Market conditions for fintech offerings in Switzerland are generally considered favourable, particularly with relation to:

• broad access to credit and venture capital;
• the available human know-how (number of graduates in science and technology); and
• the access to and use of information and communication technology.

Fintech market growth (value chain) and expansion (range of products and services) in Switzerland has accelerated from what was already a high level. According to the Swiss Venture Capital Report 2022, the total amount of money invested in the fintech industry increased by CHF497.6 million to CHF857.9 million compared to the previous year. This was achieved through 45 funding rounds. For the fintech industry, decisive considerations remain financing and fundraising. Since 2015, the legislature's focus has been on adapting the applicable legal and regulatory framework to the needs of the fintech sector (see 2.4 Variations between the Regulation of Fintech and Legacy Players), which has contributed to the increasingly dynamic Swiss fintech sector. Further legislation particularly in the blockchain area entered into force in August 2021 (see 12.2 Local Regulators’ Approach to Blockchain). 

The Swiss fintech landscape has evolved significantly over the past few years and Switzerland remains an attractive base for innovators in the financial sector. There are currently more than 400 active players – both emerging and incumbent – in Switzerland's fintech ecosystem, whilst the total number of fintech-related businesses is much higher. Most of their business models focus on the financial market sector, notably:

• payment services;
• investment management;
• banking infrastructure;
• deposits and lending;
• distributed ledger technology; and
• analytics.

A considerable number of these businesses offer their products and services to incumbent financial institutions and/or offer co-operation opportunities to digitalisation projects.

The fintech market in Switzerland is dominated by start-ups that are mainly financed through venture capital. A co-operation strategy between established providers of financial services and emerging players is frequent in Switzerland. While no general displacement trends can be identified at present, it is apparent that the value chain of established providers of financial services is under scrutiny and subject to (internal and/or external) challenges. These include those based on new technology-driven products and services developed by emerging companies that have the potential to disrupt the value chain of many established players.

Established financial service providers generally have the financial and organisational resources required to adapt their business processes gradually, both to avoid this displacement and get high market visibility. Conversely, only a relatively small number of emerging companies can rely on a trusted brand or a financial market licence (eg, a bank). In August 2019, the Swiss Financial Market Supervisory Authority (FINMA) granted for the first-time banking licences to two fintech players (Seba and Sygnum), operating in the field of DLT-based assets.

Swiss law is generally technology-neutral and principle-based. Accordingly, fintech companies based in Switzerland generally have considerable regulatory latitude compared with other jurisdictions. FINMA has initiated regulatory changes allowing fintech companies to further develop, thereby contributing to an even more fintech-friendly legal environment. The risk-based and technology-neutral amendments are designed to lower market entry barriers. Recent legislative projects, including the implementation of a new regulatory licence type, commonly referred to as a "fintech licence" or "banking licence light", have created an adequate, technology-neutral regulatory framework for any business that needs to accept deposits of up to CHF100 million from the public without engaging in typical commercial banking activities (see 2.5 Regulatory Sandbox).

Alongside these specific fintech-dedicated measures, the general applicable legal and regulatory framework applies to fintech companies and is summarised below (see 2.9 Significant Enforcement Actions).

Banking Legislation

The solicitation and acceptance of deposits from the public on a professional basis is, as a matter of principle, an activity restricted to Swiss banks and triggers the obligation to obtain a full-fledged banking licence from FINMA. Under the Banking Act, the term "deposit" broadly encompasses any undertaking for own account to repay a certain amount. Deposits are deemed to be "public" as soon as:

• funds are solicited from the "public" (as opposed to being solicited from banks or professional financial intermediaries, institutional investors, shareholders, employees or other related persons); or
• as soon as funds from more than 20 depositors are accepted.

As a result of this approach, most business models relied upon by, for instance, payment systems, payment services providers, crowdfunding or crowdlending platforms are considered to involve the solicitation and acceptance of deposits and may fall within the scope of the Banking Act and, therefore, trigger licensing requirements.

