GDPR violations can cost companies up to 20 million euros or 4% of annual turnover. All companies that process personal data are affected. Systematic data protection compliance through management systems, training and proper contracts can avoid high fines.
Stolen property is punishable by imprisonment for up to five years, and up to ten years for commercial offenses. Even conditional intent is sufficient for criminal liability. Careful verification of origin and documentation when buying second-hand can avoid criminal liability. Early legal advice is essential in case of suspicion.
Accounting fraud is punishable by imprisonment for up to three years (five years in serious cases) or a fine. There is also the threat of disbarment, civil claims and reputational damage. Preventive compliance measures and early legal advice can avoid serious consequences.
Critical infrastructures are organizations and facilities that are important for the state community, the failure or impairment of which would result in lasting supply bottlenecks or significant disruptions to public safety. This includes nine sectors: energy, water, food, information technology and telecommunications, health, finance and insurance, transportation and traffic, media and culture as well as government agencies. These sectors are subject to special legal requirements and protection obligations under the IT Security Act.
Kick-back payments can constitute a criminal offense of breach of trust under Section 266 of the German Criminal Code (StGB) if they lead to a financial loss and constitute a breach of duty. Managers and decision-makers who accept or initiate such payments risk prison sentences of up to five years or - in particularly serious cases - prison sentences of six months to ten years. The legal distinction between permissible commissions and punishable embezzlement is complex and requires a careful case-by-case examination. An experienced commercial criminal law attorney can help to assess legal risks and develop defense strategies.
IT security for critical infrastructures is subject to strict legal requirements in accordance with the IT Security Act and the NIS-2 Directive. Operators of critical infrastructures must implement comprehensive security measures, report incidents and carry out regular audits. The legal obligations are complex and require both technical and organizational measures. An experienced IT lawyer can help develop compliance strategies and minimize legal risks.
German German 
English