DORA is bringing resilience to the financial sector and beyond

Does she also bring a lot of bureaucracy and how to manage the compliance process?

The financial sector has been dependent on information and communication technology (ICT) for a long while and this dependency is only increasing with time. ICT is used by the sector for the delivery of its financial services to other sectors and to society. For which delivery the financial sector depends on ICT service providers. 

This chain of dependency, according to the EU, poses a risk of disruptions to financial entities, impacting other sectors and potentially the whole economy, because ICT service providers are not as well-regulated as the financial entities. So, that’s why DORA comes to the rescue! 

Who is DORA?

DORA stands for Digital Operational Resilience Act. It entered into force on 16 January 2023 and will apply as of 17 January 2025. The goal of The Act is to strengthen the IT security of financial entities such as banks, insurance companies and investment firms thus ensuring that the financial sector in Europe is able to stay resilient in the event of a severe operational disruption. 

According to the Council of the EU “the ever-increasing risks of cyber-attacks” and other disruptions in the ICT field need to be addressed. DORA sets uniform requirements for the security of network and information systems for the whole chain of all entities in the financial sector and all third parties providing ICT services to them (e.g. cloud platforms or data analytics services).

These requirements are homogenous across all EU member states. The core aim is to prevent and mitigate cyber threats. Organisations falling in the scope of the regulation need to be able to withstand, respond to and recover from all types of ICT-related disruptions and threats. 

DORA is bringing resilience to the financial sector and beyond
Fintech by u_6af2f287zu from Pixabay

From broader to particular

DORA was part of a larger digital finance package, proposed by the European commission with the aim to lay the foundation for fostering technological development and ensuring financial stability and consumer protection. In addition to the DORA proposal, the package contained a digital finance strategy, a proposal on markets in crypto-assets (MiCA) and a proposal on distributed ledger technology (DLT). You can read more about MiCA and how we can help you to comply by clicking here.

DORA covers six crucial tracks:

The relevant European Supervisory Authorities (ESAs), such as the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA) and the European Insurance and Occupational Pensions Authority (EIOPA), will develop technical standards that all financial service institutions should comply with, from banking to insurance to asset management. The respective national competent authorities will be responsible of the compliance oversight and will enforce the regulation as necessary.

DORA is bringing resilience to the financial sector and beyond
Hacker by Cliff Hang from Pixabay

First batch of policy products

The first set of technical standards developed by the ESAs came out on 17 January 2024. The joint final draft technical standards include:

Regulatory Technical Standards (RTS) on ICT risk management framework and on simplified ICT risk management framework

This section identifies more elements related to ICT risk management. The goal is to harmonise tools, methods, processes and policies. It is stated that these elements are complementary to the ones already identified in DORA. 
The RTS identify the key elements that financial entities subject to the simplified regime and of lower scale, risk, size and complexity would need to have in place, setting out a simplified ICT risk management framework. The RTS ensure the ICT risk management requirements are harmonised among the different financial sectors. 

RTS on criteria for the classification of ICT-related incidents

Here the criteria for the classification of major ICT-related incidents is specified as well as 

  • the approach for the classification of major incidents, 
  • the materiality thresholds of each classification criterion, 
  • the criteria and materiality thresholds for determining significant cyber threats, 
  • the criteria for competent authorities to assess the relevance of incidents to competent authorities in other Member States and the details of the incidents to be shared in this regard. 

The RTS ensure a harmonised and simple process of classifying incident reports throughout the financial sector.

RTS to specify the policy on ICT services supporting critical or important functions provided by ICT third-party service providers (TPPs)

These RTS specify parts of the governance arrangements, risk management and internal control framework that financial entities should have in place regarding the use of ICT third-party service providers. 
They aim to ensure financial entities remain in control of their operational risks, information security and business continuity throughout the life cycle of contractual arrangements with such ICT third-party service providers.

