There are two main laws governing the banking sector in Switzerland:
- Banking Act: This applies to banks providing services in and/or from Switzerland.
- Financial Market Supervision Act: This led to the creation of the Swiss Financial Market Supervisory Authority (FINMA) and contains the main provisions relating to FINMA’s supervision of banks and other players in the financial sector that need a licence to operate.
Other important laws include:
- the Financial Services Act;
- the Financial Institutions Act;
- the Anti-money Laundering Act;
- the Financial Market Infrastructure Act;
- the Collective Investment Schemes Act;
- the Insurance Supervision Act; and
- the Law on the Issuance of Mortgage Bonds.
These laws are supplemented by a large number of ordinances issued by the Swiss Federal Council (Swiss government) and FINMA. The latter also issues circulars that specify how it applies the financial market supervision legislation.
Finally, the Swiss banking sector is subject to self-regulation which complements and implements the banking regulations. The Swiss Bankers Association is the main self-regulatory body.
International supervisory cooperation with foreign supervisory authorities is one of FINMA’s core international activities.
International supervisory cooperation is ensured through:
- multilateral or bilateral agreements;
- mutual administrative assistance (the bilateral exchange of information in the traditional sense);
- on-site inspections; and
- colleges – that is, platforms for cooperation between several supervisory authorities in relation to a financial group or conglomerate.
FINMA has concluded a large number of bilateral agreements with the most important foreign authorities. The agreements facilitate cooperation with these authorities and can be a prerequisite for the authorisation of Swiss regulated entities in a foreign financial market or vice versa.
FINMA is also a party to multilateral agreements – in particular, the Multilateral Memorandum of Understanding and the Enhanced Memorandum of Understanding of the International Organization of Securities Commissions. These multilateral agreements define an international standard for supervisory cooperation.
In the area of international cooperation, Switzerland is a member of the following main bodies:
- the Financial Stability Board;
- the Basel Committee on Banking Supervision;
- the Financial Action Task Force on Money Laundering;
- the International Association of Insurance Supervisors; and
- the International Organization of Securities Commissions.
The international standards issued by these various bodies are not directly applicable. To be so, they must be implemented under Swiss law. The automatic international exchange of information in tax matters, based on the Common Reporting Standard of the Organisation for Economic Co-operation and Development, is one example of international standards that are the subject of a specific law in Switzerland. In addition, Switzerland has a specific law implementing the Foreign Account Tax Compliance Act Agreement with the United States.
FINMA’s legal mandate is to protect:
- stakeholders of the financial markets, including customers, investors and insured persons; and
- the proper functioning of these markets.
It is the main authority responsible for enforcing financial market legislation in Switzerland.
The prudential supervision of the Swiss financial sector is FINMA’s core task. It is carried out with a forward-looking approach.
A Swiss peculiarity is that FINMA delegates a large part of this supervision to private auditing companies. This is the so-called dual system of supervision.
Prudential supervision is risk oriented. In this respect, FINMA has divided Swiss banks into five supervisory categories according to size, complexity and risk structure.
In the event of a violation (suspected or proven) of the financial market supervisory laws, FINMA has several enforcement instruments at its disposal, which it applies on a case-by-case basis.
These enforcement tools (which can be applied cumulatively) are:
- provisional measures;
- restoration of the legal order;
- reprimand;
- a ban on exercising a management function for an individual;
- a ban on practising for an individual;
- publication of FINMA’s enforcement decision (‘name and shame’);
- the seizure of illegally acquired profits;
- withdrawal of a licence;
- liquidation; and
- the bankruptcy of a supervised institution.
FINMA is also empowered to issue a ban on a person that has carried out an activity subject to financial market supervisory laws without having previously obtained the relevant authorisation.
FINMA does not have the legal authority to impose fines on legal entities or individuals that have violated financial market supervisory laws. However, it does have the power to seize illegally acquired profits.
FINMA regularly calls on third-party specialised firms (eg, lawyers and auditing firms) to assist it in the implementation of these enforcement measures.
If there is a suspicion that a criminal offence has been committed, FINMA will contact the competent criminal authorities, which will decide whether to initiate criminal proceedings. Civil disputes fall under the jurisdiction of the ordinary courts and/or of the Swiss Banking Ombudsman (mediation body).
FINMA recently published its Risk Monitoring 2022 report, which details the main risks identified by FINMA for the next three years.
These risks are as follows:
- Interest rate risk: Inflationary pressure has led to a tightening of monetary policy with central banks raising key rates.
- Credit risk in mortgage financing.
- Credit risk in other loans: In particular, these are linked to the rise in commodity and energy prices.
- Market risk: The risk of yield spreads on corporate bonds (due to rising inflation and the global economic slowdown).
- Cyber risks: FINMA has just finalised the revision of Circular FINMA 2008/21 “Operational Risks – Banks” to better reflect the evolution of this risk. The new Circular FINMA 2023/1 “Operational Risks and Resilience – Banks” will enter into force on 1 January 2024.
- Money laundering and sanctions: Switzerland is one of the main locations for cross-border wealth management for private clients. A reputational risk for Swiss banks and the financial centre as a whole is linked to this risk.
- Access to the European market: The European Union is considering tightening the conditions of access to its market for banks located in non-EU countries wishing to offer their services to clients in the European Union.
FINMA is in regular contact with the banks on these issues.
Decentralised finance – which refers to a wide range of applications based on blockchain infrastructures that enable financial applications such as trading or credit transactions – is also a particular focus of FINMA.
As at the end of 2021, Switzerland had 239 banks, divided into the following categories:
- Twenty-four cantonal banks: These banks are subject to specific cantonal regulations. They operate in principle in the canton where they have their headquarters. They are active in all areas, but mainly in savings deposits and mortgages, as well as in wealth management for some of them.
- Four large banks: These are economically important institutions that offer the full range of banking services, particularly in the field of investment banking. These institutions are part of a financial group and are active worldwide. This category includes:
-
- UBS AG and its Swiss subsidiary, UBS Switzerland AG; and
- Credit Suisse AG and its Swiss subsidiary, Credit Suisse (Suisse) AG;
- Due to the fact that UBS Group recently acquired the Credit Suisse Group, this categorization will necessarily be reviewed by the competent authorities.