That being said, in the event that deposits of not more than CHF1 million (see 2.5 Regulatory Sandbox) are held by a fintech company, no banking licence will be needed. Similarly, if the deposits are held for less than 60 days on a settlement account (without any limitation in terms of amounts), no banking licence will be needed. All other deposit-taking activities require either a fintech licence for deposit-taking activity not exceeding CHF100 million or a full-fledged banking licence. It is also worth noting that funds linked to means of payment, or to a payment system, are exempted from the qualification as deposits, provided that:

• the funds serve the purpose of purchasing goods or services;
• no interest is paid on them; and
• the funds remain below a threshold of CHF3,000 per customer and per issuer of a payment instrument or operator.

Although this exemption may provide some relief to card payment services and online or mobile payment services, it requires a model strictly tailored in a way that ensures any funds stored on user accounts are limited to the purchase of goods and services (as opposed to allowing peer to peer transfers, withdrawals, transfers to the user's bank account, etc) and never exceed CHF3,000 per customer.

Anti-money Laundering Legislation

Under Swiss law, any natural or legal person accepting or holding deposit assets belonging to others, or assisting in the investment or transfer of such assets, qualifies as an intermediary according to the Federal Anti-Money Laundering Act (AMLA). This includes persons who carry out credit transactions (in particular in relation to consumer loans or mortgages, factoring, commercial financing or financial leasing) and who provide services related to payment transactions. This applies to many upcoming business models, such as those involving mobile payment, blockchain and related applications, cryptocurrencies, automated investment advice, crowdfunding or peer-to-peer lending. Based on this broad scope, many — if not most — fintech companies qualify as financial intermediaries and are generally subject to anti-money laundering obligations, including compliance with know your customer (KYC) rules (see 2.13 Impact of AML Rules).

Swiss Financial Services Act, Swiss Financial Institutions Act

The new Swiss Financial Services Act (FinSA) and Swiss Financial Institutions Act (FinIA) entered into force on 1 January 2020. While the purpose of FinIA is to provide a new legal framework governing most financial institutions (ie, asset managers, trustees, managers of collective assets, fund managers and securities firms), the objective of FinSA is to regulate financial services in Switzerland, whether provided by a Swiss-based business or on a cross-border basis in Switzerland or to clients in Switzerland. The rules are largely based on EU directives – the Markets in Financial Instruments Directive (MiFID II), the Prospectus Directive and Packaged Retail Investment and Insurance-Based Products (PRIIPs) – with adjustments made to reflect specific Swiss circumstances.

In a nutshell, with regard to fintech, the new legal framework may involve additional regulatory requirements to the extent that fintech companies may have to provide financial services in Switzerland or to Swiss clients (application of FinSA) or provide asset management services or other regulated services (application of FinIA and new licensing requirements).

There are no specific rules on the amount of fees that fintech companies may charge their customers. However, Swiss law provides for a number of disclosure obligations in relation to fees with respect to financial services, including the following:

• retrocessions, kick-backs, rebates and similar payments or financial benefits need to be disclosed (including payments received from other group companies) prior to entering into a contract/transaction; the disclosure has to be specific and, where the exact fees cannot be calculated at the outset of the transaction, the fee disclosure has to include the relevant percentages and calculation methodologies;
• unless a client has specifically and expressly waived its rights, retrocessions, kick-backs and similar payments need to be handed over in full to the customer; and
• in cases where a key information document (KID) needs to be prepared and handed over to Swiss Private Clients (ie, with respect to collective investment schemes and structured products), a detailed fee disclosure will have to be included in KID.

For the sake of completeness, we note that FinSA also provides for certain rules against abusive conduct by financial service providers (such as third-party distributors of the products) that are relevant in the context of fees. For example, a financial service provider may not invoice a price that differs from the effective execution price when processing client orders.

Since 2015, the legislator's focus has been on adapting the applicable legal and regulatory framework to the needs of the fintech sector. The Swiss legislator has subsequently introduced three measures within Swiss banking legislation aiming at promoting innovation in the financial sector:

• the introduction of a maximum period of 60 days (as opposed to seven days, in accordance with FINMA’s prior practice) for the holding of monies on settlement accounts (eg, for crowdfunding projects), without any limitation in terms of amounts;
• the creation of an innovation area (a so-called sandbox), where companies are allowed to accept public deposits up to a total amount of CHF1 million without the need to apply for a banking or fintech licence, subject to certain conditions, such as disclosures and prohibitions against investing those deposits; and
• the introduction of a new fintech licence suitable for businesses whose activity involves some form of deposit-taking, but without any lending activities involving maturity transformation (see 2.5 Regulatory Sandbox).

