The German Federal Financial Supervisory Authority (BaFin) has identified six main risks for the German financial sector for 2022, which it intends to address as a priority during the current supervisory cycle. Details of these new risks were published on 2 March 2022 in a new BaFin Report (available in German only).1

In its report, which will be published annually from now on, BaFin explains how it assesses the current risk situation for financial services firms and markets and what it is doing to best contain such risks. In doing so, BaFin is simultaneously aiming to make progress toward achieving its medium-term goals, which it has set for the years 2022 to 2025. The BaFin's new "Risks in Focus" report replaces BaFin's previous "Supervisory Focus Areas" publication.

As a general observation, the BaFin states that the German financial system has remained relatively stable and resilient, even during the COVID 19 pandemic. But new threats keep emerging that could negatively impact or even jeopardise its functioning, stability and integrity and the collective interests of consumers. This conclusion has been echoed across the EU-27 both by other national competent authorities (NCAs) as well as from EU-27 authorities.

BaFin's view on six main risk drivers in 2022

From BaFin's perspective, the most important risk drivers for the German financial market, alongside the tense geopolitical situation, are as follows:2

1. Risks from the low interest rate environment

In 2022, as in previous years, BaFin is dealing with the prevailing low interest rate environment. This not only affects banks and building societies, but also insurers and pension funds. It is becoming more and more challenging for insurers and pension funds to generate sufficient profits on the capital market to be able to keep the sometimes-high guarantee promises offered in the past.

Last year, BaFin stepped up its supervisory action against pension funds. Several funds had already been banned from new business in the past. Another 40 funds are currently under "intensified supervision". BaFin intends to maintain its supervisory focus here in the future.

In its risk report, BaFin also addresses the issues on remuneration practices. The sales remuneration of life insurers should not set any false incentives and should not additionally reduce the expected returns of customers. Accordingly, BaFin will swiftly look to review whether corresponding regulations are complied with on the part of the insurers. This area is one that other NCAs but also the Frankfurt-based European Insurance and Occupational Pensions Authority has also expressed as being in focus.

2. Risks from corrections in the real estate markets

As is the case across other NCAs but in particular following the 2022 European-wide renewed warnings issued by the Frankfurt-based European Systemic Risk Board (ESRB) on residential real estate Vulnerabilities3 , BaFin is concerned about the sharp rise in residential property prices in recent years. German house price trends have rapidly decoupled themselves from fundamental economic parameters, such as income. According to the Bundesbank (Germany's Federal Central Bank), residential real estate is currently overvalued by 20 to 35 percent within Germany. In a wide variety of cities, the difference between actual value and asking prices is likely to be much more pronounced.

The volume of residential real estate loans has also risen in line with housing prices. In the meantime, this has grown to over 1.6 trillion euros. The BaFin stated that if there is now a price correction, many borrowers may no longer be able to meet monthly mortgage payments. This is particularly the case if banks (or other lenders) overestimate the debt servicing capabilities of their customers and the value of the real estate collateral.

In keeping with pan-EU rules, the BaFin had already recently imposed additional risk buffers on banks. In addition, BaFin, together with the European Central Bank (ECB) in the context of the Banking Union's Single Supervisory Mechanism (SSM) will continue to keep a close eye on the lending activities of banks and insurers. The BaFin reserves the right to take corrective action. The ECB-SSM will also look to take action both in the context of its wider-reaching multi-annual supervisory priorities but also in relation to its general and bank-specific findings following the conclusion of its annual Supervisory Review and Evaluation Procedure (SREP).

3. Risks from significant corrections on the international financial markets

Due to the low interest rate environment, many institutional investors, including insurers, but also private investors are partly driven to invest their money into more risky exposures. The lack of sufficient returns on sovereign but also corporate bonds has also pushed this shift. BaFin cites high-yield bonds, i.e., bonds with a low debtor quality, as an example of this move more broadly. The stock markets are also showing signs of overheating in some cases. Moreover, European market trading conditions are tense, so that price declines and defaults represent serious risks, according to BaFin. The BaFin's conclusions predate the recent market adjustments and increase in volatility following growing geostrategic tensions in the EU's wider neighbourhood.

Given the above, the BaFin will also investigate the impact of bond downgrades on the risk-bearing capacity of insurers during 2022. This work builds upon the warnings issued by the ESRB and concerns of the ECB in its financial stability but equally its SSM capacity in respect of "fallen angels" i.e., corporate bond downgrades that were in focus during the onset of the COVID-19 pandemic.

BaFin will also, building again off work of the European Securities and Markets Authority focus on the suitability and adequacy of financial services firms' investment advice. A key area will be on ensuring that investors are not being recommended financial products that are too risky and therefore unsuitable. In a stark move, BaFin announced a consultation on 17 February 2022 that would prohibit investment firms from marketing, distributing and selling futures with margin calls to retail investors.4

4. Risks from corporate loan defaults

As a result of the COVID-19 pandemic, BaFin is expecting an increase in loan defaults because companies are no longer able to pay their debts. This would particularly affect credit institutions (i.e., bank lenders) that have granted loans to companies in industries that are suffering greatly from the consequences of the COVID19 pandemic. Although a wave of insolvencies has so far failed to materialise, BaFin does not want to give the all-clear. We expect BaFin, in line with renewed ECB-SSM focus in this area, to

The BaFin will analyse in impairment tests how the COVID-19 pandemic affects the credit risk of banks and savings banks. Based on this, it will decide on measures. Again, this work will build upon but also complement the work of the ECB-SSM and NCAs in the Banking Union context.

