Author: admin

With the Cybersecurity Act entering into force in February 2024, Croatia was, unexpectedly, one of the first EU member states to implement NIS2, and it seems this happened just in time. Throughout this year as well as in 2023, government and financial institutions, companies, and even airports and hospitals were targets of multiple cyberattacks. Unsurprisingly, these resulted not only in temporary loss of availability of crucial services but also in loss of data – at times even life-and-death patient data.

The local Cybersecurity Act, while retaining the main principles from NIS2 as well as the risk-based approach, has deviated from it slightly. The most notable distinction is the lack of registration obligation since in Croatia, the act envisions that relevant authorities will notify subjects in-scope on their categorization and obligations, not the other way around. The notifications should be provided by February 15, 2025 – within one year from when the act entered into force, although this deadline will likely be exceeded in practice. The idea was to provide for a gradual implementation of obligations, giving entities in scope enough time to ensure compliance.

The competent authorities for cybersecurity under the act are few, but most power resides with the Croatian Security and Intelligence Agency – a body whose main activity (up to now) was intelligence gathering and national security. This was one of the most disputed elements of the act and one which drew the most public attention. But after a while, the discussion grew quiet. Granted, cybersecurity is not the most interesting subject, but boredom cannot be an excuse for a lack of awareness. Although based on client activity and publicly available information, we could say that the level of awareness is rising – especially after the above-mentioned attacks, which attracted much media attention – it is still not sufficient given the upward trend of attacks and incidents.

This is especially important for lawyers and law firms who, regardless of size, are specific since they are bound by privilege and keep valuable data such as clients’ highly sensitive and/or personal data or financial information. This is well noted by cyber criminals too, and lawyers were not exempt from the locally occurring cyberattacks of late. Recent press clippings reported that local authorities just now arrested one of the culprits responsible for attacks that targeted more than 20 law firms, resulting in document leakage and financial loss.

Allegedly, at least some were targeted due to their connections to “high-profile” clients and cases, and their documents were supposedly leaked to the media after the lawyers failed to pay the requested ransom amount. The Croatian Bar Association commented that most attacks were conducted by way of phishing – attempts to gain unauthorized access by sending fraudulent e-mails, and in some cases, the attacks were reported to be quite sophisticated. The Bar, however, did not share any information on the level of IT security that the affected lawyers and law firms had (or did not have). Namely, local lawyers still independently decide which resources they will rely on for the protection of their and, more importantly, client data.

In Croatia, solo practices still make up much of the profession, while corporate law firms are a minority. After the pandemic prompted more governmental digitalization, local lawyers had to adapt and rely more on digital solutions, including web applications and cloud services. However, with this transition, appropriate levels of awareness did not follow. Similarly to grappling with data protection compliance, lawyers are likely to underestimate risks and often do not follow even basic security principles such as regular software updates or password changes.

This is likely to change now that the act comes into force, considering that lawyers will need to obtain cybersecurity assurances – to secure the ability to continue to provide legal support as part of their clients’ supply chain. Since being a vulnerability for their clients is not an option, the obligations under the act should be an additional encouragement for local lawyers to up their game when it comes to their IT security practices and data protection. As any legal professional knows (or should know), in addition to lost time, money, or effort, cybersecurity breaches can lead to loss of reputation and, most importantly, loss of client trust.

By Ema Mendjusic Skugor, Co-Managing Partner, and Anella Bukovic, Senior Associate, Divjak Topic Bahtijarevic & Krka

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Six years after the introduction of the GDPR, many businesses still treat it as if it were a “new law,” a regulation to be addressed later, rather than a priority today. It took years for the GDPR and data protection in general to even make their way onto Q&A lists in legal due diligence, competing alongside other established legal risks when analyzing target companies.

Even years after its implementation, many businesses continue to treat the GDPR as an unfamiliar or optional regulation. This ongoing delay creates a dangerous disconnect, as companies that neglect the GDPR expose themselves to serious risks, major fines, and significant reputational damage.

The significance of the GDPR is becoming increasingly evident, even in major transactions, where the complexity of compliance is reflected in the substantial number of work hours dedicated to addressing data protection concerns. A prime example of this is the issuance of the Republic of Croatia’s first retail bond. Given the large number of retail investors involved, the transaction required careful handling of personal data, making GDPR compliance a significant factor throughout the transaction.

