
The Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, “BaFin”) has laid out a comprehensive strategic plan for 2026 to 2029. The plan focuses on ten objectives – all given equal priority – that will guide the authority’s actions in the coming years. BaFin aims to ensure a stable, fair and sustainable financial system that serves the interests of market operators and consumers alike.
The key strategic objectives are:
- Financial stability and security of the financial market: BaFin places strong emphasis on systemic risk prevention and boosting effective risk management at the companies it supervises. Potential weaknesses are to be addressed quickly and decisively, with macroprudential instruments playing a central role. More attention will be paid to the long-term viability of business models (especially against the backdrop of technological, regulatory and social change) and geopolitical risks.
- Operational resilience: Targeted efforts are to be made to strengthen financial market players’ resilience to operational risks, with a particular focus on cybersecurity and information and communication technology (“ICT”). BaFin intends to significantly boost the number and quality of its audits (by dedicating more resources), to expand dialogue with companies and partner authorities and to address risks from outsourcing and critical dependencies (in order to identify cross-business, cross-sector and cross-border market concentration risks and interdependencies).
- Early detection and measures for problem companies: BaFin will expand its ability to identify so-called problem companies at an early stage and take rigorous corrective measures to remedy irregularities. The classification of the qualitative and quantitative risks to which individual companies are exposed is to be improved, in particular. Experience gained from BaFin’s supervisory activities will be taken into account as relevant regulations are expanded and enhanced.
Prevention of money laundering and terrorist financing: BaFin is to intensify its supervision of companies susceptible to money laundering. This will include increasing its audit measures and the resources deployed for them, as well as paying closer attention to money laundering risks in the payment sector and crypto market.
As part of its reform efforts, BaFin will advocate for a secure, digital customer identification option for natural persons and the networking of account data retrieval systems within the European Union.
BaFin will focus on data-based supervision, promote the exchange of information between relevant players and actively support the European Anti-Money Laundering Authority (“AMLA”).
- Consumer protection and transparency: BaFin will identify risks for consumers and protect collective consumer interests by stepping up market analyses, taking decisive action against dubious providers and ensuring that relevant financial information is provided (particularly with regard to environmental risks and natural hazards). It will focus in particular on digital products and services and the influence of social media and new technologies on investment behaviour and investment opportunities.
- Market transparency and integrity: Compliance with transparency requirements and the integrity of the financial market will be ensured through increased monitoring, cooperation with national and European authorities and risk-based financial reporting enforcement (for publicly traded companies). BaFin will intensify its market screening activities and analyse an even wider range of trading data in order to counter unfair market practices and market manipulation. BaFin is also committed to ensuring compliance with sustainability reporting obligations.
Sustainability in supervisory activities: Dealing with sustainability risks will continue to play an integral and growing role in BaFin’s supervisory activities, with an emphasis on both transition risks and – more critically – the physical risks associated with climate change. These risks must be integrated into the risk management systems of the supervised undertakings, including an analysis of the impact of such risks on the respective business models.
BaFin will also monitor compliance with transparency and distribution obligations and take action against greenwashing. It will work to ensure that regulations are consistent and practicable, at both national and international level.
- Promoting innovation: BaFin welcomes innovative technologies and business models and encourages constructive dialogue with market operators. It aims to assess the opportunities and risks associated with new developments and accelerate the approval processes.
- Proportionality and reducing complexity: BaFin supports a regulatory approach that is risk-based, proportionate, and less complex, without impacting security. The goal is to ease the burden on smaller businesses, in particular, which is why BaFin is in favour of a small bank regime. At the same time, it will accelerate and simplify supervisory processes (e.g. by introducing short, transparent deadlines).
- Future-readiness and attractiveness as an employer: BaFin will continue to invest in the ongoing development of its employees, promote diversity and equal opportunities and modernise its structures and IT infrastructure. It aims to create a high-performance, adaptive organisation with transparent and streamlined processes.
Conclusion and outlook
With its ten strategic objectives, BaFin aims to set a course for effective, future-oriented and sustainable financial market supervision. The objectives range from stability and resilience through consumer protection and sustainability to innovation and the internal structural development of the authority itself. Supervised companies must prepare for a noticeable increase in regulatory oversight in the coming years, particularly when it comes to cybersecurity/ICT risks and anti-money laundering. BaFin will continue to expand its audit and monitoring activities, making greater use of specialised expertise and data-driven methods.
Companies need to critically review their internal control systems and processes for managing cybersecurity/ICT risks and preventing money laundering and terrorist financing, adapting them to comply with stricter regulatory requirements. BaFin will be rigorous in dealing with any identified shortcomings and expect businesses to remedy these promptly. Regulatory authorities are moreover expected to become more closely networked at European level, for example through the new anti-money laundering authority AMLA. This is likely to lead to further harmonisation and result in stricter regulatory requirements.
Companies are therefore well advised to strengthen their compliance structures, digitise relevant data and processes and prepare for closer cooperation with regulatory authorities. To minimise risks and remain competitive, businesses must start taking BaFin’s strategic objectives into account as early as possible and proactively align their systems and processes with the regulatory changes.
