{"id":724,"date":"2025-09-17T01:11:27","date_gmt":"2025-09-17T01:11:27","guid":{"rendered":"https:\/\/legiergroup.info\/?page_id=724"},"modified":"2025-10-21T13:45:40","modified_gmt":"2025-10-21T13:45:40","slug":"supply-chain","status":"publish","type":"page","link":"https:\/\/legiergroup.info\/en\/supply-chain\/","title":{"rendered":"Supply chain"},"content":{"rendered":"<div data-elementor-type=\"wp-page\" data-elementor-id=\"724\" class=\"elementor elementor-724\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0f548be e-flex e-con-boxed e-con e-parent\" data-id=\"0f548be\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cf913b2 elementor-widget elementor-widget-text-editor\" data-id=\"cf913b2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<h1>1) Introduction &amp; Definition<\/h1><p>This presentation describes an integrated, cross-brand supply chain of the LEGIER Group (incl. SCANDIC Group by LEGIER) - from input (sources, suppliers, partners) through production\/services to global delivery and monetization - with governance, KPIs and a digital image (\u201eDigital Twin\u201c).<\/p><p>Supply chain management (SCM) strategically and operationally coordinates activities along the supply chain and integrates procurement\/sourcing, conversion\/production and logistics\/distribution. The aim is to achieve a system-wide increase in effectiveness (customer benefit) and efficiency across company boundaries.<\/p><h1>2) Overview: LEGIER &amp; SCANDIC Group by LEGIER<\/h1><ul><li>LEGIER MEDIA GROUP: global media conglomerate with its own daily newspapers and high-performance infrastructure (data center in Manama, Bahrain).<\/li><li>SCANDIC Group by LEGIER: associated brands in Payments\/Crowdfunding, Real Estate, Trading\/Finance, Private Aviation, Yachting, Data Center, Trust\/Asset Protection, Security and Health.<\/li><\/ul><p>The ecosystem enables cross-brand value streams (e.g. capital \u2192 deal flow \u2192 processing \u2192 operations \u2192 service \u2192 monetization) and shared platforms (identity, compliance, data, security, operations).<\/p><h1>3) Digital Twin + Control Tower<\/h1><ul><li>Digital twin: semantically linked image of all assets, nodes, flows and SLAs - across brands and regions.<\/li><li>Supply chain control tower: real-time visibility and control (demand\/traffic, order\/content throughput, capacity, risks, compliance, revenue) including suggested countermeasures (COA).<\/li><li>Forecasts &amp; scenarios: Forecasts (load, demand, sales, subscription\/yield), what-if simulations (outages, peaks, policy changes) and automated COAs.<\/li><\/ul><h1>4) End-to-end value stream per brand (short profile &amp; supply chain role)<\/h1><ul><li>National - examples: DE ZAG &amp; GwG; AT ZaDiG 2018 &amp; FM-GwG; FR Code mon\u00e9taire et financier &amp; LCB-FT; IT d.lgs. PSD2\/AML; ES RDL 19\/2018 &amp; Ley 10\/2010; NL Wft &amp; Wwft; PL Ustawa o us\u0142ugach p\u0142atniczych &amp; AML; RO Legea 209\/2019 &amp; 129\/2019.<\/li><\/ul><ul><li>EU: PSD2; E-Money Directive; MiCA &amp; Transfer of Funds Reg.; DORA; AML Directives (5th\/6th); GDPR; eIDAS; Data Act; DSA\/DMA.<\/li><\/ul><p><strong>R<\/strong><strong>legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.1 SCANDIC PAY (Crowdfunding, finance, digital assets)<\/h2><ul><li>eIDAS: Trust services\/signatures (article per use case).<\/li><li>DORA: Art. 5 ff. (ICT risk), Art. 17 ff. (incident reporting).<\/li><li>MiCA\/TFR: central application articles incl. travel data obligations.<\/li><li>PSD2: Art. 66\/67 (access to third-party services), Art. 97 (SCA).<\/li><li>GDPR: Art. 5 (Principles), Art. 6 (Legal bases), Art. 28 (Processors), Art. 32 (Security), Art. 33\/34 (Notification), Art. 44 ff. (Transfers).