Josefine Spengler advises financial institutions and their service providers at Annerton´s Berlin office on all legal matters arising in a regulated environment. Her practice focuses on IT law and data protection law, closely intertwined with financial regulatory and supervisory law.

Drawing on many years of in-house experience within regulated entities, she combines in-depth regulatory expertise with a strong understanding of operational, technical and organisational processes. She advises national and international clients particularly at the intersection of regulatory law, IT governance and data protection, and provides hands-on support in the implementation of regulatory IT requirements, outsourcing and third-party arrangements, as well as IT projects and data protection obligations in regulated business models.

As a Certified Specialist Lawyer for IT Law, Josefine Spengler’s advisory work focuses on the regulatory and data protection requirements applicable to IT systems, data processing activities and digital business models of payment service providers and financial institutions. Her work is characterised by a pragmatic, solution-oriented approach and by the objective of designing and sustainably embedding regulatory-compliant, legally robust and operationally viable data protection and IT compliance frameworks for supervised entities and their service providers.