- Fifty-nine regional banks/savings banks: These focus on traditional interest-bearing business (mortgages, corporate loans, customer deposits in the form of savings and investments). They are active at the regional level.
- One Raiffeisen bank. The activities and geographical scope of this bank are similar to those of the regional banks/savings banks. The main difference is that it is a Swiss-wide group with a ‘parent company’. The parent company carries out the operational and strategic tasks of the group and acts as guarantor for all liabilities of the Raiffeisen bank at national level. The banks are jointly and severally liable.
- Thirty-six wealth management banks: These banks are mainly active in wealth management for Swiss and international clients.
- Five private bankers: These conduct similar activities to wealth management banks. The difference lies in their legal form and in the fact that private bankers, as natural persons, are jointly and severally liable for the commitments of their institution.
- Seventeen other banks: These banks do not meet the requirements of the other categories of banks and have no significant common features.
- Sixty-seven foreign-owned banks: These are active in all areas, with some focusing on investment banking and wealth management for clients based abroad.
- Twenty-six branches of foreign banks: These conduct similar activities to foreign-owned banks. The main difference is that, as branches, they do not have their own legal personality (they are economically and legally subordinate to their parent company abroad).
The Banking Act does not prescribe a specific legal form.
Nevertheless, the vast majority of banks are structured as companies limited by shares (corporations). Some are privately owned, while others are listed on the stock exchange.
The cantonal banks are mostly public law institutions with their own legal personality. The Raiffeisen bank is a cooperative company. Finally, private bankers are incorporated as:
- sole proprietorships;
- general partnerships;
- limited partnerships; or
- limited partnerships with shares.
In order to operate in Switzerland, foreign-owned banks must meet the same legal requirements as Swiss-owned banks.
In addition, they must meet the following criteria:
- The country of domicile or registered office of each foreign person (natural or legal) holding a qualifying interest must guarantee reciprocity. ‘Foreign’ means:
-
- natural persons who are not Swiss citizens or do not have a permanent residence permit in Switzerland; and
- legal entities which have their registered office abroad or which, if they have their registered office in Switzerland, are owned by foreign natural persons who are neither Swiss citizens nor have a permanent residence permit.
- Qualified participation, whether direct or indirect, is reached if the person concerned holds more than half of the votes or otherwise controls the concerned bank.
- Reciprocity need not be verified if international agreements to this effect exist (eg, with member states of the World Trade Organization).
- The name of the bank must not lead to the conclusion that the bank is Swiss or suggest that it is Swiss.
- If the bank is part of a group or a financial conglomerate, the Financial Market Supervisory Authority (FINMA) may condition the grant of authorisation on the agreement of the competent foreign authorities, which must carry out consolidated supervision including the Swiss banking institution.
If a foreign holder of qualified participations changes, or if a Swiss-owned bank is about to be transferred to a foreign ownership, an additional authorisation must be requested from FINMA.
Finally, the above conditions also apply in principle to branches and representative offices of foreign banks in Switzerland.
Any bank that wishes to offer banking services in or from Switzerland must first obtain a licence from FINMA. In other words, a foreign bank that wishes to carry out such activity in Switzerland cannot rely solely on its foreign licence (no passporting).
Depending on the activities it wishes to carry out in or from Switzerland, the foreign bank must determine whether it is appropriate to open a subsidiary, a branch or a representative office. The legal requirements vary according to the type of structure chosen.
Under certain conditions, foreign banks that provide certain cross-border wealth management services to clients established in Switzerland, but without establishing a physical presence in Switzerland, are not required to obtain a prior authorisation from FINMA. However, their client advisers must be entered in a Swiss register of advisers.
Client advisers of foreign banks subject to prudential supervision in their home country may benefit from an exemption – that is, they are not required to register in the advisers’ register, provided that they limit their services in Switzerland to professional and institutional clients.
If the foreign bank carries out an activity in or from Switzerland that is subject to FINMA authorisation without having obtained such authorisation, FINMA may order enforcement measures against the foreign bank and against the natural persons who head the foreign bank.
For the purposes of the Banking Act, a ‘bank’ is defined as any party that is principally active in the financial business and that:
- accepts or offers to accept deposits from the public on a professional basis in excess of CHF 100 million to finance an indefinite number of natural persons and legal entities with which it does not form an economic unit;
- accepts or offers to accept deposits from the public on a professional basis up to a maximum of CHF 100 million and invests or remunerates these deposits; or
- refinances itself to a significant extent with several banks that do not have a significant interest in its capital in order to finance for its own account, in any manner whatsoever, an indeterminate number of natural persons or legal entities with which it does not form an economic unit.
A bank is engaged on a ‘professional basis’ if it:
- accepts over a long period of time more than 20 deposits from the public or crypto-assets in collective deposit; or
- calls on the public to obtain deposits or crypto-assets in collective deposit, even if it subsequently obtains less than 20 deposits from the public or crypto-assets.
On the other hand, anyone that accepts deposits from the public or crypto-assets in collective deposit for an amount of up to CHF 1 million is not acting in a professional capacity as long as no interest transactions are carried out (sandbox entity). In this case, customers must be informed in advance that:
- the Financial Market Supervisory Authority (FINMA) does not supervise the sandbox entity; and
- these deposits are not covered by the deposit guarantee.
Once a banking licence has been obtained, the authorised institution can carry out any banking activity in Switzerland (universal banking model). In particular, it can operate as:
- a securities house (securities trader);
- a collective asset manager;
- a wealth manager; or
- a trustee (cascade authorisation system).
In order to be better positioned in the fintech field and to promote innovation, a new licence was introduced in 2019 for anyone that:
- accepts deposits from the public on a professional basis up to CHF 100 million; or
- calls on the public to obtain deposit and does not invest or remunerate them.
Obtaining a fintech license is subject to relaxed legal and regulatory requirements. A company that has obtained such a licence is not considered as a bank.