<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/Source: Project initiators, investors\/backers, payment networks, card program (debit).<\/li><li>Make\/Convert: Due diligence, project listing, Payment orchestration, token\/asset mapping, reporting.<\/li><li>Deliver\/Operate: Platform operation, investor communication, payouts, statistics, compliance\/DSGVO.<\/li><li>Value: Capital mobilization, deal sourcing for Estate\/Trade, brand reach.<\/li><li>National - examples: DE GEG &amp; GwG; AT EAVG\/EEffG &amp; FM-GwG; FR Code de la construction &amp; LCB-FT; IT Testo Unico Edilizia &amp; d.lgs. 231\/2007; ES LOE &amp; Ley 10\/2010.<\/li><li>EU: CSDD\/CSRD; AML directives; EPBD (energy performance of buildings); Consumer Rights Directive; GDPR.<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.2 SCANDIC ESTATE (Real Estate Development &amp; Brokerage)<\/h2><ul><li>GDPR: Art. 6, 28, 32 (legal basis\/AVV\/security).<\/li><li>EPBD: Energy efficiency\/EP certificates (article per national implementation).<\/li><li>CSDDD: Core article on risk analysis\/remediation\/stakeholder involvement.<\/li><li>CSRD: Art. 19a\/29a (sustainability reports).<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/Source: Land\/properties, developers, authorities, construction\/service providers, capital partners.<\/li><li>Make\/Convert: project development, valuation, marketing, transaction processing, ESG\/compliance.<\/li><li>Deliver\/Operate: handover\/after-sales, operation\/asset management, logistics and communication infrastructure.<\/li><li>Value: Asset pipeline for investors\/Trust, space\/locations for operations (e.g. logistics\/communication).<\/li><li>National - Examples: DE WpHG\/WpDVerOV; FR Code mon\u00e9taire et financier; IT TUF; ES Ley del Mercado de Valores; NL Wft; PL Ustawa o obrocie instrumentami finansowymi.<\/li><li>EU: MiFID II\/MiFIR; MAR; Prospectus Regulation; EMIR; BMR; SFDR\/Taxonomy; AML; GDPR.<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.3 SCANDIC TRADE (Markets: equities, foreign exchange, crypto, commodities, emission rights)<\/h2><ul><li>SFDR: Art. 3, 4, 6\/8\/9 (Disclosure\/PAI\/Products).<\/li><li>Prospectus Regulation: Art. 3 et seq. (obligations\/thresholds).<\/li><li>MAR: Art. 7, 14, 18 (insiders\/prohibitions\/lists).<\/li><li>MiFIR: Transparency\/reporting obligations (core title).<\/li><li>MiFID II: Art. 16, 24, 25 (organization\/information\/suitability).<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU<\/strong><strong>:<\/strong><\/p><ul><li>Input\/Source: Market data\/exchanges, liquidity partners, regulatory\/KYC\/AML.<\/li><li>Make\/Convert: order management, risk\/margin systems, portfolio\/treasury functions.<\/li><li>Deliver\/Operate: reporting\/billing, APIs\/platform, 24\/7 monitoring, incident response.<\/li><li>Value: Liquidity\/hedging component for group (e.g. Aviation fuel hedges, FX hedging Real Estate)<\/li><li>National - Examples: DE LuftVG\/LuftBO; AT Luftfahrtgesetz; FR Code de l'aviation civile; IT Regolamenti ENAC; ES Ley de Navegaci\u00f3n A\u00e9rea.<\/li><li>EU: EASA Basic Regulation 2018\/1139; Air OPS 965\/2012; Occurrence Reporting 376\/2014; Air Passenger Rights Regulation 261\/2004; DSA (customer pages).<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>)<\/strong><\/p><h2>4.4 SCANDIC FLY (private jet charter &amp; special flights)<\/h2><ul><li>Regulation 376\/2014: Art. 4 et seq. (incident reporting).<\/li><li>Regulation 261\/2004: Art. 5-9 (compensation\/support\/reimbursement).<\/li><li>Air OPS 965\/2012: Parts OPS\/ORO\/ARO (operational requirements).<\/li><li>EASA Basic Regulation 2018\/1139: central approval\/supervisory articles.