- Home
- News & Insights
Search by
Latest
New pressure, new delays: the EU’s double move on AI
Europe has just introduced two significant developments that will directly affect how companies build, deploy, and oversee AI in 2026. One strengthens reporting. The other reshapes key compliance deadlines. 1. The AI act whistleblower tool is live—and it changes the game The EU’s new AI Act Whistleblower Tool is officially online, allowing any individual professionally connected to an AI model provider to flag risky or unlawful practices linked to general-purpose AI models and certain regulated AI systems. Reports can be submitted anonymously, in any EU language together with supporting documents via a secure inbox that also supports follow-up questions. While the AI Office will maintain strict
Kinstellar advises DAX-listed GEA on Romanian legal aspects of joint venture with RebelDot
Kinstellar, in cooperation with Noerr as lead counsel, has advised GEA Group, a DAX-listed company and one of the world’s largest suppliers of systems for the food, beverage, and pharmaceutical industries, on the Romanian law aspects of its joint venture with RebelDot, a leading Romanian technology company based in Cluj-Napoca. GEA operates in over 150 countries and provides cutting-edge solutions through its industrial cloud platform, GEA Cloud®. The company is listed on the DAX and the STOXX® Europe 600 Index. RebelDot, headquartered in Cluj-Napoca, is a fast-growing technology firm specializing in delivering innovative software solutions, including web, mobile, and AI services, primarily to industrial
Guidance on FDI screening obligations in Austria
The Austrian ministry responsible for Foreign Direct Investment (FDI) matters, the Federal Ministry for Economy, Energy, and Tourism (“the Ministry”), recently released guidance on the assessment of the filing obligation for foreign direct investments in Austria. In particular, it provided clarification on the scope of critical infrastructure and offered information regarding the acquisition of key assets, controlling influence, as well as the micro-enterprise exemption. In general, Austrian FDI rules apply to foreign direct investments into Austria by non-EU, non-EEA, and non-Swiss persons or undertakings. The Austrian FDI regime applies when such persons or entities acquire an Austrian undertaking, obtain 10%
NIS2 and the New Serbian Law on Information Security
The Republic of Serbia has adopted a new Law on Information Security (Zakon o informacionoj bezbednosti) (“Serbian NIS2”), marking a significant reform of the national cybersecurity framework and alignment with the EU NIS2 Directive. The Serbian NIS2 broadens the range of regulated entities, strengthens institutional coordination, and introduces clearer obligations for organisations operating ICT systems of special importance. Secondary legislation is expected in 2025–2026, and the previous law remains partially applicable until the end of 2025 to secure continuity during the transition period. This article provides an overview of the key novelties introduced by the Serbian NIS2, together with an outline of the
Bulgaria completes Digital Services Act implementation
Nearly two years after the Digital Services Act (“DSA”) became applicable across the EU and amidst discussions on the “Digital Omnibus” simplification package announced by the European Commission, Bulgaria has finally aligned its national framework with DSA provisions. On 6 November 2025, the Bulgarian parliament adopted amendments to the Electronic Communications Act (“ECA”), confirming the designation of the Communications Regulation Commission (“CRC”) as the Digital Services Coordinator, vesting it with supervisory powers and the authority to certify out-of-court dispute settlement bodies and award trusted flagger and vetted researcher status, while also introducing comprehensive enforcement architecture.
Brace for AI impact: From hype to risk – is your company ready?