5. Cyber-risks

Cyber-risks are among the particularly rapidly growing risks in the financial sector. The consequences for the affected company are profound in terms of its reputation, its customers, the players with whom it is networked, and financial stability.

According to EU level authorities but in particular as noted by BaFin, the risk of cyber-attacks is expected to increase in the future, due to advancing digitalisation and increased remote working arrangements.5 Stateorchestrated attacks could also be observed with increasing frequency. For this reason, BaFin intends to increasingly check the IT systems of banks and insurers during 2022.

6. Risks from inadequate prevention of money laundering and financial crime

The German government's National Risk Analysis 2018/2019 had classified the threat posed by money laundering and terrorist financing to Germany as medium-high, corresponding to the second-highest level on the rating scale.

BaFin wants to strengthen the various on-site and off-site measures and, among other things, carries out money laundering audits itself. In addition, a second institution for money laundering prevention is to be set up and it is increasing its staff in money laundering prevention to intensify supervision. Suspicions of money laundering are to be examined more closely in the audits of owners of major shareholdings, managing directors and members of supervisory boards. This work will likely have to tie into the EU's work more on reforming various existing Directives with an Anti-Money Laundering Regulation as well as the start of the new EU-wide authority for financial crime prevention the EU Anti-Money Laundering Authority, which the German government is currently pushing to be located in Germany due to the then close proximity to other EU-level supervisory authorities located in Frankfurt.

In addition, there are numerous other risks that BaFin also deals with intensively. For example, the risk that misstatements or misrepresentations in the balance sheets of companies under balance sheet control could lead to investors being deceived. Or the diverse risks for consumers, for example from crypto-assets and investment recommendations being published in social media.

BaFin's view on two future risks

The future risks that have been defined by BaFin for 2022 are as follows:

1. Digitalisation

The digital transformation of business models is giving rise to new risk complexes. These include outsourcing, cyber-risks, the disruptive impact of FinTechs and BigTechs, and innovative financial products such as crypto assets.

For this reason, BaFin wants to focus on the use of artificial intelligence in finance and the resulting challenges for effective supervision. In addition, the various risks of white-label banking are to be dealt with intensively. A BaFin policy document will be established for this purpose. These BaFin will also prepare for the forthcoming introduction of the EU's Markets in Crypto-Assets Regulation (MiCA)6 and the resulting regulation of crypto-asset service providers and further establishment of administrative practices beyond BaFin's current supervision of firms authorised and licensed under Germany's domestic rules on crypto-assets.

2. Sustainability

There is a transformation of the economy due to the change in sustainability in the environmental, social and governance fields. This in turn has far-reaching implications for the financial sector. For this reason, BaFin will increasingly consider sustainability issues in the context of its supervision activity. The focus will be on the analysis and mitigation of the resulting financial risks for the supervised companies and compliance with disclosure requirements. To protect consumers, it will combat misleading marketing of financial products.


While the BaFin's report and its details on risks dovetails some of the EU's work in this area, the institutional changes to BaFin's set-up that improve weaknesses identified in the wake of the Wirecard scandal as well as corresponding legislative changes may mean a more intrusive supervisory tone coming to the fore. This extends to both financial institutions subject to direct supervision as well as those, notably in the Banking Union context, where BaFin is 'only' the indirect supervisory authority. We also anticipate that given the greater Europeanisation not only of who is making the rules but also enforcing them will also continue to gather pace as information sharing amongst NCAs (notably in the context of financial crime and consumer protection issues) is stepped up - both through Common Supervisory Actions or through more permanent information sharing platforms.

Financial services firms operating into or from Germany may want to consider stepping up their horizon risk management so as to forward-plan the impact but also differences between rules and supervisory expectations set by the EU-level authorities as well as from the BaFin.7 While some of these rules and expectations may be overlapping and some may stem from common EU principles or rulemaking, there are still a number of specific but also unintended conceptual divergences that firms are expected to comply with irrespective of EU-level aims of improving supervisory convergence of both the body of rulemaking, including in its Single Rulebook for financial services across the EU's Single Market but also the supervisory culture across relevant authorities.


1 Available here.

2 This Client Alert should be read in conjunction with a range of analysis from PwC Legal's EU RegCORE, assessing the impact for financial services firms on relevant regulatory rulemaking and supervisory action being conducted by other national and EU-level authorities in the EU-27 but in particular in relation to the Banking Union supervisors. BaFin's priority areas follow conceptually the work being advanced on the EU-level as well as experiences from other national authorities in other EU Member States but does also place its focus, where relevant on German market specifics.

3 Available here.

4 See our standalone coverage on this development.

5 See our standalone coverage on cyber-risk challenges in light of changing three lines of defence model for financial services firms.

6 See our standalone coverage on this development.

7 For further details of PwC Legal's dedicated client-centric online services to help with horizon scanning, risk mapping (including with data lakes) and compliance framework documentation please contact PwC Legal's EU RegCORE.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.