CLVPartners

CLV-02
Menu

News

What’s next for pay transparency? By dr. Anna Katalin Papp

Employment, labour law, News / / , , , , ,

Reading time: 8 perc

If we open any HR portal, we will find a news article about pay transparency on nearly every homepage, which is hardly surprising. In my opinion, the 2023 directive requires a level of transparency from companies that is unprecedented in labour law and fundamentally reshapes the way companies and their employees communicate with one another— in my view, for the better.

The topic itself is not new. In fact, the principle that men and women should receive equal pay for equal work was already set out in the 1957 Treaty of Rome establishing the European Economic Community. In Hungary, the Labour Code also contains numerous provisions aimed at preventing discrimination based on gender.

The real change in recent years is brought by Directive (EU) 2023/970 to strengthen the application of the principle of equal pay for equal work or work of equal value between men and women through pay transparency and enforcement mechanisms (“EUPTD”), which recognises that pay systems are not transparent and therefore employees are unable to enforce their claims. Accordingly, it imposes specific disclosure, information, and reporting obligations on employers.

The EUPTD is therefore a kind of enforcement directive, and to our knowledge, the Hungarian draft law already prepared by the ministry does not significantly expand or tighten these rules, as they are already quite detailed in themselves.

We are aware that some of our clients have been dealing with this topic at group level for quite some time, while others have started processing it independently due to a lack of background support or while waiting for Hungarian legislation. In many cases, we provide assistance in this area, but we also consider it important to summarise—briefly and in newsletter form—how this project should be approached.

Naturally, we have reviewed numerous service providers’ approaches and implementation models that may be viable, but our position is primarily based on the specific provisions of the EUPTD, guidance and working documents of EU expert bodies, as well as relevant case law of the Court of Justice of the European Union, which is binding on Member States. We do this because we believe this approach provides the highest level of legal certainty for companies aiming for compliance.

Key steps in the EUPTD compliance process for all companies from 7 June 2026:

Identification of individuals classified as employees and wage components

Although the concept of “employee” may seem straightforward at first, the EU definition is significantly broader than the Hungarian legal concept. Accordingly, any legal relationship falls under labour-law assessment in which a person: (i) for a certain period; (ii) under the direction of another person; (iii) performs work / provides services; and (iv) receives remuneration (wage) in return.

Accordingly, employers must proceed carefully, as among their contractual arrangements, freelancers, interns, cooperative workers, or agency workers may all fall within the scope of the EUPTD project, as well as board members.

It is also of key importance which remuneration elements the company includes in the assessment. Based on EU terminology and case law, not only base salary and bonuses, but also benefits in kind (e.g. company-provided additional leave, travel passes, personal use of company equipment, internal mobility opportunities), as well as group-level benefits (ESOP, MRP, VSOP systems) fall under the scope of the EUPTD.

Defining compensation components can provide a competitive advantage—for example during a recruitment process—but at the same time, it will be necessary to take a more holistic approach to the issue, as there have historically been significant differences between individual employees, and trade secrets and personal rights may also be compromised in the process.

Establishing or reviewing job and pay structures

Although the existence of a job structure is not a formally required obligation, in my view the compliance process cannot be completed without it. All reporting and disclosure obligations are based on the employer’s accountability regarding which employee performs what work (as defined in task-definition section of the job description). At the same time, companies are expected to assess what skills, effort, responsibility, and working conditions are associated with each role.

Once the baseline data (employees, remuneration, and job roles) is available, it becomes possible to assess how objectively the pay structure has been established. The remuneration assigned to each role must therefore be evaluated: to what extent it is based on objective criteria, and whether any differences between identical roles can be justified. This base data will also form the foundation of the salary increase strategy, as employees will need to be informed about career advancement opportunities in the future.

For many companies, carrying out the above task is a challenge because it forces mid-level managers to confront the fact that the compensation of certain employees cannot be justified rationally, while other employees with long-term stable performance have not received appropriate salary increases or adjustments. While it will be easier to build such systems going forward, correcting existing discrepancies or identifying the reasons behind them is a process that requires more time and significant HR resources. The good news is that this task can be managed as a project, and EU guidance materials support companies in accelerating the process.

Companies that already have a pay structure in place should review their job roles and employee categories based on the EUPTD framework to prepare for their reporting obligations

Administration, administration, administration

A key objective of the EUPTD is that employers must be accountable. Therefore, companies must establish information procedures in four directions:

towards job applicants

towards employees

in consultations with employee representatives

towards supervisory and regulatory authorities

Most of the detailed Hungarian regulations are expected in this regard, as defining specific deadlines, appointing the responsible authority, and specifying the sanctions applicable in the event of non-compliance typically fall within the competence of the national legislator.

Employers are required to present pay data derived from the aforementioned structure on a very broad scale, in each case including a percentage-based comparison of the gender pay gap.

As several misunderstandings and pieces of misinformation often arise in this regard, it is important to emphasize that the vast majority of the above tasks are mandatory only for companies of a certain size starting this June. The SME sector is granted relief in that the reporting to authorities and employee representatives will be introduced in stages, as follows:

250+ employees from 7 June 2027, annually thereafter
150–249 employees from 7 June 2027, every three years thereafter
100–149 employees from 7 June 2031, every three years thereafter
1–99 employees voluntary

General approach of the EUPTD

Based on our experience to date, it is equally important that—without claiming to be exhaustive—the following aspects be discussed and considered prior to implementation and to note that the EUPTD implementation should not be viewed as a standalone, isolated project:

employee curiosity

new market players and services (new benchmarking opportunities, competency mapping, process management)

role of publicity

impact on market competition

transformation of internal procedures

opportunities offered by AI

specifics of executive compensation systems

I believe that for colleagues working in internal HR or legal departments, this will be an extremely exciting and professionally challenging period. Although implementing the EUPTD within a Hungarian organisation will certainly require significant time investment, its long-term effects (e.g. more efficient recruitment, standardisation and accountability of selection and evaluation criteria, transparent corporate HR culture) will ultimately be positive and supportive of everyday cooperation. We of course continue to support our clients throughout the process, as interpreting the detailed rules together and assessing related labour law (and broader legal) implications raises many practical questions for which it is worth preparing the correct answers in advance.

