LogoRegulatory Alerts
2018-02-05 | Circular 10/2017 (BA): Supervisory Requirements for IT in Financial Institutions

Circular 10/2017 (BA): Supervisory Requirements for IT in Financial Institutions

The German Federal Financial Supervisory Authority (BaFin) issues Circular 10/2017 to establish comprehensive supervisory requirements for information technology in all credit and financial services institutions. The regulation mandates management boards to define sustainable IT strategies, establish independent information security officer functions, and implement robust risk and security management frameworks that ensure data integrity, availability, confidentiality, and authenticity. It further specifies operational standards for IT governance, outsourcing, critical infrastructure, and service continuity while granting a targeted exemption to institutions already complying with the EU Digital Operational Resilience Act from January 2025.

Federal Financial Supervisory Authority Germany logo

Germany

Federal Financial Supervisory Authority Germany

Click to view full text
Share