Koen De Puydt (Andersen) : "The only sustainable approach is to accept that there is no ‘one-size-fits-all’ rule"

Leaders League: How can multinationals legally manage conflicts of regulation, in particular between U.S. sanctions, European sanctions, and national digital sovereignty requirements, without compromising their global business?

Koen de Puydt: This is one of the most complex challenges multinationals face today, because these conflicts are not theoretical — they play out in daily business decisions. The only sustainable approach is to accept that there is no “one-size-fits-all” rule, and to build legal and operational segmentation into the organization.

What I mean by that is structuring operations so that EU-based entities, for example, can comply with EU law and the Blocking Statute, while U.S. entities comply with American sanctions. This requires strong internal firewalls, but it is often the only way to avoid direct conflicts of law.

At the same time, contracts must be drafted with this complexity in mind. Sanction compliance clauses, hardship provisions, and even dispute escalation mechanisms are tools that give companies breathing room when laws clash. Finally, you need a governance process: an escalation framework that enables legal and compliance teams to make rapid, documented decisions on which rule prevails in a given context. In short, it is less about finding perfect harmony and more about designing robust, parallel structures that preserve business continuity without violating either regime.

Given the rapid evolution of international sanctions regimes and geopolitical tensions, what preventive legal structures allow compliance officers to maintain agility while minimizing legal risk ?

Prevention is about infrastructure. Compliance officers need more than a handbook; they need living systems that allow them to react in real time.

A first step is to create dedicated “sanction watch” committees that bring together legal, finance, and operations. These committees monitor changes continuously, assess exposure, and can trigger immediate action. Second, companies should engage in scenario planning — for example, having pre-negotiated exit clauses with suppliers or alternative payment channels ready before sanctions hit. That transforms a sudden legal risk into a managed transition.

Equally important is to treat compliance policies as dynamic documents. With the right technology — dashboards, alerts, compliance management software — these policies can be updated and communicated instantly, rather than rewritten every two years. This combination of governance, planning, and digital tools makes it possible to balance agility with legal certainty.

Regulators often call for harmonization, but national implementations remain divergent. How can companies build “future-proof” compliance programs that anticipate convergence without over-investing in compliance?

The key is modularity. Companies should build a global compliance framework based on international principles — OECD guidelines, UN guiding principles, the EU acquis — that acts as a common baseline across all jurisdictions. This “core layer” is then supplemented with local modules that address specific national requirements.

Such a layered approach avoids the trap of reinventing the wheel every time a new regulation emerges. Instead, when convergence occurs — for example, within the EU — companies already have the backbone in place and can simply adjust the national add-ons.

In addition, forward-looking compliance programs rely on horizon scanning. Legal teams need to track not only current laws but also policy signals from Brussels, Washington, or the G20, and prepare draft adaptations before they become mandatory. That way, compliance is not just reactive; it becomes a strategic tool to anticipate change.

So, a future-proof compliance program is globally principled but locally adaptable: strong enough to absorb convergence, flexible enough to manage divergence, and efficient enough to avoid over-investment.