The Military Equipment Act regulates the manufacture, supply, export and certain types of cooperation relating to military equipment and technical assistance. The purpose of the Act is to ensure that activities are conducted in accordance with Sweden's security, foreign and defence policy interests.
The operator has full responsibility for assessing whether its products are covered by the Act and for applying for and maintaining the necessary permits. Products are assessed on the basis of the Military Equipment List, which is annexed to the Military Equipment Ordinance. Such a classification assessment can be complex and is based on an overall assessment of the product, including its function, design, performance and area of use.
A licence is required for the manufacture, supply and export of military equipment. The responsible authority is the Inspectorate for Strategic Products (ISP). Licences are only granted if there are security or defence policy reasons for doing so and if they do not conflict with Sweden's international commitments. The processing time for a licence application can take several months. Violations of the rules can result in fines, imprisonment, corporate fines or penalty fees.
The EU Regulation on dual-use products governs products and technology that are primarily intended for civilian use but can also be used for military purposes.
The list of dual-use products is found in Annex I to the EU Regulation, and the obligation to classify a product or technology rests with the person who handles the product or technology. The ISP may also decide that products not listed in the Annex shall be subject to control through a catch-all clause.
A licence is required for exports outside the EU. Within the EU, no licence is required as a general rule, but sales documentation must clearly state the product's classification. The ISP is responsible for supervision, with the exception of nuclear material, which is handled by the Swedish Radiation Safety Authority. Violations of the rules may result in fines or imprisonment.
The FDI Act is a relatively new addition to Swedish legislation and aims to prevent investments that could harm Sweden's security, public order or public safety.
All investments that give influence over so-called protected activities – such as the development or supply of military equipment or dual-use products – must be reported to the ISP, regardless of the investor's nationality.
Influence is defined, among other things, by thresholds for voting rights in companies (10–90 per cent) and influence that arises in other ways, for example through the right to appoint one or more board members in the company conducting the protected activities. Intra-group transactions, transfers of assets and certain cooperation agreements are also subject to notification. Investments in companies conducting protected activities may not be carried out before the ISP has given its approval. Violations of the rules may result in penalties.
The Swedish Security Protection Act applies to actors that conduct so-called security-sensitive activities – for example, activities that are important to Sweden's security. This may apply to more sectors than traditional defence, such as transport, electricity supply, communications and financial services.
The operator must assess whether the Act applies. If so, there may be applicable requirements regarding security screening of personnel, control of information assets and, in the event of transfers of assets or shares, a special security assessment and consultation with the relevant supervisory authority.
Violations of the rules may result in administrative fines.
Artificial intelligence is a rapidly growing feature of the defence industry – from autonomous systems to cyber security. The EU's AI Regulation (AI Act), which will apply from 2025, exempts military applications but affects companies that offer both civilian and military solutions.
The issue of liability for AI errors is complex, especially after the proposed AI Liability Directive was withdrawn. This means that liability must usually be regulated contractually. Intellectual property rights relating to AI-generated code, licence terms and the secure handling of training data are also key issues.
AI often requires access to advanced hardware (GPUs, TPUs), which means that supply chains and export controls also become legally relevant. Shortcomings in these areas can affect both the robustness of operations and investment value.
The defence sector offers both growing business opportunities and regulatory challenges. The legal landscape now encompasses everything from licences for military equipment, export controls on civilian technologies and screening of foreign investments to new requirements for security protection and management of AI-related risks.
Those who identify the applicable legal regimes early on and are able to ensure that the necessary permits, processes and controls are in place will be better equipped to manage risks associated with a highly regulated industry.