<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/source: Fleet\/operator network, slots\/handling, crews, safety\/compliance partners.<\/li><li>Make\/Convert: Brokerage, flight\/route planning, handling\/ground, Security, special cases (evacuation\/freight).<\/li><li>Deliver\/Operate: charter execution, 24\/7 customer service, billing, DSA\/compliance pages, arbitration.<\/li><li>Value: Premium mobility for customers\/management, synergies with Yachts, Security and Trust.<\/li><li>National - examples: DE Recreational craft\/sea regulations; FR Code des transports (nautique); IT Codice della nautica da diporto; ES norma n\u00e1utica recreativa; NL Binnenvaartwet.<\/li><li>EU: Recreational Craft Directive 2013\/53\/EU; Passenger Rights at Sea Regulation 1177\/2010; Port\/Safety Regulation 725\/2004.<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.5 SCANDIC YACHTS (yacht brokerage)<\/h2><ul><li>Regulation 725\/2004: Safety of ships\/port facilities (ISPS connection).<\/li><li>Regulation 1177\/2010: Art. 16 et seq. (passenger rights by sea).<\/li><li>Directive 2013\/53\/EU: essential safety\/environmental requirements (Annexes).<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/Source: Shipyards\/owners, listings, classification societies, insurers.<\/li><li>Make\/Convert: Valuation, mandate, marketing, due diligence, escrow, transfer processes.<\/li><li>Deliver\/Operate: Refit\/service partner, charter management, crew, port\/logistics partner.<\/li><li>Value: Complements luxury mobility (Fly), cross-selling with Trust\/Wealth, events\/branding.<\/li><li>National - Examples: DE BDSG\/TTDSG\/BSIG(NIS2); FR LIL &amp; D\u00e9crets ANSSI; IT Codice Privacy; ES LOPDGDD; NL UAVG; PL Ustawa o ochronie danych; RO Legea 190\/2018.<\/li><\/ul><ul><li>EU: GDPR; ePrivacy Directive; NIS-2; Data Act\/DGA; Cyber Resilience Act; eIDAS; DORA (for financial IT services).<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.6 SCANDIC DATA (data centers &amp; platforms)<\/h2><ul><li>CRA: Product cyber security\/CE conformity.<\/li><li>Data Act\/DGA: Data access\/altruism - duties per role.<\/li><li>NIS-2: Art. 20-23 (risk management), Art. 30 (reporting).<\/li><li>GDPR: Art. 5, 6, 28, 32-36, 44 ff (core obligations).<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/source: editorial\/brand data, customer data (GDPR), telemetry\/logs, partner feeds.<\/li><li>Make\/Convert: Compute\/Storage (IBM mainframes, AI\/HPC), data integration, ontology, Security.<\/li><li>Deliver\/Operate: Hosting\/Edge\/CDN connection, observability, SLO\/SLA management, backup\/BCP\/DR.<\/li><li>Value: Backbone for operations, analytics\/forecasting, identity\/compliance backbone.<\/li><li>National - Examples: Register of beneficial owners (DE Transparency Register, FR Registre des b\u00e9n\u00e9ficiaires effectifs, IT Registro titolari effettivi, ES Registro de titularidades reales, NL UBO-register, PL CRBR, RO Registrul beneficiarilor reali).<\/li><li>EU: AML Directives; DAC6 (reporting obligation for cross-border tax arrangements); GDPR; SFDR\/Taxonomy (depending on the product).<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.7 SCANDIC GROUP (asset protection &amp; succession)<\/h2><ul><li>GDPR: Art. 6\/28\/32 (legal basis\/AVV\/security).<\/li><li>DAC6: Indicators\/deadlines of cross-border arrangements.<\/li><li>AMLD: UBO\/KYC\/Care - Key messages from the 5th\/6th AMLD.<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/Source: Clients\/Family Offices, wealth\/asset data, legal\/tax frameworks.<\/li><li>Make\/Convert: Structuring (Trust\/FO), due diligence, risk\/legal review, foundation\/ESG objectives.<\/li><li>Deliver\/Operate: Trust management, reporting\/audit, interaction with Pay\/Trade\/Estate\/Yachts\/Fly.