Spain | Franchising, Theory Of Risk and Guarantees By Franchisee

15 mai 2026

  • Espagne
  • Distribution
  • Litiges

Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

In this way, the objection based on the theory of known risk would not come into play.

Pourquoi la crise relève de la direction du cabinet

La confiance est l’actif le plus précieux d’un cabinet d’avocats.

Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

Une complexité accrue pour les cabinets modernes

L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

Les origines des crises dans les cabinets d’avocats

La plupart des crises trouvent leur origine dans trois sphères :

  1. Le comportement individuel
  2. Les risques liés aux clients
  3. Les dysfonctionnements systémiques internes

Les manquements individuels sont généralement les plus visibles.

Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

Les enjeux systémiques et culturels présentent un risque distinct.

Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

Les défaillances fréquentes en communication de crise

Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

Les caractéristiques d’une communication de crise efficace

Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

À défaut, le doute s’installe.

La crise: un test de communication

Toute crise devient, en définitive, un test de communication.

La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

Why Legal Risk Management Needs a Financial Metric

Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

Legal Risk as Value-at-Risk

Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

“Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

Expected legal loss (per period) = expected frequency x expected severity

This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

Introducing Return on Legal (ROL)

Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

A definition could be expressed as follows:

ROL - Legalmondo

When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

Measuring ROL: Retrospective vs. Forward-Looking

A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

Let’s make an example of how ROL works

Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

ROL Implementation: Keep It Lean and Actionable

ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

A practical starting point is to pull together three streams of information:

  • historical disputes and their total cost;
  • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
  • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

Turning ROL Into a Decision Tool

Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

Conclusion

Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

I can think of three areas where the legal advisor and the executive coach meet:

  1. The relationship with the client. Listen carefully before advising.

Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

  1. Negotiation and mediation.

In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

  1. Accompanying processes of change in the client and their organisation

The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

Man in the Middle scam: how it works

This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

  • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
  • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
  • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

 

This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

Regulation (EU) 2024/886: a paradigm shift

And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

The new features of this regulation are

  • mandatory application to all instant transfers within the SEPA area,
  • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
  • increased liability for financial institutions in the event of fraud or error due to lack of verification.

In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

“He out… or me out”

In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

You no longer represent our company’, which may be evidence that you did so before.

As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

From this moment on, orders will be handled by X’, which also confirms a type of relationship.

 

In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

Scope and admissibility under Dutch law

The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

Filing and language requirements

EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

Procedure and enforcement

If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

Benefits and considerations

From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

Conclusion

The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

Javier Gaspar

Domaines d'intervention

  • Arbitrage
  • Distribution
  • Franchise
  • Litiges
  • Sport
Contact Javier

Écrire à Javier





    Lire la politique de confidentialité de Legalmondo.
    Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

    Gestion de crise dans les cabinets d’avocats

    26 février 2026

    • Canada
    • Conformité
    • Criminalité en col blanc
    • Litiges

    Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

    Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

    In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

    The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

    With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

    In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

    The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

    This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

    However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

    Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

    The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

    In this way, the objection based on the theory of known risk would not come into play.

    Pourquoi la crise relève de la direction du cabinet

    La confiance est l’actif le plus précieux d’un cabinet d’avocats.

    Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

    Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

    La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

    Une complexité accrue pour les cabinets modernes

    L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

    Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

    Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

    Les origines des crises dans les cabinets d’avocats

    La plupart des crises trouvent leur origine dans trois sphères :

    1. Le comportement individuel
    2. Les risques liés aux clients
    3. Les dysfonctionnements systémiques internes

    Les manquements individuels sont généralement les plus visibles.

    Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

    L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

    La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

    Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

    Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

    Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

    La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

    Les enjeux systémiques et culturels présentent un risque distinct.

    Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

    Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

    Les défaillances fréquentes en communication de crise

    Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

    Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

    Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

    En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

    Les caractéristiques d’une communication de crise efficace

    Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

    Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

    La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

    Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

    En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

    À défaut, le doute s’installe.

    La crise: un test de communication

    Toute crise devient, en définitive, un test de communication.

    La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

    Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

    La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

    Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

    Why Legal Risk Management Needs a Financial Metric

    Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

    That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

    Legal Risk as Value-at-Risk

    Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

    “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

    Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

    Expected legal loss (per period) = expected frequency x expected severity

    This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

    Introducing Return on Legal (ROL)

    Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

    A definition could be expressed as follows:

    ROL - Legalmondo

    When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

    Measuring ROL: Retrospective vs. Forward-Looking

    A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

    First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

    To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

    Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

    Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

    Let’s make an example of how ROL works

    Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

    A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

    ROL Implementation: Keep It Lean and Actionable

    ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

    A practical starting point is to pull together three streams of information:

    • historical disputes and their total cost;
    • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
    • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

    Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

    Turning ROL Into a Decision Tool

    Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

    Conclusion

    Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

    For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

    Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

    I can think of three areas where the legal advisor and the executive coach meet:

    1. The relationship with the client. Listen carefully before advising.

    Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

    1. Negotiation and mediation.

    In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

    1. Accompanying processes of change in the client and their organisation

    The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

    In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

    The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

    In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

    There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

    Man in the Middle scam: how it works

    This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

    • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
    • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
    • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

     

    This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

    The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

    The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

    Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

    The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

    The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

    This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

    In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

    The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

    Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

    In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

    In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

    It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

    Regulation (EU) 2024/886: a paradigm shift

    And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

    The new features of this regulation are

    • mandatory application to all instant transfers within the SEPA area,
    • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
    • increased liability for financial institutions in the event of fraud or error due to lack of verification.

