Spain | Franchising, Theory Of Risk and Guarantees By Franchisee

15 de Maio, 2026

  • Espanha
  • Distribuição
  • Contencioso

Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

In this way, the objection based on the theory of known risk would not come into play.

Trust is the only thing a law firm sells.

It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

The Added Complexity Facing Modern Firms

Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

Where Law Firm Crises Begin

Most law firm crises originate in one of three areas:

  1. Individual behaviour
  2. Client-related risk
  3. Systemic issues within the firm itself

Individual misconduct is usually the most visible.

Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

Client-related crises are often the most difficult to navigate publicly.

Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

Systemic and cultural issues present a different communications risk.

Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

* * *

Where Law Firm Crisis Communications Often Falters

Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

What Effective Law Firm Crisis Communications Looks Like

Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

Anything less invites doubt.

Crisis as a Communications Test

Every crisis ultimately becomes a communications test.

The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

Why Legal Risk Management Needs a Financial Metric

Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

Legal Risk as Value-at-Risk

Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

“Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

Expected legal loss (per period) = expected frequency x expected severity

This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

Introducing Return on Legal (ROL)

Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

A definition could be expressed as follows:

ROL - Legalmondo

When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

Measuring ROL: Retrospective vs. Forward-Looking

A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

Let’s make an example of how ROL works

Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

ROL Implementation: Keep It Lean and Actionable

ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

A practical starting point is to pull together three streams of information:

  • historical disputes and their total cost;
  • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
  • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

Turning ROL Into a Decision Tool

Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

Conclusion

Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

I can think of three areas where the legal advisor and the executive coach meet:

  1. The relationship with the client. Listen carefully before advising.

Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

  1. Negotiation and mediation.

In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

  1. Accompanying processes of change in the client and their organisation

The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

Man in the Middle scam: how it works

This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

  • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
  • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
  • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

 

This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

Regulation (EU) 2024/886: a paradigm shift

And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

The new features of this regulation are

  • mandatory application to all instant transfers within the SEPA area,
  • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
  • increased liability for financial institutions in the event of fraud or error due to lack of verification.

In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

“He out… or me out”

In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

You no longer represent our company’, which may be evidence that you did so before.

As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

From this moment on, orders will be handled by X’, which also confirms a type of relationship.

 

In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

Scope and admissibility under Dutch law

The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

Filing and language requirements

EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

Procedure and enforcement

If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

Benefits and considerations

From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

Conclusion

The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

Javier Gaspar

Áreas de prática

  • Arbitragem
  • Distribuição
  • Franchising
  • Contencioso
  • Desporto
Contato Javier

Scrivi a Javier





    Read the privacy policy of Legalmondo.
    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Crisis Management for Law Firms

    26 de Fevereiro, 2026

    • Canadá
    • Conformidade
    • Contencioso
    • Crime de colarinho branco

    Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

    Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

    In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

    The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

    With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

    In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

    The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

    This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

    However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

    Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

    The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

    In this way, the objection based on the theory of known risk would not come into play.

    Trust is the only thing a law firm sells.

    It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

    What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

    Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

    The Added Complexity Facing Modern Firms

    Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

    When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

    Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

    Where Law Firm Crises Begin

    Most law firm crises originate in one of three areas:

    1. Individual behaviour
    2. Client-related risk
    3. Systemic issues within the firm itself

    Individual misconduct is usually the most visible.

    Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

    Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

    Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

    The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

    Client-related crises are often the most difficult to navigate publicly.

    Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

    Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

    Systemic and cultural issues present a different communications risk.

    Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

    What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

    * * *

    Where Law Firm Crisis Communications Often Falters

    Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

    The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

    Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

    In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

    What Effective Law Firm Crisis Communications Looks Like

    Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

    Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

    Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

    Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

    Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

    Anything less invites doubt.

    Crisis as a Communications Test

    Every crisis ultimately becomes a communications test.

    The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

    Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

    Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

    Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

    Why Legal Risk Management Needs a Financial Metric

    Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

    That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

    Legal Risk as Value-at-Risk

    Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

    “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

    Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

    Expected legal loss (per period) = expected frequency x expected severity

    This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

    Introducing Return on Legal (ROL)

    Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

    A definition could be expressed as follows:

    ROL - Legalmondo

    When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

    Measuring ROL: Retrospective vs. Forward-Looking

    A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

    First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

    To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

    Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

    Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

    Let’s make an example of how ROL works

    Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

    A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

    ROL Implementation: Keep It Lean and Actionable

    ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

    A practical starting point is to pull together three streams of information:

    • historical disputes and their total cost;
    • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
    • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

    Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

    Turning ROL Into a Decision Tool

    Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

    Conclusion

    Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

    For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

    Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

    I can think of three areas where the legal advisor and the executive coach meet:

    1. The relationship with the client. Listen carefully before advising.

    Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

    1. Negotiation and mediation.

    In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

    1. Accompanying processes of change in the client and their organisation

    The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

    In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

    The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

    In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

    There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

    Man in the Middle scam: how it works

    This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

    • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
    • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
    • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

     

    This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

    The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

    The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

    Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

    The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

    The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

    This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

    In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

    The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

    Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

    In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

    In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

    It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

    Regulation (EU) 2024/886: a paradigm shift

    And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

    The new features of this regulation are

    • mandatory application to all instant transfers within the SEPA area,
    • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
    • increased liability for financial institutions in the event of fraud or error due to lack of verification.

    In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

    This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

    In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

    In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

    “He out… or me out”

    In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

    Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

    At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

    The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

    What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

    Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

    While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

    In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

    Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

    It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

    The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

    The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

    Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

    You no longer represent our company’, which may be evidence that you did so before.

    As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

    You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

    The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

    Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

    You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

    We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

    From this moment on, orders will be handled by X’, which also confirms a type of relationship.

     

    In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

    Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

    This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

    Scope and admissibility under Dutch law

    The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

    In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

    Filing and language requirements

    EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

    Procedure and enforcement

    If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

    In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

    Benefits and considerations

    From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

    Conclusion

    The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

    Larry Markowitz

    Áreas de prática

    • Empresa
    • Capital de risco
    • Arranque
    Contato Larry

    Scrivi a Larry





      Read the privacy policy of Legalmondo.
      This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

      Managing Lawsuit Risk: A Budgeting Framework for Legal Costs

      19 de Fevereiro, 2026

      • Itália
      • Contratos
      • Contencioso

      Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

      Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

      In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

      The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

      With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

      In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

      The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

      This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

      However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

      Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

      The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

      In this way, the objection based on the theory of known risk would not come into play.

      Trust is the only thing a law firm sells.

      It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

      What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

      Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

      The Added Complexity Facing Modern Firms

      Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

      When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

      Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

      Where Law Firm Crises Begin

      Most law firm crises originate in one of three areas:

      1. Individual behaviour
      2. Client-related risk
      3. Systemic issues within the firm itself

      Individual misconduct is usually the most visible.

      Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

      Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

      Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

      The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

      Client-related crises are often the most difficult to navigate publicly.

      Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

      Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

      Systemic and cultural issues present a different communications risk.

      Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

      What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

      * * *

      Where Law Firm Crisis Communications Often Falters

      Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

      The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

      Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

      In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

      What Effective Law Firm Crisis Communications Looks Like

      Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

      Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

      Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

      Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

      Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

      Anything less invites doubt.

      Crisis as a Communications Test

      Every crisis ultimately becomes a communications test.