<\/li><li>Value: Securing\/scaling assets, synergies in investment\/real assets\/luxury services.<\/li><li>National - examples: DE GewO \u00a734a\/BewachV; FR Code de la s\u00e9curit\u00e9 int\u00e9rieure; IT TULPS (sicurezza privata); ES Ley 5\/2014 Seguridad Privada; NL Wet particuliere beveiligingsorganisaties; PL Ustawa o ochronie os\u00f3b i mienia; RO Legea 333\/2003.<\/li><li>EU: NIS-2; CER Directive; Cyber Resilience Act; GDPR.<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.8 SCANDIC SEC (Security: physical &amp; digital)<\/h2><ul><li>GDPR: Art. 32, 35 (Security\/DPIA).<\/li><li>CER DIRECTIVE: Risk\/resilience obligations (item-specific per sector).<\/li><li>NIS-2: Art. 20-23 (risk management), Art. 30 (notification), Art. 32 (enforcement).<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/Source: Hazard\/threat analyses, locations\/objects, VIPs\/persons.<\/li><li>Make\/Convert: Security concepts, protective measures (object\/person\/RC), cyber detection\/response.<\/li><li>Deliver\/Operate: 24\/7 operations, event\/travel Security (Fly\/Yachts), crisis\/evacuation planning.<\/li><li>Value: Resilience of the entire supply chain, protection of people, data, assets, brand.<\/li><li>National - examples: DE SGB V\/BDSG\/BfArM regulations; FR Code de la sant\u00e9 publique; IT norme SSN &amp; privacy sanit\u00e0; ES Ley 41\/2002 &amp; LOPDGDD; NL WGBO\/AVG; PL Ustawa o systemie informacji w ochronie zdrowia; RO Legea 95\/2006.<\/li><li>EU: GDPR; EHDS Regulation; MDR 2017\/745; IVDR 2017\/746; Patients' Rights Directive 2011\/24\/EU.<\/li><\/ul><p><strong>Legal framework<\/strong><strong>\u00a0(EU \/ national -\u00a0<\/strong><strong>Selection<\/strong><strong>):<\/strong><\/p><h2>4.9 SCANDIC HEALTH (ENT Northwest \/ Medical Services)<\/h2><ul><li>MDR\/IVDR: Conformity\/monitoring - articles\/appendices per product.<\/li><li>EHDS-VO: Interoperability\/access rules (article-dependent).<\/li><li>GDPR: Art. 9, 15-22, 32-36 (health data\/rights\/security\/DPIA).<\/li><\/ul><p><strong>Article notes<\/strong><strong>\u00a0EU (<\/strong><strong>Extract<\/strong><strong>):<\/strong><\/p><ul><li>Input\/source: clinics\/practices, medical devices\/pharmaceuticals, patient flows, referring physicians.<\/li><li>Make\/Convert: diagnostics\/therapy (ENT), surgery services, appointment\/case management, quality and hygiene processes.<\/li><li>Deliver\/Operate: care\/outcome tracking, telemedicine, billing, data protection\/patient rights.<\/li><li>Value: Health services in the network; medical care for customers\/employees.<\/li><\/ul><h1>5) Process map (SCOR-adapted, Group-wide)<\/h1><ul><li>Plan: S&amp;OP via brands (capacity, demand, campaigns, liquidity).<\/li><li>Source: Supplier\/partner management, onboarding, contracts, KYC\/AML, rights.<\/li><li>Make: service\/content\/project production, quality\/compliance, approvals.<\/li><li>Deliver: Multi-Channel\/Operations, SLA, Logistics\/Flight\/Sea, Edge\/CDN, Customer Service.<\/li><li>Return\/Respond: Complaints\/Corrections\/Takedowns, Medical Post-Op\/Follow-ups, Incident Lessons Learned.<\/li><li>Enable: Data Center, Identity\/IAM, Security, Ontology\/MDM, FinOps, Legal\/Regulatory.<\/li><\/ul><h1>6) Integration &amp; data architecture (high-level)<\/h1><ul><li>Integration layer: events\/streaming + batch; zero-copy\/virtualization for single pane of glass.<\/li><li>Semantic layer\/ontology: entities (project, asset, flight, yacht, object, campaign, customer, contract, right, incident, mandate, payment, order) with lineage\/SLA\/PII.<\/li><li>Control Tower apps: dashboards, root cause, playbooks (COA), approvals, simulations.