MaRisk is an acronym referring to the minimum requirements for risk management[1] (German: ), a circular by the German Federal Financial Supervisory Authority (, BaFin) providing concepts for risk management of banks, insurances and other companies financially trading in Germany. The primary legal background for MaRisk is the Kreditwesengesetz (KWG), the secondary legal background is the Solvabilitätsverordnung SolvV.
MaRisk implements the qualitative requirements of Basel II and Basel III into German law. Strictly speaking, MaRisk is not a law, but a norm-interpreting administrative regulation (German:), nevertheless it is de facto binding for all financial institutes and insurance companies with business in Germany.
One core principle of MaRisk is that the risk control department has to be set up to be organisationally independent from those departments performing business transactions. This separation should prevail throughout the organisation up to and including the management board.