      The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

      Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

      Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

      Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

      Why Legal Risk Management Needs a Financial Metric

      Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

      That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

      Legal Risk as Value-at-Risk

      Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

      “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

      Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

      Expected legal loss (per period) = expected frequency x expected severity

      This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

      Introducing Return on Legal (ROL)

      Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

      A definition could be expressed as follows:

      ROL - Legalmondo

      When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

      Measuring ROL: Retrospective vs. Forward-Looking

      A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

      First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

      To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

      Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

      Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

      Let’s make an example of how ROL works

      Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

      A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

      ROL Implementation: Keep It Lean and Actionable

      ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

      A practical starting point is to pull together three streams of information:

      • historical disputes and their total cost;
      • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
      • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

      Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

      Turning ROL Into a Decision Tool

      Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

      Conclusion

      Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

      For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

      Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

      I can think of three areas where the legal advisor and the executive coach meet:

      1. The relationship with the client. Listen carefully before advising.

      Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

      1. Negotiation and mediation.

      In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

      1. Accompanying processes of change in the client and their organisation

      The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

      In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

      The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

      In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

      There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

      Man in the Middle scam: how it works

      This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

      • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
      • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
      • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

       

      This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

      The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

      The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

      Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

      The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

      The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

      This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

      In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

      The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

      Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

      In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

      In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

      It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

      Regulation (EU) 2024/886: a paradigm shift

      And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

      The new features of this regulation are

      • mandatory application to all instant transfers within the SEPA area,
      • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
      • increased liability for financial institutions in the event of fraud or error due to lack of verification.

      In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

      This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

      In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

      In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

      “He out… or me out”

      In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

      Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

      At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

      The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

      What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

      Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

      While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

      In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

      Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

      It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

      The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

      The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

      Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

      You no longer represent our company’, which may be evidence that you did so before.

      As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

      You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

      The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

      Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

      You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

      We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

      From this moment on, orders will be handled by X’, which also confirms a type of relationship.

       

      In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

      Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

      This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

      Scope and admissibility under Dutch law

      The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

      In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

      Filing and language requirements

      EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

      Procedure and enforcement

      If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

      In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

      Benefits and considerations

      From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

      Conclusion

      The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

      Roberto Luzi Crivellini

      Áreas de prática

      • Arbitragem
      • Distribuição
      • Comércio internacional
      • Contencioso
      • Imobiliário
      Contato Roberto

      Scrivi a Roberto





        Read the privacy policy of Legalmondo.
        This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

        The lawyer-coach: a new way of practising

        23 de Dezembro, 2025

        • Espanha
        • Resolução alternativa de litígios
        • Contratos
        • Contencioso

        Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

        Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

        In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

        The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

        With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

        In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

        The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

        This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

        However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

        Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

        The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

        In this way, the objection based on the theory of known risk would not come into play.

        Trust is the only thing a law firm sells.

        It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

        What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

        Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

        The Added Complexity Facing Modern Firms

        Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

        When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

        Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

        Where Law Firm Crises Begin

        Most law firm crises originate in one of three areas:

        1. Individual behaviour
        2. Client-related risk
        3. Systemic issues within the firm itself

        Individual misconduct is usually the most visible.

        Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

        Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

        Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

        The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

        Client-related crises are often the most difficult to navigate publicly.

        Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

        Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

        Systemic and cultural issues present a different communications risk.

        Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

        What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

        * * *

        Where Law Firm Crisis Communications Often Falters

        Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

        The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

        Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

        In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

        What Effective Law Firm Crisis Communications Looks Like

        Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

        Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

        Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

        Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

        Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

        Anything less invites doubt.

        Crisis as a Communications Test

        Every crisis ultimately becomes a communications test.

        The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

        Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

        Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

        Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

        Why Legal Risk Management Needs a Financial Metric

        Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

        That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

        Legal Risk as Value-at-Risk

        Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

        “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

        Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

        Expected legal loss (per period) = expected frequency x expected severity

        This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

        Introducing Return on Legal (ROL)

        Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

        A definition could be expressed as follows:

        ROL - Legalmondo

        When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

        Measuring ROL: Retrospective vs. Forward-Looking

        A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

        First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

        To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

        Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

        Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

        Let’s make an example of how ROL works

        Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

        A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

        ROL Implementation: Keep It Lean and Actionable

        ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

        A practical starting point is to pull together three streams of information:

        • historical disputes and their total cost;
        • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
        • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

        Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

        Turning ROL Into a Decision Tool

        Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

        Conclusion

        Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

        For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

        Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

        I can think of three areas where the legal advisor and the executive coach meet:

        1. The relationship with the client. Listen carefully before advising.

        Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

        1. Negotiation and mediation.

        In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

        1. Accompanying processes of change in the client and their organisation

        The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

        In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

        The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

        In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

        There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

        Man in the Middle scam: how it works

        This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

        • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
        • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
        • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

         

        This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

        The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

        The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

        Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

        The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

        The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

        This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

        In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

        The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

        Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

        In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

        In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

        It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

        Regulation (EU) 2024/886: a paradigm shift

        And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

        The new features of this regulation are

        • mandatory application to all instant transfers within the SEPA area,
        • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
        • increased liability for financial institutions in the event of fraud or error due to lack of verification.

        In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

        This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

        In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

        In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

        “He out… or me out”

        In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

        Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

        At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

        The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

        What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

        Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

        While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

        In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

        Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

        It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

        The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

        The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

        Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

        You no longer represent our company’, which may be evidence that you did so before.

        As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

        You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

        The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

        Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

        You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

        We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

        From this moment on, orders will be handled by X’, which also confirms a type of relationship.

         

        In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

        Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

        This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

        Scope and admissibility under Dutch law

        The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

        In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

        Filing and language requirements

        EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

        Procedure and enforcement

        If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

        In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

        Benefits and considerations

        From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

        Conclusion

        The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

        Ignacio Alonso

        Áreas de prática

        • Agência
        • Empresa
        • Distribuição
        • Franchising
        Contato Ignacio

        Scrivi a Ignacio





          Read the privacy policy of Legalmondo.
          This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

          Spain – Man in the Middle fraud and EU Regulation 2024/886: a paradigm shift

          3 de Novembro, 2025

          • Espanha
          • Banca
          • Financiamento e títulos
          • Contencioso

          Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

          Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

          In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

          The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

          With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

          In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

          The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

          This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

          However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

          Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

          The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

          In this way, the objection based on the theory of known risk would not come into play.

          Trust is the only thing a law firm sells.

          It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

          What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

          Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

          The Added Complexity Facing Modern Firms

          Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

          When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

          Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

          Where Law Firm Crises Begin

          Most law firm crises originate in one of three areas:

          1. Individual behaviour
          2. Client-related risk
          3. Systemic issues within the firm itself

          Individual misconduct is usually the most visible.

          Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

          Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

          Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

          The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

          Client-related crises are often the most difficult to navigate publicly.

          Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

          Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

          Systemic and cultural issues present a different communications risk.

          Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

          What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

          * * *

          Where Law Firm Crisis Communications Often Falters

          Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

          The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

          Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

          In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

          What Effective Law Firm Crisis Communications Looks Like

          Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

          Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

          Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

          Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

          Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

          Anything less invites doubt.

          Crisis as a Communications Test

          Every crisis ultimately becomes a communications test.

          The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

          Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

          Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

          Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

          Why Legal Risk Management Needs a Financial Metric

          Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

          That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

          Legal Risk as Value-at-Risk

          Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

          “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

          Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

          Expected legal loss (per period) = expected frequency x expected severity

          This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

          Introducing Return on Legal (ROL)

          Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

          A definition could be expressed as follows:

          ROL - Legalmondo

          When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

          Measuring ROL: Retrospective vs. Forward-Looking

          A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

          First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

          To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

          Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

          Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

          Let’s make an example of how ROL works

          Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

          A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

          ROL Implementation: Keep It Lean and Actionable

          ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

          A practical starting point is to pull together three streams of information:

          • historical disputes and their total cost;
          • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
          • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

          Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

          Turning ROL Into a Decision Tool

          Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

          Conclusion

          Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

          For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

          Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

          I can think of three areas where the legal advisor and the executive coach meet:

          1. The relationship with the client. Listen carefully before advising.

          Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

          1. Negotiation and mediation.

          In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

          1. Accompanying processes of change in the client and their organisation

          The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

          In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

          The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

          In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

          There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

          Man in the Middle scam: how it works

          This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

          • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
          • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
          • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

           

          This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

          The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

          The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

          Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

          The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

          The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

          This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

          In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

          The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

          Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

          In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

          In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

          It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

          Regulation (EU) 2024/886: a paradigm shift

          And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

          The new features of this regulation are

          • mandatory application to all instant transfers within the SEPA area,
          • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
          • increased liability for financial institutions in the event of fraud or error due to lack of verification.