Furthermore, the rise in cyberattacks and data breaches only compounds the need for GDPR compliance. As cybercriminals become more sophisticated, companies that fail to implement adequate data protection measures are increasingly vulnerable. Data breaches not only expose personal information but also highlight companies’ failure to safeguard their clients’ privacy. In today’s world of advanced technology, ensuring technical data security should not be a challenge.

The Croatian Personal Data Protection Agency (Agency) has played a key role in raising compliance standards for data protection in Croatia. Its growing influence is evident from its ranking by the European Data Protection Board, which placed the Agency 9th in the number of total fines issued under the GDPR in its 2023 report. This recognition highlights the Agency’s proactive approach to enforcing data protection standards, aligning with EU expectations and the increasing public demand for stronger privacy safeguards.

The most common reasons for penalties imposed by the Agency are inadequate technical and organizational measures to ensure information security, lack of a legal basis for data processing, and insufficient fulfillment of information obligations.

In 2023, the Agency imposed a total of 28 administrative fines, amounting to EUR 8.27 million, reinforcing its belief that fines serve as effective, proportionate, and deterrent corrective measures.

Among these, the highest fines ever issued by the Agency were prompted by anonymous complaints, both of which were directed at debt collection agencies as controllers of personal data.

The first of these fines, totaling EUR 2.27 million, was imposed on a debt collection agency for failing to implement appropriate technical and organizational measures to ensure the security of personal data, resulting in a data breach affecting over 130,000 data subjects. Additionally, the data controller failed to provide the required information to data subjects and did not establish appropriate data processing agreements.

The second fine imposed by the Agency amounted to EUR 5.47 million. The controller failed to implement appropriate technical and organizational measures to protect personal data. The controller processed data without determining a legal basis, including data from individuals not in a debtor-creditor relationship, sensitive health data (including data on terminal illnesses), and telephone call recordings. Additionally, the controller did not provide data subjects with transparent information about the processing of their health data and recording of telephone conversations.

An alarming example of blatant negligence emerged when the Agency imposed a EUR 380,000 fine on a sports betting company for multiple GDPR violations. Despite the company’s Privacy Policy explicitly stating that it does not store or permit unauthorized access to bank card data, it collected two-sided copies of bank cards without a valid legal basis. Furthermore, it was later revealed that company employees had access to 655 copies of bank cards, displaying full data, out of a total of 2,078 collected.

The aforementioned fines imposed on data controllers highlight the serious consequences of neglecting data privacy. They also reveal a deep and ongoing misunderstanding of what exactly the GDPR entails, as well as a continued carelessness about the topic, even within large companies. As compliance standards grow more rigorous, companies can no longer afford to treat data protection as an afterthought. With stricter enforcement and the growing risks of fines and reputational damage, prioritizing data privacy compliance is no longer optional. It ensures legal security and builds trust with clients. In a data-driven world, companies must act promptly to protect what matters most, both legally and ethically.

The wake-up call is louder than ever – don’t snooze it.

By Vanda Frcko, Co-Head of TMT, Miskovic & Miskovic

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Energy law in Croatia is governed by a series of laws and regulations designed to ensure energy security, promote renewable sources, and support environmental protection. The key legal framework in the energy sector in Croatia includes the Energy Act (Zakon o energiji, Official Gazette no. 120/12, 14/14, 95/15, 102/15, 68/18) and the related Energy Development Strategy of the Republic of Croatia until 2030, with a view to 2050, adopted on February 28, 2020. The Energy Act, which has seen a few amendments since its adoption, is still slowly trying to meet the challenging EU requirements in terms of the green transition, which emphasize renewable energy integration, energy efficiency, and environmental responsibility.

In accordance with the amended EU Renewable Energy Directive (EU/2023/2413), the Croatian Ministry of Environment and Energy submitted an amended Integrated National Energy and Climate Plan for the Republic of Croatia (NECP) for the period 2021-2030 to the European Commission in June 2024. The NECP’s main objective is to set an ambitious target of 36.4% of energy from renewable sources in gross final energy consumption by 2030 and to attract substantial investment across the energy sector, including in hydropower, wind farms, and hydrogen energy. It also supports electric battery production and the renovation and expansion of electricity networks.