In addition to the regulatory sandbox (see 2.4 Variations between the Regulation of Fintech and Legacy Players), under the fintech licence, financial services providers are allowed to accept public deposits provided that:

• the aggregate amount of deposits does not exceed CHF100 million;
• the deposits do not bear interest (or are not otherwise remunerated); and
• the deposits are not re-invested by the company (ie, they are not used for on-lending purposes).

This fintech licence involves less stringent regulatory requirements than a banking licence. Strict banking equity ratio requirements, as well as the liquidity requirements, do not apply. In addition, leaner minimal capital requirements apply. In this context, the minimum equity capital of companies benefitting from such a licence must amount to 3% of the public funds (deposits) and must, in any case, reach a minimum of CHF300,000. In December 2018, FINMA issued guidelines for the fintech licence highlighting the information and documentation an applicant must submit when applying for one. These include a list of all participants holding a direct or indirect interest of 5% in the applicant, information on the governing bodies as well as various explanations of the activities of the company with a business plan for three financial years.

To be clear, the fintech licence is not a banking licence and companies operating under such a licence do not qualify as a banking institution and may not use such a designation. In this context, the client deposits are not covered by the Swiss deposit protection regime and the clients must be comprehensively informed in advance of this fact, as well as of the risks resulting from the business model. In March 2020, FINMA granted the first fintech licence to a company offering accounts and related services to Swiss customers on a pure mobile app basis (Yapeal).

FINMA is generally responsible for the authorisation, supervision, enforcement and documentation of most activities that are subject to Swiss financial market laws. This includes the supervision of outsourcing arrangements (see 2.7 Outsourcing of Regulated Functions). The supervision is risk-based, which means examinations depend on the risk posed by the respective financial market participant. The applicable laws are enforced by FINMA making use of the administrative measures under supervisory law where necessary. FINMA’s powers include precautionary measures or measures to restore compliance with the law, withdrawing authorisation, liquidating unauthorised companies, issuing industry bans and ordering the disgorgement of profits generated illegally. It can also publish final decisions naming those involved. Since naming companies or individuals is restricted by law, FINMA generally only publishes information on ongoing or completed enforcement proceedings if there is a particular public interest, eg, to protect investors, creditors or policyholders.

Besides FINMA, criminal prosecution authorities and self-regulatory organisations are also involved in enforcing financial market laws. Where irregularities fall under criminal law, FINMA may file a complaint with the competent authorities (Federal Department of Finance, Office of the Attorney General and cantonal prosecutors). There are other authorities such as the Competition Commission the Federal Data Protection and Information Commissioner which may also enforce the relevant laws.

The outsourcing of significant business areas of regulated entities is subject to certain requirements. In essence, Swiss financial market law sets forth three different outsourcing regimes.

• The outsourcing of a significant business area by a bank (including holders of the fintech licence, see 2.5 Regulatory Sandbox) does not require FINMA approval provided the requirements of the FINMA Outsourcing Circular (see below) and applicable data protection legislation are complied with. Courtesy notifications to FINMA should be considered for material outsourcing transactions.
• Under FinIA, financial institutions (eg, asset managers, trustees, securities firms and fund managers) must reflect the functions to be outsourced as well as the possibility of sub-outsourcing in their organisational regulations; the organisational regulations are subject to FINMA approval.
• The outsourcing of core functions or other principal functions of insurance or reinsurance companies with domicile in Switzerland (or Swiss branches of foreign insurance companies) constitutes a business plan change which must be notified to FINMA; notification must be made within 14 days after the signing date of the outsourcing agreement and is deemed to be approved by FINMA unless an investigation is opened within four weeks after notification has been made.

Each entity subject to one of the above outsourcing regimes continues to bear responsibility for the outsourced business areas, so it must ensure the proper selection, instruction and control of the supplier. Further, it is a common requirement in all outsourcing regimes to conclude a written contract with the supplier which sets out, among other things, clearly allocated responsibilities as well as audit and inspection rights. If a significant function is outsourced, the service provider is subject to information and reporting duties to, and audits by, FINMA.