          In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

          This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

          In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

          In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

          “He out… or me out”

          In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

          Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

          At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

          The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

          What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

          Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

          While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

          In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

          Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

          It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

          The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

          The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

          Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

          You no longer represent our company’, which may be evidence that you did so before.

          As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

          You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

          The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

          Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

          You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

          We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

          From this moment on, orders will be handled by X’, which also confirms a type of relationship.

           

          In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

          Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

          This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

          Scope and admissibility under Dutch law

          The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

          In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

          Filing and language requirements

          EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

          Procedure and enforcement

          If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

          In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

          Benefits and considerations

          From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

          Conclusion

          The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

          Javier Gaspar

          Áreas de prática

          • Arbitragem
          • Distribuição
          • Franchising
          • Contencioso
          • Desporto
          Contato Javier

          Scrivi a Javier





            Read the privacy policy of Legalmondo.
            This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

            The New Dutch Shareholder Dispute Resolution Scheme

            22 de Outubro, 2025

            • Países Baixos
            • Empresa
            • Contencioso

            Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

            Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

            In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

            The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

            With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

            In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

            The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

            This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

            However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

            Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

            The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

            In this way, the objection based on the theory of known risk would not come into play.

            Trust is the only thing a law firm sells.

            It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

            What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

            Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

            The Added Complexity Facing Modern Firms

            Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

            When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

            Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

            Where Law Firm Crises Begin

            Most law firm crises originate in one of three areas:

            1. Individual behaviour
            2. Client-related risk
            3. Systemic issues within the firm itself

            Individual misconduct is usually the most visible.

            Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

            Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

            Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

            The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

            Client-related crises are often the most difficult to navigate publicly.

            Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

            Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

            Systemic and cultural issues present a different communications risk.

            Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

            What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

            * * *

            Where Law Firm Crisis Communications Often Falters

            Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

            The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

            Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

            In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

            What Effective Law Firm Crisis Communications Looks Like

            Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

            Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

            Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

            Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

            Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

            Anything less invites doubt.

            Crisis as a Communications Test

            Every crisis ultimately becomes a communications test.

            The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

            Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

            Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

            Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

            Why Legal Risk Management Needs a Financial Metric

            Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

            That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

            Legal Risk as Value-at-Risk

            Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

            “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

            Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

            Expected legal loss (per period) = expected frequency x expected severity

            This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

            Introducing Return on Legal (ROL)

            Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

            A definition could be expressed as follows:

            ROL - Legalmondo

            When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

            Measuring ROL: Retrospective vs. Forward-Looking

            A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

            First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

            To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

            Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

            Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

            Let’s make an example of how ROL works

            Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

            A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

            ROL Implementation: Keep It Lean and Actionable

            ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

            A practical starting point is to pull together three streams of information:

            • historical disputes and their total cost;
            • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
            • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

            Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

            Turning ROL Into a Decision Tool

            Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

            Conclusion

            Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

            For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

            Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

            I can think of three areas where the legal advisor and the executive coach meet:

            1. The relationship with the client. Listen carefully before advising.

            Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

            1. Negotiation and mediation.

            In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

            1. Accompanying processes of change in the client and their organisation

            The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

            In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

            The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

            In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

            There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

            Man in the Middle scam: how it works

            This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

            • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
            • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
            • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

             

            This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

            The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

            The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

            Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

            The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

            The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

            This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

            In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

            The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

            Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

            In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

            In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

            It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

            Regulation (EU) 2024/886: a paradigm shift

            And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

            The new features of this regulation are

            • mandatory application to all instant transfers within the SEPA area,
            • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
            • increased liability for financial institutions in the event of fraud or error due to lack of verification.

            In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

            This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

            In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

            In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

            “He out… or me out”

            In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

            Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

            At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

            The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

            What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

            Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

            While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

            In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

            Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

            It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

            The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

            The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

            Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

            You no longer represent our company’, which may be evidence that you did so before.

            As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

            You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

            The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

            Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

            You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

            We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

            From this moment on, orders will be handled by X’, which also confirms a type of relationship.

             

            In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

            Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

            This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

            Scope and admissibility under Dutch law

            The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

            In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

            Filing and language requirements

            EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

            Procedure and enforcement

            If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

            In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

            Benefits and considerations

            From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

            Conclusion

            The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

            Hein van Woensel

            Áreas de prática

            • Contratos
            • Empresa
            • Contencioso
            • M&A
            Contato Hein

            Scrivi a Hein





              Read the privacy policy of Legalmondo.
              This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

              Agency and distribution agreements. Phrases to avoid when ending a business relationship without a written contract

              11 de Outubro, 2025

              • Espanha
              • Sem categoria
              • Contratos
              • Distribuição
              • Contencioso

              Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

              Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

              In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

              The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

              With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

              In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

              The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

              This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

              However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

              Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

              The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

              In this way, the objection based on the theory of known risk would not come into play.

              Trust is the only thing a law firm sells.

              It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

              What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

              Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

              The Added Complexity Facing Modern Firms

              Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

              When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

              Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

              Where Law Firm Crises Begin

              Most law firm crises originate in one of three areas:

              1. Individual behaviour
              2. Client-related risk
              3. Systemic issues within the firm itself

              Individual misconduct is usually the most visible.

              Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

              Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

              Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

              The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

              Client-related crises are often the most difficult to navigate publicly.

              Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

              Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

              Systemic and cultural issues present a different communications risk.

              Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

              What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

              * * *

              Where Law Firm Crisis Communications Often Falters

              Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

              The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

              Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

              In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

              What Effective Law Firm Crisis Communications Looks Like

              Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

              Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

              Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

              Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

              Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

              Anything less invites doubt.

              Crisis as a Communications Test

              Every crisis ultimately becomes a communications test.

              The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

              Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

              Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

              Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

              Why Legal Risk Management Needs a Financial Metric

              Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

              That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

              Legal Risk as Value-at-Risk

              Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

              “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

              Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

              Expected legal loss (per period) = expected frequency x expected severity

              This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

              Introducing Return on Legal (ROL)

              Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

              A definition could be expressed as follows:

              ROL - Legalmondo

              When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

              Measuring ROL: Retrospective vs. Forward-Looking

              A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

              First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

              To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

              Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

              Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

              Let’s make an example of how ROL works

              Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

              A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

              ROL Implementation: Keep It Lean and Actionable

              ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

              A practical starting point is to pull together three streams of information:

              • historical disputes and their total cost;
              • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
              • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

              Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

              Turning ROL Into a Decision Tool

              Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

              Conclusion

              Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

              For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

              Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

              I can think of three areas where the legal advisor and the executive coach meet:

              1. The relationship with the client. Listen carefully before advising.

              Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

              1. Negotiation and mediation.

              In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

              1. Accompanying processes of change in the client and their organisation

              The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

              In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

              The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

              In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

              There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

              Man in the Middle scam: how it works

              This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

              • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
              • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
              • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

               

              This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

              The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

              The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

              Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

              The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

              The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

              This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

              In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

              The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

              Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

              In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

              In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

              It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

              Regulation (EU) 2024/886: a paradigm shift

              And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

              The new features of this regulation are

              • mandatory application to all instant transfers within the SEPA area,
              • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
              • increased liability for financial institutions in the event of fraud or error due to lack of verification.

              In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

              This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

              In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

              In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

              “He out… or me out”

              In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

              Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

              At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

              The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

              What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

              Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

              While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

              In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

              Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

              It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

              The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

              The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

              Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

              You no longer represent our company’, which may be evidence that you did so before.

              As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

              You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

              The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

              Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

              You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

              We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

              From this moment on, orders will be handled by X’, which also confirms a type of relationship.

               

              In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

              Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

              This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

              Scope and admissibility under Dutch law

              The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

              In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

              Filing and language requirements

              EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

              Procedure and enforcement

              If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

              In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

              Benefits and considerations

              From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

              Conclusion

              The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

              Ignacio Alonso

              Áreas de prática

              • Agência
              • Empresa
              • Distribuição
              • Franchising
              Contato Ignacio

              Scrivi a Ignacio





                Read the privacy policy of Legalmondo.
                This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

                Netherlands | The European Payment Order

                7 de Julho, 2025

                • Países Baixos
                • Contencioso

                Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

                Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

                In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

                The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

                With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

                In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

                The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

                This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

                However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

                Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

                The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

                In this way, the objection based on the theory of known risk would not come into play.