    In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

    This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

    In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

    In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

    “He out… or me out”

    In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

    Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

    At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

    The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

    What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

    Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

    While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

    In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

    Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

    It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

    The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

    The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

    Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

    You no longer represent our company’, which may be evidence that you did so before.

    As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

    You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

    The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

    Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

    You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

    We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

    From this moment on, orders will be handled by X’, which also confirms a type of relationship.

     

    In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

    Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

    This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

    Scope and admissibility under Dutch law

    The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

    In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

    Filing and language requirements

    EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

    Procedure and enforcement

    If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

    In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

    Benefits and considerations

    From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

    Conclusion

    The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

    Larry Markowitz

    Domaines d'intervention

    • Entreprise
    • Fonds d'investissement privés
    • Start-up
    Contact Larry

    Écrire à Larry





      Lire la politique de confidentialité de Legalmondo.
      Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

      Managing Lawsuit Risk: A Budgeting Framework for Legal Costs

      19 février 2026

      • Italie
      • Contrats
      • Litiges

      Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

      Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

      In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

      The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

      With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

      In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

      The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

      This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

      However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

      Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

      The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

      In this way, the objection based on the theory of known risk would not come into play.

      Pourquoi la crise relève de la direction du cabinet

      La confiance est l’actif le plus précieux d’un cabinet d’avocats.

      Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

      Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

      La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

      Une complexité accrue pour les cabinets modernes

      L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

      Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

      Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

      Les origines des crises dans les cabinets d’avocats

      La plupart des crises trouvent leur origine dans trois sphères :

      1. Le comportement individuel
      2. Les risques liés aux clients
      3. Les dysfonctionnements systémiques internes

      Les manquements individuels sont généralement les plus visibles.

      Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

      L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

      La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

      Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

      Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

      Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

      La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

      Les enjeux systémiques et culturels présentent un risque distinct.

      Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

      Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

      Les défaillances fréquentes en communication de crise

      Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

      Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

      Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

      En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

      Les caractéristiques d’une communication de crise efficace

      Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

      Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

      La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

      Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

      En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

      À défaut, le doute s’installe.

      La crise: un test de communication

      Toute crise devient, en définitive, un test de communication.

      La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

      Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

      La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

      Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

      Why Legal Risk Management Needs a Financial Metric

      Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

      That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

      Legal Risk as Value-at-Risk

      Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

      “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

      Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

      Expected legal loss (per period) = expected frequency x expected severity

      This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

      Introducing Return on Legal (ROL)

      Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

      A definition could be expressed as follows:

      ROL - Legalmondo

      When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

      Measuring ROL: Retrospective vs. Forward-Looking

      A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

      First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

      To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

      Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

      Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

      Let’s make an example of how ROL works

      Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

      A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

      ROL Implementation: Keep It Lean and Actionable

      ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

      A practical starting point is to pull together three streams of information:

      • historical disputes and their total cost;
      • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
      • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

      Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

      Turning ROL Into a Decision Tool

      Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

      Conclusion

      Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

      For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

      Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

      I can think of three areas where the legal advisor and the executive coach meet:

      1. The relationship with the client. Listen carefully before advising.

      Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

      1. Negotiation and mediation.

      In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

      1. Accompanying processes of change in the client and their organisation

      The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

      In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

      The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

      In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

      There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

      Man in the Middle scam: how it works

      This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

      • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
      • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
      • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

       

      This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

      The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

      The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

      Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

      The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

      The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

      This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

      In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

      The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

      Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

      In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

      In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

      It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

      Regulation (EU) 2024/886: a paradigm shift

      And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

      The new features of this regulation are

      • mandatory application to all instant transfers within the SEPA area,
      • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
      • increased liability for financial institutions in the event of fraud or error due to lack of verification.

      In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

      This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

      In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

      In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

      “He out… or me out”

      In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

      Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

      At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

      The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

      What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

      Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

      While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

      In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

      Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

      It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

      The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

      The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

      Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

      You no longer represent our company’, which may be evidence that you did so before.

      As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

      You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

      The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

      Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

      You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

      We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

      From this moment on, orders will be handled by X’, which also confirms a type of relationship.