Photo source: pixabay, pexels.com

What’s next for pay transparency? By dr. Anna Katalin Papp Read More »

CLVPartners has achieved outstanding results in the 2026 guides of Chambers and Partners Europe© and Legal 500©

Corporate law, Data protection, Employment, labour law, News, team / / , , , , , ,

We are pleased to announce that Chambers and Partners© and Legal 500© have ranked our firm for the 15th consecutive year in 2026, and in multiple categories: we are one of the few firms in Hungary to have been recognized in the areas of labor law, commercial law, corporate law, and M&A, as well as data protection.

This year marks a particularly significant milestone for us, as we have moved up one category and achieved a higher band rating.

As a boutique law firm competing against the largest international firms with nearly 100 employees, this achievement is a significant recognition for us, one that reaffirms our professional commitment and our dedication to providing our clients with the highest level of service.

We are particularly pleased that our managing partner, Anna Papp, has also received individual recognition and was listed in the guide among Hungary’s notable practitioners in the field of labour law.

We would like to share some feedback that is particularly valuable to us, which our clients provided to the certification body:

„The law firm’s technical strength, practical mindset and outstanding client care make it genuinely distinctive within the employment law market.”

„The team is approachable, easy to reach and provides timely advice, even on short notice. Its ability to balance quick turnarounds with well-considered, practical guidance is a key strength.”

“The firm has particularly extensive experience in designing whistleblowing systems and managing data protection requirements for internal workplace investigations. This includes ensuring that the principle of ‘privacy by design’ is upheld even when investigating sensitive corporate matters or reports of harassment.”

“CLVPartners is always flexible, proactive, and solution-oriented. Their approach is holistic: beyond solving the immediate problem, they highlight areas we may not have considered but which are essential.”

“Anna Papp demonstrates flexibility, preparedness, extensive experience, precision and client focus. In addition to her comprehensive expertise, she also understands the practical side of things.”

“We can count on Anna Papp for all our questions. We don’t have a problem that she doesn’t have a suggestion for. Her professional knowledge and dedication are outstanding”.

“Barbara Seregély has extensive experience in cross-border mergers and acquisitions and corporate law.”

“Anikó Hrebenku delivers an excellent client experience, ensuring that each matter is handled by experts who provide consistent support.”

We would like to thank our clients for their trust and valuable feedback throughout the year. We remain committed to continuing to effectively support our clients’ day-to-day operations.

Photo source: pexels.com, Fotó: Pixabay

CLVPartners has achieved outstanding results in the 2026 guides of Chambers and Partners Europe© and Legal 500© Read More »

Questions regarding the scope of the AI Act

Artificial Intelligence, News / / , , , ,

Reading time: 5 minutes

On 12 June 2024, a new era began in the regulation of artificial intelligence (“AI“) with the adoption and publication of the European Union’s Artificial Intelligence Regulation (“AI Act“). The purpose of the legislation is to provide a framework for the safe, transparent, and responsible development and use of AI in the European Union. In order to properly interpret the obligations set out in the AI Act, it is first necessary to clarify exactly which organizations, activities, or technological solutions are covered by the regulation.

In the second part of our series of articles, we will therefore examine the most important rules relating to the scope of the AI Act in order to help our clients start preparing for compliance in advance and to identify whether they are developing or using AI systems in their operations that are subject to the provisions of the AI Act.

The most important rules relating to the scope of the AI Act

Subject of the AI Act

The AI Act essentially covers the regulation of AI systems. Accordingly, it is first important to identify what qualifies as an AI system.

According to the AI Act, an AI system is a machine-based system that is specifically designed to operate with varying levels of autonomy and to be capable of adapting after deployment. These systems analyze inputs for explicit or implicit purposes and generate outputs—such as predictions, content, recommendations, or decisions—that may have an impact on the physical or virtual environment.

What fundamentally distinguishes AI systems from traditional software solutions is their ability to learn from input data, draw conclusions based on that data, and create models. In contrast, simpler software systems based on classic programming approaches—including systems that perform automated operations based solely on predefined, human-set rules—do not have such learning or adaptation capabilities. As a result, these solutions are not considered AI systems and are therefore not covered by the relevant regulations.

Traditional software solutions include applications that operate entirely on predetermined rules and are incapable of independent learning or adaptation. These include traditional calculators, certain basic functions of Microsoft Excel, and performance evaluation software used for financial forecasting, which are only capable of processing historical data and drawing simple statistical conclusions.

It is also important to note that, as a general rule, the AI Act does not apply to certain specific areas. The scope of the regulation does not cover AI systems used for military, defence, or national security purposes, nor does it cover systems, models, and results created specifically for scientific research and development. In addition, the AI Act does not apply to natural persons who use AI systems solely for personal, non-professional purposes.

Territorial and personal scope

The scope of the AI Act is not limited to operators located within the European Union. The regulation applies to all AI systems that are placed on the market, put into service, or used within the internal market of the European Union. Accordingly, in certain cases, the regulation also applies to operators located outside the Union.

The regulation essentially covers all operators who come into contact with AI systems, from development to use. Accordingly, the scope of the AI Regulation may include, among others, developers, service providers, distributors, importers, installers, operators, and users of the systems.

Temporal scope

The provisions of the AI Act will enter into force in stages.

However, it is important to note that certain provisions of the AI Act are already in force. These include, among others, provisions on definitions, rules on AI systems that pose an unacceptable risk (i.e., prohibited AI systems), obligations governing general-purpose AI models, and provisions on AI literacy, regulatory oversight, and sanctions.

The requirement for so-called AI literacy has particular significance. Under this provision, organizations using AI systems are required to ensure that the persons managing or operating the system have an adequate level of knowledge about AI.

According to the current provisions of the AI Act, the majority of the provisions will become applicable on 2 August 2026. However, as part of the Digital Omnibus Package, the European Commission proposed in November 2025 that the application of certain rules be postponed by up to 18 months.