Croatian Entrepreneurs in the Energy Sector

Despite being a small country, Croatia has significant potential for renewable energy development thanks to its geographic and climatic conditions. The Adriatic coast, especially regions like sunny Dalmatia, is becoming a prime location for solar energy projects. Additionally, other coastal areas with high wind activity offer favorable conditions for wind energy production.

In recent years, it has been nearly impossible to construct wind farms in Croatia, and Croatia is working to address this problem. In July 2023, urgent amendments to the Renewable Energy Sources and High-Efficiency Cogeneration Act (Official Gazette No. 138/21, 83/23) were adopted, along with amendments to the Electricity Market Act (Official Gazette No. 111/21, 83/23). These amendments are crucial for Croatia’s development of the electricity market and the construction of new renewable energy facilities. The legislative amendments are expected to significantly accelerate the growth of solar energy projects and the construction of wind farms by enabling simpler and faster processing time for permits – a matter that has caused extended waiting periods for investors in renewable energy projects. The changes aim to support the development of smaller and community-based solar projects, improve incentive systems (such as feed-in tariffs and local subsidies), and encourage energy production from renewable sources.

Furthermore, Croatia has a strong presence in automotive electrification, with companies like Bugatti Rimac and Rimac Technology (both part of Rimac Group) leading in high-performance electric vehicle manufacturing. Rimac Group’s investments in innovative projects, such as the fully autonomous robotaxi Verne, demonstrate the potential for integrating advanced technologies into energy and transportation. Through artificial intelligence (AI) and the Verne robotaxi technology, Croatia has an opportunity to modernize its energy sector, enabling smarter use of renewable resources and maximizing green energy utilization.

Also, in a recent expansion, Rimac Technology launched Rimac Energy, a new brand dedicated to stationary energy storage systems (ESS). ESS solutions like those developed by Rimac Energy allow Croatia to store surplus energy generated from renewables like wind and solar, making it available when demand peaks or renewable generation is low.

Another highly innovative project in the energy sector comes from the Croatian company Sunceco. In collaboration with a team of scientists from a local university, Sunceco has developed a lithium-ion battery prototype intended for commercialization and mass production in Croatia. The goal of this project is to produce batteries designed for electric vehicle use.

Practice Is Far Ahead of Legislation

Unfortunately, existing Croatian laws have not yet been adapted to address the specific legal aspects of artificial intelligence, autonomous vehicles, and other technological innovations that are increasingly present in the energy sector.

Rapid technological advancements are underway in Croatia. Although the private sector primarily attracts investments in green technologies, administrative barriers and a lack of infrastructure for sustainable energy slow down their implementation and growth. For Croatia to fully leverage its natural resources and technological innovations and meet EU targets, swift adaptations of the legislative framework are needed to support the demands of the modern green economy. Additionally, for genuine progress, it is essential to modernize legislative frameworks to improve administrative efficiency and strengthen infrastructure support for renewable energy and electrification projects. Through these measures, investors will have greater motivation to invest, which can speed up the energy transition and increase the stability of the sector in Croatia.

By Tomislav Halle, Partner, Head of Energy Practice, Halle & Simac

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

The Croatian M&A market in 2024 is experiencing significant changes, largely driven by two key factors: the rise of sustainability and ESG considerations alongside a notable surge in energy-sector transactions. These trends reflect both global movements and Croatia’s commitment to the EU’s broader climate goals.

ESG as a Game-Changer in Corporate Transactions

In 2024, Croatia introduced significant regulatory changes with the implementation of the Corporate Sustainability Reporting Directive (CSRD) into national law by amending the Accounting Act, Audit Act, and Capital Markets Act. These regulatory changes mandate large EU companies, listed SMEs, and non-EU entities with significant operations in the EU to disclose detailed sustainability information, adhering to European Sustainability Reporting Standards and the “double materiality” framework, which evaluates both financial performance and the ESG impacts of their activities.

For acquirers, understanding a target’s ESG performance has become a critical part of the due diligence process. Beyond mitigating regulatory risks, a target’s commitment to robust ESG practices can enhance its valuation and appeal to socially conscious investors. Companies with strong ESG credentials are now seen as more resilient, innovative, and positioned for long-term financial success. Practical ESG due diligence involves assessing a company’s carbon footprint, waste management practices, governance structures, and labor standards. Neglecting these areas can result in transaction delays, legal complications, or even the collapse of a potential deal, emphasizing the importance of integrating ESG criteria into the investment decision-making process.

