Nicole Battistini-Kohler
Attorney at Law. LL.M.Eur
NBKLegal
(Un)fortunate incidents from everyday life
...about failures, bad luck and mishaps that could have been avoided
How disasters arise
Most disasters begin silently.
Not out of malice, but rather due to a lack of awareness of the problem. It often starts with a small oversight or an unnoticed weak point – something that ‘really’ shouldn't cause anyone concern.
Gross negligence or even intent usually only arise later, from the moment someone acts against their better judgement. This is the tipping point – and it often occurs unnoticed. The few who do notice it are often too afraid or too entangled to identify the dynamics at play.
From there, the development takes its course: it moves from tech to security, slips unnoticed past risk management, silently triggers a compliance problem that no one notices – and thus, piece by piece, opens the door to disaster.
And when no one is expecting it, disaster strikes like a tsunami in a mountain valley.
This is where we come in.
We work across disciplines, combining legal expertise with technical, financial, risk and compliance know-how. Our interviews follow a methodology we call White Space Interviews: we ask the questions that no one else asks – in language that every discipline understands. This gives us answers that go far beyond the boundaries of individual disciplines and paint a realistic picture of the whole.
​
This change of perspective enables us to identify risks early on, understand connections and initiate countermeasures before the tipping point is reached.
​
The following examples draw on elements from our experience without referring to specific mandates. They show how we work in a wide variety of constellations. It always starts with an inconspicuous starting point – and develops step by step into a serious problem.
​
Many of these developments could easily be prevented – if someone asked the right questions early enough.
​
Immerse yourself in these ‘real-life crime stories’ and see for yourself how small signs can grow into major dynamics – and how we can turn the tide together with our clients.
​
Case 1 Investor & Product KPI: How the lack of product-related key figures lulls investors into a false sense of security – and how to create clarity.
​
The task:
​A start-up in the finance sector receives equity capital to expand its product range, with which it aims to become the market leader. The equity story sounds credible – the addressable market for financial products is large, high-revenue and international, the idea sounds innovative and interesting, and the team comes across as confident. A classic due diligence process is also carried out, which does not reveal any red flags or other negative findings. The investors closely monitor the company's financial KPIs and ask questions on a regular basis. The company subsequently reviews several product ideas and tries out several strategies, but its performance ultimately fails to meet expectations. The investors wonder what went wrong.
​
Our approach:
Expansion of pre-investment review and reporting during the investment period: open discussions with engineering, product, project management (if available), customer and sales to review development budget, resource allocation, market fit, degree of innovation and error susceptibility, sales delivery consistency, production costs and programming languages (talent attraction and retention). Ensure that the right KPIs are defined to steer reporting in the right direction and ensure that issues that drive performance are identified and addressed.​
​​
Additional benefits thanks to our interdisciplinary format
​​
In similar cases, Martin Nimbach, Cornelia Henkel and Mark von Seydlitz supplement the classic product and financial perspectives with technical, neuropsychological and communicative perspectives – for a realistic picture ‘from the engine room’.
Martin Nimbach – Tech & AI Insight
Sheds light on product development from a technological perspective: choice and maturity of programming languages, architectural decisions, scalability, security and quality standards (e.g. ISO/ISMS), degree of innovation and attractiveness for development teams. AI-supported risk and scenario analyses available on request.
Mark von Seydlitz – Impact & Communication
In parallel, targeted media and presentation training with key personnel: critical product and development facts are communicated internally and externally in a clear, consistent and convincing manner – to investors, customers and your own team.
​
Cornelia Henkel – Neuro Insight
Analyses team dynamics and cognitive decision-making processes in product and management teams: clarity of roles and responsibilities, prioritisation under pressure, bias patterns and stress profiles. The results are concrete levers for better collaboration, faster decisions and robust roadmaps.
The result:
Investors don't just see numbers, they understand the operational reality. Companies are given concrete levers to close performance gaps early on – before they become expensive. In addition, you gain greater planning security, better investment protection, transparency and reliable reporting – and thus more satisfied employees and convinced investors.
​
Analysis:
Financial investors often base their calculations heavily on financial KPIs. It stands to reason that they anchor KPIs in their reporting that they consider relevant. However, depending on the segment in which the target operates, this can create a blind spot: a situation arises in which one party focuses on financial indicators, while for the other party, the decisive factor is whether the product works. This creates a perception gap: product development follows logic that is not covered by purely finance-driven reporting. This discrepancy can lead to the company's central problems going unnoticed from the investors' perspective. If this dynamic causes the heart of the company to be overlooked, it can have fatal consequences – for the company and for the investors.