Further uncertainty regarding implementation arises from the fact that the Commission was supposed to publish guidance on the classification of high-risk AI systems by 2 February 2026. These guidelines are key to determining whether a given AI application is considered high-risk and, as a result, subject to stricter documentation, compliance, and oversight requirements. However, the guidelines have not yet been published. In addition, several Member States have encountered difficulties in designating the authorities responsible for implementing the regulation.

As a result, there is still considerable uncertainty regarding the entry into force and practical application of certain provisions.

Domestic regulation

Due to its legislative form, Hungarian regulation is essentially supplementary to EU rules. Accordingly, Act LXXV of 2025 on the implementation of the European Union’s Artificial Intelligence Act in Hungary (“Hungarian AI Act”) applies only to matters, organizations, and AI systems that affect Hungary or its territory.

In terms of temporal scope, the AI Act generally applicable from December 2025, with the exception of the provision on the regulatory sandbox, which will enter into force on 2 August 2026.

Summary

The AI Act regulates systems that can learn from input data, drawing conclusions, or generating outputs autonomously, while traditional software that operates solely according to predefined rules is not covered by its scope. The territorial scope of the AI Act is broad, as it applies not only to entities established in the EU, but also to those who place AI systems on the EU market or use their outputs in the EU. The regulation covers all relevant actors, from the development to the use of the system. Although the rules of the AI Act become applicable in stages, several key provisions are already in force, but the lack of guidelines and institutional conditions for implementation is currently causing uncertainty in practical application.

Photo source: pexels.com, Tara Winstead

Questions regarding the scope of the AI Act Read More »

Current Activities of the European Data Protection Board to Support GDPR Compliance

Data protection, News / / , , , , , ,

Reading time: 7 minutes

The European Data Protection Board has published its Work Programme for 2026–2027 (hereinafter: the “Programme”), adopted on 11 February 2026, The Programme provides not only strategic directions but also concrete tools to support organisations’ day-to-day compliance. This article summarises the consultation results and the key plans set out in the European Data Protection Board’s Programme.

Background

In its 2024–2027 strategy, the European Data Protection Board identified four interlinked priorities. These include strengthening the consistent application of data protection rules and further priority is deepening supporting organisations in complying with the law. A cooperation among data protection authorities, particularly in cross-border cases. The strategy also emphasises ensuring that data protection is effective in a fast-evolving digital environment affecting multiple regulatory areas, including applications of artificial intelligence. Moreover, the European Data Protection Board aims to actively foster and shape international dialogue on privacy and personal data protection. The Programme supports the implementation of the European Data Protection Board’s 2024–2027 strategy, based on the identified priorities and the most important needs of stakeholders.

Main elements of the programme

The Programme builds on the consistent application of Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) and sets out the European Data Protection Board’s activities for 2026–2027 along four pillars: harmonisation and compliance, a common culture of enforcement, challenges in the digital regulatory environment, and global data protection dialogue.

Harmonisation and legal clarity

The European Data Protection Board will continue to issue detailed yet accessible guidance on topics considered critical by stakeholders during events and consultations, such as anonymisation and pseudonymisation, data processing based on legitimate interests, “consent or pay” models, and targeted updates on guidance for data protection officers.

The European Data Protection Board also intends to facilitate GDPR compliance with new practical tools, particularly for small and medium-sized enterprises (SMEs), including templates and guidance. To this end, a public consultation was conducted between 5 November and 3 December 2025 to identify which practical templates would most effectively support GDPR compliance.

The consultation highlighted the greatest demand for templates on records of processing activities, data protection impact assessments, legitimate interest assessments, privacy notices, transfer impact assessments, data processing agreements, data breach notification forms, and risk assessment templates. The European Data Protection Board has prioritised three templates in the Programme—legitimate interest assessment, records of processing activities, and privacy notices—to provide consistent, practical support, especially for organisations with limited resources.

In addition, the European Data Protection Board supports controllers and processors in developing and implementing compliance measures, for instance, through opinions on certification schemes, codes of conduct, and accreditation.

Stronger enforcement culture and cooperation

The second pillar aims to ensure consistency in the application and enforcement of the GDPR and to enhance cooperation among its members. The European Data Protection Board will continue to support the development of cooperation and enforcement tools and promote the sharing of expertise. Efforts will also focus on giving greater attention to priority issues and creating consistency.

In line with these objectives, the European Data Protection Board will focus on the consistent application of the GDPR and effective cooperation between authorities. To this end, it will update, among other things, its guidelines on handling cross-border cases, its principles on imposing fines, and its rules on mutual assistance and emergency procedures. As part of its action on the Coordinated Enforcement Framework (CEF), in 2026 it will focus on fulfilling the obligations under Articles 12-14 of the GDPR regarding transparent information, communication and measures for the exercise of data subjects’ rights. Where necessary, it will set up working groups to provide operational platforms for cases requiring cooperation on enforcement matters. To ensure the effective functioning of the consistency mechanism, it will adopt opinions addressed to national supervisory authorities with a view to supporting consistent decision-making.

Data protection at the intersection of digital legislation

The European Data Protection Board’s priority is to ensure coherence across EU digital legislation. In the rapidly evolving technological and market environment, data protection interacts closely with multiple other EU laws, such as the AI Regulation. This increases the importance of consistent interpretation, coordinated action by authorities, and clear guidance. The European Data Protection Board collaborates with other regulators, including competition and consumer protection authorities, to support the new cross-regulatory environment. Key technological topics include generative AI, telemetry and diagnostic data, and blockchain-related data protection issues.

Global data protection dialogue and data transfers

The European Data Protection Board continues to promote global dialogue on privacy and data protection, focusing on international cooperation between its members and third-country authorities, especially those with EU adequacy decisions.

Conclusion: more support, greater legal certainty

A key message of the Programme is that GDPR compliance is not merely a matter of regulatory oversight, but a process that can be actively supported and structured. Templates, harmonised guidance, and enhanced authority cooperation aim to make GDPR application more predictable and practical. At the same time, each organisation must tailor its data processing documents and procedures to its own business processes and risks. The European Data Protection Board seeks to strengthen fundamental rights, support organisational compliance, and ensure that European data protection remains coherent and competitive in a fast-changing digital environment.