The main formal requirements to obtain a banking license are as follows:
- a minimum fully paid-up capital of CHF 10 million;
- a business plan showing that capital adequacy, risk diversification and liquidity requirements can be met on an ongoing basis;
- proper business conduct by the holders of qualified participations, the board members and the senior executives;
- a precise description of the field of activity and the geographical scope of activity in the articles of association, the company contract or the regulations (the field of activity must correspond to the financial possibilities and the administrative organisation of the bank);
- effective management of the bank from Switzerland;
- clear separation between the board of directors and the senior executives;
- effective separation of internal functions – in particular lending, trading, wealth management and transaction execution;
- effective risk management – in particular through appropriate identification, limitation and control of risks (eg, market, credit, loss, transaction execution, liquidity, image, as well as operational and legal risks);
- effective internal control system and internal auditing independent of management;
- the appointment of a recognised audit company for the authorisation procedure;
- the appointment of a recognised supervisory audit firm for ongoing supervision;
- for applicants under foreign control, a guarantee of reciprocity by the countries of domicile of the holders of qualified participations; and
- if the bank is part of a financial group, adequate consolidated supervision by a recognised supervisory authority.
As a first step, it is recommended to write to or meet with FINMA in order to present the broad outlines of the banking project. FINMA can then issue a non-binding opinion on the submitted file.
If FINMA does not raise major concerns against the project, a complete file must be submitted in a Swiss national language (German, French or Italian). A file submitted in English will not be taken into account.
FINMA will review the file and ask any questions it deems relevant before issuing its decision. FINMA will also contact the auditing firm mandatorily retained by the applicant company and liaise with foreign supervisory authorities, if necessary.
The length of the procedure before FINMA depends on:
- the quality of the file submitted;
- whether it is complete; and
- its complexity.
The workload of FINMA is another criterion that must be taken into account. Finally, if the application for authorisation has a foreign component, the duration of the procedure will also depend on the responsiveness of the foreign supervisory authorities.
Adequate time must be allocated for the preparation and compilation of the documentation to be filed with FINMA.
The entire procedure (preparation and compilation of the file and its review by FINMA) takes approximately 12 to 18 months. However, this period can be extended depending on the specificities of each case.
The source of funding for banks depends on:
- their size;
- their complexity; and
- their activities in Switzerland and/or internationally.
The main sources of funding are as follows:
- customer deposits;
- bonds issued by banks;
- money market instruments – that is, securities traded on the money market with a maturity of up to one year. In Switzerland, the traditional money market instruments are domestic bills of exchange, treasury bills and treasury notes. The main foreign investments include commercial paper and certificates of deposit; and
- interbank financing – this is a market reserved to banks to exchange certain short-term financial assets between one day and one year. It is an over-the-counter market.
The minimum capital requirement is CHF 10 million, fully paid up. However, the Financial Market Supervisory Authority (FINMA) will set a minimum threshold depending on the activities of each bank and the risks of these activities, in application of the Capital Adequacy Ordinance.
This ordinance implements in Switzerland the Basel III standards, promulgated by the Basel Committee on Banking Supervision, which aim to strengthen the provisions governing banks’ capital and liquidity. The section on bank liquidity is addressed in question 4.3.
Every bank operating in Switzerland must have an adequate amount of capital, both individually and on a consolidated basis.
Non-systemic banks – that is, the vast majority of banks in Switzerland whose failure would not have a significant impact on the Swiss economy and financial system – must have a total capital of at least 10.5% of their risk-weighted positions. This percentage is composed as follows:
- minimum capital of 8%;
- a capital buffer that varies from 2.5% to 4%, depending on the category to which the bank concerned belongs; and
- for systemic banks (ie, UBS, Credit Suisse, the Raiffeisen Group, the Zurich Cantonal Bank and Postfinance), a higher total equity capital which includes other calculation criteria. Once again, due to the recent acquisition of the Credit Suisse Group by the UBS Group, this categorization will be reviewed.
Finally, small banks (Category 4 and 5 banks) benefit from certain exemptions and quantitative and qualitative reliefs, allowing them to reduce certain direct and indirect costs:
- a simplified leverage ratio of at least 8%;
- an average liquidity ratio (12-month short-term liquidity ratio (LCR)) of at least 110%; and
- a refinancing rate of at least 100%.
The Basel III standards for qualitative and quantitative liquidity requirements for banks are implemented by the Liquidity Ordinance and FINMA Circular 2015/2 “Liquidity Risks – Banks”.
The minimum reserve requirements, as set out in the National Bank Ordinance, currently amount to:
- 2.5% of the relevant liabilities – that is, all short-term liabilities (up to a maximum of 90 days) denominated in Swiss francs; and
- 20% of the liabilities to clients in the form of savings and investments.
As a general rule, each bank must have sufficient liquidity at all times to be able to meet its payment obligations, including in a crisis situation.
In addition, each bank must keep sufficient liquidity reserves at all times:
- to be able to cope with any sudden deterioration of its liquidity; and
- to ensure the medium and long-term viability of its financing.
In the same way as for equity capital, each bank must have sufficient liquidity, at both the individual and consolidated level. The level of liquidity is set according to the size and nature of each bank, as well as the scope, complexity and risks of its activities.
Three types of assets are included in the minimum liquidity reserves:
- current coins;
- banknotes; and
- sight deposits held by the bank with the Swiss National Bank.
The Liquidity Ordinance provides for two minimum standards for banks:
- the LCR, which was introduced to ensure that banks hold a liquidity buffer to offset the increase in net outflows under a 30-day stress scenario; and
- the net stable funding ratio, which is intended to ensure that a bank’s funding stability over a one-year horizon is assured in the long term.
Under the Banking Act, a ‘banking group’ is a group of companies that are linked by economic unity or by an obligation to assist each other. The group is primarily engaged in financial activities and includes at least one bank or securities firm.
If one of the participating companies is an insurance company, it is a financial conglomerate.
The content and scope of group supervision are determined by the Financial Market Supervisory Authority (FINMA) on a case-by-case basis. In particular, FINMA checks whether the banking group:
- has an adequate organisation;
- has an internal control system that enables it to identify, limit and control business risks;
- is managed by persons with a proper business conduct;
- respects the separation between operational management, senior management, supervision and control;
- complies with capital adequacy and risk diversification requirements;
- has sufficient liquidity;
- correctly applies the accounting regulations; and
- has a recognised, independent and professional auditing company.
