Kelemenis & Co. provides comprehensive advice on regulatory and corporate compliance, assisting clients in establishing and maintaining compliance structures aligned with Greek law and applicable European standards. The firm supports on core areas, including data protection (GDPR), anti-money laundering (AML) and know-your-customer (KYC) obligations, whistleblowing systems, and employment and workplace compliance.

In parallel, we advise on sector-specific regulatory regimes, as well as on horizontal regulatory frameworks such as public procurement law, with particular experience in highly regulated industries such as energy, insurance, healthcare, banking and financial services, technology, media and telecommunications (TMT), and education.

Our practice combines sectoral expertise with a strong command of cross-cutting regulatory frameworks and is well positioned to advise on regulatory requirements in the areas of competition law, consumer protection and digital regulation.

The firm’s expertise includes:

Corporate Compliance

• Design, implementation and review of corporate governance structures in line with Greek company law, including Law 4548/2018 (for sociétés anonymes), Law 3190/1955 and Law 4072/2012, as well as best practice corporate governance principles
• Establishment of internal policies and procedures, including codes of conduct, anti-bribery and anti-corruption policies, conflicts of interest frameworks and internal approval processes
• Advisory on board responsibilities, directors’ duties and liability, including structuring of decision-making processes and documentation (minutes, delegations, internal regulations)

Regulatory compliance & risk management

• Development and implementation of compliance management systems, including risk assessments, internal controls and monitoring mechanisms tailored to regulated and non-regulated sectors
• Ongoing support on regulatory compliance obligations, including sector-specific requirements (e.g. financial services, energy, tourism)

Data protection & GDPR

• Full compliance with the General Data Protection Regulation and the Greek implementing law 4624/2019
• Drafting and implementation of privacy policies, data processing agreements (DPAs) and internal data governance frameworks
• Advisory on lawful processing, data subject rights, data retention and cross-border transfers
• Support in data breach response, notification obligations and interaction with the Hellenic Data Protection Authority

Whistleblowing & reporting mechanisms

• Design and implementation of internal reporting channels in compliance with the Law 4990/2022 (transposing the EU Whistleblowing Directive)
• Drafting of whistleblowing policies and procedures ensuring confidentiality, data protection and protection against retaliation
• Advisory on handling and investigating reports, including interaction with competent authorities and safeguarding employee rights

Corporate integrity & financial compliance

• Compliance with anti-money laundering (AML) obligations under Law 4557/2018, including KYC procedures and internal controls
• Advisory on sanctions and restrictive measures (EU framework) and related internal compliance policies
• Implementation of ESG and sustainability governance frameworks, including reporting obligations where applicable

Employment policies and internal regulations

• Designing and implementing comprehensive employment policies and internal regulations

Social security compliance and contribution framework

• Comprehensive advice on compliance with Greek social security legislation, including registration with the e-EFKA, calculation and payment of contributions, classification of insured persons, parallel insurance issues, and treatment of atypical employment arrangements.

The firm’s expertise on sector-specific compliance and regulation focuses on:

• Energy, including the EU Clean Energy Package and the Greek regulatory framework (e.g. Laws 4001/2011 and 4685/2020)
• Insurance, including the Solvency II framework and the applicable supervisory regime
• Healthcare and life sciences, including pharmaceutical regulation, pricing and reimbursement, as well as rebate and clawback mechanisms under Greek law, and the applicable EOF and EU framework
• Banking and financial services, including the supervisory role of the Bank of Greece, prudential requirements, the MiFID II framework for investment services and the Digital Operational Resilience Act (DORA)
• Technology, media and telecommunications (TMT), including data protection, e-privacy, electronic communications regulation and digital services frameworks
• Education, including the applicable Greek legal framework for non-state universities (Law 5094/2024)