The Energy Sector: A Hotspot for M&A Activity

Alongside the ESG shift, Croatia’s energy sector has seen a significant uptick in M&A activity. The country has set ambitious renewable energy targets under the EU’s Fit for 55 package and the REPowerEU plan, aiming to significantly expand renewable capacity by 2030, including 2,000 megawatts each of wind and solar power. Offshore wind and floating solar projects are seen as particularly promising opportunities.

Investors are attracted to the sector not only for its strong returns but also because renewable energy projects align well with ESG-focused investment strategies. The EU’s Modernization Fund, which provides financial incentives for sustainable energy projects, further enhances the sector’s appeal. Consequently, the energy sector is experiencing increased M&A deals, with companies holding established renewable portfolios or strategic development rights becoming prime acquisition targets. Cross-border transactions are expected to rise as international investors seek to capitalize on Croatia’s renewable energy boom.

ESG Integration and Challenges in Energy M&A

Despite the potential, integrating ESG considerations into M&A transactions presents challenges. One major hurdle is the absence of standardized metrics for measuring ESG performance, which can complicate the evaluation process. Furthermore, aligning ESG objectives across different organizational cultures can be particularly challenging in cross-border deals. The energy sector in Croatia faces significant regulatory obstacles that complicate M&A deal execution. Bureaucratic inefficiencies, such as lengthy permitting processes and inconsistent policy implementation, have caused delays in renewable energy projects. For example, projects totaling 1,300 megawatts, valued at EUR 1.2 billion, have been stalled due to the Croatian Energy Regulatory Agency’s (Hrvatska energetska regulatorna agencija) failure to set grid connection fees. These delays create additional risks and complexities for acquirers.

Looking Ahead: 2025 Energy Legislation and ESG Compliance

In 2025, Croatia is expected to undergo significant reforms in its energy legislation aimed at accelerating the development of renewable energy projects. These reforms align with the EU’s broader efforts to streamline permitting processes and address delays within the current regulatory framework. In the coming years, Croatia will see the continued implementation of both the CSRD and the new Corporate Sustainability Due Diligence Directive. This will further shape the M&A landscape, pushing companies to align their strategies with ESG criteria while contributing to broader climate goals.

Conclusion

The Croatian M&A market in 2024 is being significantly reshaped by the dual impact of ESG integration and a surge in energy-sector deals, reflecting both global trends and Croatia’s commitment to EU climate objectives. Companies that effectively adapt to these trends will not only enhance their market competitiveness but also contribute to Croatia’s climate goals. The convergence of ESG and energy-sector dynamics will continue to influence M&A strategies, urging companies to adopt more sustainable practices while capitalizing on Croatia’s renewable energy potential.

By Martin Hren and Sandra Tomaskovic, Partners, Hren Tomaskovic Law Firm in cooperation with Nlaw

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Currently, the Croatian AML Act (Official Gazette no. 108/2007, 39/2019, 151/2022) uses the term “virtual assets,” while the Markets in Crypto-Assets Regulation (MiCA) (EU Regulation 2023/1114), along with subsequent Implementing Act for MiCA (Official Gazette no. 85/2024) adopted by Croatian Parliament in July 2024), uses the term “crypto-assets.” Clearly governing the same, the terms used are similar, but slight nuances persist in definitions. Yet, inconsistency of legal terms should be avoided to prevent misinterpretation and confusion in legal applications.

MiCA was unanimously welcomed by prominent Croatian financial and legal commentators as the first globally significant comprehensive framework for crypto-assets for taking best practices already found in financial market regulations and applying them to the crypto industry. However, it is exactly these “best practices” in response to various money laundering and tax avoidance schemes that plague the current financial system. This may impede, delay, or even prevent certain innovations available through blockchain technology. MiCA is, perhaps justifiably, a conservative approach to an innovative industry. However, its burdensome requirements, stringent authorization requirements, and complex and costly compliance demands combined with the lack of established guidelines may deter entrepreneurs in Croatia, as locally available capital is limited for startups.

