Our Topics

The German Federal Ministry for Economic Affairs and Climate Action (BMWK) can review and restrict the acquisition of German companies or stakes in German companies by foreign investors in order to safeguard the public order or security or the essential security interests of the Federal Republic of Germany. It is therefore always necessary in the context of M&A transactions to review whether the planned transaction is subject to a notification obligation or whether a voluntary notification is advisable.

Often there is a close connection with sensitive items and critical infrastructures. You benefit from our many years of experience with the classification of such items and the designation of infrastructures as critical within the meaning of the BSI-KritisV.

We support both investors and sellers in reviewing M&A transactions under foreign direct investment (FDI) screening laws and regulations, as well as in the drafting of contracts. In the case of a notification obligation or the application for a certificate of non-objection, we represent you before the BMWK during the entire review process, including in possible negotiations on contractual assurances and conditions. If a notification is required in other jurisdictions, we coordinate with specialized law firms from our network.

Critical infrastructures are certain organizations and facilities whose functioning is essential for the state community. Relevant sectors are energy, water, food, information technology and telecommunications, healthcare, finance and insurance, transportation and traffic as well as municipal waste disposal. A failure or impairment of critical infrastructures can result in supply bottlenecks or significant disruptions to public safety. Operators of critical infrastructure are therefore obliged to take measures to protect their facilities against cyber security risks. They are also subject to registration and reporting obligations.

The obligations of operators are expected to be significantly expanded in 2025 as a result of the national implementation of the NIS2 Directive and the CER Directive. In particular, the implementation of the CER Directive will mean that additional measures will have to be taken to physically protect critical infrastructures against natural hazards, attacks or sabotage.

We support you in assessing whether your company is or will be considered a critical infrastructure operator, as well as in developing strategies for the implementation of related operator obligations and the implementation of appropriate compliance measures in your company.

The number of goods, software and, above all, dual-use technologies, which are used for both civil and military purposes due to their technical nature, is growing, as is their importance for the economic security of the EU.

Dual-use goods are subject to prior licensing when exported to countries outside the EU. For certain dual-use goods, even the transfer within the EU is subject to licensing. In addition, there are national control lists of dual-use goods in Germany and other EU member states. Regular adjustments to the lists of dual-use goods always lead to new or amended licensing requirements, with such adjustments increasingly taking place at EU and member state level rather than within the framework of multilateral regimes. Even goods that are not included in any list of goods may be subject to licensing requirements if it is known that these goods are to be used for certain sensitive purposes or if the Federal Office of Economics and Export Control (BAFA) has been informed of such a sensitive use.

We monitor changes to the various control lists and support you in the export control classification of your goods and in checking and complying with existing licensing obligations, in particular in the legally compliant handling of the transfer of dual-use technologies to third countries. We also support you in the development, implementation and optimization of internal compliance structures and programs.

In view of the increase in geopolitical tensions, the focus is increasingly on potential security risks in the area of research and development. In particular, there is a risk of transfer of sensitive know-how and technology, which could be misused for military purposes in third countries, as well as the danger of research being influenced by (critical) third countries.

Security aspects are therefore playing an increasingly important role in research institutions and universities. Like start-ups, they are increasingly confronted with the challenge of dealing with potential vulnerability to misuse of future technologies at an early stage and taking appropriate measures to minimize security risks, in addition to complying with existing export control restrictions.

We have many years of experience in developing and implementing compliance management systems for research and scientific institutions and companies that help to identify, assess and avoid risks.

The EU's so-called Critical Raw Materials Act (CRMA) came into force on 24 May 2024. It is intended to secure the supply of strategic raw materials to the EU and reduce reliance on individual third countries. For this purpose, among other things, certain projects in the areas of extraction, processing and recycling are supported. Affected companies are subject in particular to risk management obligations in their supply chain as well as reporting obligations. The CRMA will also have an indirect impact on companies in the supply chain, particularly small and medium-sized companies, whose information the companies directly covered by the scope of the CRMA require for their risk analysis.

Many aspects of the CRMA are yet to be implemented in Germany. However, we are already supporting companies in assessing its potential impact on their value chains, drawing on our experience in advising on sustainability in the supply chain.