<\/li><li>Security\/Privacy: Zero-Trust, Threat-Detection, Secrets-Management, Encryption at Rest\/In Transit.<\/li><\/ul><h1>7) Governance &amp; Compliance<\/h1><ul><li>EU-DSGVO\/BDSG, DSA transparency reports, Modern Slavery Act, KYC\/AML in Finance\/Trade.<\/li><li>CSDDD\/LkSG due diligence obligations in supply chains (risk analysis, prevention, complaints mechanism, report).<\/li><li>Industry regulations: Aviation (Fly), Maritime\/Yachting, Real Estate and Financial Regulation, Medical Law (Health).<\/li><li>Energy Performance of Buildings Directive (EPBD) - Directive (EU) 2024\/1275 (recast)<\/li><li><strong>Real estate, construction &amp; energy efficiency:<\/strong><\/li><li>General Product Safety Regulation - Regulation (EU) 2023\/988<\/li><li>Consumer Rights Directive - Directive 2011\/83\/EU<\/li><li><strong>Consumer &amp; E-Commerce:<\/strong><\/li><li>Ban on products from forced labor - Regulation (EU) 2024\/3015<\/li><li>Conflict minerals - Regulation (EU) 2017\/821<\/li><li>EUDR - Regulation (EU) 2023\/1115 (Deforestation-free supply chains)<\/li><li>CSDDD - Directive (EU) 2024\/1760 (Corporate Sustainability Due Diligence)<\/li><li>CSRD - Directive (EU) 2022\/2464 (Corporate Sustainability Reporting)<\/li><li><strong>Sustainability &amp; supply chain diligence:<\/strong><\/li><li>Recreational craft - Directive 2013\/53\/EU (Recreational Craft)<\/li><li>Ship and port facility safety - Regulation (EC) No. 725\/2004<\/li><li>Air passenger rights - Regulation (EC) No. 261\/2004<\/li><li>Air OPS - Regulation (EU) No. 965\/2012 (Air Operations)<\/li><li>EASA Basic Regulation - Regulation (EU) 2018\/1139<\/li><li><strong>Aviation &amp; Sea:<\/strong><\/li><li>Dual-use Regulation - Regulation (EU) 2021\/821 (control of dual-use items)<\/li><li>Union Customs Code (UCC) - Regulation (EU) No. 952\/2013<\/li><li><strong>Trade, customs &amp; export controls:<\/strong><\/li><li>Anti-money laundering: 5th AMLD - Directive (EU) 2018\/843; 6th AMLD - Directive (EU) 2018\/1673<\/li><li>Sustainability reporting\/financial market: SFDR - Regulation (EU) 2019\/2088; Taxonomy - Regulation (EU) 2020\/852<\/li><li>Market Abuse Regulation (MAR) - Regulation (EU) No. 596\/2014; Prospectus Regulation - Regulation (EU) 2017\/1129<\/li><li>MiFID II - Directive 2014\/65\/EU &amp; MiFIR - Regulation (EU) No. 600\/2014<\/li><li>MiCA - Regulation (EU) 2023\/1114 &amp; Transfer of Funds Regulation - Regulation (EU) 2023\/1113<\/li><li>E-Money Directive - Directive 2009\/110\/EC<\/li><li>PSD2 - Directive (EU) 2015\/2366<\/li><li><strong>Financial services<\/strong><strong>ngen, payments &amp; crypto:<\/strong><\/li><li>DORA - Regulation (EU) 2022\/2554 (with accompanying Directive (EU) 2022\/2556)<\/li><li>Directive on the resilience of critical facilities (CER) - Directive (EU) 2022\/2557<\/li><li>NIS-2 - Directive (EU) 2022\/2555<\/li><li><strong>Cybersecurity &amp; critical\u00a0<\/strong><strong>Infrastructures:<\/strong><\/li><li>Cyber Resilience Act (CRA) - Regulation (EU) 2024\/2847<\/li><li>eIDAS &amp; European Digital Identity - Regulations (EU) No. 910\/2014 and (EU) 2024\/1183<\/li><li>Digital Markets Act (DMA) - Regulation (EU) 2022\/1925<\/li><li>Digital Services Act (DSA) - Regulation (EU) 2022\/2065<\/li><li><strong>Digital platforms &amp; markets:<\/strong><\/li><li>European Health Data Space - Regulation (EU) 2025\/327<\/li><li>AI Regulation (Artificial Intelligence Act) - Regulation (EU) 2024\/1689<\/li><li>Data Act - Regulation (EU) 2023\/2854<\/li><li>Data Governance Act - Regulation (EU) 2022\/868<\/li><li>ePrivacy Directive - Directive 2002\/58\/EC<\/li><li>General Data Protection Regulation (GDPR) - Regulation (EU) 2016\/679<\/li><li><strong>Data protection, data &amp; AI:<\/strong><\/li><li>Relevant legal frameworks that typically have to be taken into account depending on the business area of the LEGIER Group (incl. SCANDIC):<\/li><\/ul><h2>7.1 Relevant European legislation (extract)<\/h2><h1>8) Risks &amp; resilience (with COA examples)<\/h1><ul><li>Cyber\/availability: CDN\/edge\/cloud\/data center failures \u2192 automatic failover, rate limits, graceful degradation, prewarming.