Implementing Technical Standards (ITS) to establish the templates for the register of information

Finally, the ITS set out the templates to be maintained and updated by financial entities in relation to their contractual arrangements with ICT third-party service providers. The register of information will play a crucial role in the ICT third-party risk management framework of the financial entities. It will also be used by competent authorities and ESAs in the context of supervising financial entities’ compliance with DORA and to designate critical ICT third-party service providers that will be subject to the DORA oversight regime. 

Second batch of policy products

The second batch, again developed by the ESA’s, was published exactly 6 months later – on 17 July 2024.  It consists of four final draft regulatory technical standards (RTS), one set of Implementing Technical Standards (ITS) and 2 guidelines. The aim of those documents is to enhance the digital operational resilience of the EU’s financial sector. 

The package focuses on the reporting framework for ICT-related incidents (reporting clarity, templates) and threat-led penetration testing. It also introduces some requirements on the design of the oversight framework.

The final draft technical standards include:

  • RTS and ITS on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats;   
  • RTS on the harmonization of conditions enabling the conduct of the oversight activities; 
  • RTS specifying the criteria for determining the composition of the joint examination team (JET); and 
  • RTS on threat-led penetration testing (TLPT). 

The set of guidelines includes:

  • Guidelines on the estimation of aggregated costs/losses caused by major ICT-related incidents; and 
  • Guidelines on oversight cooperation.


Additionally, a Joint Final report on the draft technical standards on subcontracting was released the following week. These RTS focus on ICT services provided by subcontractors that support critical or important functions, or material parts of them. 
They also specify the requirements throughout the lifecycle of contractual arrangements between financial entities and ICT third-party service providers. In particular, they require financial entities to assess the risks associated with subcontracting during the precontractual phase, including the due diligence process.

Delegated and implementing acts

As part of the implementation process the European Commission adopts different acts to specify how competent authorities and market participants shall comply with the obligations laid down in the regulation

So far there are 5 delegated regulations, related to DORA, with regard to:

  • RTS specifying the criteria for the classification of ICT-related incidents and cyber threats, setting out materiality thresholds and specifying the details of reports of major incidents; 
  • RTS specifying the detailed content of the policy regarding contractual arrangements on the use of ICT services supporting critical or important functions provided by third-party service providers; 
  • RTS specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework; 
  • Determining the amount of the oversight fees to be charged by the Lead Overseer to critical ICT third-party service providers and the way in which those fees are to be paid; 
  • Specifying of the criteria for the designation of ICT third-party service providers as critical for financial entities.

The regulations will come into force once they are published in the Official Journal of the EU.

DORA is bringing resilience to the financial sector and beyond
Cybersecurity by Pete Linforth from Pixabay

Next steps

The application of DORA starts from 17 January 2025. The oversight activities also start from the beginning of 2025, which means the institutions will be actively monitoring if the new rules are being observed.

How can we support you?

YNG legal is here to support you in the process of transitioning to full compliance with the Digital operational resilience act by: 

  1. guiding you through the whole process of meeting the new regulatory requirements: analysing the current situation, mapping the next steps, creating key documents and working with the authorities; 
  2. closely cooperating with your in-house IT team: our lawyers are tech-savvy and experienced in working with IT specialists in various fields and on different scales: from start-ups to global corporations; 
  3. connecting you with highly specialized IT companies to further consult you, no matter how big or small your in-house IT department is. 

Don’t wait more! Get in touch now to set up your compliance!

Alexandra and Jessica from our team ranked in top 10 of a prestigious law competition    

We are delighted that Alexandra Dogandzhiyska and Jessica Spasova from the YNG Legal team have returned from their participation in the Telders International Law Moot Court 2024 – Europe’s most prestigious international law competition. Alex and Jessica, together with Svetlana Slavcheva and Dian Stavrev, their fourth-year Law colleagues at Sofia University represented Bulgaria at the competition. 

The team finished in the top 10 of the best universities and Alex and Jessica also made the list of the best oralists. Their coaches were Nadia Denkova and Ioanna Chenalova – students from upper years who have considerable experience in similar competitions.  