                Trust is the only thing a law firm sells.

                It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

                What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

                Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

                The Added Complexity Facing Modern Firms

                Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

                When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

                Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

                Where Law Firm Crises Begin

                Most law firm crises originate in one of three areas:

                1. Individual behaviour
                2. Client-related risk
                3. Systemic issues within the firm itself

                Individual misconduct is usually the most visible.

                Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

                Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

                Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

                The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

                Client-related crises are often the most difficult to navigate publicly.

                Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

                Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

                Systemic and cultural issues present a different communications risk.

                Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

                What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

                * * *

                Where Law Firm Crisis Communications Often Falters

                Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

                The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

                Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

                In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

                What Effective Law Firm Crisis Communications Looks Like

                Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

                Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

                Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

                Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

                Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

                Anything less invites doubt.

                Crisis as a Communications Test

                Every crisis ultimately becomes a communications test.

                The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

                Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

                Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

                Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

                Why Legal Risk Management Needs a Financial Metric

                Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

                That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

                Legal Risk as Value-at-Risk

                Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

                “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

                Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

                Expected legal loss (per period) = expected frequency x expected severity

                This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

                Introducing Return on Legal (ROL)

                Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

                A definition could be expressed as follows:

                ROL - Legalmondo

                When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

                Measuring ROL: Retrospective vs. Forward-Looking

                A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

                First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

                To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

                Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

                Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

                Let’s make an example of how ROL works

                Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

                A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

                ROL Implementation: Keep It Lean and Actionable

                ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

                A practical starting point is to pull together three streams of information:

                • historical disputes and their total cost;
                • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
                • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

                Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

                Turning ROL Into a Decision Tool

                Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

                Conclusion

                Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

                For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

                Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

                I can think of three areas where the legal advisor and the executive coach meet:

                1. The relationship with the client. Listen carefully before advising.

                Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

                1. Negotiation and mediation.

                In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

                1. Accompanying processes of change in the client and their organisation

                The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

                In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

                The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

                In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

                There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

                Man in the Middle scam: how it works

                This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

                • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
                • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
                • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

                 

                This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

                The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

                The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

                Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

                The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

                The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

                This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

                In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

                The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

                Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

                In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

                In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

                It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

                Regulation (EU) 2024/886: a paradigm shift

                And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

                The new features of this regulation are

                • mandatory application to all instant transfers within the SEPA area,
                • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
                • increased liability for financial institutions in the event of fraud or error due to lack of verification.

                In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

                This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

                In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

                In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

                “He out… or me out”

                In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

                Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

                At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

                The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

                What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

                Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

                While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

                In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

                Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

                It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

                The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

                The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

                Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

                You no longer represent our company’, which may be evidence that you did so before.

                As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

                You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

                The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

                Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

                You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

                We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

                From this moment on, orders will be handled by X’, which also confirms a type of relationship.

                 

                In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

                Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

                This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

                Scope and admissibility under Dutch law

                The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

                In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

                Filing and language requirements

                EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

                Procedure and enforcement

                If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

                In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

                Benefits and considerations

                From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

                Conclusion

                The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

                Daan Folgering

                Áreas de prática

                • Arbitragem
                • Empresa
                • Cobrança de créditos
                • Contencioso
                • Crime de colarinho branco
                Contato Daan

                Scrivi a Daan





                  Read the privacy policy of Legalmondo.
                  This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

                  Spain | Appropriate Means of Non-Jurisdictional Dispute Resolution: A New Paradigm in Spanish Justice

                  5 de Junho, 2025

                  • Espanha
                  • Resolução alternativa de litígios
                  • Contencioso

                  Foreign franchisors entering into franchise agreements in Spain should take careful note of the content of the judgment issued by the Provincial Court of Córdoba on November 20, 2025, and require that the partner(s) and the directors of the franchisee company expressly guarantee and indemnify the payment of any debts arising from the franchise agreement.

                  Spanish corporate law establishes the principle of liability for the directors of corporations or limited liability companies when the company is subject to dissolution (for example, due to losses that reduce equity to less than 50% of the share capital) and, despite this, they fail to convene a meeting to adopt corrective measures (dissolution or capital increase).

                  In the case of the aforementioned ruling, the franchisor was unable to collect the debt arising from the franchise agreement from the franchisee due to the latter’s insolvency; so it decided to claim that debt from the company’s administrator based on the provision mentioned above, that is, due to the fact that the franchisee company was facing dissolution due to losses and the administrator had not convened a shareholders’ meeting, as was his obligation, so that the shareholders could decide how to resolve the situation.

                  The ruling we are discussing from the Court of Appeal of Córdoba upholds the lower court’s decision and dismisses the franchisor’s claim against the sole administrator of the franchisee company, stating that:

                  With regard to liability for corporate debts under Article 367 of the Capital Companies Act, the court recognised the existence of the corporate debts, the presence of grounds for dissolution, the breach of the legal obligations by the corporate administrator, and his liability, but found that a ground for exoneration from liability existed in accordance with the doctrine of “known risk.” Thus, it was noted that the plaintiff is a franchisor and X. S.L. was the franchisee, and it was evident from the electronic communications that the franchisee was under constant monitoring and the franchisor was aware of the risk involved in the operations, halting the shipment of goods (clothing) as soon as the limits of the guarantees granted were exceeded, meaning the plaintiff voluntarily assumed the risk. For all these reasons, the claim was dismissed.

                  In conclusion, and in light of the foregoing, the present franchise relationship and its conduct allow us to consider that it has been established that the franchisor (creditor) had greater knowledge of the franchisee’s (debtor’s) financial situation, beyond the information appearing in the annual accounts filed with the Commercial Registry, as it was the franchisee’s primary supplier. And this knowledge and control of the debt by the franchisor (through the increase in orders) justifies the exoneration of the corporate director’s liability for corporate debts under Article 367 of the Capital Companies Act, which leads to the dismissal of the appeal

                  The legal theory or principle of Known/Accepted Risk, to which the judgment refers, holds that harm caused to a third party, with or without a contractual relationship in place, is not considered unlawful if the victim was aware of the risk and voluntarily assumed it.

                  This doctrine was initially developed within the framework of tort liability: whoever engages in a risky activity and reaps its benefits must bear its negative consequences, that is, the risk—(cuius commodum, eius incommodum).

                  However, case law has extended the application of this theory to the field of contractual liability, as demonstrated in the judgment under discussion.

                  Therefore, since the plaintiff was aware of the defendant’s financial situation and solvency—having “monitored” its activity as a franchisor—and despite this, decided to maintain the contract’s validity, thereby increasing the debt, the ruling holds that the franchisor assumed the risk, which constituted grounds for exonerating the administrator from liability. However, more concerning than the above is that this “known risk” theory could be  considered applicable to the liability of the franchisee company itself, which could be exonerated from liability based on the franchisor’s monitoring of its activities.

                  The conclusion of all the above is that, based on this application of the known risk theory, franchisors may face difficulties in claiming debts owed by the franchisee company from its directors in the event of the company’s insolvency; therefore, it is highly advisable that, when signing the franchise agreement, a joint and several guarantee for the franchise’s potential future debts be required from its directors and partners, which, moreover, is a fairly standard practice.

                  In this way, the objection based on the theory of known risk would not come into play.

                  Trust is the only thing a law firm sells.

                  It takes years to build a reputation and minutes to damage it. In a crisis, that reality becomes visible. Client calls increase. Internal questions surface. Reporters start asking questions. Recruiters take note.

                  What begins as an individual lapse, a client controversy, or an internal weakness quickly becomes a communications test. How leadership responds, who speaks, and how consistently the message is delivered will determine how the firm is judged.

                  Crisis management in a law firm is not primarily a legal problem. It is a leadership problem, expressed through communication.

                  The Added Complexity Facing Modern Firms

                  Legal practice is more exposed than it was even a decade ago. Firms operate across jurisdictions and serve sophisticated clients. Expectations about transparency and accountability are not the same everywhere. What sounds careful in one jurisdiction can sound evasive in another.