<\/li><li>Regulatory\/compliance: policy changes (DSA\/ESG\/KYC) \u2192 rule watch, feature flags, training, audit trails.<\/li><li>Supplier\/partner failure: alternative networks (operators\/yards\/exchanges), contract SLAs, emergency ramps.<\/li><li>Peaks in demand: Autoscaling, prioritization of critical pipelines (e.g. evacuation flights), capacity rebalancing.<\/li><li>Security situation: Travel\/Event-Security, evacuation playbooks, emergency communication.<\/li><\/ul><h1>9) Metrics &amp; target KPIs (excerpt)<\/h1><ul><li>Pay\/Trade: Authorization rate, settlement TTR, reversal rate, VaR\/margin utilization.<\/li><li>Estate: Time-to-close, notarization lead time, ESG score per project, vacancy rate.<\/li><li>Fly\/Yachts: On-time performance, safety events, NPS, charter utilization, fuel\/CO2 per hour.<\/li><li>Data\/Media: Availability, 95p\/99p latency, Core Web Vitals, Data Freshness, Incident MTTR.<\/li><li>Trust: Reporting fidelity, audit findings, client satisfaction, SLA adherence.<\/li><li>Security\/Health: Incident rate, response time, compliance rate, patient satisfaction.<\/li><\/ul><h1>10) Operating model &amp; roles (RACI, outlined)<\/h1><ul><li>Global: Control Tower (24\/7), Data\/Ontology, Security\/CERT, Compliance, Vendor Management, FinOps.<\/li><li>Brand: Responsible owner (Pay\/Estate\/Trade\/Fly\/Yachts\/Data\/Trust\/Sec\/Health) with clear SLAs.<\/li><li>Together: Change Advisory Board, Incident Commander, Data Governance Board, Legal\/Regulatory Council.<\/li><\/ul><h1>11) Implementation roadmap (12 months)<\/h1><p>0-90 days (Foundational):<\/p><ul><li>Data inventory &amp; minimal digital twin (brands\/assets\/flows\/SLAs).<\/li><li>Control Tower: first dashboards\/alerts; COA playbooks for critical scenarios (CDN\/DSA\/Payment).<\/li><li>Standardize supplier\/KYC\/AML due diligence, mandate\/contract registry.<\/li><\/ul><p>3-6 months (scaling):<\/p><ul><li>Extension to rights\/compliance workflows (media\/Trust\/Estate), group-wide IdM\/IAM.<\/li><li>Forecasting (demand\/capacity\/revenue), SLA reports, workflow automation (case management).<\/li><li>Scenario simulator (What-if), alternative networks for operator\/yard\/exchange.<\/li><\/ul><p>6-12 months (Advanced):<\/p><ul><li>Autonomous COAs (e.g. capacity rebalancing, Payment rerouting, route\/slot optimization).<\/li><li>Integrated Revenue &amp; Ops S&amp;OP (Pay\/Trade\/Estate\/Fly\/Yachts\/Trust).<\/li><li>Continuous CSDDD\/LkSG reporting, third-party audits, red teaming (Security).<\/li><\/ul><h1>12) Data model \u201estarter set\u201c (extended)<\/h1><ul><li>Project\/Deal (Estate\/Pay\/Trade) \u21c4 Asset\/Contract \u21c4 Party (customer, partner, operator, yard, medical team)<\/li><li>Flight \u21c4 Operator \u21c4 Handling \u21c4 Crew \u21c4 Airport\/Slot \u21c4 Security Plan<\/li><li>Yacht \u21c4 Owner \u21c4 Yard \u21c4 Class \u21c4 Insurance \u21c4 Crew \u21c4 Port<\/li><li>Trust Mandate \u21c4 Portfolio \u21c4 Policy\/Clause \u21c4 Beneficiary \u21c4 Report<\/li><li>Order\/Trade \u21c4 Market\/Exchange \u21c4 Position \u21c4 Risk \u21c4 Settlement<\/li><li>Content\/Media \u21c4 Channel \u21c4 Campaign \u21c4 Placement \u21c4 RevenueRecord<\/li><li>Incident \u21c4 Type\/Severity \u21c4 COA \u21c4 Status \u21c4 TimelineAnnex A - National transpositions (selection per Member State)<\/li><\/ul><p>Note from the LEGIER Group and its affiliated brands and companies: Legal frameworks are dynamic. This overview lists typical primary standards\/authorities per country for key EU areas (data protection, payments\/AML, financial markets, cyber\/NIS, consumers).