Overview

The upcoming BND Reform 2026 is not so much a comprehensive overhaul of Germany’s intelligence services, but rather an evaluation of whether the country’s security infrastructure is adequately equipped. At its core lies the question of whether Germany intends to endow the BND with the particular abilities it currently lacks in areas such as early foreign intelligence gathering, technical analysis, and reliable early warning. It is crucial to recognize that not every security vulnerability is necessarily a BND vulnerability. The evaluation in this text consists of three aspects: firstly, where the BND has identified genuine skill deficiencies; secondly, where there are shortcomings in the areas where it interfaces with the BKA, the Bundeswehr, the BSI and the ministries; and finally, where clear boundaries exist for its mandate. It is not about expanding the scope of responsibilities, but rather defining a more precise mission with enhanced efficiency in its core areas.

Status of the reform

The coalition agreement of 5 May 2025 mandates a fundamental revision of intelligence services law. The Chancellery has proposed a reform of the BND Law, which is under preliminary consultation with the BMI, BMVg, and BMJ. The initiative has not yet been formally coordinated across departments, approved by the cabinet, or introduced to parliament. The BND operates as a foreign intelligence service without police powers, as per current law. The 2021 legal framework revision, in light of the Bundesverfassungsgericht ruling, introduced enhanced supervision. The decision is not about reinventing the service, but about recalibrating its mandate, procedures and capabilities.

Purpose of the reform

The reform aims to address the growing threat of hybrid attacks, which the Bundesregierung considers state-sponsored actions below the threshold of direct attacks. The BfV in 2025 defines espionage, sabotage, and disinformation as a connected threat cluster and maps influence operations extending into the electoral context. The reform responds to a complex and evolving threat picture in the foreign and information spaces.

The BND’s primary mission is to collect, analyse, and disseminate intelligence to the German government for decision-making. It prioritizes early warning of international threats from foreign entities. The current legal framework specifically includes state-sponsored malware attacks, threats to critical infrastructure, hybrid warfare, and disinformation campaigns. Germany aims to improve its response in areas such as reach, technical analysis, early warning, data integration, and dissemination. To address the issue, modernize technology and compliance, and establish robust interfaces. Current crises increase the urgency. Additional powers can’t replace staff, prioritization, or better information sharing.

BND-specific capability gaps

The BND has a unique ability to gather intelligence from foreign sources, analyse it, and transform it into early warning signals for the federal government. This is its explicit mandate, as stated in the BND Law. It collects, analyses, processes, and disseminates information to the Bundesregierung, while also identifying and alerting to potential threats of international significance. The existing toolkit has extensive capabilities for collecting technical intelligence, including CNE measures in a foreign-to-foreign setting. However, the first identified capability gap is scaling up collection, analysis, prioritization, generating robust warning products, fostering reliable partnerships, and bolstering internal resilience.

Additionally, there is a significant gap in the ability to address unique situations in the realm of central politics. The analysis of restructuring resources justifies the BND’s ability to identify and, in certain circumstances, take covert action. This includes hacking foreign IT systems, service providers, or online platforms, as well as hacking into foreign residences to install spyware or bugs, and damaging devices or adversarial infrastructure. This would not just be a technical intelligence expansion, but a step toward closing the perceived gap between situational awareness and covert effects. This is a real change in the reform, as the BND is not currently a police authority with a mandate for active covert operations. Unlike other countries, Germany’s law does not allow the BND to protect its own infrastructure, pursue criminal prosecutions or prevent immediate threats.

Cooperation gaps

The network has a legal basis for cooperation, but struggles with processing images promptly and accurately. The BND-Gesetz currently regulates data transfers to domestic intelligence services, law enforcement, and other public bodies. It also allows for the creation of joint files with specific projects involving the Bund and Länder Verfassungsschutz, police, Zollkriminalamt, and BMVg portfolio. The Kanzleramt already serves as the central coordinating body for the BND through its oversight of specialists and administration. The cooperation gap is not primarily in the law, but in speed, standards, and responsibility.

The landscape of information and cybersecurity is just as fragmented institutionally. When it comes to cybercrime and IT security incidents, the primary sources of official reporting are the BKA/PKS and BSI situation reports. According to the German government, hybrid cases are addressed in ongoing discussions among ministries in Ressortkreis or task force formats. The BND, lacking autonomous executive authority, must collaborate with the BfV or law enforcement when foreign intelligence gathering and domestic consequences collide. This can lead to friction due to limited information sharing, evaluation, and transformation into timely actions.

The Irak-Untersuchungsausschuss found extensive money transfers from Baghdad to US entities. Eikonal, Bad Aibling, and the Selektorenkomplex revealed technological filtering issues, data sharing, uneven awareness, and overburdened supervision. Additionally, the 2022 espionage case strengthened BND and BfV collaboration in counterintelligence. Problems include some within the ministry, some between the Bund-Länder, and some in the wider security network. Some deficits can be addressed through better coordination, common standards, and shorter handover chains.

Mandate boundaries

The central boundary for the BND is the separation between foreign intelligence collection and executive enforcement. The BNDG draws this line explicitly: “It may not be attached to a police authority” (§ 1 Abs. 1 Satz 2 BNDG), and the service has “no police powers or powers to issue instructions”; nor may it request the police, by way of administrative assistance, to take measures for which it itself is not authorised (§ 2 Abs. 3 Sätze 1 und 2 BNDG). Operational reforms should not shift decisions about cases near home to the domestic realm. This is especially true when foreign intelligence gathering and threat prevention intersect.

Protecting critical infrastructure in Germany, ongoing cyberdefence on German soil, criminal proceedings, arrests, searches and seizures remain in the hands of the police, prosecutors, the BfV, the Bundeswehr and the BSI. Data exchange is also deliberately limited: transfers are purpose-bound (§ 9a Abs. 1 BNDG); data may be transferred to law-enforcement authorities only where there is suspicion of a particularly serious criminal offence (§ 11a Abs. 1 BNDG). Although the transfer of data to domestic public institutions is allowed, it must not be used for the ‘operational application of direct coercion’ (§ 11b Abs. 2 Satz 2 BNDG). A broad mandate can lead to confusion, bypassing intervention thresholds and making oversight difficult. The reform should be carefully defined with increased scope only where the role, purpose, and boundaries are clear.

Political conclusion

The objective of political reform should be a clear and focused target model: a BND that enhances its core competencies without expanding institutionally. Three key tests must be met during implementation: the measure must be specific to foreign intelligence gathering and early warning; it should not overlap with the responsibilities of the police, BfV, Bundeswehr or BSI. Secondly, the operational effectiveness of the measure must be evaluated. Does it enhance collection, analysis and data fusion? In exceptional cases, does it facilitate covert actions abroad? Third, does it clearly distinguish from executive police actions (§ 1, § 2 BNDG)?

In the near future, technological advancements, staffing, analysis, self-protection, and expedited transfers will drive most operational enhancements. Any additional political favourites should be crafted as targeted, narrowly defined tools with their own trigger, approval, and review processes. The journey of CLB1205 begins here, where the objective is established, and the supervisory structure evaluates its feasibility and risk profile.