Just like the Minimum Requirements for Risk Management (MaRisk) applicable to banks , the latest version of which BaFin published in late October, BAIT also interprets the legal requirements of Sect. 25 (1) Clause 3 (4) and (5) of the German Credit Act (Kreditwesengesetz).