In 2022, we were writing about the promising but at the time still hypothetical impact of generative AI on HR—from recruitment and performance reviews to promotion decisions—as well as the potential implication of the then-proposed EU AI Regulation (AI Act). Today, generative AI is no longer a future ambition. Multinational companies are rapidly deploying AI tools into daily business operations: from content creation and data analytics to automated decision-making. What was once a speculative legal concern has become a tangible compliance challenge, with the AI Act published in 2024 and its full application expected by August 2026. As we move towards 2026, the real question is not whether to use AI, but whether
Kinstellar advises DTCP on lead investment in Czech startup Resistant AI
Kinstellar has successfully advised DTCP on its lead investment in Resistant AI, a Czech startup specialising in AI-driven fraud prevention solutions for financial institutions. The investment formed part of a USD 25 million Series B financing round, which also saw participation from existing investors, including Notion Capital, GV (formerly Google Ventures), and Experian. The transaction marks a significant milestone for Resistant AI and comes at a time of mounting market urgency to defend against the surge of AI-generated fraud attempts. With operations in Prague, London and New York, the company has rapidly scaled its revenue and achieved profitability. The Series B funding will support further expansion into new territories
Croatia introduces Draft Foreign Direct Investment Screening Act
The Croatian Government has introduced the Draft Act on the Screening of Foreign Investments, which is currently undergoing public consultations. The Draft Act seeks to establish a foreign direct investment (FDI) screening mechanism in line with Regulation (EU) 2019/452 and OECD investment standards. Its aim is to create a national framework for reviewing FDIs that may pose risks to national security or public order. The Draft Act is open to public comments (via https://esavjetovanja.gov.hr/) until 3 October 2025. Scope of application The screening mechanism will apply to: Foreign investors – natural or legal persons from third countries, and EU entities that are under direct or
Updates on NIS2 in Romania
Following up on our initial article regarding the transposition of the NIS2 Directive (EU) 2022/2555 (“NIS2”) in Romania via Government Emergency Ordinance no. 155/30.12.2024 (“GEO 155”), we would like to inform you of the following relevant evolutions in this area as of today, 20 August 2025: The Romanian National Directorate for Cybersecurity ("DNSC”) has issued the long awaited application norms for registering with DNSC as important or essential entity. DNSC Order no. 1/2025 was published in the Official Gazette of Romania on 20 August 2025. As of publication, in-scope entities have 30 days at their disposal to register with DNSC. Registration should primarily be done using the online
Navigating NIS 2: How businesses can achieve cybersecurity compliance across the EU
The NIS 2 Directive is the European Union’s cybersecurity framework that requires considerable efforts by companies in sectors like energy, transportation, life sciences and digital infrastructure to establish the required compliance. The directive mandates that the companies within the scope of NIS 2 implement a large number of technical and organizational measures to manage cybersecurity risks and puts cybersecurity as a top management responsibility. EU Member States must transpose the NIS 2 Directive into their national acts of law. Although a number Member States are delayed in this legislative process, other jurisdictions are already well past requiring registration and implementation of cybersecurity risk management.
Kinstellar assists Odine Solutions Teknoloji Ticaret ve Sanayi on the acquisition of Logate
Kinstellar is delighted to have advised Odine Solutions Teknoloji Ticaret ve Sanayi (“Odine”) on its acquisition of a 53.03% shareholding in Logate, a Montenegro-based software company with a strong presence across the European market in 5G core network technologies, banking infrastructure, and digital transformation solutions. Logate is known for its scalable 5G core network software, banking infrastructure solutions, and digital transformation products. The transaction perimeter included Logate Institut Za Informacione Tehnologije, a wholly owned subsidiary of Logate D.O.O. engaged in software-related training and human resources development, and Logate GMBH, an Austria-based marketing company in which Logate D.O.O.
Kinstellar and KST Law represented Eleven Fund III Cooperatief in its investment in Bitloops
Kinstellar and KST Law are proud to have advised Eleven Fund III Cooperatief in its equity investment in Bitloops, a software development company with subsidiaries in Greece and Cyprus. Bitloops is an AI-powered front-end companion in VS Code that transforms designs into high-quality, maintainable codes. The investment round was led by Eleven Ventures with participation from Corallia Ventures and several angel investors. This funding will help Bitloops improve how teams turn Figma designs into high-quality, scalable, and maintainable code while maintaining engineering standards. Special thanks to the Kinstellar Istanbul/KST Law team led by Partner Emre Özer, including Associates Helin Akbulut and Tuğberk