Finally, consolidated supervision is exercised in addition to the supervision of each individual company.
There are five systemically important banks. The Swiss National Bank determines whether a bank is systemically important.
These banks are subject to more intensive supervision and must have increased capital and liquidity buffers, as well as a preventive stabilisation and contingency plan. FINMA also establishes a resolution plan for these banks which should allow them to stabilise in case of a crisis.
Internationally active systemic institutions are subject to even more stringent requirements than domestically active systemic institutions.
The central bank in Switzerland is the Swiss National Bank (SNB). It is responsible for defining Switzerland’s monetary policy and has the exclusive right to issue coins and banknotes.
As such, the SNB does not play a particular role in the day-to-day supervision of banks. It is the SNB that defines which banks are systemically important.
(a) Mortgage lending?
The Capital Adequacy Ordinance is the main applicable regulation – in particular:
- Article 44, which deals with the countercyclical capital buffer (at the request of the Swiss National Bank (SNB), the Federal Council can oblige banks to maintain a countercyclical capital buffer of up to 2.5% (in the form of Tier 1 capital) for their mortgage business); and
- Article 72 on the risk weighting for mortgage loans (the main rule is that the higher the loan-to-value ratio, the higher the risk weighting and thus the capital adequacy requirements for banks).
The Swiss Bankers Association (SBA) – the private umbrella organisation to which the vast majority of Swiss banks belong – also plays an important role. The SBA has issued two guidelines that are recognised as minimum prudential standards by the Financial Market Supervisory Authority (FINMA). These are:
- the Guidelines on Minimum Requirements for Mortgage Loans; and
- the Guidelines on Assessing, Valuing and Processing Loans Secured against Property.
FINMA considers credit risk in mortgage financing as one of the seven main risks.
(b) Consumer credit?
Consumer credit is regulated by the Consumer Credit Act, which came into force in 2001 and was last revised in 2019.
This law replaced the former federal law, as well as any cantonal laws. Its purpose is to prevent individuals from falling into a state of over indebtedness.
Under Swiss law, a ‘consumer’ is a natural person who enters into a consumer credit agreement for a purpose that can be considered unrelated to his or her commercial or professional activity.
All forms of commercial credit granted to consumers are in principle covered by the law, including leasing agreements and, to a certain extent, credit and customer cards, where the contractual provisions give the customer the right to choose a credit option (ie, where he or she can pay the amount on the invoice in instalments without being considered in default).
The law applies only to credits with a value of between CHF 500 and CHF 80,000. The maximum interest rate – set by the Federal Council and reviewed annually – is:
- 10% for cash credits, contracts for the financing of goods or services and leasing contracts; and
- 12% for credits granted in the form of an advance on a current account or on an account linked to a credit card or a customer card with a credit option.
(c) Investment services?
The Financial Services Act came into force on 1 January 2020, with a transitional period of two years. Therefore, most of the new legal requirements came into force on 1 January 2022. The Financial Services Ordinance supplements the abovementioned law.
According to the law, ‘financial services’ include:
- the acquisition or disposal of financial instruments;
- the receipt and transmission of orders in relation to financial instruments;
- the administration of financial instruments (wealth management);
- the provision of personal recommendations on transactions with financial instruments (investment advice); and
- the grant of loans to finance transactions with financial instruments.
The act aims to strengthen the protection of the clients of financial service providers and to establish comparable conditions for the various financial service providers. In addition, it sets out requirements for the fair, diligent and transparent provision of financial services and regulates the offering of securities and other financial instruments.
The new law introduces, among other things:
- rules on the classification of clients (private, professional, institutional); and
- rules of conduct (duty to inform, verification of suitability and appropriateness, duty to document and report, transparency and due diligence in relation to client orders).
(d) Payment services and e-money?
The Financial Market Infrastructure Act and its implementing ordinance came into force on 19 June 2015. This law regulates the organisation of financial market infrastructure and sets the rules of conduct for participants in securities and derivatives trading on these markets.
Article 81 of the Financial Market Infrastructure Act defines a ‘payment system’ as an entity that clears and settles payment obligations based on uniform rules and procedures.
The Federal Council can impose specific requirements on payment systems, especially with regard to capital, risk distribution and liquidity, if required by the implementation of internationally recognised standards. The SNB has certain powers in connection with the Swiss Interbank Clearing (see below).
The operator of a payment system needs a licence from FINMA only if:
- the functioning of the financial markets or the protection of the financial market participants requires it; and
- the payment system is not operated by a bank.
There is only one payment system in Switzerland that is considered to be systemically important: the Swiss Interbank Clearing, which is operated on behalf of and supervised by the SNB.
Subject to the abovementioned reservation, and given that Switzerland applies the principle of technological neutrality in financial regulation, there are no specific provisions governing payment services or electronic money in the financial regulations. It is a matter of applying the various existing prudential regulations on a case-by-case basis to determine whether a payment service provider should be subject to regulation.
Banking institutions in Switzerland have different obligations towards different regulatory bodies. They must report various information of a financial, statistical and qualitative nature to:
- the Swiss National Bank (SNB);
- the Financial Market Supervisory Authority (FINMA);
- the external auditor; and/or
- trading venues.
Pursuant to FINMA Circular 2008/14 “Supervisory Reporting Banks”, banks must provide annually to the SNB and their external auditor detailed financial data, including the annual financial statements. Banks must also disclose every semester their semestrial financial statements to the SNB and their external auditor. The SNB processes this information and then despatches it to FINMA. This information enables FINMA to implement an analysis and rating system to carry out its risk-oriented supervision.
In addition, to fulfil its supervisory and stability function, the SNB has a legal obligation to collect from banks statistical banking data in relation to:
- interest rate risks;
- the issuance of new mortgages;
- large exposures; and
- financial reserves.
On top of disclosing their annual financial statements and their yearly external audit report, banks must report in advance to FINMA any material change in their organisation and seek authorisation before implementing them. Additionally, any fact that is prudentially relevant under the Banking Act (including any cyberattack – see question 11.2) must be reported to FINMA.