       

      In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

      Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

      This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

      Scope and admissibility under Dutch law

      The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

      In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

      Filing and language requirements

      EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

      Procedure and enforcement

      If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

      In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

      Benefits and considerations

      From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

      Conclusion

      The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

      Roberto Luzi Crivellini

      Domaines d'intervention

      • Arbitrage
      • Distribution
      • Commerce international
      • Litiges
      • Immobilier
      Contact Roberto

      Écrire à Roberto





        Lire la politique de confidentialité de Legalmondo.
        Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

        The lawyer-coach: a new way of practising

        23 décembre 2025

        • Espagne
        • Règlement extrajudiciaire des litiges
        • Contrats
        • Litiges

        Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

        Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

        In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

        The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

        With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

        In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

        The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

        This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

        However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

        Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

        The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

        In this way, the objection based on the theory of known risk would not come into play.

        Pourquoi la crise relève de la direction du cabinet

        La confiance est l’actif le plus précieux d’un cabinet d’avocats.

        Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

        Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

        La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

        Une complexité accrue pour les cabinets modernes

        L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

        Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

        Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

        Les origines des crises dans les cabinets d’avocats

        La plupart des crises trouvent leur origine dans trois sphères :

        1. Le comportement individuel
        2. Les risques liés aux clients
        3. Les dysfonctionnements systémiques internes

        Les manquements individuels sont généralement les plus visibles.

        Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

        L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

        La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

        Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

        Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

        Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

        La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

        Les enjeux systémiques et culturels présentent un risque distinct.

        Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

        Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

        Les défaillances fréquentes en communication de crise

        Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

        Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

        Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

        En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

        Les caractéristiques d’une communication de crise efficace

        Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

        Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

        La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

        Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

        En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

        À défaut, le doute s’installe.

        La crise: un test de communication

        Toute crise devient, en définitive, un test de communication.

        La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

        Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

        La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

        Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

        Why Legal Risk Management Needs a Financial Metric

        Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

        That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

        Legal Risk as Value-at-Risk

        Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

        “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

        Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

        Expected legal loss (per period) = expected frequency x expected severity

        This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

        Introducing Return on Legal (ROL)

        Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

        A definition could be expressed as follows:

        ROL - Legalmondo

        When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

        Measuring ROL: Retrospective vs. Forward-Looking

        A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

        First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

        To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

        Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

        Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

        Let’s make an example of how ROL works

        Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

        A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

        ROL Implementation: Keep It Lean and Actionable

        ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

        A practical starting point is to pull together three streams of information:

        • historical disputes and their total cost;
        • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
        • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

        Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

        Turning ROL Into a Decision Tool

        Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

        Conclusion

        Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

        For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

        Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

        I can think of three areas where the legal advisor and the executive coach meet:

        1. The relationship with the client. Listen carefully before advising.

        Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

        1. Negotiation and mediation.

        In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

        1. Accompanying processes of change in the client and their organisation

        The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

        In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

        The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

        In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

        There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

        Man in the Middle scam: how it works

        This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

        • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
        • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
        • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

         

        This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

        The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

        The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

        Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

        The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

        The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

        This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

        In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

        The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

        Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

        In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

        In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

        It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

        Regulation (EU) 2024/886: a paradigm shift

        And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

        The new features of this regulation are

        • mandatory application to all instant transfers within the SEPA area,
        • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
        • increased liability for financial institutions in the event of fraud or error due to lack of verification.

        In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

        This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

        In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

        In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

        “He out… or me out”

        In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

        Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

        At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

        The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

        What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

        Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

        While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

        In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

        Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

        It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

        The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

        The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

        Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

        You no longer represent our company’, which may be evidence that you did so before.

        As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

        You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

        The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

        Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

        You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

        We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

        From this moment on, orders will be handled by X’, which also confirms a type of relationship.

         

        In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

        Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

        This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

        Scope and admissibility under Dutch law

        The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

        In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

        Filing and language requirements

        EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

        Procedure and enforcement

        If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

        In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

        Benefits and considerations

        From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

        Conclusion

        The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

        Ignacio Alonso

        Domaines d'intervention

        • Agence
        • Entreprise
        • Distribution
        • Franchise
        Contact Ignacio

        Écrire à Ignacio





          Lire la politique de confidentialité de Legalmondo.
          Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

          Spain – Man in the Middle fraud and EU Regulation 2024/886: a paradigm shift

          3 novembre 2025

          • Espagne
          • Banque
          • Financement et Titres
          • Litiges

          Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

          Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

          In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

          The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

          With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

          In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

          The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

          This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

          However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

          Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

          The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

          In this way, the objection based on the theory of known risk would not come into play.

          Pourquoi la crise relève de la direction du cabinet

          La confiance est l’actif le plus précieux d’un cabinet d’avocats.

          Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

          Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

          La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

          Une complexité accrue pour les cabinets modernes

          L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

          Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

          Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

          Les origines des crises dans les cabinets d’avocats

          La plupart des crises trouvent leur origine dans trois sphères :

          1. Le comportement individuel
          2. Les risques liés aux clients
          3. Les dysfonctionnements systémiques internes

          Les manquements individuels sont généralement les plus visibles.

          Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

          L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

          La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

          Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

          Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

          Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

          La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

          Les enjeux systémiques et culturels présentent un risque distinct.

          Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

          Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

          Les défaillances fréquentes en communication de crise

          Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

          Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

          Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

          En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

          Les caractéristiques d’une communication de crise efficace

          Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

          Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

          La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

          Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

          En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

          À défaut, le doute s’installe.

          La crise: un test de communication

          Toute crise devient, en définitive, un test de communication.

          La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

          Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

          La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

          Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

          Why Legal Risk Management Needs a Financial Metric

          Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

          That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

          Legal Risk as Value-at-Risk

          Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

          “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

          Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

          Expected legal loss (per period) = expected frequency x expected severity

          This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

          Introducing Return on Legal (ROL)

          Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

          A definition could be expressed as follows:

          ROL - Legalmondo

          When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

          Measuring ROL: Retrospective vs. Forward-Looking

          A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

          First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

          To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

          Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

          Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

          Let’s make an example of how ROL works

          Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

          A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

          ROL Implementation: Keep It Lean and Actionable

          ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

          A practical starting point is to pull together three streams of information:

          • historical disputes and their total cost;
          • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
          • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

          Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

          Turning ROL Into a Decision Tool

          Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

          Conclusion

          Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

          For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

          Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

          I can think of three areas where the legal advisor and the executive coach meet:

          1. The relationship with the client. Listen carefully before advising.

          Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

          1. Negotiation and mediation.

          In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

          1. Accompanying processes of change in the client and their organisation

          The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

          In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

          The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

          In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

          There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

          Man in the Middle scam: how it works

          This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

          • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
          • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
          • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

           

          This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

          The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

          The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

          Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

          The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

          The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

          This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

          In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

          The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

          Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

          In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

          In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

          It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

          Regulation (EU) 2024/886: a paradigm shift

          And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

          The new features of this regulation are

          • mandatory application to all instant transfers within the SEPA area,
          • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
          • increased liability for financial institutions in the event of fraud or error due to lack of verification.

          In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

          This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

          In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

          In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

          “He out… or me out”

          In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

          Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

          At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

          The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

          What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

          Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

          While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

          In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

          Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

          It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

          The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

          The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

          Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

          You no longer represent our company’, which may be evidence that you did so before.

          As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

          You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

          The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

          Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

          You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

          We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

          From this moment on, orders will be handled by X’, which also confirms a type of relationship.

           

          In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

          Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

          This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

          Scope and admissibility under Dutch law

          The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

          In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

          Filing and language requirements

          EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

          Procedure and enforcement

          If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

          In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

          Benefits and considerations

          From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

          Conclusion

          The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

          Javier Gaspar

          Domaines d'intervention

          • Arbitrage
          • Distribution
          • Franchise
          • Litiges
          • Sport
          Contact Javier

          Écrire à Javier





            Lire la politique de confidentialité de Legalmondo.
            Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

            The New Dutch Shareholder Dispute Resolution Scheme

            22 octobre 2025

            • Pays-Bas
            • Entreprise
            • Litiges

            Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

            Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

            In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

            The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

            With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

            In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

            The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

            This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

            However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

            Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

            The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

            In this way, the objection based on the theory of known risk would not come into play.

            Pourquoi la crise relève de la direction du cabinet

            La confiance est l’actif le plus précieux d’un cabinet d’avocats.

            Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

            Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

            La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

            Une complexité accrue pour les cabinets modernes

            L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

            Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

            Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

            Les origines des crises dans les cabinets d’avocats

            La plupart des crises trouvent leur origine dans trois sphères :

            1. Le comportement individuel
            2. Les risques liés aux clients
            3. Les dysfonctionnements systémiques internes

            Les manquements individuels sont généralement les plus visibles.

            Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

            L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

            La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

            Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

            Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

            Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

            La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

            Les enjeux systémiques et culturels présentent un risque distinct.

            Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

            Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

            Les défaillances fréquentes en communication de crise

            Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

            Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

            Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

            En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

            Les caractéristiques d’une communication de crise efficace

            Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

            Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

            La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

            Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

            En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

            À défaut, le doute s’installe.

            La crise: un test de communication

            Toute crise devient, en définitive, un test de communication.

            La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

            Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

            La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

            Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

            Why Legal Risk Management Needs a Financial Metric

            Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

            That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

            Legal Risk as Value-at-Risk

            Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

            “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

            Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

            Expected legal loss (per period) = expected frequency x expected severity

            This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

            Introducing Return on Legal (ROL)

            Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

            A definition could be expressed as follows:

            ROL - Legalmondo

            When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

            Measuring ROL: Retrospective vs. Forward-Looking

            A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

            First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

            To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

            Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

            Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

            Let’s make an example of how ROL works

            Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

            A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

            ROL Implementation: Keep It Lean and Actionable

            ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

            A practical starting point is to pull together three streams of information:

            • historical disputes and their total cost;
            • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
            • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

            Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

            Turning ROL Into a Decision Tool

            Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

            Conclusion

            Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

            For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

            Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

            I can think of three areas where the legal advisor and the executive coach meet:

            1. The relationship with the client. Listen carefully before advising.

            Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

            1. Negotiation and mediation.

            In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

            1. Accompanying processes of change in the client and their organisation

            The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

            In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

            The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

            In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

            There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

            Man in the Middle scam: how it works

            This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

            • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
            • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
            • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

             

            This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

            The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

            The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

            Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

            The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

            The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

            This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

            In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

            The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

            Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

            In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

            In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

            It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

            Regulation (EU) 2024/886: a paradigm shift

            And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

            The new features of this regulation are

            • mandatory application to all instant transfers within the SEPA area,
            • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
            • increased liability for financial institutions in the event of fraud or error due to lack of verification.