Photo source: pexels.com, MART PRODUCTION

Current Activities of the European Data Protection Board to Support GDPR Compliance Read More »

Termination based on employer-related reasons and their legal framework in practice

Employment, labour law, News / / , , , , , ,

Reading time: 5 minutes

The termination of an employment relationship is one of the most complex areas of labour law, requiring particular care. To ensure compliance with the law, it is essential that the employer has a thorough understanding of the relevant legislation, as well as the rights and obligations of both parties. Therefore, to ensure compliance, this article reviews the possible grounds for termination by the employer and, within that context, provides a detailed overview of the practical considerations regarding terminations based on reasons related to the employer’s operations.

Key rules governing termination of employment by the employer

The purpose of labour law regulations is primarily determined by the social function and the hierarchical relationship of the parties. Consequently, Act I of 2012 on the Labour Code (“Labour Code”) sets forth in detail the substantive and procedural conditions under which an employer is entitled to terminate an employee’s employment relationship.

One way to terminate an employment relationship is through a termination notice given by the employer. When the employer decides to terminate the employment relationship by giving a termination notice, it must be determined whether there is a valid basis for doing so as required by law.

In the case of an indefinite-term employment relationship, the grounds for termination may be based solely on

the employee’s ability,

the employee’s behaviour or

reasons related to the employer’s operations.

It is thus clear that the groups of reasons can be divided into two main categories, depending on whether they relate to the employee or the employer.

In practice, it is often difficult to draw a clear line between whether the disputed circumstance is related to the employee’s ability or behaviour (e.g., in cases of performance issues, it is often not entirely clear whether they are caused by the employee’s attitude or a lack of ability). In other cases, however, these circumstances are clearly distinct (e.g., an employee’s regular tardiness is typically a behavioural issue, while medical unfitness or a lack of required language skills indicate deficiencies in ability).

Of course, any of these circumstances may justify the employer’s right to terminate the employment contract.

Another important category involves reasons related to the employer’s operations, which, as the name implies, are independent of the employee’s conduct or abilities. It happens that the number of orders at the employer decreases, the economic environment deteriorates, or that organizational restructuring, reorganization, or outsourcing is necessary to maintain competitiveness. Of course, in such cases, the need to terminate certain employment relationships may arise, which can indeed serve as a lawful basis for termination by the employer. Since this article focuses specifically on terminations based on reasons related to the employer’s operations, we will now describe this category of reasons in detail.

Reasons for and rules governing termination of employment related to the employer’s operations

First, it is worth emphasizing that grounds for termination based on the employer’s operations constitute a broad category, as they may encompass numerous specialized, economically motivated decisions for which an exhaustive statutory list would not be practical. Below, we describe a few typical scenarios, noting that these may occur even in combination.

We can speak of the elimination of a position when an employer completely eliminates a specific position within the organization, and as a result, the employment relationship of all employees working in that position is terminated.

In contrast to the above, the situation involves a reduction in headcount rather than the elimination of a position when the employer does not eliminate the position itself but reduces the number of employees in that role (e.g., due to a decrease in tasks or digitization). Although the court does not examine the economic rationality of the decision or the criteria for selection, the fundamental principles must, of course, be observed in such cases as well—with particular regard, for example, to the requirement of equal treatment and the prohibition of abuse of rights.

Replacement for better qualifications is also one of the grounds for termination that fall within the employer’s sphere of interest and decision-making. The rationale behind such a replacement is that the employer decides to fill the position in question with an employee who possesses additional qualifications in the future; for example, the employer may require to have proficiency in a specific language or additional training.

Another common scenario is when an employer decides to reorganize the performance of tasks in the future, for example, by establishing temporary agency work, simplified employment, or contractor/service relationships instead of employing workers under a traditional employment relationship.

A common feature of these grounds is that the practicality of the employer’s organizational or business decisions cannot be questioned on its own merits. Accordingly, the court cannot deem terminations related to reorganization to be unlawful merely because the practicality or economic rationality of the decision is debatable. Similarly, an employee cannot successfully argue that the measure serving as the basis for the termination was not economically rational. It is important, however, that the reason for terminating the employee’s employment must be reasonable, meaning that the selected employee’s dismissal must be related to the economic reason.

Application of the rules governing collective redundancies

If an employer terminates the employment of a specific number of employees within a relatively short period of time, citing operational reasons, the decision may be classified as a collective redundancy procedure. In such cases, the employer is subject to specific procedural, consultation, and notification obligations.

Since a large number of employees may suddenly enter the labor market, the law requires compliance with a set of procedures that include specific safeguards to counterbalance this. These rules are intended to ensure that both the affected employees and the labour market, as well as the Government Employment Service —which assists employees in finding new employment as quickly as possible—can prepare for the change. We will discuss the detailed rules of this in the next part of our series of articles.

Summary

Overall, it can be said that the termination of employment is one of the most complicated areas of employment law, the primary purpose of which is to balance the power between the employee and the employer. One possible ground for termination by the employer is a reason related to the employer’s operations, which may serve as a means of restructuring the organization or maintaining economic stability. In cases of termination based on such grounds, a thorough understanding of the regulations is particularly important, since if the employer terminates the employment of a specified number of employees within a short period of time citing this reason, the decision may qualify as a collective redundancy, which entails specific procedural obligations.

Photo source: pexels.com, Jahoo Clouseau

Termination based on employer-related reasons and their legal framework in practice Read More »

The managing director’s liability, particularly in relation to the annual financial statements, and possible ways to limit liability

Corporate law, News / / , , , , , ,

Reading time: 7 minutes

Introduction

A key figure in Hungarian company law is that the executive officer responsible for the operational management of business associations—typically the managing director in the case of a limited liability company. Act V of 2013 on the Civil Code (“Civil Code”) sets out in detail the fundamental rules applicable to them, including their liability, which extends not only to day-to-day operational decisions but also, in particular, to the company’s financial and sustainability reporting. This becomes particularly important as the general reporting period approaches. For companies operating on a financial year identical to the calendar year, May is of particular importance: major tax returns must be submitted by May 20, and the annual financial statements must be formally approved and published by May 31. In light of these upcoming deadlines, it is important for our clients to be aware of the key rules governing the managing director’s duties and responsibilities in this context.

