Europe Hub
🇩🇪
Germany
AI Governance in Germany
Germany's AI governance is shaped by the EU AI Act, BaFin and BSI sector requirements, strict GDPR enforcement, and the unique Betriebsrat co-determination rights that are mandatory before deploying workplace AI.
Key Regulators
BaFin—Federal Financial Supervisory Authority — financial services AI governance
BSI—Federal Office for Information Security — AI cybersecurity guidance
BfDI—Federal Commissioner for Data Protection — federal GDPR enforcement
State DPAs—16 state data protection authorities — regional GDPR enforcement
Betriebsrat—Works councils — co-determination rights on workplace AI
BAuA—Federal Institute for Occupational Safety — AI in workplace safety
AI Governance by Industry
Germany-specific obligations across key sectors.
🏦
Financial Services
BaFinBundesbankBaFin/ESMAEBA
- → FEAT-aligned model risk management
- → Explainability for credit and underwriting AI
- → MaRisk/BAIT IT governance requirements
👥
Workplace & HR
BetriebsratFederal Labour CourtState DPAs
- → BetrVG §87(1) No.6 co-determination for monitoring AI
- → GDPR Article 22 automated employment decisions
- → Works agreement (Betriebsvereinbarung) required
⚡
Critical Infrastructure
BSIBNetzAKRITIS authorities
- → BSI AI security framework
- → KRITIS AI risk assessment
- → NIS 2 Directive cybersecurity + AI systems
🏭
Manufacturing & Automotive
TÜVKBABAuAEU Type Approval
- → EU Machinery Regulation AI requirements
- → ISO 26262 functional safety for automotive AI
- → Worker AI governance under BetrVG
Related Articles
Regulation