                  When something goes wrong, reactions do not stay local. Clients, regulators, employees, and the media may all respond at the same time, often in different markets. If offices or practice groups answer differently, confusion grows and scrutiny increases.

                  Staying silent rarely helps. If the firm does not explain what is happening, it loses control of the narrative.

                  Where Law Firm Crises Begin

                  Most law firm crises originate in one of three areas:

                  1. Individual behaviour
                  2. Client-related risk
                  3. Systemic issues within the firm itself

                  Individual misconduct is usually the most visible.

                  Widely reported cases in recent years involving senior partners at major firms have followed a familiar pattern. An incident at a firm event is initially treated as isolated. Leadership hesitates, weighing relationships and reputational risk. Within weeks, the issue moves beyond the room. Focus shifts from the conduct itself to how the firm responded. What began as a behavioural issue becomes a test of leadership judgment.

                  Hesitation changes the narrative. Once that shift occurs, the firm is no longer addressing behaviour. It is defending its decision not to act.

                  Technology has created a different kind of exposure. Several firms have faced scrutiny after courts or opposing counsel identified AI-generated citations that did not exist. Internally, the explanation was familiar. A junior lawyer relied on a tool. Supervision was assumed rather than confirmed. Externally, those details mattered far less than the perception that basic controls had failed.

                  The communications challenge is not explaining how the error occurred. It is addressing the confidence gap that follows. Courts and clients do not reward technical explanations when oversight appears weak.

                  Client-related crises are often the most difficult to navigate publicly.

                  Firms may believe that engagement letters create a buffer between client and firm. In practice, when a client becomes controversial, that distance collapses. Media coverage rarely distinguishes between legal advice and endorsement. Once the firm’s name appears in the same headline, it becomes part of the story.

                  Communications strategy must reflect the fact that clients, regulators, employees, and journalists will interpret the situation through different lenses. A single message rarely satisfies all of them.

                  Systemic and cultural issues present a different communications risk.

                  Pay disparities, unclear promotion criteria, tolerance of poor behaviour, or weak reporting channels often develop over time. When lawyers leave and speak openly about their experiences, internal issues become external narratives. Culture becomes part of the firm’s public identity.

                  What a firm can say credibly in a crisis depends on what it has done consistently before one. Reputation limits the range of believable responses.

                  * * *

                  Where Law Firm Crisis Communications Often Falters

                  Lawyers are trained to be careful and precise. That is usually a strength. However, in a crisis, it can backfire. Statements may be technically accurate, but they leave obvious questions unanswered.

                  The pattern is familiar. A carefully worded statement is released. Reporters and clients focus on what was not said. Follow-up questions arrive. Another clarification is issued. Each round keeps the story alive. What felt prudent inside the firm can look like hesitation from the outside.

                  Mixed messaging makes things worse. Different partners speak to different audiences. Offices respond on their own. Legal advice and communications advice are not aligned. The result is inconsistency, and inconsistency weakens credibility.

                  In a reputational crisis, people form views quickly. Once confidence slips, it is hard to rebuild.

                  What Effective Law Firm Crisis Communications Looks Like

                  Effective crisis communications is disciplined and coordinated. It begins with a clear understanding of what is known, what is not known, and what can responsibly be said. Acknowledging facts early, without speculation, builds credibility. Overstatement creates risk. Evasion creates suspicion.

                  Decisions reinforce messages. Policy changes, leadership actions, or the appointment of an independent investigator often carry more weight than carefully chosen language.

                  Structure matters. One spokesperson. Clear internal guidance. Alignment between leadership, legal counsel, and communications advisors. Without that alignment, even strong decisions can appear uncertain.

                  Above all, the institution must come first. Communications strategies that appear designed to protect a single individual at the expense of the firm tend to fail. That risk is greatest when senior figures are involved. Allegations concerning senior partners attract heightened scrutiny and test whether the firm’s standards apply consistently or only when convenient.

                  Externally, the focus should remain on process and oversight rather than contested detail. Internally, communication must reduce speculation while respecting confidentiality. The objective is to demonstrate that the firm’s standards apply consistently.

                  Anything less invites doubt.

                  Crisis as a Communications Test

                  Every crisis ultimately becomes a communications test.

                  The underlying issue matters. So does how leadership responds, how consistently it speaks, and whether actions align with words.

                  Firms that respond with clarity, fairness, and coordination are more likely to preserve trust, even in serious situations. Firms that respond slowly or unevenly often extend the story and deepen reputational harm.

                  Crisis communications is not about spin. It is about protecting credibility when it is under pressure. And for law firms, that credibility is the business.

                  Summary: The challenge with preventive legal work is that it’s difficult to justify in the corporate budget—especially in organizations lacking a strong culture of risk prevention and mitigation. This article offers a practical solution: applying a “value-at-risk” approach helps leadership understand why every euro spent on preventive legal assessment can prevent multiple euros in litigation costs, sanctions, business disruption, and avoidable losses. A simple Return on Legal (ROL) metric makes that value tangible by calculating avoided costs from past disputes and modeling the financial effects of potential future lawsuits.

                  Why Legal Risk Management Needs a Financial Metric

                  Most companies already invest in preparedness—just not consistently in legal. They run security drills, insure assets, addres civil and product liability, test business continuity plans, and model financial risk. However, legal risk is often overlooked and, when considered, remains in the “qualitative” bucket: high/medium/low, red/amber/green, or a list of concerns in a memo.

                  That becomes a problem when decisions are made. Budgets are approved in numbers, not adjectives. If companies want legal preparedness to be funded like business preparedness, they need a framework that decision-makers are already familiar with. That’s where applying a value-at-risk approach helps.

                  Legal Risk as Value-at-Risk

                  Value-at-Risk in finance asks a simple question: how severe could the downside be, and how often might it happen? Legal risk can be approached in a similar way by considering two factors: the likelihood of an event (such as a claim, dispute, investigation, enforcement action, fine, lawsuit, or class action) and the impact if it occurs. Things can get very complicated, but for the sake of this article, a very simplified way to express it for a single- well defined, loss event might be:

                  “Total impact” is often underestimated when assessing legal risk. Direct legal costs are just one part of the picture. A dispute can consume leadership time, divert key teams from revenue-generating work, slow down delivery or product launches, damage supplier relationships, and cause customer hesitation. In other words, legal risk is often an operational risk with legal triggers.

                  Therefore, we should consider that legal risk rarely appears as a “fixed impact if it happens,” and the expected risk value often accumulates through the correlation of different factors. For example, one investigation can trigger follow-on lawsuits, a license can be revoked, a class-action can start, or enforcement can occur across multiple jurisdictions. If we want to account for this scenario (“how severe could the downside be and how frequently”), then the framework should involve a loss distribution over a period, which might look like this.

                  Expected legal loss (per period) = expected frequency x expected severity

                  This isn’t about finding the perfect formula. It’s about making legal exposure comparable to other risk areas where investment decisions are routinely supported with quantified downside.

                  Introducing Return on Legal (ROL)

                  Preventive legal work often goes unnoticed when it succeeds. When a contract dispute is avoided or a claim is settled early, there is no dramatic event—only the absence of damage. This is exactly why preventive advisory is often seen as a cost during budgeting: it appears more like an expense than an investment. A Return on Legal (ROL) metric addresses that gap by translating prevention into business results. In practical terms, ROL shows how much cost and disruption you save for every euro/dollar invested in legal risk assessment and prevention.

                  A definition could be expressed as follows:

                  ROL - Legalmondo

                  When considering avoided losses, one should factor in a projection over a period of time (e.g., 3 years), the probability of a claim (e.g., 10%), and a baseline frequency of disputes. From there, it’s easy to get lost in complex calculations that take many variables into account; my point is not to achieve perfect precision but to make a credible, quantifiable estimate that supports better decisions in legal risk assessment and budgeting.