In this article, we examine the liability of managing directors primarily in relation to the annual financial statements. Within this framework, we outline the boundaries of this liability and how these risks can be consciously mitigated by establishing appropriate safeguards.

General overview of the managing director’s liability

The Civil Code clearly establishes the fundamental principles of executive management. The managing director is responsible for the operational management of the company and must perform this activity with the company’s interests as a priority.

The most important expectation imposed on the managing director is the so-called “prudent businessperson” standard. This objective standard requires that the executive officer make decisions in all cases based on adequate information, in good faith, after assessing potential business and legal risks, and exclusively with the company’s interests in mind.

In practice, this means that the managing director may not make decisions that prioritize their own interests or those of third parties (including members) over the company’s financial stability. The Civil Code makes it clear that limited liability protects only the members; the managing director’s underlying personal liability for breaches of duty and unlawful conduct remains independent of this.

Liability related to the preparation and approval of financial statements

One of the managing director’s key responsibilities is the preparation, approval, and publication of the annual financial statements in accordance with accounting law.

Although bookkeeping and the preparation of tax returns are often carried out by internal or external accountants and financial professionals, the liability and legal responsibility for the proper keeping of accounts and the accuracy of the financial statements rests with the managing director.

The approval of the financial statements and the decision on the use of after-tax profit fall within the exclusive competence of the company’s supreme body. In this context, the managing director’s obligation is to prepare the draft, submit it to the supreme body, and provide a written proposal regarding the use of profits.

Furthermore, if the managing director detects that the company’s capital position is inadequate, they are obliged to convene the general meeting and initiate prompt remedial measures.

 

Mitigating managing director liability – practical options

Granting of discharge

The Civil Code itself provides a tool for limiting the liability of managing directors: the so-called discharge. The essence of discharge is that the supreme body confirms that the managing director’s activities in the previous financial year were appropriate. If granted, the company generally cannot subsequently enforce claims for damages against the managing director for breaches of duty during the given period.

However, it is important to note that discharge does not provide absolute protection. If it is later proven that the facts or data underlying the discharge were false or incomplete, the company may still assert claims for damages against the managing director.

Establishing internal procedures

Liability can also be mitigated by implementing appropriate internal procedures for significant decision-making within the company. This can take various forms, such as introducing joint signature systems or approval processes based on specific areas of responsibility.

Decisions subject to approval by the supreme body

It is common for companies to require prior approval by the supreme body for certain decisions that would otherwise fall within the managing director’s competence. These may be defined in various ways (e.g., based on subject matter or financial thresholds). It is also possible for the managing director to seek approval from the general meeting even in matters where it is not legally required. In such cases, if approval is granted, the managing director’s liability is naturally reduced.

Involvement of external experts

As noted above, the managing director is fundamentally responsible for all operational decisions. However, they are often required to make decisions on specialized matters that may fall outside their expertise. In such cases, it is strongly recommended to assess potential risks and decision options with the involvement of experts in advance. This can lead to more well-founded decisions and may also reduce the extent of the managing director’s potential liability.

Directors’ and Officers’ (D&O) liability insurance

The liability of managing directors is extremely broad, as their decisions affect nearly all aspects of the company’s operations—from financial management and legal compliance to obligations toward employees and business partners. Moreover, in certain cases, they may be held liable with their personal assets for damages they cause, representing a significant personal risk. In an increasingly complex and strictly regulated economic environment, it is easier than ever to make inadvertent mistakes with serious legal and financial consequences. D&O liability insurance offers a solution to mitigate these risks by providing coverage for claims brought against executive officers. Typically, such insurance covers legal defense costs and, subject to contractual terms, awarded damages, thereby enabling managing directors to make responsible decisions with greater security.

Conclusion

It is clear that the scope of duties for managing directors is extremely wide-ranging, while their responsibilities are also particularly strict, often involving significant personal risk. In this complex and constantly evolving environment, conscious preparation and the establishment of appropriate safeguards are essential. These include, among others, well-designed and documented decision-making processes, strengthened internal control systems, and, where appropriate, adequate insurance coverage. Together, these measures help ensure that managing directors can perform their duties within transparent, lawful, and secure frameworks, reducing the risk of errors and the associated liability. Since the way companies operate is constantly changing, it is advisable to conduct periodic reviews of management procedures established years ago to ensure that they comply with updated protocols and that management responsibilities are aligned accordingly.

Photo source: Pexels.com, Vlada Karpovich

The managing director’s liability, particularly in relation to the annual financial statements, and possible ways to limit liability Read More »

The essence and functioning of European Works Councils

Employment, labour law, News / / , , , , ,

Reading time: 7 minutes

The role of works councils regulated by the Labor Code is well known to many domestic companies, as employees are entitled to elect a works representative or works council if the number of employees reaches a certain threshold. The works council is a kind of representative body for employees, whose main task is to monitor compliance with the rules governing employment relationships. In performing this task, the works council is entitled to request information and consultation, and in certain cases (e.g., TUPE, collective redundancies, other employer measures affecting a larger group of employees), the employer is obliged to involve the works council, provide it with appropriate information and, where appropriate, seek its opinion.

Many companies operate not only in one but in several European Union countries. In order to ensure that the role and importance of local works councils is not diminished, the EU has provided for the establishment of so-called European works councils in cases where companies have a certain level of presence in the EU.

In the following article, we provide a comprehensive overview of the concept and purpose of European works councils, when companies are required to ensure the election of a European works council for their employees, and the basic functioning of such councils. We will also discuss future, already known changes to the regulations governing European works councils.

The concept and purpose of the European Works Council

The essence of the European Works Council is to ensure the right of employees of Community-level companies (or groups of companies, hereinafter collectively referred to as “companies”) to information and consultation on so-called transnational, international issues. In this context, it is important to note that a Community-level company is defined as a company which

employs at least 1,000 employees through its companies in the Member States and

has employees in at least two Member States

it employs at least 150 employees in each Member State.