The University of Cologne, Inner Temple College in London, Dublin University and the University of Timisoara were among the universities the Sofia University team faced. 

“This experience was an unparalleled opportunity to gain practical experience in the field of International Law, to go in depth on current social and political issues related to today’s political reality in a global perspective,” shared Alexandra, paralegal at YNG legal.

Jessica (leftmost, seated) and Alexandra (rightmost, seated), together with their Sofia University teammates at Telders International Moot Court 2024.
Jessica (leftmost, seated) and Alexandra (rightmost, seated), together with their Sofia University teammates at Telders International Moot Court 2024.

The Telders International Law Moot Court Competition has been held since 1977 in The Hague, the Netherlands, at the local campus of Leiden University and at the so-called Peace Palace – the headquarters of the International Court of Justice of the United Nations. The aim is to give students the opportunity to build upon their theoretical and practical knowledge in the course of preparing for and participating in a simulated litigation between different countries. Telders also aims to promote teamwork and European integration.     

This year’s case was about the dispute of three fictitious states with claims to the so-called island of Hermet, which dispute develops into a serious conflict. Each year, the simulated trial is put before a simulated court at a level at which in real life it would be put before the UN’s International Court of Justice. National student teams are assigned to represent the states substantively both in writing and through pleadings before the so-called moot courts. The students’ work is reviewed by legal experts, including actual judges from the real UN International Court of Justice, professors of law and lawyers. 

The Hermett Island case confronted contestants with topics such as the jurisdiction of international courts and tribunals, incidental proceedings, the authority of advisory opinions, the law of armed conflict, the law of treaties, the law of the sea, and the law of state responsibility. 

“One of the most significant lessons we have learned is that success is much more satisfying when you have someone to share it with! We are especially grateful for our amazing team, with whom we shared months of preparation and many sleepless nights,” shared Jessica, also a paralegal at our team.

Att. Ivan Yankov is now officially listed as a mediator

Att. Ivan Yankov is now officially listed as a mediator

The managing partner of YNG Legal Attorney-at-law Ivan Yankov was just officially listed as a mediator in the The Unified Register of Mediators of the Minister of Justice of Bulgaria. 

Besides being a qualified lawyer with many years of experience and a licensed intellectual property appraiser, Att. Yankov has also undergone special training in mediation. 

Ivan is the second mediator colleague in the team after associate Iveta Ivanova, who was already certified when she joined the team.

We would especially like to thank Academy “Sporazumeniya” (Agreements) and Sevdalina Alexandrova – one of the founders and teachers at the Academy. Not only was the training filled with meaningful content, but the process was easy and purposeful.

  

Mediation is a way to reach a mutually beneficial agreement, within or outside of court proceedings. This process is conducted by a mediator – a third party neutral to the dispute, who aims to assist the disputing parties in reaching the optimal resolution of the issues in question. Mediators, in addition to being good intermediaries, need to be specially trained and selected before they are officially registered. 

The listing of Att. Ivan Yankov in the Unified Register of Mediators is a testimony to his high level of training in various areas of law and its accompanying activities. Anyone who chooses to try to reach a settlement can do so with the help of Att. Yankov.

The new AI Office brings the AI Act one step closer

Will it bring more bureaucracy or will it ease the compliance process?

The artificial intelligence (AI) sector is booming. More and more tools for various purposes and on various scales from ones for end-users to those tailored for large-scale enterprises are emerging and growing with a fast pace. Recently the European Union introduced a full-spectre legislation called the AI Act, covering every important aspect of the sector with the aim of not only guaranteeing human rights but also encouraging and nourishing innovation in the sector. 

Now the European Commission (EC) established the AI Office which will oversee the observing of that legislation. The EC states that the goal is to enable the future development, deployment and use of AI in a way that fosters societal and economic benefits and innovation, while mitigating the eventual risks. The AI Office will have a vital role in the implementation of the AI Act and it will also work to foster research and innovation in trustworthy AI. The EC also states that the AI Office will aim to position the EU as a leader in international discussions on the topic.

