With the last MaRisk amendment (Circular 10/2021, Minimum Requirements for Risk Management), a number of topics relating to IT security were adjusted, resulting in major implementation efforts. A little more than a year later, the German Federal Financial Supervisory Authority (BaFin) has now published its draft of the 7th MaRisk amendment for consultation.
When it comes to compliance issues, the question is usually where to start, where to stop?
Cyber risks and IT security are increasingly in the focus of supervision with new technologies on the rise. Consequently, the German Federal Financial Supervisory Authority (BaFin) published its Insurance Supervisory Requirements for IT (VAIT) on March 3, 2022, thus bringing them into force.