Germany

• Mandatory reception of structured e-invoices for domestic B2B from January 2025
• Emission obligations phased through 2027-2028
• Accepted formats: XRechnung, CII, or any EN 16931-compliant format
• +1 more requirements

• Lawful basis for processing personal data of EU residents
• Data subject rights: access, rectification, erasure, portability, objection
• Data Protection Impact Assessments (DPIAs) for high-risk processing
• +4 more requirements

• Risk management measures for network and information systems
• Incident reporting: 24h early warning, 72h notification to CSIRT
• Supply chain security assessments
• +3 more requirements

• Double materiality assessment (impact materiality + financial materiality)
• Report against ESRS (European Sustainability Reporting Standards) - 12 standards
• Digital tagging in XHTML with iXBRL markup
• +4 more requirements

A German court has convicted the mastermind behind the global Milton Group investment scam network, sentencing him to 7.5 years in prison and ordering confiscation of €2.4 million. This enforcement action demonstrates increased regulatory scrutiny on technology-facilitated financial fraud and highlights the importance of compliance in fintech and investment sectors.