<\/p><ul><li><strong>Germany (DE)<\/strong><\/li><li>Data protection: BDSG, TTDSG; Supervision: BfDI\/LfDI.<\/li><li>Payments\/AML: ZAG, GwG; Supervision: BaFin, FIU.<\/li><li>Financial markets: WpHG\/MiFID II implementation; supervision: BaFin.<\/li><li>Cyber\/NIS: BSIG; NIS-2 implementation (ongoing\/current).<\/li><li>Consumers: BGB (inter alia \u00a7\u00a7 312 ff.), UWG.<\/li><li><strong>Austria (AT)<\/strong><\/li><li>Data protection: DSG; TKG 2021; Supervision: DPO.<\/li><li>Payments\/AML: ZaDiG 2018; FM-GwG; Supervision: FMA.<\/li><li>Financial markets: WAG 2018; Supervision: FMA.<\/li><li>Cyber\/NIS: NIS-G; Supervision: BMI\/BKA.<\/li><li>Consumers: KSchG, FAGG.<\/li><li><strong>France (FR)<\/strong><\/li><li>Data protection: Loi Informatique et Libert\u00e9s; Supervision: CNIL.<\/li><li>Payments\/AML: Code mon\u00e9taire et financier (LCB-FT); Supervision: ACPR\/AMF.<\/li><li>Financial markets: AMF regulations (MiFID II implementation).<\/li><li>Cyber\/NIS: Code de la d\u00e9fense (ANSSI).<\/li><li>Consumers: Code de la consommation.<\/li><li><strong>Italy (IT)<\/strong><\/li><li>Data protection: d.lgs. 196\/2003 (Codice Privacy); Supervision: Garante.<\/li><li>Payments\/AML: d.lgs. PSD2; d.lgs. 231\/2007 (AML).<\/li><li>Financial markets: TUF (Testo Unico della Finanza); supervision: CONSOB.<\/li><li>Cyber\/NIS: d.lgs. NIS; ACN (Agenzia per la Cybersicurezza).<\/li><li>Consumer: Codice del Consumo.<\/li><li><strong>Spain (ES)<\/strong><\/li><li>Data protection: LOPDGDD; Supervision: AEPD.<\/li><li>Payments\/AML: RDL 19\/2018 (PSD2), Ley 10\/2010 (AML).<\/li><li>Financial markets: LMV; Supervision: CNMV.<\/li><li>Cyber\/NIS: Esquema Nacional de Seguridad\/NIS.<\/li><li>Consumer: TRLGDCU.<\/li><li><strong>Netherlands (NL)<\/strong><\/li><li>Data protection: UAVG; Supervision: AP.<\/li><li>Payments\/AML: Wft; Wwft; Supervision: DNB\/AFM.<\/li><li>Financial markets: Wft\/MiFID II implementation; AFM.<\/li><li>Cyber\/NIS: Wet beveiliging netwerk- en informatiesystemen.<\/li><li>Consumer: BW (German Civil Code).<\/li><li><strong>Belgium (BE)<\/strong><\/li><li>Data protection: Loi vie priv\u00e9e\/AVG-Wet; Supervision: APD\/GBA.<\/li><li>Payments\/AML: Loi anti-blanchiment (AMLD implementation).<\/li><li>Financial markets: FSMA regulations (MiFID II implementation).<\/li><li>Cyber\/NIS: Loi NIS.<\/li><li>Consumers: Code de droit \u00e9conomique.<\/li><li><strong>Poland (PL)<\/strong><\/li><li>Data protection: Ustawa o ochronie danych osobowych; Supervision: UODO.<\/li><li>Payments\/AML: Ustawa o us\u0142ugach p\u0142atniczych; Ustawa AML 2018.<\/li><li>Financial markets: Ustawa o obrocie; Supervision: KNF.<\/li><li>Cyber\/NIS: Ustawa o KSC (NIS).<\/li><li>Consumers: Kodeks cywilny &amp; ustawy konsumenckie.<\/li><li><strong>Romania (RO)<\/strong><\/li><li>Data protection: Legea 190\/2018; Supervision: ANSPDCP.<\/li><li>Payments\/AML: Legea 209\/2019 (PSD2); Legea 129\/2019 (AML).<\/li><li>Financial markets: Capital Markets Act; Supervision: ASF.<\/li><li>Cyber\/NIS: lege NIS; CERT-RO\/Directoratul Na\u021bional de Securitate Cibernetic\u0103.<\/li><li>Consumer: OUG 34\/2014.<\/li><li><strong>Sweden (SE)<\/strong><\/li><li>Data protection: Dataskyddslagen; Supervision: IMY.<\/li><li>Payments\/AML: Betaltj\u00e4nstlagen; Penningtv\u00e4ttslagen.<\/li><li>Financial markets: V\u00e4rdepappersmarknadslagen; Supervision: FI.<\/li><li>Cyber\/NIS: Lag om informationss\u00e4kerhet f\u00f6r samh\u00e4llsviktiga tj\u00e4nster.