Structure of the AI Office

 The AI Office will consist of five units overseeing different key aspects of AI: 

  • Regulation and Compliance Unit – this unit works closely with member states to facilitate the uniform application and enforcement of the AI Act across the Union. It will also contribute to investigations and possible infringements, administering sanctions; 
  • AI safety Unit – responsible for the identification of systemic risks of very capable general-purpose models, possible mitigation measures as well as evaluation and testing approaches; 
  • Excellence in AI and Robotics Unit – responsible for building a thriving ecosystem by supporting and funding research and development. It also coordinates the GenAI4EU initiative (robotics, health, biotech and other fields), stimulating the development of models and their integration into innovative applications; 
  • AI for Societal Good Unit – deals with crucial topics such as weather modelling, cancer diagnoses and digital twins for reconstruction; 
  • AI Innovation and Policy Coordination Unit – oversees the execution of the EU AI strategy, monitors trends and investment, stimulating the uptake of AI and fosters an innovative ecosystem by supporting regulatory sandboxes and real-world testing.
Photo by Aidin Geranrekab on Unsplash
Photo by Aidin Geranrekab on Unsplash

Tasks ahead of the AI Office

The staff of the AI Office is interdisciplinary and consists of experts in technology, administration, economics, law and politics. They will help member states govern the implementation of the AI Act in order to ensure the process is coherent across the block. The AI Office will also directly enforce rules for general-purpose AI models, request information, apply sanctions and will coordinate the creation of “state-of-the-art codes of practice” by working with developers and scientists. 

The AI Office will work not only with member states representatives in the so-called European Artificial Intelligence Board, but also with independent experts in science, business, civil society and other fields. 

The new administrative body will also work to promote innovation by providing advice and information, and by giving access to different environments and services for experimentation. It will also work to stimulate investment by ensuring that AI models created in Europe and trained on EU supercomputers are well integrated into the economy.  

AI Chip Photo by Igor Omilaev on Unsplash
AI Chip Photo by Igor Omilaev on Unsplash

The AI Act

The so-called AI Act was introduced in May 2024 making the EU a pioneer in regulating this field. The new regulation aims to ensure safety and compliance with fundamental rights and also boost innovation. The AI Act follows a risk-based approach – the higher the risk to society, the stricter the rules. That exact regulation is the legal framework the AI Office will be responsible for enforcing. 

You can read more details about the AI Act and how it affects different actors in the field in our article here.

We are here to support you! 

YNG Legal takes care to always be up to date with not only official regulations, but with emerging trends in law, innovation and business. We approach every case diligently and proactively. That is also what we advise our clients – to take proactive action and not wait until it is too late and thus risk administrative or other penalties. 

Reach out to us today and get your consultation about AI regulation compliance! 

Training in sports law successfully accomplished

Attorney-at-law Radina Vakrilova and associate Filena Vassileva from our team took part in a two-day seminar on sports law – one of the areas in which YNG Legal.

The AI Act: Preserving civic rights or hindering innovation in the EU? 

The first set of regulatory frameworks aiming at responding to the new challenges this technology brings

In recent years artificial intelligence tools of various applications and scales became more and more included in our life. And the faster the technology developed, the more present and available it became outside of specific industries and big corporations. To a point of a commercial boom so wide, that such AI tools swiftly reached small and medium enterprises (SME) and end-customers en mass. 

This quick and wide spread of a technology which evolves every day inevitably brought threads to information, personal data, intellectual property, jobs, businesses, human rights. That is why the European union moved to regulate artificial intelligence. 

A robot looking at a digital image of scales, symbolizing the regulation of artificial intelligence which comes into force in the European union.
Image by Freepik

The AI Act’s aim

On 13 March The European Parliament adopted the first amendments to the proposal for a Regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence the so-called Artificial Intelligence Act.  