            In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

            This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

            In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

            In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

            “He out… or me out”

            In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

            Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

            At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

            The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

            What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

            Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

            While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

            In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

            Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

            It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

            The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

            The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

            Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

            You no longer represent our company’, which may be evidence that you did so before.

            As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

            You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

            The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

            Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

            You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

            We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

            From this moment on, orders will be handled by X’, which also confirms a type of relationship.

             

            In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

            Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

            This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

            Scope and admissibility under Dutch law

            The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

            In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

            Filing and language requirements

            EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

            Procedure and enforcement

            If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

            In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

            Benefits and considerations

            From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

            Conclusion

            The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

            Hein van Woensel

            Domaines d'intervention

            • Contrats
            • Entreprise
            • Litiges
            • Fusions et acquisitions
            Contact Hein

            Écrire à Hein





              Lire la politique de confidentialité de Legalmondo.
              Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

              Agency and distribution agreements. Phrases to avoid when ending a business relationship without a written contract

              11 octobre 2025

              • Espagne
              • Agence
              • Contrats
              • Distribution
              • Litiges

              Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

              Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

              In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

              The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

              With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

              In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

              The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

              This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

              However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

              Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

              The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

              In this way, the objection based on the theory of known risk would not come into play.

              Pourquoi la crise relève de la direction du cabinet

              La confiance est l’actif le plus précieux d’un cabinet d’avocats.

              Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

              Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

              La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

              Une complexité accrue pour les cabinets modernes

              L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

              Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

              Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

              Les origines des crises dans les cabinets d’avocats

              La plupart des crises trouvent leur origine dans trois sphères :

              1. Le comportement individuel
              2. Les risques liés aux clients
              3. Les dysfonctionnements systémiques internes

              Les manquements individuels sont généralement les plus visibles.

              Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

              L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

              La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

              Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

              Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

              Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

              La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

              Les enjeux systémiques et culturels présentent un risque distinct.

              Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

              Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

              Les défaillances fréquentes en communication de crise

              Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

              Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

              Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

              En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

              Les caractéristiques d’une communication de crise efficace

              Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

              Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

              La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

              Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

              En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

              À défaut, le doute s’installe.

              La crise: un test de communication

              Toute crise devient, en définitive, un test de communication.

              La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

              Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

              La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

              Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

              Why Legal Risk Management Needs a Financial Metric

              Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

              That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

              Legal Risk as Value-at-Risk

              Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

              “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

              Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

              Expected legal loss (per period) = expected frequency x expected severity

              This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

              Introducing Return on Legal (ROL)

              Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

              A definition could be expressed as follows:

              ROL - Legalmondo

              When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

              Measuring ROL: Retrospective vs. Forward-Looking

              A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

              First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

              To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

              Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

              Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

              Let’s make an example of how ROL works

              Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

              A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

              ROL Implementation: Keep It Lean and Actionable

              ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

              A practical starting point is to pull together three streams of information:

              • historical disputes and their total cost;
              • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
              • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

              Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

              Turning ROL Into a Decision Tool

              Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

              Conclusion

              Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

              For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

              Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

              I can think of three areas where the legal advisor and the executive coach meet:

              1. The relationship with the client. Listen carefully before advising.

              Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

              1. Negotiation and mediation.

              In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

              1. Accompanying processes of change in the client and their organisation

              The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

              In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

              The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

              In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

              There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

              Man in the Middle scam: how it works

              This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

              • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
              • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
              • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

               

              This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

              The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

              The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

              Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

              The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

              The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

              This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

              In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

              The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

              Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

              In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

              In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

              It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

              Regulation (EU) 2024/886: a paradigm shift

              And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

              The new features of this regulation are

              • mandatory application to all instant transfers within the SEPA area,
              • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
              • increased liability for financial institutions in the event of fraud or error due to lack of verification.

              In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

              This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

              In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

              In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

              “He out… or me out”

              In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

              Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

              At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

              The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

              What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

              Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

              While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

              In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

              Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

              It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

              The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

              The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

              Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

              You no longer represent our company’, which may be evidence that you did so before.

              As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

              You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

              The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

              Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

              You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

              We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

              From this moment on, orders will be handled by X’, which also confirms a type of relationship.

