Open navigation
Search
Search
All expertise
Explore our breadth of expertise.
International Desks
Helping you access overseas markets with support from our country and region-specific experts.
Sectors View all
Practice Areas View all
Offices
Discover the scope of our presence in the jurisdiction.
Global Reach
Learn about our capabilities beyond borders.
CMS Hungary
All insights
Leverage our expert analysis, intelligence and thought leadership for your strategic advantage.
Personalised updates
Receive tailored insights and intelligence that apply directly to your business.
Topics in Focus View all
Insights by type
CMS News
Stay up to date with our growth, evolution and our many successes.
Contact us
For all general enquiries.
About CMS
CMS Careers

Select your region

International Europe Africa Asia-Pacific The Americas Middle East
Legal Update

Hungarian National Bank issues guidelines for AI use in credit institutions

16 Dec 2025 Hungary 4 min read

The Hungarian National Bank (MNB) recently issued Recommendation 13/2025 (XII.3.) on the Digital Transformation of Credit Institutions, replacing 4/2021 (III. 30.) MNB Recommendation, which includes objectives promoting responsible use of artificial intelligence (AI) by credit institutions and encouraging the safe deployment of AI systems in the banking sector.

The Recommendation specifies that, as part of their digital transformation strategy, credit institutions should adopt an “AI sub-strategy” and submit it to the MNB by 30 June 2026. The Recommendation contains detailed requirements on the contents of this AI sub-strategy, which go beyond the requirements of the AI Act.

Credit institutions and third-party AI system providers should begin preparations for compliance with the Recommendation right away because the MNB will monitor and evaluate compliance through its supervisory and monitoring activities.

The main provisions of the Recommendation include the following:

  1. AI-focused governance and internal frameworks: Credit institutions should review their AI-related governance, establish a regulated internal framework, and appoint a dedicated leader for implementing the AI sub-strategy. Good practices include monitoring the development of AI technologies and solutions, establishing an AI-related ethical code, and preparing a strategy for regulatory and legislative readiness concerning AI.
  2. Data governance and data asset management: Quality, proper handling, and protection of data used in the development and operation of AI systems must be insured. Good practice includes applying high-risk AI system requirements to non-high-risk systems and regularly reviewing the adequacy of data used in in-house AI systems. Raw data should be accessible and retrievable separately from processed data, and in the case of supervised learning, training data should be labeled with multiple annotator validation.
  3. Rules for the development and procurement of AI systems: The Recommendation provides detailed requirements for in-house developed AI systems in this respect. For third-party AI systems or models, the credit institution must obtain information on how the third party ensures compliance with the Recommendation. Good practices include defining in advance the conditions for reviewing, updating, or retraining AI models, regularly testing AI systems for ethical compliance to detect potential biases or discrimination, applying “guardrail” tools, and ensuring human oversight and intervention not only for high-risk AI systems. Independent auditing or certification of in-house and third-party AI systems is also good practice.
  4. AI risk management: Including AI-specific risk classification and at least annual reviews.
  5. AI-specific IT security: Credit institutions should pay particular attention to protecting training data, learning algorithms, parameters, non-public inputs, and system prompts. It is important to detect attacks on AI systems and prevent unauthorised data manipulation. For third-party AI systems or models, information should be obtained on the technical and protective measures implemented by the provider in accordance with the Recommendation.
  6. Developing organisational AI expertise: Good practices include establishing rules for the use of third-party AI systems, especially generative AI, and periodically testing AI-literacy.
  7. Internal and external AI-related communication: Good practices include creating an AI communication strategy, providing educational content, operating an internal reporting system for AI errors, informing clients about the use of AI systems, and allowing clients to provide feedback on the quality and accuracy of AI-generated responses.

Credit institutions must comply with the AI sub-strategy obligations by 30 June 2026, one month earlier than the compliance deadline for high-risk AI systems under the EU AI Act, while all other provisions of the Recommendation apply from 1 April 2026. Credit institutions are advised to take the necessary preparatory steps in parallel with EU AI Act compliance preparations.

For more information on MNB guidelines for AI use, contact your CMS client partner or the CMS experts who wrote this article.

More insights
Banking & Finance TMT - Technology, Media & Telecommunications

Explore more

Event Hungary

IP Insights webinar series 2026

28 Apr 2026
Expert Guide International

Real estate finance law in Hungary

22 min read
Publication Hungary

Signing with e-signature in CEE 2026

05 Jan 2026 2 min read
Back to top Back to top
You will now find all Law-Now content on CMS.law
Explore more
Law-Now, RegZone, LEXplicite and Blogtt have moved to CMS.law. Law-Now has moved to CMS.law. RegZone has moved to CMS.law. LEXplicite has moved to CMS.law. Blogtt has moved to CMS.law.
Learn more Learn more Learn more Learn more
If you want to use third party tools, please enable personalisation cookies as part of your cookie preferences. You can change this setting at any time via the button below or in our Cookie Notice.