Any issue that affects a Community-scale company as a whole, or at least two of its establishments or undertakings belonging to its group of companies in two different Member States, is considered transnational (and furthermore, under Hungarian law, any issue that has a significant impact on employees, regardless of the number of Member States concerned). It is clear, for example, that a reorganization affecting several organizations of a group of companies operating in the European Union, or, for example, (group-level) collective redundancies, may be considered a transnational issue, in which case the European Works Council must be informed and consulted in accordance with the law before specific decisions are taken.

Initiating the establishment of a European Works Council

If a company operating within the European Union qualifies as a Community-scale company on the basis of the above, on the initiative of the central management or at the request of at least 100 employees employed in at least two undertakings or establishments in at least two Member States or at the request of the bodies representing these employees, negotiations must be initiated to establish a European Works Council or to set up negotiations for the purpose of informing and consulting employees.

The role and prominent position of the special negotiating body

In order to initiate and conduct negotiations, a special negotiating body must first be established, whose task is to consult and reach agreement with the central management on the procedure for informing and consulting with the works council or employees.

Both the European Union directive on European works councils and the Hungarian law transposing it lay down rules for the election and functioning of the special negotiating body, which, although they leave many questions unanswered, are very similar to those for the election of local works councils.

The mission of the special negotiating body is therefore to agree with the central management on the tasks, powers, composition and term of office of the European Works Council, or to establish a procedure other than the establishment of a European Works Council that allows for the information and consultation of employees.

Functioning of the European Works Council

The functioning of the European Works Council is determined by a written agreement concluded by the parties following successful negotiations between the central management and the special negotiating body.

It should be noted that in many cases negotiations often fail to produce results. However, unsuccessful negotiations must not result in infringement of employee’s rights. For this reason the legislation contains rules on the functioning of the European Works Council.

The model rules governing the operation of European works councils do indeed bear many similarities to the rules governing Hungarian works councils (method of election, active and passive voting rights, termination of mandate, meetings, etc.).

Review

Over the years, a number of difficulties of interpretation and regulatory gaps have arisen in the practice of law enforcers in relation to the rules currently in force for European works councils, as confirmed by the European Commission.

For those of our clients who are in the process of electing members to the special negotiating body, we see that there are a number of practical issues that are not covered by either EU or domestic regulations. In such cases, we strive to provide advice on the specific implementation, keeping in mind the general purpose of the regulations.
Of course, practical challenges have also been identified in other Member States, which is why the directive has been revised and supplemented.

Under the new regulations, the concept of transnational issues has been defined more broadly (similar to Hungarian legislation), the legislation seeks to ensure gender balance through specific provisions, and the special negotiating body will be able to involve experts (e.g. legal and economic experts) if necessary, furthermore, Member States must introduce effective provisions to enforce the rules on European Works Councils and to sanction violations thereof.

As a result of the review, Member States will have to transpose and implement the necessary amendments by 1 January 2028. However, given that, based on our practical experience, the establishment of a European Works Council requires significant coordination on the part of all Member States and member companies involved, it may be advisable to take the amendments to the directive into account in the meantime in order to ensure adequate preparation and proper functioning.

Photo source: pexels.com, Jonas Horsch

The essence and functioning of European Works Councils Read More »

General information on the legal regulation of group of companies

Corporate law, News / / , , , , , ,

Reading time: 6 minutes

In modern economic life, in order to increase efficiency and share resources and market risks, companies are increasingly forming close cooperation systems, known as groups of companies (or conglomerates). However, this process often proves to be contrary to the basic principles of classical corporate law, which is based on the independence and separate liability of legal entities. Act V of 2013 on the Civil Code (“Civil Code”) offers a structured solution to this dilemma with the institution of recognized groups of companies, providing a legal framework and a strict warranty system for the responsible economic and legal operation of corporate groups.

Given that the regulation of group of companies will change this spring, our article presents the regulatory system for group of companies in order to provide greater clarity on the background to the changes.

The recognized corporate groups

In order for close cooperation between companies to qualify as recognized corporate groups, three conceptual elements must be present:

there must be a controlling member that is required to prepare consolidated annual accounts;

there must be at least three different legal entities controlled by the controlling member;

a uniform business policy must be established, which is laid down in the control contract itself.

The group of companies is established by drawing up a draft control contract and obtaining the approval of a three-quarters majority of the members (subject to the successful fulfilment of the relevant disclosure obligations). The controlling member must apply for registration in the commercial register within 60 days of the final approval.

The control contract

The control contract is the central regulatory instrument for the operation of the group of companies, as it contains the uniform business policy that forms the basis for cooperation. In addition to the most important identifying details of the members, the contract must also specify the form of their cooperation and its essential elements.

It is important that the contract only restricts the independence of the controlled members to the extent necessary to achieve the uniform business objective. Under the rules of the Civil Code, the management of the controlling member may instruct the management of the members within the framework of the control agreement. In this case, the rules on the exclusivity of decisions of the supreme body do not apply either.

In order to ensure transparent operation, the management of the members of the group of companies (including the controlling member) is obliged to report to the supreme bodies at least once a year on the activities related to the performance of the agreement. The management of the controlling member also has an additional obligation to inform creditors with significant claims. If the latter fails to do so, the creditor may apply to the court of registration.

Minority protection

The operation of a group of companies requires specific minority protection rules, as members with a small shareholding must adapt not only to the majority owner within their own company, but also to the majority owner of the controlling member. For this reason, the law provides for special minority protection guarantees both at the time of the formation of the group of companies and during its operation:

upon the formation of the group of companies: members of legal entities joining as controlled members who do not wish to participate in the group of companies may request, within 30 days of the second publication of the announcement of the formation, that the controlling member purchase their shares at market value;

during the operation of the group: if the controlling member substantially or repeatedly breaches the control agreement, members holding at least 5% of the votes of the controlled member, as well as the management of the controlled member, may initiate the convening of the supreme body of the controlling member. This creates an opportunity to bring the breach of contract before the highest decision-making forum of the controlling member. If the management of the controlling member does not comply with the request, the court may also convene the meeting or authorize the applicants to do so.

Creditor protection and underlying liability

One of the fundamental objectives of the establishment and operation of a group of companies is to protect the interests of creditors.