Nevertheless, MiCA’s framework is a European one and provides a unique opportunity for Croatia if it is willing to take an active, constructive approach to supporting domestic companies. Globally, adoption rates of crypto-assets have largely been driven by either a desire to preserve capital or a need to mitigate the devaluation of money and labor. While neither truly applies in Croatia, due to its small size and the Croatian Financial Services Supervisory Agency’s (HANFA) cautious but positive approach, Croatia may be in a better position than larger EU countries to take a lead in interpreting and applying MiCA’s concepts and standards. For Croatia, this provides an opportunity to counter broader negative trends of declining population. The strategic decision to use MiCA as a capital-attracting political tool may prove invaluable for capturing the lion’s share of the forthcoming capital investments in the crypto industry over the next decade. An active pro-crypto stance may position Croatia well in the EU and on the global crypto policy level and it may provide tangible benefits to its citizens, expand potential tax revenue streams, and create an innovation-friendly business environment. However, choosing to become an early adopter state will require more active internal political discussions.

Despite some media reporting on the “widespread adoption of crypto in Croatia,” there is a general lack of understanding of basic relevant concepts. Paradoxically, the adoption of crypto-assets as alternative financial instruments in Croatia is less likely precisely because Croatia has a relatively developed financial and banking system, well integrated into the EU and global financial markets. Most Croatians with any significant investments are mostly older (over 45) and generally are quite skeptical of crypto. With the constant devaluation of the official currency, younger people find it increasingly difficult to save or invest (most notably in real estate, which has been, by far, the most popular traditional way to invest). As a result, younger generations are more inclined to explore the crypto space and its potential applications beyond finance.

The current legal framework enables crypto-asset service providers (CASPs) already operating in Croatia to continue their services and may receive preferential treatment in the transitional period until June 2026 over new entrants, who must comply fully with MiCA’s stringent requirements. Whether the HANFA and to a more limited extent the Croatian National Bank (HNB) will try to level the playing field is yet to be determined. As per the Croatian AML Act, the HANFA currently maintains a register of virtual assets service providers where currently there are eight entities registered, with another 11 awaiting registration. It is exciting to see such strong interest in crypto-assets despite significant administrative requirements and fines prescribed for violations by the Croatian AML Act, with even bigger fines (up to EUR 5 million or 5% of annual revenue) prescribed by MiCA. However, as worldwide traditional financial entities are increasingly realizing that crypto-assets are not a passing fad, it seems only a matter of time until incumbent Croatian financial heavyweights take the main stage in the local crypto industry.

Finally, the speed with which the HANFA and the HNB adopt a number of technical regulations clarifying the legal landscape for CASPs will be critical. Laudably, the HANFA exhibits a positive attitude toward the crypto industry and provides hope for a national support framework for entrepreneurs to be positioned to serve customers in the entire EU. Whether the Croatian government recognizes the potential of its crypto-assets policy remains to be seen.

By Ivan Simac, Partner, Halle & Simac

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Even though renewables have been very popular in Croatia for quite some time, the good old hydrocarbons are once again creating a significant buzz.

The Pannonian Basin, partly located in Croatia, has long been recognized for its above-average hydrocarbon gradient and strong extraction potential. However, it was only after recent seismic surveys and mapping were completed that investors chose to pursue further exploration.

In May 2023, the Croatian government launched an “open-door” procedure, inviting interested companies to review relevant data at the Croatian Hydrocarbons Agency, which oversees the process. The Government of the Republic of Croatia has announced a bidding round to grant licenses for onshore hydrocarbon exploration and production. This round covers designated areas of the Croatian mainland, divided into three exploration blocks in the regions of northwest Croatia, central Croatia, and southern Slavonia, with a combined area of 5,423.33 square kilometers. For these areas, a database with extensive 2D and 3D seismic data is available to all potential investors.

There are two bidding deadlines each year: one ending on March 31 and another on September 30. Selected bidders will be granted licenses for hydrocarbon exploration and production at certain blocks.

The exploration period may last up to five years, with the option for investors to extend it twice for six months each time. This bidding round requires bidders to divide their bids into two exploration phases: an initial three-year phase and a subsequent two-year phase.

Upon the completion of the first exploration phase, investors must relinquish 25% of the exploration block initially granted to them under the exploration and production license. After the second exploration phase, they must relinquish the remaining portion of the block, excluding any designated appraisal areas (defined in the appraisal work program) or areas where exploitation fields have been established.