​
Our practical tip:
Go through the target's value chain from A to Z and identify which key data and drivers are crucial for the target. Establish and maintain contact with key people in the company who directly influence its success. We and our software development partners are happy to help.
Case 2 Supervisory Board & Whistleblower: Discreet investigation of sensitive allegations – without unnecessary damage, with fairness and maximum factual basis.
​
The task:
A whistleblower anonymously reports irregularities in the management board to the chairman of the supervisory board and expresses suspicion that there may be a breach of trust. The chairman of the supervisory board is unsure who to entrust with the investigation: the law firm that normally advises the company and works closely with the management board could find itself in a conflict of interest, and the internal legal and compliance department could come under too much pressure.
​
Our approach:
In such cases, we recommend a discreet preliminary review of the facts and evidence, the establishment of appropriate communication between the supervisory board and the management board, the obtaining of a criminal/labour law opinion if necessary, and a discreet investigation involving interviews with those affected and potential witnesses.
​
Additional benefits thanks to our interdisciplinary format
Discreet, fair, secure.
​
Cornelia Henkel (Neuropsychology & Interviewdesign): Develops a low-impact interview guide for the board, whistleblowers and witnesses (non-leading questions, bias checks, protection against retraumatisation). Assess group and power dynamics, separate perceptions from facts and thus ensure reliable statements with maximum fairness.
Martin Nimbach (Tech & Forensics): Sets up immediate data preservation (litigation hold), check access/change logs, email/document versioning, role and rights assignments. Result: a clean chain of custody and a technical fact base that can be used in labour and criminal law proceedings – without disrupting ongoing operations.
Mark von Seydlitz (Impact& Communication): Coaches the supervisory board chairperson for tricky conversations and leak scenarios (on/off camera). Creates short, legally compliant talking points for the executive board, supervisory board and internal communications – de-escalating, precise, without prejudice.
​
The result:
Relief for the Chairman of the Supervisory Board, fairness towards the Management Board, protection of whistleblowers: minimal damage with maximum preservation of evidence and clarification.
​
Analysis:
This is a situation that can actually arise at any time. Naturally, supervisory board chairpersons are usually overwhelmed by such situations because they are neither criminal nor labour lawyers nor psychologists, and because it is difficult to assess such a situation correctly right away. It also stands to reason that the internal legal and/or compliance department and the usual advisors who are employed by the management board would find themselves in a difficult situation if they were suddenly required to investigate the management board. This creates a vacuum in terms of who to turn to in order to resolve the situation.
​​​
Our practical tip:
Stay calm and don't let yourself be pressured. First, brainstorm with a consultant you trust and then clarify the situation step by step. We are happy to help.
Case 3 Founders & exit taxation: How forward-looking location and financing planning can save millions in taxes.
​
The task:
A young entrepreneur residing in Germany establishes a software development company and finds an investor willing to acquire 50% of the start-up's shares for a price of 50 euros per share. A year later, the founder moves to Switzerland, close to a major customer whose infrastructure he can use on very favourable terms. Some time later, the founder receives a claim for millions from the tax office, payable immediately, due to exit taxation.
​
Our approach:
We offer a comprehensive check with tax advisors from our network to develop a plan for determining the best location and optimal timing for your company's development. If the damage has already been done (as in the example here), we offer to clarify the situation together with tax advisors and auditors from our network and resolve it step by step.​
​
The result:
Avoidance of so-called ‘dry income’ situations and planning security for all parties involved.
​
Analysis:
​It's actually an excellent situation: someone starts a company and finds an investor who is willing to buy shares for a decent price. Not everyone is aware that German tax law (unlike in other countries) provides for a exit tax for private individuals, which applies in such cases, and that the tax office naturally uses the last share purchase as the basis for the company valuation – which can be extremely expensive without liquidity to pay the bill.
​
Our practical tip:
Start planning your life and business side by side at an early stage and see how best to combine the two. We and our partners in tax consulting and auditing will be happy to help!
Case 4 Entrepreneurs & working abroad: Why clear rules for cross-border work prevent unnecessary costs and legal disputes.
​
The task:
After a long search, an entrepreneur finds a highly talented team of developers at his company's headquarters in Berlin. The developers settle in and quickly take on important roles within the company. A year later, the developers move from Berlin to Vienna. The entrepreneur agrees that they can continue working for him from Vienna and does not interfere in their affairs. Three years later, a dispute arises between the entrepreneur and the developers over a product development issue. The dispute escalates, the developers turn to the Chamber of Labour in Vienna and hire a lawyer. They demand retroactive payment of 14 months' salary for each year they worked from Austria, citing Austrian law. When the entrepreneur terminates their employment contracts, they invoke German protection against dismissal. The entrepreneur takes the view that such ‘cherry picking’ is inadmissible.
