• wblogo
  • wblogo
  • wblogo

BaFIN's BAIT now available in English

Chris Hamblin, Editor, London, 28 February 2018

articleimage

Germany's all-in-one financial regulator has now published its supervisory requirements for IT in financial institutions, available in German since November, in English.

The policy is called Bankaufsichtliche Anforderungen an die IT or BAIT. The intention behind it is to tell the boards of financial firms about banking supervisors' expectations clearly with regard to the secure design of IT systems, IT governance and associated processes. These requirements now form a core component of IT supervision in the banking sector in Germany.

Like the regulator's so-called "minimum requirements for risk management for financial institutions" (MaRisk), the latest version of which it published at the end of October, BAIT contains the regulator's interpretation of section 25a(1) sentence 3 nos 4 and 5 Banking Act (the Kreditwesengesetz or KWG). BAIT describes the technical and organisational resources for IT systems that banking supervisors consider to be appropriate, with particular regard to information security and suitable contingency plans. As financial institutions are increasingly obtaining IT services from other firms or 'third parties' as the regulator calls them, sometimes outsourcing their own functions, BAIT also interprets section 25b KWG.

The BaFin is located in Bonn and Frankfurt and is supervised by the Ministry of Finance in Berlin. The Bundesbank, the central bank of Germany, resides in Frankfurt and has various branches in other cities. BaFin supervises all financial institutions, including banks and insurance companies and the Bundesbank helps it do its job by collecting data and notifications from the banks and researching various things. The final decision about any measures to be taken against a recalcitrant firm or person rests with the BaFin.

Latest Comment and Analysis

Latest News

Award Winners

Most Read

More Stories

Latest Poll