BaFin Publishes 7th Update of MaRisk

30. June 2023

Yesterday, an important regulatory circular reached all credit and financial services institutions in Germany: The German Federal Financial Supervisory Authority (BaFin) published an update of the Minimum Requirements for Risk Management (MaRisk).

In the 7th update of MaRisk, BaFin implements the guidelines of the European Banking Authority (EBA), for example on lending and monitoring. It also updates key aspects and even introduces new ones.

We have worked out the most important changes for you here:

  • Addition of the risk category "ESG risks" (Environmental, Social and Governance) and highlighting their relevance for the institutions
  • Defining Risk Culture monitoring as a new management responsibility
  • Inclusion of minimum requirements on institutions' real estate business
  • Addition of a new section to address Model Risks
  • Establishing regulations on trading at the residential workplace

The chapters describing Information Security Risks for institutions remain almost completely unaffected by the update.

Like previous BaFin regulatory circulars, the updated version of MaRisk will become effective immediately. Institutions are granted a transition period until January 1, 2024 to implement the requirements.

The current MaRisk 05/2023 in German can be found here: https://www.bafin.de/SharedDocs/Veroeffentlichungen/DE/Rundschreiben/2023/rs_05_2023_MaRisk_BA.html


Your organization is regulated by BaFin and you need assistance with a harmonization project or with the implementation of individual information security requirements? Contact us, we are happy to help.

Also interesting:

more security at TU Darmstadt: Another Award for Maximilian Müller

more security at TU Darmstadt: Another Award for Maximilian Müller

The Computer Science Student Council of TU Darmstadt has awarded Prof. Dr. Michael Waidner and our colleague Maximilian Müller as the best lecture of the winter semester 2025/26 for their course "Information Security Management". The prizes for the best lecture and...

A5: BSI Publishes New Audit Framework for Trustworthy AI

A5: BSI Publishes New Audit Framework for Trustworthy AI

The German Federal Office for Information Security (BSI) has published the Community Draft of the AI Audit and Assurance Assessment Architecture (A5) (currently available in German only), thus starting the consultation phase. A5 is intended to create a standardized...

Categories

Categories