​​
Our approach:
If it becomes apparent that one or more employees will be working abroad for an extended period or permanently, we offer a comprehensive check, during which we compare whether it is more advantageous to convert the employment contracts of the employees concerned to the law of the country from which they are working permanently.
​
The result:
Planning security for employers and employees, clear roadmaps for termination or changes to the employment relationship. ‘Cherry picking,’ as is possible under the so-called ‘most favoured nation clause,’ is ruled out by clarifying the applicable law.
Analysis:​
A completely human scenario: someone starts working, things are going well, and suddenly everything changes – and then it becomes chaotic. Who could have predicted that?
​
Our practical tip:
As long as the atmosphere is good, put things on a sound footing. Thinking ahead for bad times is professional and ultimately benefits everyone.
​
Case 5 Shareholders & crisis management: Rapid intervention in financial and liability disputes – with a network, strategy and a steady hand.
​
The task:
The main shareholder of Company A, a medium-sized insurance brokerage agency, has recently been asked several times in quick succession by the agency's two managing directors to inject additional equity capital to cover operating costs. When another such request is made, the main shareholder takes the position that he first wants to understand exactly why the company's financial planning is not working properly. The two managing directors then stated that they would resign if no money was forthcoming and threatened to file for insolvency beforehand. The main shareholder feels overwhelmed by the lack of transparency and does not know how to respond.
​
Our approach:
In such an emergency, we would do everything in our power to quickly assemble a team consisting of an auditor and an insolvency lawyer and launch a discreet investigation within the company to find out what is behind the increased financial requirements and whether there is actually a risk of insolvency. At the same time, we would clarify how to prevent the company from becoming leaderless and, together with partners from our network, examine liability issues from the perspective of the main shareholder. This would create space to steer the company into calmer waters and develop a new strategy.
​
Additional benefits thanks to our interdisciplinary format
Calm, clarity, strategy – even in nightmarish situations.
​
Cornelia Henkel (Neuropsychology & crisis dynamics): Analyses acute stress situations and communication patterns between the main shareholder and management. Develops discussion guidelines that prevent escalations while still bringing reliable information to light. Strengthens ‘decision hygiene’: the main shareholder makes fact-based decisions – not based on a stress reaction.
​
Martin Nimbach (System & process analysis, technology & forensics): Quickly screens financial, reporting and IT systems to determine the cause of capital requirements (operational/structural/strategic). Sets up litigation hold and data preservation, checks access/change logs, email/document versioning and role/rights assignments. The result: a clean chain of custody and an accurate picture of the situation for auditors and insolvency lawyers – without disrupting operations. Additional services: AI-supported scenario analyses and early warning indicators.
Mark von Seydlitz (Leadership & public image): Coaches the principal shareholder to communicate clearly and confidently with management, employees and external stakeholders. Develops emergency messages and Q&A guidelines (on/off camera) that convey confidence, de-escalate situations and avoid pre-judgement.
​
The result
Within a few days, a controllable, fact-based picture of the situation emerges. The company can be managed, risks are mitigated, and a new strategy can be developed without time pressure. Crisis mode off – action mode on.
​
Analysis:
A situation straight out of a nightmare. Who can react ‘normally’ to this? You are (understandably) emotionally distraught and angry. You also have a vague feeling that something is wrong and feel powerless and overwhelmed by the responsibility of cleaning up the mess.
​
Our practical tip:
​
The first step is to calm down and surround yourself with partners you trust and who have a neutral view of the situation. Break the process down into individual steps, put them in a logical order and work through them one by one. We are happy to help.
Case 6 Tech Due Diligence: How targeted white space interviews uncover technical risks before they become problems.
​
The task:
After a strenuous bidding process, Company A succeeds in acquiring Company B as a subsidiary and integrating it into its own business model. However, during due diligence, Company A overlooked the fact that the technical equipment in Company B's data centre is at the end of its life cycle and needs to be replaced urgently. As Company B's technician resigned shortly before the transaction with Company A was completed, there is a lack of expertise to quickly recognise that Company B's infrastructure is not compatible with the solution that Company A has chosen for its own technology. Since B's technology contains a great deal of in-house developments (the know-how for which has left with B's technician and has not been properly documented anywhere), it only becomes apparent at a relatively late stage that a ‘simple’ solution such as transfer with a high proportion of ‘managed services’ is not possible due to the high risks involved in migration. The company thus finds itself in a dangerous dead end – uncontrollable functional failures can occur at any time.​
​
Our approach:
​Before the transaction, we recommend conducting a ‘white space due diligence’ to take a closer look at areas that are normally less popular (but crucial for the architecture and continued existence of the company) and critically examine staff departures in these areas. Such departures often indicate systemic problems that should be addressed prior to the purchase and taken into account either as part of the valuation, in the covenants in the purchase agreement, in the form of a purchase price retention or an earn-out depending on how the problem is resolved, or in another appropriate form. ​
The result:
Avoid costly downtime through targeted protection and timely planning.