In recent months, three companies have announced natural gas discoveries across four mining fields, along with an oil and gas discovery in an additional field. In November 2023, a state-owned oil and gas company reported a successful natural gas discovery with a maximum daily output of 145,000 cubic meters, marking the first of five planned phases in an area designated as DRAVA-03.

In March 2024, a joint venture between a state-owned oil and gas company and a Canadian oil and gas company announced the discovery of oil and gas at the Zbjegovaca-1 East exploratory well, located in the SAVA-07 exploration area, about 10 kilometers east of Kutina. The SAVA-07 area spans most of the Sisak-Moslavina and Bjelovar-Bilogora counties, with a smaller section extending into Pozega-Slavonia County, covering a total area of 2,032 square kilometers. Production is expected to begin in 2025, with an anticipated operational period of 20 years. Total reserves of the newly discovered hydrocarbons are estimated at 4.4 million barrels of oil equivalent, positioning the Zbjegovaca field among the top five hydrocarbon fields in Croatia based on total of proven and probable reserves.

Additionally, a Canadian company discovered a natural gas field in the Sava-10 area, where test production commenced in July 2024. With a daily output capacity of 400,000 to 500,000 cubic meters, this represents 20% of Croatia’s total natural gas production.

Last but not least, an important discovery was announced in September this year. A subsidiary of an American oil and gas company found a new natural gas field with an estimated potential daily output of 160,000 to 320,000 cubic meters. If fully realized, this could account for approximately 10% of Croatia’s current natural gas production.

Recent discoveries have once again confirmed that onshore hydrocarbon exploration in Croatia is highly attractive and capable of providing a significant supply of natural gas. In these challenging times, when energy self-sufficiency is of critical importance, further exploration, both onshore and offshore, is expected to continue. With a robust regulatory framework, extensive 2D and 3D seismic data coverage, and a track record of successful discoveries, Croatia is well-positioned for further hydrocarbon developments in the years ahead.

By Josip Marohnic, Partner, and Filip Majcen, Senior Associate, Marohnic, Tomek & Gjoic

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Historically, Poland’s Renewable Energy Sources (RES) sector has relied heavily on long-term project finance, with loan tenors of 15-18 years from project completion. In the current local financial landscape, high interest rates persist with WIBOR remaining elevated despite attempts at correction, and the cost of long-term interest rate swaps continuing to soar.

This complex environment has catalyzed a shift in project financing strategies, pushing developers and investors toward more flexible and innovative solutions as alternatives to traditional long-term bank financing. In addition to such a trend driven by higher lending costs, some lenders are prepared to provide a range of financial instruments tailored to various stages of project development, including very early development stages.

Foremost among these emerging structures is construction bridge financing. Unlike traditional financing models, this type of financing is not always secured by contracted revenues – i.e., power purchase agreements (PPA) or contracts for difference auction support. It serves as a transitional financial tool, offering liquidity during the construction phase and not necessarily focusing on the source of repayment after completion. Such flexibility allows developers to adapt to market conditions and project-specific demands without being constrained by rigid financial arrangements. This type of financing is quite common in certain Western Europe markets and its increasing popularity locally confirms that the Polish RES market is maturing. Mini-perm financing usually spans three to seven years and is secured by contracted revenues (though the PPA may be a short-term contract). It offers a strategic interim solution between construction and long-term financing. This option allows developers to stabilize their projects, optimize operations, and enhance financial performance before securing more permanent funding arrangements. By providing this temporary financial bridge, mini-perm financing supports developers and investors in achieving operational maturity and financial stability. This type of financing is particularly appealing for projects looking to capitalize on more favorable market conditions in the near term.

Alongside the short-term options mentioned above, it’s also important to highlight grid deposit financing. This mechanism addresses the initial capital requirements needed to secure grid connections – a critical element in the early phases of RES projects. Essentially, grid deposits are payments made by developers to grid operators to guarantee access to the electrical grid for their projects. These deposits ensure that the necessary infrastructure is in place to support the transmission of energy once the project becomes operational. Importantly, once the project reaches completion and begins operation, the grid deposit is typically returned to the developer. The funds from this return can then be used to repay the initial loan, providing a seamless financial cycle that supports both development and repayment. Pre-ready-to-build (pre-RTB) financing has also gained significant traction. This form of financing provides the essential funds required to complete pre-construction activities, including permits and design work. By bridging the gap between project conception and actual construction, pre-RTB financing enables developers to advance their projects to a more mature stage, attracting further investment. This early-stage funding is crucial for maintaining momentum and ensuring the project remains on schedule. The rationale for pre-RTB financing typically applies only to vast portfolios, with some projects failing to secure grid connections and funding, while others succeed.

