May 31, 2025
Publications
Working Paper for a Newsletter
🚧Pour maîtriser la masse réglementaire de la Compliance, la penser comme un puzzle
complianceTech®️. pour lire ce document de travail en français⤴️cliquer sur le drapeau français
🌐follow Marie-Anne Frison-Roche on LinkedIn
🌐subscribe to the Newsletter MAFR Regulation, Compliance, Law
🌐subscribe to the Video Newsletter MAFR Surplomb
🌐subscribe to the Newsletter MaFR Droit & Art
____
► Full Reference : M.-A. Frison-Roche, To master the regulatory mass of Compliance, think of it as a jigsaw puzzle, Working Paper , May 2025
____
📝 This Working Paper underpins the Newsletter MAFR Law -Compliance - Regulation of 2 June 2025 :
____
► Summary of this Working Paper: People are rightly complaining that Europe's regulatory and compliance regulations are too numerous, too complicated and too changeable. As a result, they are said to be unmanageable.
Three solutions are proposed: specialise lawyers, regulatory corpus by regulatory corpus; deregulate; entrust everything to algorithms.
These are inadequate solutions, because regulations cannot be understood unless they are put into perspective with the rest of the legal rules .; we have entered a new world, and these new regulations reflect the need for a new Law (unless we want to destroy the Law itself, which is what some people are dreaming of doing); algorithms reproduce past solutions and do not produce the new legal conception required.
For an appropriate solution, we need to move away from a word-by-word understanding of the regulatory and compliance regulations and understand them as a whole, not only in relation to the purpose that gives them meaning, but also in relation to each other. In the positive sense of the term, they form a European 'jigsaw puzzle'. We need to look at the overall picture in which each regulation fits and makes sense. It finds its simplicity in relation to its purpose.
It is always a question of working towards the sustainability of systems by asking companies to contribute so that the systems do not crush human beings but benefit them. Thus, in practice, the Monumental Goals of Compliance Law give clarity to the body of regulations which, when seen as a whole, are manageable and practical. Judges interpret them in this way.
____
🔓read the Working Paper below⤵️
I. THE DIAGNOSIS
People rightly complain about the flood of regulations. They often relate to Regulatory and Compliance Law. They are now referred to by their acronyms. This undoubtedly increases our impression of being overwhelmed.
At European level, these include (and these are just a few examples...) the DMA (Digital Markets Act), the DSA (Digital Services Act), NIS2 (Network and Information Security 2), the Data Act, the DORA (Digital Operational Resilience Act), the CSRD (Corporate Sustainability Reporting Directive), the CS2D (Corporate Sustainability Due Diligence Directive), MICA (Markets in Crypto Assets Regulation), the AI Act (Artificial Intelligence Act) and so on.
People are rightly complaining about three things:
1. Their number.
2. Their complicated nature.
3. Their constant internal change.
Three catastrophic conclusions have been drawn (and this is where these conclusions can be challenged, as we shall see next):
Two catastrophic observations have been made (and this is where these conclusions can be challenged, as we shall see in a moment):
- It would be impossible to know what they are; they wouldn't be managed.
- It would be already impossible to master one or two of them; it would be totally impossible to master them all. The lawyer who had a global vision of the law would be really a thing of the past.
II. THE 3 PROPOSED SOLUTIONS
Because it is not sufficient to complain, there are 3 solutions.
1. The first solution is to specialise lawyers by specific regulation.
The future would be for the so-called ultra-specialised lawyer, who knows a regulation line by line, word by word, to follow its ongoing transformation (for example, following the GDPR, or following the C3RD, that but only that). This solution is often advocated and practised in the training courses on offer.
2. The second solution is to abolish these regulations
There are calls for "deregulation", for an attack on the "mille-feuille". When there are no longer so many pages to master, there will be no regulatory problems to solve, because freedom will be a concept that is easy to apply. This is a massive movement.
3. The third solution would be to give everything to the algorithmic system, often called "artificial intelligence". Algorithms would assimilate everything, line by line, word by word, any change being integrated as it happens.
III. THE LIMITATIONS OF THESE 3 SOLUTIONS
1. Knowledge of a single regulation is not relevant because the law operates as a system and you need to know the rest of the legal system to master a regulation.
2. Deregulation" by abolishing many regulations does not abolish Law, notably not Contract Law, Tort Law, Property Law and lawsuits. Unless you want to abolish the Law itself and/or trials and judges.
3. Algorithms work on the basis of answers provided in the past and do not produce the new legal thinking required by the new world we have just entered.
IV. THE UNITY OF REGULATIONS IN THE PUZZLE OF COMPLIANCE LAW
The solution lies in what may appear to be the opposite of the proposed solutions.
1. A Compliance regulation must be legally handled as a "whole", first of all in itself because it is based on the Goals it serves. For example, the GDPR goal is to protect the people involved in the data system. The DMA goal is to protect competition in the digital space. The DORA goal is to ensure the sustainability of the banking information system. It is in the light of a clear Goal that each provision takes on its meaning.
But each Compliance regulation must also be legally handled as part of a larger 'whole': Compliance Law itself, in which each regulation has its place. Each regulation has points of contact with the others, and must fit in with them. Each regulation is a piece of the "jigsaw puzzle". And "puzzle" should be taken in the positive sense of the word.
Indeed, if we do not take these texts word by word, neither regulation by regulation, and adjust each piece of the puzzle, the big picture of Compliance Law will emerge.
In fact, whatever the regulation, it is always the same Monumental Goal, whether it is the DMA, the DSA, the CSRD, the CS3D, the GDPR, the Data Act or the DORA: to ensure the sustainability of systems by entrusting this function to the companies that are in a position to contribute to these various systems not collapsing and operating for the benefit of the people involved in them.
V. THE JUDGE'S OVERALL UNDERSTANDING OF ALL REGULATIONS
The courts did not interpret the provisions one by one, nor did they interpret the regulations in isolation. In a Compliance Law in which the judge plays and will continue to play a central role, the courts will have to clarify definitions and determine compliance obligations in a unified way based on a global vision.
This global vision simplifies each regulation, highlights its internal and external coherence and makes its development predictable. The author of all the regulations is always the same (for instance the European Commission): it is the one who, piece by piece, draws up the Compliance Law, the normativity of which is in the Monumental Goals.
While the Courts interpret it as a whole (as a puzzle, seen as a global picture), according to the teleological method that applies in this new branch of Economic Law.
What changes is when the overall plan changes. And the plan is not the same in Europe, the United States or China. But that's another subject, which deserves another Overhang.
________
comments are disabled for this article