Analysis:
Due diligence focuses on familiar areas: software robustness, performance of current projects, credibility of the equity story, potential for revenue growth, etc. Rarely does anyone ask about the underlying architecture, which is hidden in the IT infrastructure, data quality and information security. IT teams and information security officers are also often not recognised and treated as key personnel and are not interviewed as part of due diligence.
​
Our practical tip:
Consider architecture and security and keep them in mind. Together with our partners, we are happy to help identify and resolve important issues.
​
Case 7 Compliance & IT security: Find and close security gaps before they cause a company-wide disaster.
​
The task:
A tech company fails to implement licence and demand management for technical tools for a long period of time. Some tools are even introduced completely unchecked through the back door. Furthermore, without a clearly communicated ‘do not bring your own device’ policy, everyone does what they want anyway – in their own security environment, far removed from the IT security standards that the company has built into its own devices.
A security breach resulting from this chaotic situation enables a hacker to paralyse the system for an unforeseeable period of time.
Following a forensic investigation, the cyber insurance company refuses to pay on the grounds of gross negligence on the part of the company.
It turns out that the company's ISO 27001 certificate should not have been renewed either, because the requirements for this were not met due to a lack of proper licence management, proper onboarding and offboarding, compliance with the requirements of the company's internal information security management system and a failure to carry out appropriate penetration tests, which would have been highly likely to uncover the security vulnerability. This meant that much of the information provided by the company during several customer audits on its information security management was also incorrect.
As a result of these circumstances, the company is suffering massive damage to its reputation and losing customers. The supervisory board is shocked.
Our approach:
Regular spot checks on topics that are typically problem areas because they require calm and patience and are perceived as less important than all other tasks in the company. The principle ‘less shiny, more messy’ often applies to such tasks. If gaps are found, this can be taken as an opportunity to look at the underlying system, refine it in the right places and simplify it in less central areas.
​​
Additional benefits thanks to our interdisciplinary format
From false security to real resilience – before disaster strikes.
Martin Nimbach (IT-Security & System Architecture): Conducts focused penetration tests/red team exercises and forensic quick analyses to identify vulnerabilities at an early stage. Evaluates IT and tool landscapes for standard compliance (e.g. ISO 27001, DORA, NIS2), scalability and attack vectors (zero trust maturity, IAM/PAM, EDR/SIEM telemetry, log retention). Establishes joiner-mover-leaver processes, SSO/MFA, SBOM/patch routines and creates a prioritised action plan including licence & demand management and clean onboarding/offboarding.
​
Cornelia Henkel (Neuropsychology & behavioural patterns): Analyses why employees circumvent rules (cognitive load, friction, incentives) and use unofficial workarounds. Develops awareness training and micro-learning paths with nudges, habit building and psychological safety (reporting incidents without losing face). Supplemented by phishing simulations with debriefings, pre-mortems and bias checks to ensure that policies are not just written, but lived.
​
​
Mark von Seydlitz (Crisis communication & reputation protection): Designs Emergency-Communication plans (holding statements, Q&A, customer audit narratives) for customers, supervisory boards and the public. On-camera and off-camera media training for executives: clear, credible messages – even when mistakes have already been made. Preparation for audits, sensitive customer calls and internal town hall meetings.
​​
The result:
The company gains real security instead of ISO paper facades. Vulnerabilities are closed, standards are implemented sustainably, the security culture is anchored – and the organisation responds professionally to cyber attacks without irreparable damage to trust or reputation.
​
Analysis:
No one anticipated that the multitude of technical tools could cause such chaos. In fact, no one was even aware that the company had such an uncontrolled ‘zoo’ of technical applications. The intention was simply to be generous and give employees free rein. No one considered that this would result in a loss of overview and control, which would have a detrimental effect on customer relationships.
​
Our practice tip:
Management does not need to be familiar with the details of licence management or know exactly which individual tools are used in the company. Once awareness has been raised that there are tigers and poisonous snakes in the zoo of existing tools, it is sufficient to appoint a good information security officer and support them in their work. Management has a vested interest in ensuring that the company is well positioned in this area, as any refusal to pay by an insurance company will quickly raise the question of whether management can be held responsible for the situation.
Note on transparency:
The cases shown here do not correspond exactly to cases that have occurred in reality. However, they contain many real elements that we have rearranged.