Banks must also publish their annual financial statements and make them available to the public (except for so-called ‘private banks’, which do not publicly seek deposits ). FINMA Circular 2016/1 “Disclosure Requirements – Banks” sets out further details of the publication requirements and especially the topics that must be reported. Recently, FINMA has required banks to disclose their climate-related financial risks.
Finally, federal regulations (the Financial Market Infrastructure Act and FINMA Circular 2018/2 “Duty to report securities transactions”) and stock exchange rules require banks (as well as certain other participants) to report certain transactions in securities.
In addition to the usual corporate law requirements arising from the Code of Obligations, the key organisational and governance requirements are mainly to be found in the Banking Act and its ordinance, as well as FINMA Circular 2017/1 “Corporate Governance – Banks”. The circular provides detailed guidance about the requisite bodies and structure of banking institutions. Some of the requirements depend on the categorisation of banks, in Categories 1 to 5 (from highest to lowest risk).
Irrespective of their categorisation, all banks must have:
- a board of directors;
- an executive board; and
- internal and external audit, risk and compliance functions.
The board of directors is responsible for guidance, supervision and control. It sets the strategy of the bank and takes decisions on all major changes, investments and divestments. It must have management expertise and expert knowledge in all the key aspects of the business. One-third of its members must be independent. Institutions in supervisory Categories 1 to 3 must establish an audit committee and a risk committee; banks in Category 3 may combine these in a single committee. The circular requires further that systemically important institutions appoint, at least at group level, a compensation and nomination committee. In parallel, banks whose securities are listed on a recognised Swiss stock exchange but which are not necessarily considered as systematically important must also appoint a remuneration committee.
The executive board is a separate body and its members may not be part of the board of directors. Additionally, as it is responsible for the daily management of the bank, it is also responsible for the operational business activities, which are implemented based on the business strategy and the targets set by the board of directors.
FINMA Circular 2017/1 “Corporate Governance – Banks” further provides that banks must ensure that the internal control bodies are clearly separated from the revenue-generating units.
Finally, the circular also applies to financial groups and conglomerates. While considering the characteristics of group structures, governance and risk management must adhere to the standards set by the circular.
The key risk management requirements are to be found in:
- the Banking Act and its ordinance;
- FINMA Circular 2017/1 “Corporate Governance – Banks”;
- FINMA Circular 2008/20 “Market Risks – Banks”;
- FINMA Circular 2008/21 “Operational Risks – Banks”, which will be replaced by the new FINMA Circular 2023/1 that will enter into force on 1 January 2024;
- FINMA Circular 2015/02 “Liquidity Risks – Banks”;
- FINMA Circular 2017/07 “Credit Risks – Banks”; and
- FINMA Circular 2019/02 “Interest Rate Risks – Banks”.
FINMA conducts risk-oriented supervision, which provides for tighter risk standards for banks in Categories 1 to 3 and a certain degree of relaxation for banks in Categories 4 and 5 (small and well-capitalised banks).
The risk policy and risk appetite are set by the executive board and approved by the board of directors. The risk policy broadly deals with significant risks, risk tolerance and risk limits, including in relation to:
- financial risks;
- credit risks;
- anti-money laundering risks;
- reputational risks; and
- IT risks.
Internally, risk controls are undertaken by independent control bodies, which must have direct access to the board of directors.
Institutions in supervisory Categories 1 to 3 must:
- appoint a chief risk officer; and
- have a separated risk control function and compliance function as independent control bodies.
Risk control ensures the systematic monitoring of quantitative and qualitative risks and the conduct of stress tests. In addition, risk control:
- is responsible for developing and operating an adequate risk monitoring system; and
- must be consulted on the launch of new products or the expansion of existing products.
Every banking institution must establish an internal audit function, which may be outsourced if certain conditions are met. In accordance with FINMA Circular 2017/1 “Corporate Governance – Banks”, the Institute of Internal Auditing Switzerland sets the qualitative requirements to be met by the internal audit function. Its work is also standardised based on the International Standards for the Professional Practice of Internal Auditing, as issued by the Institute of Internal Auditors.
The internal audit function has direct access to the board of directors or to its audit committee. It discharges its assigned duties in an independent fashion.
Also according to FINMA Circular 2017/1 “Corporate Governance – Banks”, it has unlimited rights of inspection, information and audit within the institution and its consolidated companies. The size of the internal audit unit reflects the size, complexity and risk profile of the institution.
Furthermore, banks must appoint an external audit firm, often referred to as FINMA’s ‘extended arm’. The audit firm conducts a thorough risk assessment and ad hoc assessments to ensure current and future compliance of the considered banking institution with prudential requirements if necessary. All audit results are submitted to FINMA by the audit firm in a standardised audit report.
Audit firms are subject to the supervision of the Federal Authority of Supervision of Audit Firms (FAOA) and must have the appropriate FAOA licence to be able to perform a banking audit.
As a general principle, the fit and proper test requires that the structure of a bank, considered both as a whole and at individual level, be fit and proper to function.
Financial Market Supervisory Authority (FINMA) Circular 2017/1 “Corporate Governance – Banks” sets out further principles for the senior management organisation. Among other things, the board of directors – which is responsible for the overall strategy of the bank – must be functionally and personally segregated from the executive board. In addition, the management structure must be segregated from the control functions, which must operate independently.
The members of the board of directors are appointed by:
- the general meeting of shareholders for banks organised as corporations limited by shares; and
- the general assembly of the members for banks organised as cooperatives.
Banks organised as partnerships are subject to different rules; as are certain cantonal banks, in which some members of the board of directors are appointed by state bodies.
Senior executives are appointed by the board of directors.
FINMA must approve any appointment in the board of directors or the executive board, as well as certain heads of control units.
As a general principle, all board members and senior executives are subject to proper business conduct rules, which extend to all character-related and professional factors.
Based on Circular 2017/1 “Corporate Governance – Banks”, the prerequisites for appointment to the board of directors or executive board of a banking institution include:
- management experience;
- knowledge of the banking sector; and
- special knowledge of financial, legal and compliance, risks and new technologies.