<\/li><li>Consumers: Consumers' complaints m.fl.<\/li><li><strong>Denmark (DK)<\/strong><\/li><li>Data protection: Databeskyttelsesloven; Supervision: Datatilsynet.<\/li><li>Payments\/AML: Betalingsloven; Hvidvaskloven.<\/li><li>Financial markets: V\u00e6rdipapirhandelsloven; Supervision: Finanstilsynet.<\/li><li>Cyber\/NIS: Lov om net- og informationssikkerhed.<\/li><li>Consumers: Forbrugeraftaleloven.<\/li><li><strong>Ireland (IE)<\/strong><\/li><li>Data protection: Data Protection Act 2018; Supervision: DPC.<\/li><li>Payments\/AML: European Union (Payment Services) Regulations; AML Acts.<\/li><li>Financial markets: Central Bank Acts\/MiFID rules; supervision: CBI.<\/li><li>Cyber\/NIS: European Union (NIS) Regulations.<\/li><li>Consumers: Consumer Rights Act 2022.<\/li><li><strong>Portugal (PT)<\/strong><\/li><li>Data protection: Lei 58\/2019; Supervision: CNPD.<\/li><li>Payments\/AML: Regime Jur\u00eddico dos Servi\u00e7os de Pagamento; Lei 83\/2017 (AML).<\/li><li>Financial markets: CMVM rules (MiFID II implementation).<\/li><li>Cyber\/NIS: Lei do Ciberespa\u00e7o\/NIS.<\/li><li>Consumer: Lei de Defesa do Consumidor.<\/li><li><strong>Czech Republic (CZ)<\/strong><\/li><li>Data protection: Z\u00e1kon o zpracov\u00e1n\u00ed osobn\u00edch \u00fadaj\u016f; Supervision: \u00daOO\u00da.<\/li><li>Payments\/AML: Z\u00e1kon o platebn\u00edm styku; AML z\u00e1kon.<\/li><li>Financial markets: ZPKT; Supervision: \u010cNB.<\/li><li>Cyber\/NIS: Z\u00e1kon o kybernetick\u00e9 bezpe\u010dnosti.<\/li><li>Consumers: Ob\u010dansk\u00fd z\u00e1kon\u00edk &amp; consumer laws.<\/li><li><strong>Greece (GR)<\/strong><\/li><li>Data protection: Law 4624\/2019; Supervision: HDPA.<\/li><li>Payments\/AML: PSD2 implementation; AML laws.<\/li><li>Financial markets: HCMC rules (MiFID-II).<\/li><li>Cyber\/NIS: Law on the implementation of NIS.<\/li><li>Consumers: Law 2251\/1994 (updated).<\/li><li><strong>Hungary (HU)<\/strong><\/li><li>Data protection: Info Act; Supervision: NAIH.<\/li><li>Payments\/AML: PSD2 implementation; AML law.<\/li><li>Financial markets: Capital Market Act; Supervision: MNB.<\/li><li>Cyber\/NIS: Act L of one year (NIS implementation).<\/li><li>Consumers: Civil Code &amp; Consumer Protection Laws.<\/li><li><strong>Finland (FI)<\/strong><\/li><li>Data protection: Tietosuojalaki; Supervision: Data Protection Ombudsman.<\/li><li>Payments\/AML: Maksupalvelulaki; Rahanpesulaki.<\/li><li>Financial markets: Arvopaperimarkkinalaki; Supervision: FIN-FSA.<\/li><li>Cyber\/NIS: Laki tietoturvasta (NIS).<\/li><li>Consumer: Kuluttajansuojalaki.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>1) Einleitung &amp; Definition Diese Darstellung beschreibt eine integrierte, marken\u00fcbergreifende Supply-Chain der LEGIER Gruppe (inkl. SCANDIC Group by LEGIER) \u2013 vom Input (Quellen, Lieferanten, Partner) \u00fcber Produktion\/Services bis zur globalen Auslieferung und Monetarisierung \u2013 mit Governance, KPIs und einem digitalen Abbild (\u201eDigital Twin\u201c). Supply-Chain-Management (SCM) koordiniert strategisch und operativ die Aktivit\u00e4ten entlang der Lieferkette und [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-724","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/pages\/724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/comments?post=724"}],"version-history":[{"count":11,"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/pages\/724\/revisions"}],"predecessor-version":[{"id":1823,"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/pages\/724\/revisions\/1823"}],"wp:attachment":[{"href":"https:\/\/legiergroup.info\/en\/wp-json\/wp\/v2\/media?parent=724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}