The deadline lands on a single model, not a regulator
On 2 August 2026 the EU AI Act’s high-risk obligations for deployers under Article 26 become applicable. In Germany, that date does not arrive at one regulator. It arrives at four parallel files — and the credit-scoring, fraud-detection or insurance-underwriting model a German firm is already running has to sit inside all of them at once.
That is the operating problem this piece is about. Not the classification debate. Not who counts as a provider. The question is what evidence each German authority will ask for after 2 August, and whether any of those four evidence files were designed to be read by the others.
Four regimes, two competent authorities, one model
A German bank or insurer running a single high-risk AI deployment on 2 August will be readable by four legal stacks at once:
- The AI Act, supervised in Germany by the Bundesnetzagentur. Under Article 26, deployers must monitor operation on the basis of the provider’s instructions for use, retain automatically generated logs for at least six months, ensure the quality of input data they control, report serious incidents under Article 73, and inform workers before workplace deployment. Germany has designated the Bundesnetzagentur as the central national market-surveillance authority under the AI Act, while financial-sector supervisors keep their existing competences.
- MaRisk AT 4.3.5, supervised by BaFin. MaRisk Rundschreiben 06/2024 of 29 May 2024 introduced the model-use module AT 4.3.5. It requires institutions to maintain sufficient knowledge of model conception and the data flowing into a model, to give “appropriate attention to sufficient explainability, particularly for models exhibiting characteristics of technology-driven innovation and artificial intelligence”, to validate models regularly, and to put written rules around how model results are used. BaFin’s 9. MaRisk-Novelle consultation, opened in 2026, extends the model regime further down to less significant institutions.
- DORA plus BaFin’s December 2025 AI guidance. BaFin’s Orientierungshilfe zu IKT-Risiken beim Einsatz von KI in Finanzunternehmen, published on 18 December 2025, is explicit that an AI system is a subset of network and information systems under DORA. It pushes supervised firms to manage ICT risk across the AI lifecycle — data acquisition, model development and deployment, ongoing operation and decommissioning — and treats ICT third-party risk for AI vendors as a core competent-authority question.
- DSGVO and BDSG, supervised by the German state data protection authorities and coordinated through the Datenschutzkonferenz. The DSK’s Orientierungshilfe Künstliche Intelligenz und Datenschutz of 6 May 2024 already maps DSGVO obligations onto every phase of an AI project. For 2026 the DSK has announced cross-authority inspections of biometric AI systems, running in parallel with AI Act market surveillance. Where personal data is processed, Article 35 DSGVO requires a data protection impact assessment, and BDSG §38 keeps the data protection officer in the room.
That is two competent authorities — BaFin and the Bundesnetzagentur — plus the state DPAs, sitting on top of four distinct documentation regimes. One operating model. One incident. Four files.
Stacking is the operating question, not the classification one
The familiar reading of 2 August is vertical: a deployer goes to its provider and asks for the technical documentation under Article 11, the quality management evidence under Article 17, and the post-market monitoring plan under Article 72. That is the contract-layer story.
The German reading is horizontal. The same logged event — a scoring decision, a fraud refusal, a fraud false positive, a model-drift alert — has to be:
- a sufficient AI Act log under Article 26, retained six months, available to the Bundesnetzagentur;
- a validation observation under MaRisk AT 4.3.5, integrated into BaFin’s internal control and reporting cycle;
- an ICT risk event under DORA and BaFin’s December 2025 AI guidance, classifiable and possibly reportable as an ICT-related incident;
- and, if personal data is involved, a processing event the DPO and the state DPA can read against the DPIA on file.
Each of those four readings has its own format, its own retention, its own escalation path. None of them was designed for the other three. A single model can comfortably sit inside one regime and fail the others on disclosure alone.
What the next six weeks actually need to do
Three operational gaps are visible at every German firm that has not already done a parallel-regime walk-through:
- Log mapping. The Article 26 six-month log is not the MaRisk validation observation, which is not the DORA ICT incident record, which is not the DSGVO processing record. Firms need a single event taxonomy that can be read four ways without rewriting the data.
- Incident path. A serious AI incident under Article 73 of the AI Act, a major ICT incident under DORA, and a personal-data breach under Article 33 DSGVO can all be triggered by the same hour of operation. Each has a separate clock and a separate addressee. The clocks are not aligned.
- Authority mapping. Internal compliance owners frequently still treat BaFin as the only counterparty for an AI-driven banking process. After 2 August the Bundesnetzagentur, the relevant state DPA, and BaFin can all open a line on the same deployment.
BaFin’s December 2025 guidance and MaRisk AT 4.3.5 give German firms a head start on the BaFin axis. The DSK has spent two years writing the DSGVO axis. The AI Act adds a Bundesnetzagentur axis that did not exist before. The integration sits with the deployer.
What to watch in the next four weeks
- Whether BaFin issues a further Aufsichtsmitteilung tightening Article 26 expectations specifically for credit and insurance deployers before 2 August.
- Whether the DSK publishes an updated Orientierungshilfe aligned to Article 26 deployer obligations, rather than leaving the 2024 version as the operational reference.
- Whether the Bundesnetzagentur sets out a written intake process for AI Act serious-incident reports under Article 73 distinct from BaFin’s DORA channel.
- The first joint inspection action under DSK’s announced 2026 biometric-AI programme — the test of whether parallel supervision in practice actually means parallel files or one shared one.
The first 2 August reading of a German AI deployment will not be a classification call. It will be a documentation call. Four regimes, two authorities, one model.
Discussion
Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.