de-prioritisation of “non-essential” Level 2. The approach of requesting that firms should use non-finalised Level 2 standards for the position management controls, position reporting and SI regime may put firms in the uncomfortable position of relying on informal guidance for compliance, in some cases seemingly contrary to Article 54(3) MiFIR which indicated existing Level 2 should remain in place until revised. Firms should carefully consider their MiFID II / MiFIR review implementation plans in light of this statement. Read our full article here: https://lnkd.in/eK6FWS9z Key contacts: Ben Maconick , Tom Callaby , Ash Saluja , Aurélia Viémont
ISO 42005 represents a significant step forward in the governance of AI systems, providing a practical, internationally recognised framework for assessing and managing their impacts. For in-house legal and commercial professionals, the standard offers a valuable tool for navigating the complex risks and opportunities presented by AI. Organisations are encouraged to review their current AI governance practices, benchmark against the new standard, and engage with legal and technical experts to assess readiness and plan for implementation. Read more: https://lnkd.in/eBwHWedn Sam De Silva , Ana-Maria Curavale
The ECB issued the final wording of its new guide on outsourcing cloud services to cloud service providers (CSPs) in July. The Guide is not legally binding and is not intended to introduce new rules over and above the DORA Regulation. It does, however, set out the ECB’s expectations on the requirements of DORA, including from the ECB’s observations of good practices. For the largest of European banks, the Guide effectively introduces an additional layer of complexity that must be addressed to ensure that its compliance with the DORA Regulation meets the ECB’s expectations. “Significant Institutions” directly supervised by the ECB are already required to review and potentially uplift their DORA controls mere months after DORA became applicable. Read more: https://lnkd.in/eV3hMS-Z Key contacts: Dora Petranyi , Katalin Horváth , Angela Greenough , Caoimhe Crowley
We would like to inform you about an important development that may impact your organisation: the European Accessibility Act ( #EAA ), adopted as Directive (EU) 2019/882 of the European Parliament and of the Council of 17 April 2019 on the accessibility requirements for products and services. This legislation is now in force throughout the European Union and marks a significant milestone in creating a more inclusive digital society in Europe. Our latest Law-Now article explores the key aspects of the European Accessibility Act, including: - What is the EAA? - Who must comply with the EAA? - Which products and services are covered by the EAA? What can you do now? Access our full article for practical steps on how to assess your obligations, identify affected products and services, and start preparing for compliance with confidence: https://lnkd.in/gR4XGxar Do you have questions, or would you like more information about the impact of the EAA on your organisation? Please feel free to contact the authors: Tiffany Perna , Valeska De Pauw , Tom De Cordier , Tom Heremans #CMSLaw
The EU Agency for Cybersecurity (ENISA) has recently released two detailed technical guidelines that translate the NIS2 Directive’s legal obligations into practical measures companies can adopt. In this article, we discuss both publications and how these might be relevant for your organisation: https://lnkd.in/eYYsYmWy Authors: Tom De Cordier , Thomas O. Dubuisson , Arthur Sabbe #CMSLaw
On 8 August the EU Commission published a draft delegated regulation and consultation on amendments to Regulation (EU) 2017/567 (the “MiFIR Delegated Regulation”). These amendments follow on from the MiFID/MiFIR review (also known as MiFID III and MIFIR II), and the EU Commission is proposing changes to the MiFIR Delegated Regulation to reflect the changes made to the “Level 1” provisions. This also follows on from the European Securities and Markets Authority (“ESMA”) delivering its technical advice to the Commission on potential changes to the MiFIR Delegated Regulation in December 2024. Read more to understand what’s changing and how it may affect your business: https://lnkd.in/eim2DKu4 Authors: Ash Saluja , Tom Callaby , Ben Maconick , Aurélia Viémont #CMSLaw
The EU AI Act’s provisions for new GPAI models apply from 2 August 2025. From this date, providers of new GPAI models must be ready to: - Publish technical documentation and model summaries - Share transparent information with users and regulators - Ensure compliance with EU copyright rules and training data transparency - For systemic-risk models: implement risk mitigation, incident reporting, and cybersecurity safeguards Explore the AI Act section in our Digital Regulation Tracker and follow GPAI-specific requirements in real time: https://lnkd.in/eEDJzNMV #CMSLaw #AIAct #GPAI #DigitalRegulationTracker #DigitalCompliance
Jobs
cms.law
Keine Jobs für junge Talente
Dieses Unternehmen bietet aktuell keine Jobs für junge Talente