The main security provided by the system is the underlying liability of the controlling member. If any of the controlled members is liquidated, the controlling member is obliged to cover the unsatisfied debts. The controlling member may be exempted from liability if it can successfully prove that the insolvency was not a consequence of the implementation of a uniform business policy.

Supervision by the Court of Registry

The Court of Registry, which is responsible for registration, supervises the legality of the group of companies. In the event of a material or repeated breach of the control agreement, any legally interested party (e.g. a member or creditor) may request that the Court of Registry conduct a legality supervision procedure against the group of companies.

De facto groups of companies

A de facto group of companies exists when uniform management or close economic cooperation has been in place for three years without the parties complying with the formal requirements (control contract, registration). According to long-standing rules, at the request of any legally interested party, the court may oblige the group of companies to conclude a control agreement or to apply the relevant provisions in the absence of such an agreement, thereby creating both underlying liability and the possibility for minority members of controlled subsidiaries to exit.

Regarding actual groups of companies, the amendment, which will enter into force on March 1, 2026, clarified the concept of a legally interested party: in the future, anyone to whom the controlling member would be liable (i.e., typically the creditor of the controlled member) will be considered to have a legal interest. The amendment prioritizes creditor protection by directly linking the existence of an actual group of companies to the obligation to pay, thus making the underlying liability of the controlling member enforceable for aggrieved creditors despite the lack of a formal framework.

Summary

The regulation of groups of companies is based on the balance of ‘power and responsibility’. The institution of acknowledged group of companies offers legal certainty by ensuring the right to uniform management and instruction, while at the same time protecting economic actors with strict guarantees. It is in the fundamental interest of company managers to ensure that the group operates in compliance with legal guarantees and within a transparent contractual framework, thereby avoiding unexpected underlying liabilities and legal disputes.

Photo source: pexels.com, Fauxels

General information on the legal regulation of group of companies Read More »

Changes to Occupational Safety Rules at the Beginning of the Year

Employment, labour law, News / / , , , , , ,

Reading time: 7 minutes

As we reported in our extraordinary newsletter, Act XCIII of 1993 on Labour Safety (“Labour Safety and Health Act”) introduces new rules as of 1 January 2026 for employer organizations regarding the provision of conditions for occupational safety and health. In this article, we summarize the requirements necessary to comply with these obligations.

Principles and requirements

The Labour Safety and Health Act sets out in detail the requirements that employers must take into account to ensure occupational safety and health. In this context, employers must strive to avoid hazards, assess risks that cannot be avoided, and combat hazards at their source. Furthermore, undertakings are required to take human factors into consideration when designing workplaces and selecting work equipment and work processes, to apply the achievements of technical progress, to replace hazardous solutions with less hazardous ones, and to provide appropriate instructions to employees. Companies must develop a coherent and comprehensive prevention strategy covering work processes, technology, work organization, working conditions, social relationships, and the effects of workplace environmental factors.

The role of risk assessment

One of the employer’s most important obligations is the preparation and maintenance of a risk assessment, including risk management and the determination of preventive measures. The assessment is carried out by a specialist, who identifies the hazard sources, determines the group of employees exposed to risks, and assesses the nature of the hazards and the extent of exposure. The risk assessment must be carried out before the commencement of the activity and reviewed when justified—at least every five years. Justifiable cases include changes in technology, work equipment, the method of work, or the scope of the employer’s activities. A risk assessment is likewise justified and required if a work accident or occupational disease occurs in connection with deficiencies in the applied activity, technology, work equipment, or method of work. These tasks qualify in all cases as occupational safety and occupational health professional activities and may only be performed by persons with the prescribed qualifications.

Persons authorized to carry out risk assessments

The Labour Safety and Health Act also contains differentiated rules regarding the qualifications required to carry out risk assessments and to define the occupational safety and occupational health content of the prevention strategy, with particular regard to the hazard class and the number of employees. The detailed rules are set out in Decree 5/1993. (XII. 26.) MüM (hereinafter: “MüM Decree“), which classifies employers into hazard categories and stipulates the qualifications required to perform the tasks accordingly.

In the case of employers classified in hazard class III with a maximum of 50 employees (e.g., labour market service providers, IT infrastructure providers, and wholesale and retail trade in general), there has been no change since 1 July 2025, in accordance with the MÜM Decree, the activity may also be carried out by a person holding a specialist medical qualification in occupational medicine, industrial medicine, occupational hygiene, public health and epidemiology, preventive medicine and public health, or by a person holding a qualification as a public health or epidemiological inspector or supervisor.

As of 1 January 2026, a new rule provides that, for employers employing at least 50 employees, the occupational safety content of the prevention strategy must be developed by a person with higher-level occupational safety qualifications in the case of activities classified under Hazard Classes I and II pursuant to the MüM Decree, such as paper manufacturing, pharmaceutical manufacturing, machinery manufacturing, computer, electronic and optical product manufacturing, and tobacco product manufacturing.

Also introduced as of this year is the rule that, for activities classified under Hazard Class I pursuant to the MüM Decree—such as paper manufacturing, pharmaceutical manufacturing, and machinery manufacturing—the preparation of the risk assessment at employers employing at least 50 employees must be carried out by a person with higher-level occupational safety qualifications.

Special rules for teleworking

In the case of teleworking, the employee performs work for part or all of their working time at a location separate from the employer’s premises. In such cases, work may be performed using equipment provided by the employer or, by agreement, by the employee. Where equipment is provided by the employee, the employer must, as part of the risk assessment, ensure that the work equipment is in a safe condition that does not endanger health, while maintaining this condition is the employee’s responsibility.

If work is not performed using IT equipment, it may only be carried out at a remote workplace that has been preliminarily assessed by the employer as appropriate from an occupational safety perspective, and the employer must regularly monitor working conditions and compliance with the applicable rules.

The situation differs when work is performed using IT equipment. In such cases, the employer is not required to conduct a risk assessment; it is sufficient for the employer to inform the employee of the rules for ensuring safe and healthy working conditions and to oblige the employee to comply with these rules, and the employer may obtain a declaration from the employee acknowledging this obligation. The employer may keep a register of work equipment. The employee is required to select the place of remote work in compliance with these conditions. Compliance with the rules may, of course, be monitored remotely by the employer through the use of IT tools. Although an individual risk assessment is not required in this case, proper employee information and regular monitoring remain part of the employer’s occupational safety obligations.