                  Measuring ROL: Retrospective vs. Forward-Looking

                  A convincing ROL approach combines what companies already know from experience with what can reasonably be modeled going forward.

                  First, there is the backward-looking perspective: assessing costs based on past litigation and disputes. Most companies have at least a few cases that can serve as reference points. The task is to identify where earlier legal intervention could have minimized the likelihood of escalation or the severity once a matter arose. This could be something as simple as improved clauses that prevent a dispute from escalating, earlier involvement of external counsel leading to quicker settlements on better terms, or custom dispute resolution clauses that reduce discovery burdens and strengthen the negotiating position.

                  To estimate backward-looking ROL without overclaiming, we can set a baseline for “what happened” or what usually occurs when that type of risk materializes without intervention. Then, compare that baseline with the results achievable when preventive measures are in place. There’s no need to pretend we can calculate the exact euro value to the last cent. What we require is a defensible range, based on actual costs (fees, settlement amounts, internal time) and business impacts that can be reasonably estimated (delayed launches, downtime, diverted capacity).

                  Second, there is the forward-looking perspective: forecasting the financial impact of potential future lawsuits. This is where the value-at-risk approach proves powerful. Decision makers identify the most relevant exposure types for their business and develop scenarios for each—typically best case, base case, and worst case—then assign probability ranges. The simulation becomes more meaningful when they consider how specific preventive measures influence the model. Some actions decrease probability (for example, compliance controls and training). Others lessen impact (such as better contracts, liability limitation clauses, response protocols).

                  Many do both. In the end, leadership gets a quantified story: this prevention program lowers expected annual legal losses and reduces exposure to litigation-related damages. This mirrors the decision-making approach used in other preparedness and risk-management programs.

                  Let’s make an example of how ROL works

                  Imagine a business line where disputes often come from contract ambiguity and inconsistent negotiation practices. In the past, the company occasionally faced lawsuits or arbitration, but more frequently it dealt with costly “pre-litigation” escalations that still took months and used up a lot of internal resources.

                  A preventive program—featuring updated templates, negotiation playbooks, and targeted training—incurs a clear cost. From a value-at-risk perspective, you compare that expense to the expected loss without the program over a certain period: not only external fees and settlements but also the estimated operational impact of ongoing disputes. If the program decreases how often disputes escalate and accelerates resolution times, the avoided losses can quickly outweigh the preventive costs. That difference reflects what ROL captures in a way that leadership can act on.

                  ROL Implementation: Keep It Lean and Actionable

                  ROL does not require a perfect dataset on day one. What it needs is consistent categorization, conservative assumptions, and a commitment to improve the model over time. A practical starting point is to gather three streams of information: historical disputes and their total costs; recurring risk hotspots (such as contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, client disputes); and operational impact estimates that the business already uses in other contexts (like cost per hour of downtime, cost of delays, internal resource allocation).

                  A practical starting point is to pull together three streams of information:

                  • historical disputes and their total cost;
                  • recurring risk hotspots (contracting patterns, product or market launches, HR issues, data/privacy exposure, supplier disputes, clients disputes); and
                  • operational impact estimates that the business already uses in other contexts (cost per hour of downtime, cost of delays, internal resource allocation).

                  Where data is uncertain, ranges can be helpful. Managers can assign confidence levels and keep the model honest by using conservative estimates. Over time, the ROL model becomes more accurate as the company consistently tracks legal events and as prevention initiatives develop. The most important mindset shift is to treat legal as you would other risk functions: as a measurable way to minimize downside, not just a reactive cost center.

                  Turning ROL Into a Decision Tool

                  Once legal risk exposure can be expressed in value-at-risk terms, companies can prioritize legal work using the same logic as other investments: risk reduction per euro spent. This shifts the conversation from “Should we spend on prevention?” to “Where do we get the biggest reduction in expected loss and tail risk?” ROL also improves alignment with business teams. Instead of speaking in purely legal categories, it is possible to connect legal work to operational outcomes—fewer delays, fewer escalations, faster resolution, reduced management distraction, greater predictability in commercial relationships. Over time, this fosters a healthier operating rhythm: legal risk reviews transition from being ad hoc to becoming a routine part of preparedness, similar to finance risk reviews or security protocols assessments.

                  Conclusion

                  Applying a value-at-risk perspective to preparedness reveals legal risk in the language corporate leadership already uses to allocate resources. A Return on Legal (ROL) metric then makes preventive legal advice concrete by turning avoided costs and operational losses into measurable value. By combining evidence from past disputes with future-focused simulations of potential lawsuits, companies can build a credible, data-driven argument that every euro invested in legal risk assessment can prevent multiple euros in losses—and that prevention is not just a “nice to have,” but a vital part of operational resilience.

                  For more than 35 years as a commercial lawyer, I have seen how many of us, myself included, confused effective advice with immediate and exhaustive answers. Now I feel that the worlds of law and business are changing: it is not enough to know (more and more laws, more requirements, more contradictory rulings… and more noise), but rather to listen, accompany and facilitate decisions. And that is where acting also as an executive coach offers an extraordinarily useful framework.

                  Lawyers are expected to solve problems. Executive coaches, however, help others (within an ethical framework) to discover the answer for themselves. And this can be a source of enormous professional and client satisfaction. When clients are faced with a problem, they do not need a legal analysis, but rather clarity and perspective to decide… based on ‘their problem’, not ‘our solution’. Integrating executive coaching tools into our professional practice transforms legal conversations and advice into something more effective: a decision-making process in which we accompany the client from start to finish.

                  I can think of three areas where the legal advisor and the executive coach meet:

                  1. The relationship with the client. Listen carefully before advising.

                  Plutarch said that ‘listening well is the basis of living well’. And sometimes the client is not so much looking for an answer as for clarity in order to make a decision. Listening beyond what they say (and what they don’t say) allows us to understand what concerns them. A question can open up more avenues than a lecture, which will most likely leave them cold. When we listen without rushing and without bias, we create a space for reflection that helps clients to organise, prioritise and make meaningful decisions. Meaningful… for them.

                  1. Negotiation and mediation.

                  In these processes, we use coaching techniques to help defuse resistance and move from confrontation to understanding. The lawyer-coach facilitates the parties listening to each other and discovering what lies behind their demands. A negotiation can be unblocked when the other party is allowed to express themselves. Agreements cease to be mere transactions and become shared decisions, which are more stable and sustainable over time and less likely to be sources of conflict.

                  1. Accompanying processes of change in the client and their organisation

                  The lawyer-coach can become not only the drafter of the agreement but also the facilitator of change. They help those involved to understand what is at stake and align decisions with their values and objectives by managing resistance. The solicitor ceases to be a mere ‘provider’ of services (who is often only called upon at the end of the process) and becomes a partner in reflection.

                  In short, I perceive that today we are required to practise differently: less technical and more human, less reactive and more transformative. Coaching techniques help: conscious listening, constructive feedback, clarity of purpose… they allow us to better manage conflict, stress and uncertainty. Coaching, of course, does not replace the law, but rather broadens it and provides it with tools. Now, artificial intelligence (much faster and potentially much more comprehensive and exhaustive) is displacing us from our habits. Perhaps this allows us to glimpse that lawyers should not only be experts in rules, but also facilitators of difficult conversations, someone capable of combining analysis and empathy, precision and presence. Someone who understands that their value lies in helping their clients avoid conflicts or resolve them in the way that best suits them. And that is where the lawyer-coach has a lot to contribute.

                  The increase in so-called cybercrime in recent years is so significant that it requires strong legislative and judicial responses. Losses from online fraud in Europe exceed $100 billion, according to Nasdaq Ventures, of which $5 billion correspond to Spain.

                  In Spain, 192,375 cases of computer fraud were reported in 2019, but by 2023 this figure had risen to 427,448. According to the latest official data available, computer fraud accounts for 90.4% of all cybercrimes, with growth of 378% between 2016 and 2023.