The new regulation aims to ensure safety and compliance with fundamental rights and also boost innovation. 

According to the first recital the purpose of this legislation is to: 

improve the functioning of the internal market by laying down a uniform legal framework in particular for the development, placing on the market, putting into service and the use of artificial intelligence systems in the Union in conformity with Union values, to promote the uptake of human centric and trustworthy artificial intelligence while ensuring a high level of protection of health, safety, fundamental rights enshrined in the Charter, including democracy and rule of law and environmental protection, against harmful effects of artificial intelligence systems in the Union and to support innovation.” 

Whom will the AI Act apply to?

  • Providers
    • placing on the market or putting into service AI systems or 
    • placing on the market general-purpose AI models in the Union, irrespective of whether those providers are established or who are located within the Union or in a third country.
  • Deployers of AI systems that have their place of establishment or who are located within the Union.
  • Providers and deployers of AI systems that have their place of establishment or who are located in a third country, where the output produced by the system is used in the Union.
  • Importers and distributors of AI systems.
  • Product manufacturers placing on the market or putting into service an AI system together with their product and under their own name or trademark; 
  • authorised representatives of providers, which are not established in the Union; 
  • affected persons that are located in the Union. 

What does the AI Act actually regulate?

The new regulation works in several directions to protect the interests of EU citizens and businesses. 

  1. The AI Act defines AI applications which pose a significant threat and completely bans them, such as certain cases of biometric categorisation, emotion recognition, social scoring, predictive policing, manipulation of human behaviour or exploitation of people’s vulnerabilities. 
  2. It provides an exception for strictly and narrowly defined situations in which biometric categorisation could be used by law enforcement only if strict safeguards are met: such as limited use in time and geographic scope and prior judicial or administrative authorisation. 
  3. The Act defines and regulates high-risk systems, for example AI uses in critical infrastructure, education and vocational training, employment, essential private and public services (e.g. healthcare, banking), certain systems in law enforcement, migration and border management, justice and democratic processes (e.g. influencing elections). It also gives citizens the right to submit complaints about AI systems and receive explanations about decisions based on high-risk AI systems that affect their rights. 
  4. The regulation imposes transparency requirements, including compliance with EU copyright law and publishing detailed summaries of the content used for training. Artificial or manipulated images, audio or video content (“deepfakes”) will need to be clearly labelled as such. Systems posing systemic risks will need to undergo additional evaluations. 
  5. The AI Act also requires measures at the national level to ensure SMEs and start-ups have a healthy environment to develop and train innovative AI before its placement on the market. 
A robot left hand and a human right hand typing on a laptop keyboard, symbolizing the development of artificial intelligence (AI) technologies. Image by Freepik.
Image by Freepik

What’s next?

The development of The AI Act took 3 years until it reached this point. Now the final Regulation needs to be formally adopted by both European Council and European Parliament before its publication to the Official Journal of the European Union. After the adoption from the European Parliament, the European Council is expected to adopt in due time the text without further changes or negotiations as the two institutions reached a deal on the Regulation at the beginning of December last year. 

The European Union is thus becoming a global pioneer in the regulation of the artificial intelligence sector, as happened a few years ago with the regulation of personal data. Since the introduction of the General Data Protection Regulation (GDPR) in the EU, similar regulations have been introduced elsewhere in the world. 

The new legislation enters into force 20 days after its publication in the official Journal and should fully apply from 2026. Yet there are some exceptions:

  • bans on prohibited practises will apply 6 months after the entry into force date; 
  • codes of practise – 9 months after entry into force; 
  • general-purpose AI rules including governance – 12 months; 
  • and obligations for high-risk systems – 36 months. 

 

Only the time will tell to what extent and how the new Regulation will face the many challenges the AI technology brings to the legislative and economic landscape within the member states of the European Union. Our team will analyse and stay up do date with the new set of rules making sure your business needs comply with the Regulation. We are committed to help companies navigate through the complexities of the European Union’s legal landscape. 

