You are here


Survey Answer:

• The Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) investigates security risks associated with the use of IT and develops preventive security measures on a national level. It is to be overseen by the Federal Ministry of the Interior.
• The BSI provides information on risks and threats relating to the use of IT and seeks out appropriate solutions. This work includes IT security testing and assessment of IT systems, including their development, in co-operation with the industry.
• Under the new IT Security Act, the BSI observes the compliance with the special IT security requirements for providers of critical infrastructure and can impose administrative fines of up to EUR 100.000,00 (Sec. 14 (2) BSIG).
The Federal Network Agency (Bundesnetzagentur, BNetzA) is the regulatory authority for the German energy industry. Legal framework for the task of the BNetzA are Sec. 29 to 35 EnWG. As part of its supervisory tasks, BNetzA shall
• issue a binding decision of the conditions and methods for grid connection or network access in accordance with the relevant statutory regulations (Sec. 29 EnWG);
• issue orders to energy undertakings and their senior management that are appropriate and necessary to prevent or stop a misuse of market position (Sec. 30 EnWG);
• examine upon request of a third party whether the conditions for a revocation of the business license exist (Sec. 31 EnWG);
• Pursuant to Sec. 35 and 63 (3) EnWG, BNetzA is required to monitor the performance of the electricity and gas sectors and to publish a report annually on the results of its monitoring activities, most notably to create transparency in the markets.
• Sec. 6 Banking Act (KWG) is the legal basis for banking supervision by the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, BaFin).
• As stipulated in Sec. 6 (2) and (3) KWG, the BaFin shall counteract undesirable developments in the lending and financial services sector which may endanger the safety of the assets entrusted to institutions, impair the proper conduct of banking business or provision of financial services or entail major disadvantages for the economy as a whole. As part of its statutory mandate, the BaFin has the power to issue orders to banking institutions and their senior management that are appropriate and necessary to prevent or stop violations of regulatory provisions or to prevent or overcome undesirable developments at an institution.
• Empowered with special functions under Sec. 6a KWG, the BaFin may issue instructions to the management board, or may prohibit the institution from allowing funds to be withdrawn or transferred from an account or safe custody account held with it or may prohibit an institution from carrying out other financial transaction.
• The BaFin also reviews each institution’s compliance in regard with the legal requirements, evaluates the risks and makes a summary and forward-looking assessments (Sec. 6b KWG).
• In Germany, insurance supervision is divided between the Federal Government and the Federal States - in accordance with the federalist system of the Federal Republic of Germany:
• The BaFin supervises on behalf of the Federal Government private insurance undertakings operating in Germany which are of material economic significance and public insurance undertakings engaging in open competition which operate across the borders of any Federal State (Sec. 294 VAG). The BaFin’s supervision comprises one or more of the following measures: Sec. 298 VAG (General supervision); Sec. 302 VAG (prohibition of acquisition); Sec. 303 VAG (removal of persons with key tasks, warning); Sec. 303a VAG (prohibition of activities); Sec. 304 VAG (revocation of business license).
• Moreover, the BaFin is empowered to request information about all business matters as well as the submission or transmission of all business documents (Sec. 305 VAG) and to conduct business audits without particular case (Sec. 306 VAG).
• The supervisory authorities of the Federal States are mainly responsible for supervising public insurers whose activities are limited to the Federal State in question and those private insurance undertakings which are of lesser economic significance.
• The Federal Network Agency (Bundesnetzagentur, BNetzA) is responsible for the regulation of the telecommunications market (Sec. 116 TKG).
• Pursuant to Sec. 126 TKG, the BNetzA has the power to order “necessary measures” if a network provider violates its obligations under the Act or the EU Roaming Regulation.
• The procedure for measures is based on a three-stage concept (Sec. 126 (1) to (3) TKG): At first stage, the network provider is given a deadline (usually one month) to remedy its violation; if it fails to do so within the deadline the BNetzA can order measures necessary to remedy the violation at second stage. In case of a severe or repeated violation – which means the third stage of measurement –, the BNetzA may ultimately prohibit a network provider from providing its network or services.
• In certain cases the BNetzA can deviate from this procedure and order necessary preliminary measures at the outset (Sec. 126 (4) TKG); this is usually when the network provider’s violation endangers public safety and order or causes substantial disadvantage to other network providers or users.

Provided By:
Prof. Peter Bräutigam, Noerr LLP, Munich