Prudential requirements for IT – BAIT

The prudential requirements for IT, which are mainly intended for the management boards of credit institutions, aim to provide a more transparent outline of supervisors' expectations regarding IT security.


The establishment of an internal capital adequacy assessment process (ICAAP) and an internal liquidity adequacy assessment process (ILAAP) is a crucial supervisory requirement to be met by institutions.

Minimum Requirements for Risk Management

Risk management at German credit institutions must comply with the Minimum Requirements for Risk Management (Mindestanforderungen an das Risikomanagement – MaRisk). These pages provide information on the current version of August 2021.

Machine learning methods

Credit institutions are increasingly using or examining the use of machine learning to speed up processes, reduce costs and make data available. Bundesbank and BaFin have published a consultation on this topic. In addition, the most important aspects to be considered for the supervisory approach to machine learning are presented in a policy discussion paper.

Regulation on the Supervisory Requirements for Institutions’ Remuneration Systems

The Remuneration Regulation for Institutions (Institutsvergütungsverordnung) is intended to realign remuneration more closely to companies’ long-term success. Moreover, inappropriately high bonus payments are to be prevented by giving Germany’s Federal Financial Supervisory Authority (BaFin) greater powers of intervention.

Interest rate risk

Credit institutions are required to calculate, on a regular basis, the impact of a sudden and unexpected change in interest rates on their interest rate risk in the banking book and to report this to supervisors.