The evolution toward these diversified financing structures has been accompanied by the increasing presence of alternative (private) debt providers. These entities, driven by a nuanced understanding of the RES sector’s unique requirements, offer bespoke solutions tailored to specific project needs. For instance, the recent establishment of Eiffel Investment Group’s office in Warsaw underscores the growing significance of private debt in Poland’s RES market. The activity of private debt providers introduces a dynamic element, offering fresh perspectives and competitive alternatives to traditional banking institutions.

This shift in financing paradigms reflects a broader acknowledgment of the distinct challenges and opportunities inherent in RES projects. As technological advancements and sustainability imperatives continue to reshape the energy landscape, innovative financial solutions have become indispensable. They are particularly essential for this market, characterized by very high capital expenditures at the beginning and relatively low opex during operation.

In summary, Poland’s RES sector has transitioned to a mature stage of development. The advent of short-term and early-stage finance, coupled with the growing role of private and alternative debt providers, is reshaping the financial landscape. This evolution not only supports the industry’s expansion but also aligns with Poland’s commitment to a sustainable energy future – a future that looks bright as new financing options continue to drive innovation and growth, paving the way for a more sustainable and energy-efficient Poland.

By Piotr Nerwinski, Partner, and Jakub Walawski, Senior Associate, Greenberg Traurig

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

For years, Poland has held the unenviable position of leading the race in delays when implementing various EU laws, especially in the digital sector. This has resulted, and continues to result, in multimillion-euro fines that Poland is compelled to pay to the EU.

By way of example, it was only recently, on July 12, 2024, that the Polish legislator enacted the Electronic Communications Law, implementing the EU Directive 2018/1972 establishing the European Electronic Communications Code. This law comes into effect, albeit partially, on November 11, 2024, even though the implementation deadline lapsed in 2020. Such delays do not go unnoticed by businesses operating on a transnational scale. Businesses that have implemented uniform solutions across EU countries to ensure compliance with national laws implementing the EU directive in question must now undertake a review and implement necessary revisions to ensure also adherence to the newly established, albeit postponed, Polish legal framework. This is particularly important given the Polish legislator’s tendency to introduce stricter regulations where permissible.

Numerous EU legal acts are still awaiting implementation. The new Polish government is clearly taking steps to address these delays. With its recent AI-focused initiative, it seems the Polish government would like to become a frontrunner among EU Member States in the coming future.

AI Law – The EU Perspective

This year, new regulations concerning artificial intelligence were successfully adopted at the EU level, namely Regulation (EU) 2024/1689 of June 13, 2024, laying down harmonized rules on artificial intelligence (AI Act).

In essence, this regulation governs the use of artificial intelligence in the EU and is likely the first comprehensive legal act of its kind worldwide addressing this subject. Although EU regulations are directly applicable throughout the entire EU and do not require implementation at the national level as such, member states often need to supplement them with national legislation to ensure the EU regulation operates fully and may be effectively enforced. With respect to the AI Act, this necessity primarily pertains to issues related to the supervisory authority, proceedings before this body, rules for imposing administrative fines, and procedures facilitating the enforcement of prohibitions on certain AI systems. Furthermore, EU regulations allow member states, at times, to introduce distinct provisions in specific areas. For example, the AI Act, similarly to multiple other EU regulations, allows for the introduction of more employee-favorable terms in the context of the use of AI systems in employment relations.

Polish Draft Law on AI Systems

The Polish Ministry of Digital Affairs published a draft law on AI systems on October 16, 2024, aiming to create a system for supervising AI systems in Poland in line with the AI Act. Nevertheless, the title of the legal act might seem somewhat misleading, as it does not regulate the use of AI systems. The scope of this legislative proposal includes: (1) the establishment of a new collegial body – the Commission for AI Development and Security – aimed at overseeing the AI systems market; (2) the formation of a public council on AI as an advisory body; (3) granting the new regulatory body the authority to issue both general and individual interpretations for businesses; (4) the procedures before the oversight authority concerning violations of the AI Act and the rules for remote and on-site inspections conducted by this authority; and (5) protocols for reporting AI-related incidents and imposing administrative fines.

