Company: SoftwareOne
Interviewee: Vsevolod Shchepanskyi
Interview conducted by:

• Anastasiia Dziuba (IT-related topics)
• Veronika Dudak (general and strategic topics)

Overview

This business case explores how SoftwareOne, a global provider of software and cloud solutions, approaches digital transformation, IT governance, and compliance in a complex international environment. The discussion focuses on practical challenges faced by technology-driven companies operating across multiple jurisdictions and the strategies required to align innovation with regulatory and business requirements.

About SoftwareOne

SoftwareOne is a leading global provider of end-to-end software and cloud technology solutions, supporting organizations in optimizing their IT landscapes, managing licensing, and accelerating cloud transformation. With a strong international footprint, the company operates at the intersection of technology, business strategy, and regulatory compliance.

Through its global operations, SoftwareOne works with clients across various industries, helping them modernize IT infrastructure while ensuring operational resilience and regulatory alignment.

Global IT Transformation and Cloud Strategy

During the interview, particular attention was given to IT transformation and cloud adoption, especially in the context of global operations and cross-border data flows. Key aspects discussed included:

1. Migration from traditional on-premise systems to cloud-based and hybrid infrastructures, often involving multiple service providers and data centers located in different jurisdictions;
2. Managing complex software licensing models across borders, including compliance with local contractual, tax, and regulatory requirements;
3. Ensuring data security, availability, and system resilience in distributed IT environments;
4. Addressing cross-border data transfers, data localization requirements, and differing regulatory standards for data protection and access.

As highlighted by Vsevolod Shchepanskyi, cloud transformation is not merely a technical upgrade but a governance-driven process. Decisions on where data is stored, processed, and accessed have direct implications for legal compliance, risk management, and corporate responsibility.

Effective cloud strategies therefore require close coordination between IT, legal, compliance, and business teams, particularly when operating across multiple jurisdictions with different data protection regimes. Establishing clear data governance frameworks early in the transformation process is essential to ensure transparency, accountability, and long-term operational stability.

Governance, Risk, and Compliance

A central theme of the interview was the growing role of AI-driven solutions in strengthening governance, risk management, and compliance within global IT and cloud environments. SoftwareOne’s experience illustrates how artificial intelligence is increasingly embedded into corporate governance frameworks to manage complexity arising from cross-border operations, large-scale data processing, and evolving regulatory requirements.

AI-based tools are used to monitor compliance in real time, analysing large volumes of operational, contractual, and usage data across jurisdictions. These systems support automated detection of anomalies, potential licensing breaches, and deviations from internal policies, enabling early risk identification before issues escalate into legal or regulatory exposure. In the context of cloud and software licensing, AI-driven analytics help map actual system usage against contractual entitlements, reducing compliance gaps and supporting audit readiness.

From a data governance perspective, AI supports classification and tracking of data flows, including cross-border transfers. By automatically tagging data based on sensitivity, jurisdiction, and regulatory requirements, AI-enabled systems assist organizations in aligning their IT architecture with data protection obligations and internal governance rules. This is particularly relevant for multinational environments where data is stored and processed across multiple regions and cloud providers.

The interview further highlighted the use of AI in decision-support for corporate governance, providing management and boards with consolidated, risk-oriented insights rather than fragmented technical data. AI-driven dashboards translate complex IT and compliance information into actionable governance metrics, supporting informed decision-making and accountability at executive level.

This case demonstrates that sustainable digital transformation increasingly depends on the strategic integration of AI into governance and compliance frameworks, combined with early legal involvement and a clear understanding of regulatory environments. When implemented responsibly, AI becomes not only a technical tool, but a core element of modern corporate governance and regulatory compliance in cross-border digital operations.

Business Perspective and Stakeholder Management

Beyond technology, the interview addressed broader business and organizational considerations, including:

• Coordinating stakeholders across regions and functions
• Supporting decision-making at management and board level
• Translating complex IT topics into business-relevant insights

This integrated approach enables SoftwareOne to balance innovation with operational stability and long-term strategic goals.

Relevance for Legal and Advisory Practice

For Lighthouse Legal, this case demonstrates how modern technology companies increasingly require legal and strategic advice that goes well beyond traditional IT law, particularly when innovation intersects with sanctions regimes, export control rules, and dual-use regulations. Effective advisory support must combine a deep understanding of cloud and software business models with advanced expertise in regulatory compliance, international trade restrictions, and risk management in sensitive technology sectors.

The interview highlights the growing relevance of Ukrainian technology partners in areas such as drone development, AI-driven systems, and advanced digital technologies, where regulatory environments currently allow for faster experimentation and innovation compared to the EU. However, integrating such solutions into Swiss and EU markets requires careful legal structuring, particularly where technologies may qualify as dual-use items or involve components subject to export control, sanctions screening, and end-use/end-user restrictions.

Legal advisors play a critical role in assessing whether software, hardware, data, or technical assistance falls under applicable EU, Swiss, or international export control regimes, as well as in structuring compliant cooperation models. This includes due diligence on counterparties, sanctions screening, contractual safeguards, technology classification, and the design of governance frameworks that ensure traceability and regulatory accountability throughout the project lifecycle.

In the context of Ukraine’s reconstruction, Switzerland and the EU increasingly serve as trusted legal and financial hubs, channeling investment, technology transfer, and innovation through compliant structures aligned with international sanctions regimes and public policy objectives. Advisory work in this space requires the ability to navigate complex interactions between innovation, security considerations, public funding, and regulatory oversight.

The SoftwareOne case illustrates the growing demand for integrated legal, regulatory, and strategic advisory services capable of supporting cross-border digital transformation, high-tech innovation, and reconstruction-related projects, while managing sanctions, export control, and dual-use risks in a legally robust and commercially viable manner.

Key Takeaways

• IT transformation is inseparable from governance and compliance
• Cloud projects require early legal and regulatory alignment
• Cross-border IT operations demand integrated stakeholder management
• Legal advisors play a strategic role in enabling sustainable digital innovation
• Artificial Intelligence (AI) integration requires proactive regulatory oversight, ethical risk assessment, and responsible governance frameworks from the outset