Minimum Requirements for Risk Management (MaRisk)

MaRisk is the abbreviation for the German Minimum Requirements for Risk Management (BS).

They are administrative instructions published in a circular of the German Federal Financial Supervisory Authority (BaFin), whereas “BS” stands for banking supervision. They were first published by the BaFin in its Circular 18/2005 of 20 December 2005. The MaRisk put Sections 25a and b of the German Banking Act (KWG) in more concrete terms by specifying qualitative minimum requirements the risk management of an institution needs to take. The MaRisk are mandatory for all national banking institutions, among others.

The BaFin and the German Federal Bank (Deutsche Bundesbank) last amended the MaRisk on 27 October 2017 with Circular 09/2017 (BS) to bring it in line with new European and international requirements. The amendment also included changes which the BaFin and Deutsche Bundesbank considered necessary based on the experience gained during their day-to-day supervision and audits. The main changes relate to data aggregation and risk reporting as well as risk culture and outsourcing.