               

              In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

              Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

              This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

              Scope and admissibility under Dutch law

              The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

              In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

              Filing and language requirements

              EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

              Procedure and enforcement

              If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

              In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

              Benefits and considerations

              From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

              Conclusion

              The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

              Ignacio Alonso

              Domaines d'intervention

              • Agence
              • Entreprise
              • Distribution
              • Franchise
              Contact Ignacio

              Écrire à Ignacio





                Lire la politique de confidentialité de Legalmondo.
                Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

                Netherlands | The European Payment Order

                7 juillet 2025

                • Pays-Bas
                • Litiges

                Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

                Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

                In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

                The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

                With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

                In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

                The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

                This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

                However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

                Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

                The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

                In this way, the objection based on the theory of known risk would not come into play.

                Pourquoi la crise relève de la direction du cabinet

                La confiance est l’actif le plus précieux d’un cabinet d’avocats.

                Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

                Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

                La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

                Une complexité accrue pour les cabinets modernes

                L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

                Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

                Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

                Les origines des crises dans les cabinets d’avocats

                La plupart des crises trouvent leur origine dans trois sphères :

                1. Le comportement individuel
                2. Les risques liés aux clients
                3. Les dysfonctionnements systémiques internes

                Les manquements individuels sont généralement les plus visibles.

                Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

                L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

                La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

                Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

                Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

                Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

                La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

                Les enjeux systémiques et culturels présentent un risque distinct.

                Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

                Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

                Les défaillances fréquentes en communication de crise

                Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

                Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

                Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

                En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

                Les caractéristiques d’une communication de crise efficace

                Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

                Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

                La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

                Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

                En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

                À défaut, le doute s’installe.

                La crise: un test de communication

                Toute crise devient, en définitive, un test de communication.

                La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

                Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

                La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

                Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

                Why Legal Risk Management Needs a Financial Metric

                Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

                That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

                Legal Risk as Value-at-Risk

                Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

                “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

                Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

                Expected legal loss (per period) = expected frequency x expected severity

                This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

                Introducing Return on Legal (ROL)

                Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

                A definition could be expressed as follows:

                ROL - Legalmondo

                When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

                Measuring ROL: Retrospective vs. Forward-Looking

                A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

                First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

                To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

                Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

                Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

                Let’s make an example of how ROL works

                Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

                A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

                ROL Implementation: Keep It Lean and Actionable

                ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

                A practical starting point is to pull together three streams of information:

                • historical disputes and their total cost;
                • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
                • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

                Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

                Turning ROL Into a Decision Tool

                Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

                Conclusion

                Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

                For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

                Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

                I can think of three areas where the legal advisor and the executive coach meet:

                1. The relationship with the client. Listen carefully before advising.

                Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

                1. Negotiation and mediation.

                In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

                1. Accompanying processes of change in the client and their organisation

                The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

                In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

                The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

                In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

                There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

                Man in the Middle scam: how it works

                This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

                • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
                • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
                • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

                 

                This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

                The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

                The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

                Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

                The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

                The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

                This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

                In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

                The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

                Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

                In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

                In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

                It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

                Regulation (EU) 2024/886: a paradigm shift

                And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

                The new features of this regulation are

                • mandatory application to all instant transfers within the SEPA area,
                • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
                • increased liability for financial institutions in the event of fraud or error due to lack of verification.

                In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

                This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

                In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

                In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

                “He out… or me out”

                In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

                Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

                At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

                The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

                What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

                Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

                While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

                In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

                Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

                It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

                The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

                The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

                Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

                You no longer represent our company’, which may be evidence that you did so before.

                As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

                You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

                The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

                Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

                You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

                We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

                From this moment on, orders will be handled by X’, which also confirms a type of relationship.

                 

                In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

                Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

                This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

                Scope and admissibility under Dutch law

                The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

                In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

                Filing and language requirements

                EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

                Procedure and enforcement

                If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

                In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

                Benefits and considerations

                From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

                Conclusion

                The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

                Daan Folgering

                Domaines d'intervention

                • Arbitrage
                • Entreprise
                • Recouvrement des crédits
                • Litiges
                • Criminalité en col blanc
                Contact Daan

                Écrire à Daan





                  Lire la politique de confidentialité de Legalmondo.
                  Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.

                  Spain | Appropriate Means of Non-Jurisdictional Dispute Resolution: A New Paradigm in Spanish Justice

                  5 juin 2025

                  • Espagne
                  • Règlement extrajudiciaire des litiges
                  • Litiges

                  Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

                  Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

                  In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

                  The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

                  With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

                  In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

                  The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

                  This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

                  However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

                  Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

                  The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

                  In this way, the objection based on the theory of known risk would not come into play.

                  Pourquoi la crise relève de la direction du cabinet

                  La confiance est l’actif le plus précieux d’un cabinet d’avocats.

                  Il faut des années pour bâtir une réputation et quelques minutes pour la fragiliser. En période de crise, cette réalité s’impose : les clients appellent, les équipes s’interrogent, les journalistes enquêtent, les recruteurs observent.