While the efforts to establish legislation supporting the implementation of the AI Act are commendable, the draft law appears to encompass several ambiguities and, at times, controversial solutions. For example, it is concerning that the draft bill allows the supervisory body to conduct a cursory review of documents covered by attorney-client privilege, enabling the identification of the document’s author, recipient, title, subject matter, and date of creation. Another example of imprecise regulations is the failure to specify the impact that the general and individual interpretations issued by the authority would have, particularly whether these interpretations would be binding and, if so, the scope of their applicability. Further controversies include the designation of the District Court in Warsaw – the Court of Competition and Consumer Protection – as the court with jurisdiction to hear appeals against decisions of the new supervisory authority.

The ministry has started public consultations, and interested parties have 30 days to provide feedback on the draft bill. Public institutions and businesses have an opportunity to comment on various controversial solutions included in the draft bill, and their feedback should be taken into account in further stages of the legislative process.

By Szymon Sieniewicz, Head of TMT/IP, and Daria Wojciechowska, Senior Associate, Linklaters

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Employers often find themselves contemplating whether they should disclose the reasons for an employee’s termination to the entire workforce. While the motivations behind this consideration can be well-intentioned – such as educating remaining employees about unacceptable behaviors, promoting transparency, and preventing the spread of misinformation, there are legal implications to take into account.

According to Polish case law, disclosing the reasons for termination to unauthorized individuals constitutes a violation of the employee’s personal rights as well as their right to data protection. The courts emphasize that both the termination of the employment relationship and the employer’s assessment of the employee clearly fall within the scope of the employer’s rights. The employer is entitled to evaluate the performance of the employee in question, which is reflected, among other things, in the wording of the termination notice, in particular the termination reasons. However, in carrying out its responsibilities related to employment termination, the employer must adhere to legal regulations. Labor law does not provide the employer with the authority to terminate an employment contract in front of other employees.

Moreover, the employer’s fundamental obligation under the principles of labor law is to respect the dignity and privacy of employees as their personal rights. An employee’s dignity is understood as their sense of self-worth based on their reputation as a good professional and conscientious worker, as well as the recognition of their skills, abilities, and contributions by their supervisors.

The employer also acts as the data controller for the personal data of its employees and is therefore required to adhere to the rules established by the General Data Protection Regulation (GDPR). The data controller is specifically obligated to ensure that data is processed lawfully. This principle implies that every action taken by the employer regarding data processing must have a valid legal basis and comply with existing regulations. Information about employees, including specific events such as contract termination, should only be accessible to a limited circle of individuals within the organization. Typically, this group includes management personnel acting on behalf of the employer, the employee’s immediate supervisors, human resources staff, payroll administrators, legal advisors providing assistance to the employer, and representatives of any labor union to which the employee belongs. These individuals are generally authorized to process other employees’ data, as their roles are directly linked to the tasks they perform within the organization. Consequently, sharing information about employment termination with unauthorized employees is not permissible.

A breach of an employee’s personal rights may therefore occur in particular when information about the intention to dismiss or about the termination of the employment relationship is communicated to an overly broad circle of employees who are not entitled to be informed about the reasons for the termination. Such actions on the part of the employer may be perceived by the employee as affecting their dignity, good name, image, or self-esteem.

Employees whose personal rights have been threatened by their employer’s actions can seek to halt such actions unless they are not unlawful. If a violation occurs, the affected employee may demand corrective measures, such as public statements, to rectify the situation. They may also pursue financial compensation or require a payment to a designated charitable cause. When such a violation of personal rights results in financial loss, the affected employee can claim restitution based on general principles of liability. Claims related to infringements of personal rights can be pursued in court, where it is determined whether such a violation has occurred.

In order to avoid litigation with employees over infringement of personal rights, the employer should carefully assess whether the people who are informed about the termination, in particular about its reasons, are entitled to receive such details.

By Agnieszka Nowak-Blaszczak, Head of Employment, Wolf Theiss Poland

This article was originally published in Issue 11.11 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.