If you work in the field of AI, do not hesitate to get in touch and prepare your business ahead of time for the new legislation before its mandatory provisions kick-in.

Join the Artists’ Rights Forum

About the event

In Bulgaria, practice shows that the rights of actors are not properly valued. The purchase of rights in advance together with remuneration for work performed does not allow for additional economic realisation for performing artists from future uses of the works with their participation. But this situation is far from immutable!

Together with our partners the Institute of Intellectual Property and Technology Transfer “Prof. Dr. Borislav Borisov” (IISTT) of the UNWE and the collective rights management organization “ArtistAuthor” we organize a forum “Performing Artists’ Rights”. It will take place on 27 February at 09:30 in the Large Conference Hall of the UNWE.

To participate, you need to register by filling in the online form from this link or the button below.

Корица за форума за правата на артистите с логата на „АртистАутор“, Института по интелектуална собственост и технологичен трансфер „проф. д-р Борислав Борисов“ (ИИСТТ) на УНСС и на YNG Legal. Корицата включва и тематична снимка на камера.

With our partners, we recognize that there is a need for regular awareness campaigns that present well-structured information on performing artists’ rights in today’s business environment. The forum will address issues essential to enhancing the competitiveness of actors. The topics discussed will also be relevant for performing artists other than actors, for producers, lawyers, intellectual property specialists, communicators, students.

 

During the forum, experts from academia and practice will address the following topics:

  • collective management of intellectual property rights;
  • the role of the Ministry of Culture in collective rights management;
  • amendments to the Copyright and related rights act;
  • specificities of artists’ contracts.

Agenda

               09:30 | Registration

               10:00 – 10:10 | Welcome speech by the Rector of the UNWE

               10:10 – 10:35 | Collective Rights Management. The role of ArtistAuthor

Speakers Simeon Hristov, Executive Director of the organization and Att. Ivan Yankov from YNG Legal

               10:35 – 11:00 | The role of the Ministry of Culture in collective rights management

               Speaks as. Dr. Stefan Radev from UNWE

               11:00 – 11:10 | Break

               11:10 – 11:30 | Amendments to the Copyright and Related Rights Act

               Att. Ivan Yankov and Att. Yordan Vladov from YNG Legal

               11:30 – 11:50 | Performing Artists Contracts

Dr. Ivan Nachev, Director of the Institute of Intellectual Property and Technology Transfer, speaks

               11:50 – 12:30 | Discussion

About our partners

The Institute of Intellectual Property and Technology Transfer “Prof. Dr. Borislav Borisov” (IISTT) is a core unit of the UNWE that conducts research and assists business and government on intellectual property and technology transfer issues. IISTT works in close research and expert cooperation with a number of national and international organisations, such as the World Intellectual Property Organisation, the European Patent Office and the European Union Intellectual Property Office, the Executive Agency for the Promotion of Small and Medium-sized Enterprises, employers’ organisations, creative industries, lawyers, industrial property attorneys and others.

ArtistAuthor” is a collective rights management organisation registered with the Ministry of Culture. The association has been taking care of collective representation, management and protection of the rights of performing artists in Bulgaria since 1998. More than 340 professional Bulgarian performing artists are members of ArtistAuthor.

How can artistes protect their rights after changes to the Bulgarian Copyright Act?

At the end of 2023, significant changes to the Bulgarian Copyright and Related Rights Act were adopted. The aim was to harmonise the national legislation with the European legal framework – namely, by introducing two directives: 2019/789 and 2019/790.

These changes were largely driven by the digitalization of the market and the innovations in the distribution of various products subject to copyright and related rights.

One of the most crucial amendments is the abolition of the 10-year limitation on contracts with authors and performers for the use of works. It is now possible to enter into contracts for the full term of protection of the rights of both authors and performers – 70 years after the death of the author and 50 years after the date of the performance for the performers, subject to only a single payment for use.  