                  Ce qui commence comme un manquement individuel, une controverse liée à un client ou une faiblesse interne se transforme rapidement en défi sur le plan de la communication. La réaction de la direction, l’identité du porte-parole et la cohérence du message déterminent le jugement porté sur le cabinet.

                  La gestion de crise dans un cabinet d’avocats n’est pas d’abord un problème juridique. C’est un enjeu de leadership exprimé par la communication.

                  Une complexité accrue pour les cabinets modernes

                  L’exercice du droit est aujourd’hui plus exposé qu’il ne l’était il y a encore dix ans. Les cabinets opèrent dans plusieurs juridictions et conseillent une clientèle sophistiquée. Les attentes en matière de transparence et de responsabilité varient selon les pays. Ce qui paraît prudent dans une juridiction peut sembler évasif dans une autre.

                  Lorsqu’un incident survient, les réactions dépassent rapidement le cadre local. Clients, régulateurs, collaborateurs et médias peuvent réagir simultanément, parfois sur des marchés différents. Des réponses divergentes entre bureaux ou champs de pratique accentuent la confusion et alimentent la vulnérabilité.

                  Le silence est rarement une solution. Ne pas expliquer, c’est perdre la maîtrise du narratif.

                  Les origines des crises dans les cabinets d’avocats

                  La plupart des crises trouvent leur origine dans trois sphères :

                  1. Le comportement individuel
                  2. Les risques liés aux clients
                  3. Les dysfonctionnements systémiques internes

                  Les manquements individuels sont généralement les plus visibles.

                  Les affaires médiatisées impliquant des associés seniors suivent souvent un schéma similaire. Un incident est d’abord considéré comme isolé. La direction hésite en évaluant les risques relationnels et réputationnels. En quelques semaines, la question dépasse le cadre initial. L’attention se déplace du comportement en cause vers la réaction du cabinet et l’enjeu devient rapidement un test à l’égard du leadership.

                  L’hésitation modifie le récit. Le cabinet ne traite plus un comportement : il justifie sa décision de ne pas agir.

                  La technologie a créé une nouvelle zone d’exposition. Plusieurs cabinets ont fait l’objet d’un examen attentif après que de fausses citations ont été générées par l’intelligence artificielle. En interne, l’explication était connue : un collaborateur junior avait utilisé un outil ; la supervision avait été présumée plutôt que vérifiée. En externe, la perception d’un défaut de contrôle domine.

                  Le défi n’est pas tant d’expliquer l’origine de l’erreur que de combler le déficit de confiance. Les juridictions et clients attendent des garanties de supervision, non des explications techniques.

                  Les crises liées aux clients sont souvent les plus difficiles à gérer publiquement.

                  Les cabinets peuvent penser que la lettre de mandat crée une distance entre le client et le cabinet. Lorsque le client devient controversé, cette distance s’efface : la couverture médiatique fait rarement la distinction entre conseil juridique et approbation. Dès que le nom du cabinet figure dans le même titre, il devient partie intégrante du récit.

                  La stratégie de communication doit tenir compte du fait que clients, régulateurs, collaborateurs et journalistes analyseront la situation selon des perspectives différentes. Un message unique ne satisfait généralement pas tous ces publics.

                  Les enjeux systémiques et culturels présentent un risque distinct.

                  Les écarts de rémunération, les critères de promotion peu clairs, la tolérance de comportements inappropriés ou des dispositifs de signalement insuffisants s’installent souvent progressivement. Lorsque des avocats quittent le cabinet et témoignent publiquement de leur expérience, les sujets internes deviennent des récits externes, façonnant l’identité publique du cabinet.

                  Ce qu’un cabinet peut affirmer de manière crédible en période de crise dépend de la constance de ses pratiques antérieures. La réputation délimite le champ des réponses crédibles.

                  Les défaillances fréquentes en communication de crise

                  Les avocats sont formés à la prudence et à la précision. C’est généralement une force. En situation de crise, cela peut devenir une faiblesse. Les déclarations sont techniquement exactes, mais incomplètes.

                  Le schéma est récurrent. Un communiqué soigneusement rédigé est publié. Journalistes et clients se concentrent sur ce qui n’est pas dit. Des questions complémentaires surgissent. Une nouvelle clarification est diffusée. Chaque clarification prolonge l’exposition médiatique et ce qui semblait une approche prudente peut être interprété comme de l’improvisation vue de l’extérieur.

                  Les messages contradictoires aggravent la situation. Différents associés s’adressent à des publics distincts. Les bureaux répondent de manière autonome. Le désalignement entre juridique et communication affaiblit la crédibilité.

                  En matière de réputation, les perceptions se forment rapidement. Une fois la confiance entamée, la restaurer est difficile.

                  Les caractéristiques d’une communication de crise efficace

                  Une communication de crise efficace est structurée et coordonnée. Elle repose d’abord sur une compréhension claire de ce qui est établi et de ce qui peut être communiqué. Reconnaître rapidement les faits, sans spéculation, renforce la crédibilité. L’exagération crée un risque. L’évitement suscite la suspicion.