                  There are many different types of computer fraud, and they are named in English (after all, the lingua franca of our time), including, among other ingenious methods used by skilled fraudsters, those with curious and amusing names (except for those who suffer from them) such as phishing, pharming, juice jacking, tabnabbing, bluesnarfing, catfishing, spoofing, vishing, smishing, whaling, carding, and the one we are interested in today, man in the middle (MITM).

                  Man in the Middle scam: how it works

                  This MITM fraud involves intercepting communications between two devices connected to a network, allowing the attacker to alter and divert messages exchanged between users. The fraudster intercepts a communication in which one user requests a payment from another and then modifies the IBAN of the bank account to which the transfer should be made in order to obtain the money. The process generally unfolds as follows:

                  • Without the company noticing, an attacker intercepts and manipulates an email, changing the IBAN number of the account to which the payment should be made.
                  • The cybercriminal impersonates the supplier, sending the message from an email address that is almost identical to the original, but with a slight alteration that is almost imperceptible.
                  • The receiving company, trusting the authenticity of the message, makes the transfer to the fraudulent account.

                   

                  This results in a transfer of assets to the detriment of the person ordering the transfer and in favor of the cyber thief, so that when the person ordering the transfer notices the error, their first reaction is to try to contact the receiving bank in the hope that the funds can be blocked in time. However, in most cases, the cybercriminal has been quicker: the money has already been transferred to another account or withdrawn, leaving little room for maneuvering, except for the initiation of legal proceedings, which we will discuss below.

                  The immediate question is what responsibility the bank that has received the transfer order from the deceived user and credits the cyber fraudster’s account with the amount in question has in cases where the payer identifies not only the (fraudulent) IBAN but also the name of the beneficiary of the payment order, which obviously does not match the name of the holder of the bank account receiving the funds.

                  The common-sense answer would be that the bank receiving the transfer should confirm that the holder of the account to which the funds are credited and the individual or entity identified as the beneficiary in the transfer order match; if this is not the case, it should suspend the payment and request clarification from the payer. However, this is not the case in light of EU legislation and its transposition into Spanish law, as we will see below.

                  Until October 9, the European banking system operated under the premise that the validity of a transfer was based exclusively on the correctness of the IBAN. In other words, if the account number was correct, the transaction was considered valid, even if the beneficiary’s name did not match. This practice has led to numerous cases of fraud, unintentional errors, and loss of funds, especially in instant transfers, where speed can compromise security.

                  The most reasonable option for the defrauded payer to recover their money is to sue the bank receiving the payment order (with which they have no contractual relationship) for non-contractual liability under Article 1124 of the Civil Code; in fact, criminal proceedings against the account holder, who is usually referred to in slang as a “mule,” do not usually have a satisfactory outcome, both because the bird usually flies away and because of its lack of solvency.

                  The case law of the Provincial Courts has been divided between rulings that strictly and faithfully applied Article 59 of Royal Decree-Law 19/2018 of November 23, on payment services and other urgent financial measures, dismissing the claims of those defrauded, and others in which arguments were sought under the premise of lack of diligence to condemn the bank to compensate the payer.

                  This has led to the establishment of quasi-objective liability for banks in relation to digital fraud, imposing a higher standard of diligence on them and transferring the risk inherent in online banking to them, except in cases of willful misconduct or gross negligence on the part of the customer. This line of reasoning, which has been developed from lower court rulings (AP Madrid 178/2015; AP Alicante 107/2018; AP Valencia 212/2021) to the Supreme Court itself (STS 571/2025, among others), is in line with the idea that it is up to the bank to prove that its systems were secure, up to date, and sufficient to prevent the crime from being committed.

                  In this context, the concept of bonus argentarius takes on renewed relevance. This is a principle that was included in Law 57/68 to protect home buyers in the real estate sector, but the Supreme Court has ruled on several occasions that it can also be applied to other financial investments. This means that, in the event of losses due to negligence on the part of the financial institution, the customer can file a claim under Law 57/68 and hold the institution liable.

                  The bonus argentarius is based on the presumption of fault on the part of the financial institution, which means that even if the customer has no concrete evidence of negligence, it is assumed due to the duty of care that the institution must exercise in the management of investments.

                  Based on this principle, the diligence required of financial professionals is not that of the average trader or pater familias, but that of a qualified expert who assumes the obligation to protect the funds entrusted to them by implementing “necessary and renewable” security mechanisms. This implies not only maintaining basic technical measures for enhanced authentication, but also proactively adopting internationally recognized anti-fraud solutions, such as name-IBAN verification (Confirmation of Payee or IBAN-Naam Check), which have proven effective in comparable jurisdictions.

                  In line with that doctrine and case law, it can be said that the omission of beneficiary verification measures today constitutes a breach of the contractual duty of diligence and good faith (Articles 1104 and 1258 of the Civil Code), giving rise to civil liability for the damage caused, such that MITM fraud cannot be considered a residual risk attributable to the customer, but rather a systemic security failure attributable to the financial institution, as the designer and custodian of the electronic payment channel.

                  In this state of affairs, the Supreme Court, in its recent ruling of March 27, 2025, opted for the alternative of strict application of Article 59, arguing that “if the payment service user provides additional information to that required (specification of the information or unique identifier that the payment service user must provide for the correct initiation or execution of a payment order), the payment service provider shall only be liable for the execution of payment transactions in accordance with the unique identifier provided by the payment service user… and that the liability of the payment service provider, both at Community and national level, is such that it fulfills its obligation by executing the payment transaction in accordance with the unique identifier, without the addition of further information implying a higher standard of diligence

                  It is true that, in conclusion, the Supreme Court offered a glimmer of hope to defrauded users when it stated that “the interpretation set out above does not exempt the payment service provider from liability when circumstances, unrelated to the provision of additional data, are found to have contributed to the defective execution of the transaction, either because an additional requirement or demand (e.g., the identification of the beneficiary), or because the payment service provider of the payer or the beneficiary had taken advantage of the error for their own benefit, or because, once the existence of the error had been communicated without delay, one or the other had not taken the measures required by the diligence of an expert trader to allow retroaction or, where appropriate, to minimize the damage.”

                  Regulation (EU) 2024/886: a paradigm shift

                  And in this scenario fraught with doubts, Regulation (EU) 2024/886 bursts onto the scene, representing a 180-degree turn and a paradigm shift: the new European Regulation, approved in April 2024 and coming into force on October 9, 2025, establishes a clear obligation for banks: they must verify that the name of the beneficiary provided by the payer matches the IBAN holder before executing an immediate transfer in euros.

                  The new features of this regulation are

                  • mandatory application to all instant transfers within the SEPA area,
                  • the new name matching system: if there is a discrepancy between the name and the IBAN, the bank must alert the customer before executing the transaction, and
                  • increased liability for financial institutions in the event of fraud or error due to lack of verification.

                  In short, the aim is to reduce the risk of fraud, protect consumers, and increase confidence in digital payments.

                  This means that Law 19/2018, which regulates payment services in Spain and does not require verification of the beneficiary’s identity, is now outdated, underscoring the need for a national legislative review to harmonize the legal framework with European requirements.

                  In conclusion, the obligation to verify the beneficiary of transfers represents a significant step forward in consumer protection and the fight against financial fraud. Regulation (EU) 2024/886 marks a turning point in banking operations, imposing an active responsibility on institutions to ensure the authenticity of transfers.

                  In any case, the question remains open regarding the solution to MITM frauds executed before October 9, 2025, and the responsibility of the banking institution. For the time being, the aforementioned Supreme Court ruling of March 27 closes the door to claims against banks, but it cannot be ruled out that the entry into force of Regulation 2024/886 and the paradigm shift will lead to a rethinking of the Supreme Court’s position in line with the quasi-objective liability that lower courts have been maintaining. We will have to wait and see, but such a change would be a great success for bank users who have suffered from this MITM fraud and all other types of cyber fraud.

