With several major compliance deadlines and regulatory reforms converging, the Czech legal market is entering a critical period, according to Havel & Partners Partner Milan Sivy. Noting the intensive onset and implementation of AI across the legal and business landscape, Sivy flags pay transparency, beneficial-ownership access, cybersecurity, asset recovery, and building act reform as the key issues on the radar.
"One of the most interesting topics right now is the implementation of the EU Pay Transparency Directive, with the June 7, 2026, deadline fast approaching," Sivy begins. The directive aims to narrow the gender pay gap and increase salary transparency. "Employers will likely need to disclose salary ranges during hiring, marking a shift from traditionally flexible, individually negotiated compensation structures," he says.
For multinationals operating across CEE, different implementation timelines and enforcement mechanisms may lead to inconsistencies. "Larger employers will face enhanced reporting obligations, and employees will gain new rights to request pay information about colleagues performing similar work,” Sivy continues. “Companies are already focusing on compliance strategies to mitigate potential litigation exposure.”
Sivy also notes that public access to the Czech beneficial ownership register was closed following court decisions applying ECJ case law. “Access is now limited to those who can demonstrate a legitimate interest,” he says, noting direct consequences for due diligence and AML compliance. "Information that was previously readily accessible now requires formal requests. A legislative amendment transposing the new AML Directive requirements is currently in preparation, which is expected to introduce a formal procedure for verifying legitimate interest and new categories of privileged access.”
On cybersecurity and data retention, Sivy reports that the Czech Supreme Court recently confirmed certain blanket data-retention obligations are compatible with EU law, while law-enforcement authorities continue to demand broad access to retained data. “This creates tension between privacy compliance and security obligations, particularly for telecom operators and businesses handling large volumes of data," he explains.
The new Cybersecurity Act implementing the NIS2 Directive adds further complexity. "Certain entities, including financial-sector technology providers, must report significant cybersecurity incidents within hours of detection, a requirement that applies where clients, such as banks, are subject to parallel reporting obligations, and cross-border coordination becomes critical. Companies operating across multiple CEE jurisdictions must carefully manage potentially divergent compliance frameworks to avoid regulatory exposure," Sivy outlines.
Sivy also highlights the new Czech Asset Recovery Act, which "introduces special proceedings targeting property suspected of originating from criminal activity, even where traditional criminal sanctions cannot be applied. If the property exceeds approximately EUR 40 thousand, it may be subject to confiscation. While this will not affect most routine transactions, it is a factor to consider in cross-border deals where buyers conduct enhanced due diligence on asset provenance ."
Finally, a major Building Act reform is in the legislative process. "The proposed framework would introduce an integrated permitting procedure administered by a single authority, replacing the current fragmented system," Sivy says. "The bill, approved by the Government in December 2025 and currently pending its second reading, could significantly streamline development projects and reshape construction permitting in practice."