                  Les décisions donnent de la force aux messages. Des évolutions de politiques internes, des mesures prises par la direction ou la nomination d’un enquêteur indépendant ont plus d’impact qu’un langage soigneusement calibré.

                  La structure est essentielle : un porte-parole unique ; des orientations internes claires ; un alignement entre la direction, les conseils juridiques et les conseils en communication. Sans cet alignement, même des décisions pertinentes peuvent paraître incertaines.

                  Surtout, l’institution doit primer. Les stratégies perçues comme visant à protéger une personne au détriment du cabinet échouent généralement. Le risque est particulièrement élevé lorsque des figures dirigeantes sont impliquées. Les allégations visant des associés seniors font l’objet d’un examen renforcé et permettent de vérifier si les standards de la firme sont appliqués de manière cohérente ou uniquement lorsqu’ils servent les intérêts du cabinet.

                  En externe, l’accent doit porter sur les processus et les mécanismes de contrôle plutôt que sur des éléments factuels contestés. En interne, la communication doit limiter les spéculations tout en respectant la confidentialité. L’objectif est de démontrer que les standards du cabinet s’appliquent de manière constante.

                  À défaut, le doute s’installe.

                  La crise: un test de communication

                  Toute crise devient, en définitive, un test de communication.

                  La nature du problème initial compte. Mais la manière dont la direction réagit et l’alignement entre le message et les actions prises sont déterminants.

                  Les cabinets qui répondent avec clarté, équité et coordination ont davantage de chances de préserver la confiance, même dans des situations graves. Ceux qui réagissent lentement ou de manière inégale prolongent la controverse et aggravent l’atteinte à leur réputation.

                  La communication de crise ne relève pas de la mise en scène. Elle vise à protéger la crédibilité sous pression, le cœur même de l’activité d’un cabinet.

                  Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

                  Why Legal Risk Management Needs a Financial Metric

                  Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

                  That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

                  Legal Risk as Value-at-Risk

                  Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

                  “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

                  Therefore, we should consider that legal risk rarely appears as a « fixed impact if it happens, » and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

                  Expected legal loss (per period) = expected frequency x expected severity

                  This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

                  Introducing Return on Legal (ROL)

                  Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

                  A definition could be expressed as follows:

                  ROL - Legalmondo

                  When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

                  Measuring ROL: Retrospective vs. Forward-Looking

                  A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

                  First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

                  To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

                  Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

                  Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

                  Let’s make an example of how ROL works

                  Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly « pre-litigation” escalations that still took months and used up a lot of internal resources.

                  A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

                  ROL Implementation: Keep It Lean and Actionable

                  ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

                  A practical starting point is to pull together three streams of information:

                  • historical disputes and their total cost;
                  • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
                  • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

                  Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

                  Turning ROL Into a Decision Tool

                  Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

                  Conclusion

                  Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

                  For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

                  Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

                  I can think of three areas where the legal advisor and the executive coach meet:

                  1. The relationship with the client. Listen carefully before advising.

                  Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

                  1. Negotiation and mediation.

                  In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

                  1. Accompanying processes of change in the client and their organisation

                  The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

                  In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

                  The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

                  In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

                  There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

                  Man in the Middle scam: how it works

                  This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

                  • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
                  • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
                  • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

                   

                  This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

                  The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

                  The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

                  Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

                  The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

                  The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

                  This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

                  In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

                  The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

                  Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

                  In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

                  In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that « if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

                  It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that « the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage. »

                  Regulation (EU) 2024/886: a paradigm shift

                  And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

                  The new features of this regulation are

                  • mandatory application to all instant transfers within the SEPA area,
                  • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
                  • increased liability for financial institutions in the event of fraud or error due to lack of verification.

                  In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

                  This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

                  In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

                  In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

                  “He out… or me out”

                  In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

                  Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

                  At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

                  The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

                  What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

                  Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

                  While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

                  In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

                  Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

                  It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

                  The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

                  The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

                  Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

                  You no longer represent our company’, which may be evidence that you did so before.

                  As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

                  You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

                  The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

                  Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

                  You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

                  We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

                  From this moment on, orders will be handled by X’, which also confirms a type of relationship.

                   

                  In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

                  Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

                  This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

                  Scope and admissibility under Dutch law

                  The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

                  In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

                  Filing and language requirements

                  EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

                  Procedure and enforcement

                  If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

                  In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

                  Benefits and considerations

                  From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

                  Conclusion

                  The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

                  Angel Iglesias Molero

                  Domaines d'intervention

                  • Intelligence artificielle
                  • Contrats
                  • Entreprise
                  • Investissements
                  • Start-up
                  Contact Angel

                  Écrire à Angel





                    Lire la politique de confidentialité de Legalmondo.
                    Ce site est protégé par reCAPTCHA et les règles de confidentialité et les conditions d'utilisation de Google s'appliquent.