The criterion of independence also plays a key role for the board of directors, as at least one-third of the board of directors must consist of independent members (unless exceptions are approved by FINMA).
Under general corporate law, members of the board of directors and senior executives have a duty of loyalty and fidelity towards the company.
The Banking Act and FINMA Circular 2017/1 “Corporate Governance – Banks” outline these duties in further detail. According to the circular, the board of directors is responsible for setting out the business strategy and setting the tone of the corporate culture (‘tone from the top’). It is responsible for approving the risk policy and basic features of risk management. It is also responsible for establishing an appropriate organisation and bears ultimate responsibility for the financial situation of the banking institution. Finally, it signs off on:
- the capital and liquidity plans;
- the annual report;
- the annual budget; and
- the financial objectives.
It also sets out the remuneration rules.
The senior executives are responsible for the operational business activities, which reflect the business strategy and the targets and resolutions of the board of directors. It is also responsible for managing the day-to-day business, operational revenue and risk management, including and issuing rules for regulating business.
Banking executive compensation is subject to:
- the Code of Obligations – in particular, the section on excessive compensation with respect to listed companies; and
- FINMA Circular 2010/1 “Compensation Scheme”.
The remuneration scheme is an integral part of the organisation of a financial institution and is signed off by the board of directors. The remuneration scheme must follow certain principles set out in the circular. It must not create incentives for the taking of inappropriate risk and instead should motivate employees to contribute to the long-term success and stability of the bank. Those main goals are detailed in 10 guiding principles set out in the circular.
For listed (banking) companies, the Code of Obligations provides for an annual vote of the general meeting of shareholders on the remuneration packages of members of the board of directors and the executive board. Additionally, the Code of Obligations prohibits certain transactions by senior management which could lead to conflict of interests.
The main framework for transferring assets and liabilities in Switzerland remains private share deals based on the Code of Obligations, which gives extensive freedom to the parties to arrange the deal as they deem fit.
The Merger Act allows for mergers, disinvestment and the transfer of assets and liabilities. The transfer of assets and liabilities allows for the statutory transfer of businesses or part thereof. While not as widely used as share deals, statutory transfers under the Merger Act have recently been gaining traction as an increasing number of banks have restructured their assets or are considering this.
It is likely that consolidation (mergers, acquisitions and assets transfers) in the banking sector will continue as the cost base for many banks increases without a corresponding increase in income.
A change of control is considered both at the individual level and at the corporate level.
According to the Banking Act, any natural or legal person that intends to hold or cease to hold, directly or indirectly, a qualifying holding in a bank organised under Swiss law must report to the Financial Market Supervisory Authority (FINMA) in advance. The threshold of this qualifying threshold is set at 10% of the voting rights.
This duty to inform also applies if the holding reaches, exceeds or falls below the thresholds of 20%, 33% or 50% of the capital or voting rights.
To be approved by FINMA, such controlling persons must warrant that they will be unable to influence the bank in a way that would be incompatible with prudent and sound management. FINMA has the authority to check whether these requirements are fulfilled and to refuse to allow the transaction if it considers that this is not the case. FINMA’s approval must therefore be obtained prior to any transaction closing.
At the corporate level, as soon as it becomes aware of it, and at least annually, a bank must also inform FINMA of the identity of any person that reaches, exceeds or falls below the abovementioned thresholds.
A Swiss bank must also apply for additional licensing if persons abroad (defined as natural persons who are not Swiss citizens or do not have a permanent residential permit and legal persons which are incorporated and domiciled abroad or domiciled in Switzerland but are controlled by persons abroad):
- acquire, directly or indirectly, holdings that amount to more than half of the voting rights; or
- are in another manner in a position of control.
Listing rules, including ad hoc publicity rules, also apply to banking institutions that are listed on a recognised stock exchange.
The Swiss legislative system includes various provisions and laws aimed at protecting (banking) customers.
In particular, since January 2020, the Financial Services Act and its implementing ordinance have sought to enhance customer and investor protection and improve the transparency of financial products. According to the Financial Services Act, banking clients are categorised into three categories: retail, professional and institutional. Depending on their categorisation, customers enjoy a different level of protection.
This classification requires from the bank:
- a detailed suitability assessment;
- the provision of comprehensive information; and
- access to an appropriate universe of financial instruments.
In terms of loans, the Consumer Credit Act applies to onerous credits (with interest or other charges) where:
- repayment is spread over instalments for more than three months; and
- the loan amount is between CHF 500 and CHF 80,000, excluding interest and charges.
However, it does not apply to mortgaged loans.
According to the Consumer Credit Act:
- interest for cash loan amounts may not exceed 10% per year; and
- the interest rate for credit and customer cards, as well as for current account overdrafts, may not exceed 12% per year.
These maximum rates are reviewed and fixed periodically by the Federal Council.
The Consumer Credit Act sets out various conditions of both a formal and material nature for the grant of consumer loans. Where a loan is granted in serious breach of the act, all claims of the lender are forfeited. In case of minor breach, interests and loan related costs are not due.
Finally, the Unlawful Competition Act provides for certain obligations in respect of advertising and unfair market practice. The act applies to general business conditions, but thus far the Swiss courts have regularly held that banking relationships do not per se fall within its scope. As a result, it is extremely difficult to challenge banks’ general conditions in Switzerland.
The regulation, supervision and stability of the system in general aim to protect banking depositors. If nevertheless a bank were to become bankrupt, the Swiss deposit insurance scheme (esisuisse) would kick in.
All banks that accept client deposits must be part of esisuisse and contribute financially to it (by providing collateral in securities or in money). The funds held by esisuisse currently amount to CHF 8 billion
In case of bankruptcy, cash deposits of up to CHF 100,000 per client will be paid out immediately from the bank’s available funds (so-called ‘privileged deposits’). If there are insufficient available funds, esisuisse will step in and proceed with disbursements of up to CHF 100,000. Retirement savings are not included in the privileged deposits. However, claims for the repayment of retirement savings up to CHF 100,000 per client fall within Category 2 of claims and will be paid after salary claims.
Clients in Switzerland and abroad enjoy the privileges described above provided that their assets are booked in Switzerland.
