MaRisk is an acronym referring to the minimum requirements for risk management (German Mindestanforderungen an das Risikomanagement), a circular by the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, BaFin) providing concepts for risk management of banks, insurances and other companies financially trading in Germany. The primary legal background for MaRisk is the Kreditwesengesetz (KWG), the secondary legal background is the Solvabilitätsverordnung SolvV.
MaRisk implements the qualitative requirements of Basel II and Basel III into German law. Strictly speaking, MaRisk is not a law, but a norm-interpreting administrative regulation (German normeninterpretierende Verwaltungsvorschrift), nevertheless it is de facto binding for all financial institutes and insurance companies with business in Germany.
One core principle of MaRisk is that the risk control department has to be set up to be organisationally independent from those departments performing business transactions. This separation should prevail throughout the organisation up to and including the management board.
- The primary legal background for MaRisk is the Kreditwesengesetz (KWG).
- The KonTraG (German: Gesetz zur Kontrolle und Transparenz im Unternehmensbereich, i.e. law for control and transparency for businesses) is another legal requirement to be fulfilled by companies financially trading in Germany.
- The Sarbanes–Oxley Act can be seen as the US equivalent of MaRisk.