Employer obligations and liability

The employer’s ongoing responsibility does not end with the preparation of documentation. Employers must ensure proper information and instruction for employees, regularly monitor working conditions and compliance with regulations, provide safe work equipment, and promptly investigate irregularities and reports. In addition, employers must ensure the proper usability and condition of personal protective equipment, as well as the lawful investigation of work accidents and occupational diseases.

Compliance with occupational safety regulations is also of outstanding importance from the perspective of employer liability for damages, as under Act I of 2012 on the Labour Code the employer bears objective liability for damage caused to employees in connection with the employment relationship. To be exempted from liability, the employer must prove that the damage was caused by a circumstance beyond its control that it could not have foreseen and that it was not reasonably expected to prevent or mitigate. Under this strict regulatory framework, any failure to comply with occupational safety regulations is necessarily assessed to the detriment of the employer. For these reasons, it is particularly important that employers always have up-to-date occupational safety measures in force and that these are properly and verifiably documented.

Summary

Occupational safety regulations make it clear that ensuring occupational safety and health is not merely a formal obligation, but one of the most important elements of employer responsibility. Failure to properly prepare and regularly review the risk assessment and prevention strategy, as well as failure to actually comply with occupational safety requirements, entails not only regulatory sanctions but also significant compensation risks, given the employer’s objective liability. Our firm is pleased to assist in preparing for regulatory changes and in establishing operations that comply with applicable legislation.

Photo source: pexels.com, suntorn somtong

Changes to Occupational Safety Rules at the Beginning of the Year Read More »

Data protection considerations related to the development of AI models

Data protection, News / / , , , , , , , ,

Reading time: 5 minutes

Artificial intelligence (“AI“) is a rapidly evolving family of technologies that contributes to a wide range of economic, environmental, and social benefits across all sectors and social activities. By improving predictive accuracy, optimizing operational processes and the allocation of resources, and enabling the personalization of digital solutions available to individuals and organizations, the use of AI can confer a decisive competitive advantage on businesses while also delivering beneficial social and environmental outcomes.

The use of artificial intelligence, alongside its potential benefits, is also associated with certain risks. In order to mitigate these risks, Regulation (EU) 2024/1689 of the European Parliament and of the Council on artificial intelligence (“AI Act”) has been adopted, several provisions of which have already entered into force. At the same time, the development of many AI models involves the use of personal data, which raises the question of how the AI Act affects data processing activities related to AI systems.

The relationship between the AI Act and the GDPR

The AI Act makes it clear that it does not amend the application of existing EU rules on the processing of personal data, including the requirements set out in the GDPR. Accordingly, organizations falling within the scope of the AI Act must, in the course of their data processing activities, comply fully with the provisions of the GDPR.

Through the enforcement of the right to the protection of personal data, the GDPR also supports the effective exercise of other fundamental rights, including, inter alia, freedom of thought and expression, the right to information and education, and the freedom to conduct a business. On this basis, it can be concluded that the GDPR establishes a legal framework that facilitates responsible innovation, including the responsible development and deployment of AI-related technologies.

Data protection considerations in relation with the development of AI Models

In connection with the development of AI models, the European Data Protection Board (“EDPB”) adopted a standalone opinion on data protection aspects arising in relation to the processing of personal data in the context of artificial intelligence models (“Opinion”).

The Opinion examines how personal data may be used in the development of AI models and highlights the issues requiring particular attention when placing on the market AI systems developed using personal data.

Lifecycle of AI Models

The EDPB divides the lifecycle of AI models into two stages, emphasizing that data processing may occur in either of them. The first stage covers the processes preceding the deployment of the model (including e.g. its creation, development, the training, the fine-tuning). The second stage relates to the deployment phase, encompassing the use of the model following its development.

Existence of a legal basis for data processing by data controllers

One of the cornerstones of data protection regulation is that personal data may only be processed where a specific legal basis exists. The Opinion reiterates the general expectation that data controllers must determine the appropriate legal basis for their processing activities.

However, the EDPB found that, as a general rule, an AI model developer may rely on legitimate interest as a legal basis, provided that the existence of such legitimate interest is duly substantiated. For this purpose, a three-step test – already familiar to those with experience in data protection compliance practice – serves to properly assess whether a legitimate interest genuinely exists.

The EDPB emphasizes that the balancing test must take into account whether the data subjects can reasonably expect their personal data to be used. The Opinion is significant in this regard because it sets out several criteria intended to assist data protection authorities in assessing the “reasonably foreseeable” criteria

The Opinion also recalls that, where it appears that the interests, rights, and freedoms of data subjects override the legitimate interests of the data controller or of a third party, all is not lost. Namely, the data controller may consider the implementation of mitigating measures to limit such adverse effects. These may include, for example, pseudonymization, or measures aimed at masking personal data or replacing them with fictitious personal data within the training dataset. The introduction of appropriate data protection measures can make data processing lawful again.

Anonymity

The GDPR classifies as personal data any information relating to an identified or identifiable natural person, whether directly or indirectly. According to the position of the EU institution, in the context of AI model development, personal data may only be used where they are properly anonymized, such that even in the event of a potential reverse engineering of the model, the identification of data subjects is not possible. With regard to anonymization, the EDPB emphasizes that the competent data protection authorities must assess, on a case-by-case basis, whether the organization developing the AI model has complied with this requirement. The body also sets out several recommended technique that may be suitable for preserving anonymity (e.g. prevent or limit the extraction of personal data used for training purposes).

Summary

The EU body emphasizes in its Opinion that compliance with data protection requirements governing the processing of personal data must be ensured throughout both the development and deployment of AI models. It is evident that the expansion of AI and its potential risks are being treated and monitored as a priority in law enforcement, and therefore numerous regulatory guidelines from authorities can be expected in the near future.

Photo source: pexels.com, Tara Winstead

Data protection considerations related to the development of AI models Read More »

CLVPartners
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.