Under bankruptcy law, assets such as securities, units in collective investment schemes and physical precious metals that are held in custody remain the property of the customer and, in the event of bankruptcy, are normally ring-fenced and returned to the customer.
The main data protection framework is found in the Data Protection Act, enacted on 19 June 1992. A major revision to the Data Protection Act will enter into force in September 2023.
For banks specifically, the main protective provision is to be found in Article 47 of the Banking Act, which provides for strict banking secrecy.
Article 47 provides for criminal penalties at various degrees for the unlawful disclosure of facts that are subject to banking secrecy. The scope of secrecy is interpreted broadly and covers all business and personal facts stemming from the business relationship between the client and the bank.
Banks are also subject to the privacy provisions of:
- Article 28 of the Civil Code (protection of personality); and
- Article 398 of the Code of Obligations (duty of loyalty from the bank to the client).
Many of the obligations arising from the various provisions overlap.
There is no cybersecurity regime per se in Switzerland. Cybersecurity risks are treated as operational risks that all banks must manage in an appropriate manner and according to their risk tolerance.
That said, Financial Market Supervisory Authority (FINMA) Circular 2008/21 “Operational Risks” sets out the regulatory expectations in relation to IT risks and cyber risks in particular. The emphasis is placed on client-identifying data, which must be appropriately protected.
According to the circular, the executive board must appropriately document the IT risk management in line with the IT strategy and the bank’s risk tolerance.
Regarding cyber risks specifically, the executive board must also document the management of cyber responsibilities in an appropriate way. The management of cyber risks requires an efficient strategy and clear roles and responsibilities. At a minimum, the policy must:
- identify potential cyberattack risks specific to the financial institution, especially regarding critical data and infrastructure;
- protect business processes against cyberattacks;
- allow for the rapid identification of cyberattacks;
- facilitate a response to cyberattacks with immediate and targeted measures and the continuation of business operations; and
- ensure the rapid restoration of normal business operations after cyberattacks through appropriate measures.
In addition, the executive board regularly orders vulnerability scans and penetration tests to protect critical and/or sensitive IT data and systems against cyberattacks. These should be conducted by qualified personnel with appropriate resources.
The new Circular 2023/1, which will enter into force on 1 January 2024, expands these obligations.
Finally, successful or partially successful important cyberattacks must be reported within 24 hours to FINMA and a detailed account must be forwarded within 72 hours.
Switzerland has a comprehensive and very tight money-laundering framework that applies not only to banks, but also to all financial intermediaries (eg, asset managers, family offices, lawyers and trust officers). The legislative framework follows the principles, standards and guidelines set forth by the Financial Action Task Force.
According to Article 305bis of the Criminal Code, money laundering is a criminal offence which carries a maximum penalty of five years’ imprisonment and/or large fines. A failure to identify clients and/or clarify transactions and a failure to report anti money-laundering breaches also constitute criminal offences.
The Anti-money Laundering Act and its two implementing ordinances (the Anti-Money Laundering Ordinance and the Financial Market Supervisory Authority-enacted Anti-money Laundering Ordinance) require banks and all other financial intermediaries to comply with stringent due diligence and disclosure requirements in respect of client identification and transactions. Banks are also subject to the Agreement on Swiss Banks’ Code of Conduct Regarding the Exercise of Due Diligence, which is issued by the Swiss Bankers Association and sets out the duties of banks relating to the identification of contracting partners and controlling persons or beneficial owners.
As discussed in question 11.1, banking secrecy applies in Switzerland. It protects legal and natural persons against unauthorised access by the state or third parties. Breach thereof is a criminal offence which carries a maximum penalty of three years’ imprisonment and/or a fine (five years’ imprisonment if the perpetrator acted to obtain a financial advantage). The client is the owner of the secrecy and can consent to disclosure of facts covered by banking secrecy.
However, banking secrecy is not absolute and there are numerous provisions that define limits to banking secrecy in both domestic and international cases. In certain family, debt collection, administrative, tax and criminal matters, banking secrecy can be lifted against the client’s will by order of the competent authority. Internationally, requests for criminal or administrative (tax) mutual assistance may also lead to a lifting of the banking secrecy against the client’s will.
In addition to the US Foreign Account Tax Compliance Act, Switzerland has entered into automatic exchange of information agreements for tax purpose (AEIAs) with at least 101 countries. AEIA standards (based on the Organisation for Economic Co-operation and Development models) require banks to collect clients’ financial information, including all types of investment income and account balances, where those clients are foreign tax residents. The bank must then transmit this information to the Federal Tax Administration, which in turn will forward it to the relevant country.
Finally, banking secrecy can also be lifted with the consent of the client. All banks include consent to the lifting of the banking secrecy in their general terms and conditions for certain matters, such as required disclosures for the purchase of securities or the completion of international wire transfers.
The Swiss economy withstood the COVID-19 pandemic quite well. However, in 2022 the economic environment was affected by negative interest rates, which came to an end in September 2022. The war in Ukraine and rising global inflation rates implied a downturn in the economic environment which may also inevitably affect banks.
Consolidation in the banking sector has continued, as Switzerland had 243 banking institutions in 2020 but just 239 in 2021 (Swiss Banking, Banking Barometer 2022, Figure 2, p7).
Access to the European market is still not satisfactorily regulated, as the Swiss/EU negotiations have stalled. Swiss banks have appealed to the Swiss government to improve the conditions for market access. The provision of financial services to EU-domiciled clients is a key export sector for Switzerland, as domestic banks manage assets totalling around CHF 1 trillion belonging to EU-based clients (Swiss Banking, Banking Barometer 2022, Figure 2, p7).
Meanwhile, negotiations with the United Kingdom are continuing at a fast pace. The negotiations are aimed at the conclusion of a comprehensive financial services agreement, which would include liberalisation and mutual market access in the areas of banking and investment services, asset management, insurance and capital markets (including financial market infrastructure).
The Swiss financial sector accounts for 9% of gross domestic product (State Secretariat for International Financial Matters, Chiffres-clés, April 2022), and the Swiss government is endeavouring to support the competitiveness of this sector.