However, the amendments also provide for a right to additional remuneration where the original agreed remuneration proves disproportionate. As the protection of this right is difficult to achieve in practice, the importance of initial fair negotiation becomes even more important.

It is precisely the proper understanding of the rights and obligations in the proposed text of the contract that enable the right holders to negotiate adequate terms.

If you need help doing so, YNG Legal are here to assist.

Changes to the Bulgarian Copyright act, end of 2023 brochure

MiCA: New set of recommendations for cryptocurrency regulation in the EU

MiCA aims to regulate the crypto-asset market in the EU, similarly to that of traditional financial instruments, ensuring transparency and preventing abuse.

№1 easy way to get a single patent across the EU…

Good news for tech and innovative companies. But what is the risk?

A new Unitary Patent system was launched in the European Union on June 1, 2023. It introduces a new European jurisdiction for patent cases called the Unified Patent Court or UPC. The UPC will handle cases of alleged patent infringement as well as patent revocation proceedings.

Until now, obtaining a patent grant from the European Patent Office (EPO) meant only that the proprietor had the right to validate this patent in each member-state individually to obtain actual patent protection for their invention. This required every person who wished to obtain patent coverage in all 27 states to go through a validation procedure in each country separately.

Hands of people negotianting over a contract.
Image by aymane jdidi from Pixabay

The Unitary Patent system aims to lighten this burden on the business by providing for acquiring a singular patent valid and enforceable across the EU, without resorting to national patent offices.

Existing European patents which are validated in separate EU countries (also called “bundle patents”) will also fall under the jurisdiction of the UPC unless an opt-out is filed.

The UPC allows patent holders to seek protection of their EU patents in a single place, without having to seek local counsel for each national jurisdiction and have multiple simultaneous proceedings in different countries for one act of infringement. However, it also allows third parties to challenge bundle patents at the UPC and potentially invalidate them across Europe with a single court ruling.

This development is important, for example, for the tech and medical industries, as well as all businesses whose model is based on a strong intellectual property (IP) portfolio. It promises to lighten the bureaucratic burden and provide new opportunities but also introduces new risks to IP-oriented companies.

№1 easy way to get a single patent across the EU...

The new Unitary Patent and Court system will be of significance to you if your business, for example, is (but not limited to):

The UPC is a new institution and hence it lacks established practice, which introduces a degree of uncertainty. Under the prior system where national authorities and courts ruled on patent prosecution cases, there were different opinions adopted by each country’s office in similar cases. The UPC is expected to unify the practice of patent infringement proceedings, but its approach remains to be seen. Until practice accumulates there is a chance that certain cases might be treated unfavorably in regard to the rightful patent holder.

Judge hammer and books
Image by succo from Pixabay

Depending on the value and strength of the patents you or your company own, there might be different approaches to this new development.

  • If you are certain that your patent is “strong” (it is sufficiently distinct and inventive – such as a new language-based AI model) and it is unlikely that it can be successfully challenged, the UPC provides a great opportunity to protect the patent against infringement and bring forth proceedings against any third party located in the EU without having to resort to different national authorities in each member country.
  • However, if you are not confident in the strength of your patent, or if it represents great value to your business (such as the patent covering your main product – for example, a new type of 3D printer, VR device, etc.), it might be better to minimize the risk of invalidation by opting out of the UPC. Bundle patents can be challenged before the UPC and unvalidated across all national jurisdictions which can have tough consequences for the IP portfolio of your business. Persisting with the current fragmented system can thus be a tool to limit this risk as your bundle patent would need to be separately challenged in each national jurisdiction separately, increasing your chances of maintaining a level of patent protection for your products.

However, in practice every business is different, and this requires a personalized approach and timely action. To ensure the higher survivability of your patents, and to minimize the risk of invalidation, YNG Legal’s team offers customized support based on thorough analysis. The quicker you act the lower the chance for your patents to be challenged on an international level.

Get in touch with us now to protect your patents. Send us a request on yankov@ynglegal.com.