                  “He out… or me out”

                  In the Netherlands, the legal landscape for resolving shareholder disputes has recently undergone a significant transformation. As of January 1, 2025, a new scheme—the so-called “geschillenregeling”—offers companies and shareholders a more practical and efficient way to address internal conflicts.

                  Shareholder conflicts are not unique to the Netherlands; they arise in companies everywhere, often because of unclear agreements, differing expectations, or personal tensions. Previously, Dutch law provided only lengthy and complex procedures, which sometimes made it impossible to reach a timely and effective solution. The new scheme changes this by introducing clear legal pathways for both majority and minority shareholders to break deadlocks and protect their interests.

                  At the heart of the new regulation is the theme “He out… or me out.” This phrase captures the essence of the two main legal actions now available. The first is the forced exit, where shareholders representing at least one-third of the company’s capital can ask the court – the Enterprise Chamber, known locally as the Ondernemingskamer – to force the departure of a shareholder whose conduct seriously harms the company. This conduct can include actions outside the formal role of shareholder, such as engaging in competing business activities.

                  The second route is the forced buyout, which allows a shareholder who has been seriously harmed by the actions of the other shareholders or by the company itself, to request to be bought out. In such cases, the court may order the remaining shareholders or the company to acquire the shares at a fair price.

                  What sets the Dutch approach apart is the speed and flexibility of the new procedure. Disputes are handled directly by the Enterprise Chamber, bypassing lower courts and reducing delays. Once the court decides on the merits of the case, the determination of the share price and the transfer of shares follow swiftly, with only one possible appeal to the Supreme Court. The court can also address related claims, such as damages or director liability, within the same procedure. To safeguard the company during the dispute, temporary measures – like suspension of voting rights or changes in management – can be imposed.

                  Determining the value of the shares is a crucial aspect of the process. Independent experts advise the court, taking into account all relevant circumstances and the parties’ agreements. The court is not bound by these opinions and can adjust the price if it would otherwise be manifestly unfair. If the value of the shares has been reduced by the departing shareholder’s conduct, the court may award additional compensation to the affected party.

                  While the new scheme provides robust dispute-resolution mechanisms, Dutch law also encourages companies to prevent such conflicts from arising in the first place. This is best achieved by drafting clear articles of association and shareholder agreements, covering matters such as voting rights, decision-making processes, restrictions on share transfers, and dispute resolution clauses. For international investors and business owners, seeking proactive legal advice is recommended when setting up or investing in Dutch entities.

                  In summary, the new Dutch shareholder dispute resolution scheme offers international businesses a reliable, efficient, and fair way to resolve internal conflicts. Whether you are a majority or minority shareholder, understanding your rights and options under Dutch law is crucial. If you are considering doing business in the Netherlands or facing a shareholder dispute, consulting a Dutch corporate lawyer will help ensure your interests are protected and your agreements are future-proof.

                  Should you wish to explore practical examples of dispute clauses or receive advice tailored to your situation, do not hesitate to reach out for expert guidance.

                  It is quite common for business relationships with agents or distributors to last for years without any signed documents. And be careful, because we know that a contract can exist even verbally.

                  The absence of a written contract will add difficulties in the event of a possible claim, so what you do between the decision to terminate, and the moment of the claim is very important. Remember: ‘anything you write will be used against you’.

                  The decision to terminate a business relationship is a very delicate moment to which, for some reason, solicitors are not invited. Here are some examples (all real) in which companies or employees with the best of intentions wrote to the agent/distributor. All of them were subsequently very damaging to the company:

                  Saying ‘We are terminating our business relationship’ when the strategy will be to argue that no such business relationship exists, but rather that there are separate and linked contracts (e.g., supply rather than ongoing distribution contract; very significant compensation consequences).

                  You no longer represent our company’, which may be evidence that you did so before.

                  As of day X, you may no longer act on behalf of our company,’ which would prove that you were previously able to act on its behalf.

                  You may not attend the X trade fair on our behalf.’ A way of confirming that the agent/distributor’s responsibilities included participating in trade fairs and probably accrediting the customers obtained.

                  The sales you promoted have been significantly reduced in year N.’ When there is no written contract or other form of documentation, imputing a breach of an obligation that is not clear can be counterproductive.

                  Saying ‘You are not actively promoting our products’ and then adding: ‘We urge you to stop promoting the sale of our products’.

                  You are no longer our exclusive representative’, which proves a type of relationship (representation/agent) and a tacit or express agreement (‘exclusivity’).

                  We have appointed another representative in your area’, which shows that the agent/distributor had an assigned area and was “representing”.

                  From this moment on, orders will be handled by X’, which also confirms a type of relationship.

                   

                  In summary: from the moment the company considers terminating a commercial relationship, especially when it is not in writing and before sending any letter, it is advisable to think carefully about the strategy in case of a possible claim. This is the best time to seek advice and avoid surprises. Any communication that is not in line with this strategy designed from the outset can only lead to confusion and problems.

                  Although established nearly two decades ago, the European Payment Order (“EPO”) remains relatively underutilized. Many practitioners across the EU are either unfamiliar with the instrument or overlook it in favour of domestic procedures. Yet, for uncontested cross-border monetary claims within the European Union, the EPO can be a highly efficient and cost-effective alternative.

                  This article outlines the EPO procedure from the perspective of Dutch law and practice. It highlights the practicalities of filing, enforcement, and the strategic considerations relevant to international creditors when dealing with debtors based in the Netherlands.

                  Scope and admissibility under Dutch law

                  The EPO is applicable in civil and commercial matters where at least one of the parties is domiciled in a different EU Member State. It is not available for revenue, customs, administrative, or insolvency matters.1 Dutch courts may issue or enforce an EPO if the Netherlands has jurisdiction under the relevant EU instruments, such as the Brussels I-bis Regulation.

                  In the Netherlands, the EPO procedure is primarily handled by the Kantonrechter (subdistrict court judge) or the civil chambers of the rechtbank (district court), depending on the amount in dispute. There is no requirement under Dutch law for the claimant to be represented by a lawyer, which reduces procedural costs. However, in practice, legal representation is often advisable, especially in cross-border matters.

                  Filing and language requirements

                  EPO applications must be filed using standard forms prescribed by the Regulation. These may be submitted in Dutch or English, as the Dutch judiciary accepts both. The forms are submitted to the centralized court in The Hague (Rechtbank Den Haag), which is designated as the competent court for EPO filings in the Netherlands.

                  Procedure and enforcement

                  If the court finds the application admissible and the claim well-founded, it issues a European Payment Order typically within 30 days. The defendant then has 30 days to lodge a statement of opposition. If no opposition is filed, the order becomes automatically enforceable in all EU Member States (except Denmark), without the need for a declaration of enforceability (exequatur).

                  In the Netherlands, the EPO is enforced in the same manner as a Dutch judgment. This means that the claimant must instruct a Dutch bailiff (gerechtsdeurwaarder) to serve the enforceable EPO on the debtor. Dutch enforcement law applies, including the possibility of seizure of assets.

                  Benefits and considerations

                  From a Dutch perspective, the EPO procedure offers clear advantages in cross-border cases. It is faster and less costly than ordinary civil proceedings, requires minimal formalities, and avoids complex jurisdictional or recognition issues. However, caution is advised where there is any indication of a potential dispute. The procedure is suitable only for claims that are truly uncontested. If the defendant objects, the case must proceed under ordinary civil rules unless the claimant withdraws.

                  Conclusion

                  The European Payment Order is a powerful tool for creditors seeking recovery of cross-border claims within the EU. Its simplicity and direct enforceability make it an attractive option—provided that the claim is not in dispute. Foreign lawyers with clients facing collection issues in the Netherlands should be aware of this mechanism, which Dutch courts and bailiffs are well-equipped to handle swiftly and efficiently.

                  Angel Iglesias Molero

                  Áreas de prática

                  • Inteligência artificial
                  • Contratos
                  • Empresa
                  • Investimentos
                  • Arranque
                  Contato Angel

                  Scrivi a Angel





                    Read the privacy policy of Legalmondo.
                    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.