Swiss law has a comprehensive banking recovery, resolution and liquidation framework, mainly set out in:
- Articles 25 to 32 of the Banking Act; and
- the Financial Market Supervisory Authority (FINMA) Banking Insolvency Ordinance.
As a supervisory authority, FINMA monitors the financial situation of banks on an ongoing basis. If FINMA has concerns about a bank, it will commence intensive monitoring and encourage the bank’s executive bodies and shareholders to find definitive solutions to the issues at stake. These might include:
- capital increases;
- cost reductions;
- mergers; and
- the disposal of assets.
If, despite such voluntary measures, a bank is in a situation of real concern – for example, if it has liquidity issues or is overindebted or in breach of capital requirements – FINMA will order protective measures. According to Article 26 of the Banking Act, these measures may include:
- the issuance of instructions to the bank’s bodies;
- the appointment of an investigator;
- the appointment of new representatives of the bank;
- the limitation of the bank’s activities; and
- a prohibition on making payments or accepting deposits.
A formal restructuring may be then initiated by FINMA if there is a positive outlook of successful completion. One of the prerequisites to the formal restructuring is that the creditors must not be worse off as a result of the restructuring than they would be in the event of an immediate bankruptcy. The restructuring is generally carried out by a FINMA-appointed administrator and is executed under close supervision by FINMA.
The five systematically important banking institutions (Credit Suisse, UBS, Raiffeisen Group, ZKB and Postfinance) are subject to more stringent rules, as they must:
- hold higher capital and liquidity buffers; and
- prepare and maintain resolution plans to be approved by FINMA.
Articles 33 to 37g of the Banking Act and the FINMA Banking Insolvency Ordinance set out the legal regime applicable to insolvent banking institutions.
If a bank becomes insolvent and there is no realistic prospect of a successful restructuring, FINMA will withdraw the bank’s licence and initiate bankruptcy proceedings. The proceedings aim to:
- facilitate the orderly dissolution of the bank;
- minimise the disturbance to the financial markets; and
- maximise the proceeds for creditors.
The bankruptcy is made public by FINMA, which will appoint a bankruptcy liquidator to carry out the necessary steps towards dissolution and liquidation.
Bankruptcy proceedings cover all realisable assets in a bank’s possession at the time in question, regardless of whether they are located in Switzerland or abroad. All Swiss and foreign creditors of the bank and its foreign branches are equally entitled to participate in bankruptcy proceedings opened in Switzerland and enjoy the same privileges.
Immediately after the launch of the proceedings, privileged deposits of up to CHF 100,000 per depositor, irrespective of whether they are located in Switzerland or abroad, will be paid out of the bank’s available assets.
All remaining shortfalls after payment of the privileged deposits will be paid out in accordance with the hierarchy of claims In principle, claims arising from banking deposits rank in the third class and are paid after employees’ claims and pension claims.
The Swiss banking sector is extremely dynamic and the recent take-over of Credit Suisse by UBS will likely be a game changer in the banking landscape with important shifts of clients towards smaller local banks and likely new regulations in the aftermath of the crisis.
Cooperation between fintechs and banks will likely increase (Swiss Bankers Association, Banking Barometer 2022, August 2022, p15), which will further challenge the regulator.
The licensing requirement for private wealth asset managers entered into force on 1 January 2020, with a transition period of three years. This could lead to an increase in the number of funds that are actively managed by banks instead of simply being in their custody, as many (small) private wealth asset managers either did not apply for a licence or might not receive one.
Banks will also need to adapt their operations to the new Data Protection Act, which will enter into force in September 2023.
Furthermore, the deposit protection scheme has been strengthened and the new legislative framework will be implemented in the coming years, requiring banks to adjust their operations accordingly.
The revised Money Laundering Act and its implementation ordinance, which became fully applicable on 1 January 2023, enhance the transparency and know-your customer obligations.
Finally, the Federal Council has signed into force its federal Ordinance on Environmental, Social and Governance Reporting, which will apply to listed and other companies, including banking institutions, as of 1 January 2024. Once the ordinance takes effect, banks will need to:
- report on the impact of climate change on their commercial activities;
- explain the impact of their commercial activities on climate change; and
- take into account sectoral guidelines to present scenario-based prospective climate compatibility analyses.
It is expected that banks will need to obtain professional and specific expertise on these issues, which may lead to an increase in their fixed costs.
The Swiss government and the Financial Market Supervisory Authority (FINMA) recognise that innovation is vital to the development of the banking sector, and that cryptocurrencies will inevitably play a growing role in the financial industry. However, very few banks currently undertake active trading in cryptocurrencies.
While the sale and purchase of cryptocurrencies are not regulated per se, certain transactions and operations – including initial coin offerings (ICOs) – fall under stringent rules, such as those on anti-money laundering, trading in securities or banking.
In 2018, in a bid to promote and support the fintech economy, FINMA issued guidelines on ICOs; and since 1 January 2019, the Banking Act has made provision for a fintech licence, which is a banking licence ‘light’ with more relaxed requirements. A fintech licence allows institutions to accept public deposits of up to CHF 100 million or crypto-assets, provided that these are not invested and no interest is paid thereon. As of November 2022, three fintech authorisations had been granted by FINMA.
Finally, in September 20202, Parliament passed the Distributed Ledger Technology Blanket Act, which selectively adapts 10 existing federal laws and ordinances. The goal of the new legislation is to improve the conditions for blockchain and distributed ledger companies in Switzerland, establishing a competitive environment for innovative financial market technologies.
In recent years, the Financial Market Supervisory Authority (FINMA) has sent strong signals that it expects banks to be more proactive in the detection and reporting of anti-money laundering. As a result, it is imperative that banks ensure that such cases are detected at an early stage. Further, while in the past very few sanctions were imposed on individuals, FINMA is now investigating and sanctioning senior managers for regulatory breaches.
FINMA has also highlighted that cybersecurity remains a major issue for Swiss banks. Between 2020 and September 2022, 145 cyberattacks were reported to FINMA, which underlines the challenges posed by such risk (source: FINMA Risks Monitoring 2022).
At the same time, high inflation rates and the predicted slowing of the economy have put additional pressure on banks to reduce costs, which inevitably creates tensions between business and control units.