Regulated entities subject to FINMA Circular 2018/3 Outsourcing (Outsourcing Circular, which applies to banks, insurers, managers of collective assets, fund managers and securities firms) must comply with the detailed measures set out in the Outsourcing Circular, including:

• the obligation to keep an inventory of all outsourced services (which must include proper descriptions of the outsourced function, the name of the service provider and any subcontractors, the service recipient and the person or department responsible within the company);
• conclusion of a written contract with the supplier setting out, among others, security and business continuity requirements; and
• if outsourcing to a foreign supplier, the company must ensure that restructuring or resolving the company in Switzerland remains possible and that the information required for this purpose is accessible in Switzerland at all times.

Regulated entities subject to FinIA may only delegate tasks to third parties who have the necessary skills, knowledge, experience and authorisations to perform that task.

FINMA regulated entities, as well as the persons responsible for their management, must provide guarantees of irreproachable business conduct. Furthermore, regulated entities, as well as their statutory auditors, are required to notify FINMA of any events that are of material relevance to FINMA's supervision. Therefore, to a certain extent, fintech providers that are FINMA regulated also act as gatekeepers.

From a civil law perspective and as a general principle, a fintech provider would be liable for damages negligently or by wilful misconduct by such provider in breach of applicable law or contractual obligation. Under Swiss civil law, however, liability can be limited or even excluded to a large extent by contractual agreement. Civil liability would thus have to be assessed for each individual case.

FINMA has executed several enforcement proceedings in the fintech industry, in particular in the case of initial coin offerings (ICOs) that were suspected of acting as a bank without being authorised to do so (ie, accepting deposits from the public without a banking licence, see 2.2 Regulatory Regime). According to the most recent annual report of FINMA, approx. 60 investigations in the ICO arena have been opened and more than half thereof have been closed. According to FINMA, in ten cases criminal proceedings with the competent prosecutor have been initiated in relation to anti-money laundering regulations and in three cases FINMA has opened enforcement proceedings. In addition, FINMA notices more Swiss companies offering secondary market related financial services based on blockchain. Only in very few cases did FINMA make individual enforcement cases public:

• in September 2017 FINMA ruled that the "E-Coin" issued by QUID PRO QUO Association with the involvement of DIGITAL TRADING AG and Marcelco Group AG constituted a cryptocurrency in appearance only – in addition, FINMA ruled that the E-Coin constituted the acceptance of deposits from the public for which the issuer was not authorised (all three entities involved with the E-Coin were liquidated); and
• in March 2019 FINMA ruled that the EVN-Token issued by envion AG which offered a repayment claim after 30 years, constitutes the acceptance of deposits from the public for which the issuer was not authorised; envion AG had accepted deposits in an amount exceeding CHF90 million from at least 37,000 investors and was already in liquidation prior to FINMA's order due to violation of corporate law requirements.

FINMA also maintains a warning list on its website of individuals and entities who are presumed to carry out unauthorised activities under the financial market regulations.

The processing of personal data by private persons and federal bodies is regulated in particular by the Data Protection Act and the Data Protection Ordinance. These apply, with some exceptions, to the processing of data relating to natural persons as well as – contrary to most other jurisdictions – legal entities. Personal data must be protected against unauthorised processing by appropriate technical and organisational measures. Such protection has been specified with respect to the storing, processing and transferring of client data in the banking sector (Annex 3 to FINMA Circular 2008/21 Operational Risks).

It should be noted that Swiss parliament has recently adopted a revision of the Swiss Data Protection Act (DPA), which is expected to enter into force early 2023. While the technical requirements remain in essence unchanged, there are considerable organisational and administrative requirements, as well as significant sanctions, foreseen. With regard to cybersecurity, non-binding guidelines with respect to minimum security requirements for telecommunications services have been issued by the competent regulator; the Federal Office of Communications (OFCOM). However, there is no cross-sector cybersecurity legislation in Switzerland that would generally be applicable to fintech companies.

Most notably, the following additional authorities and organisations are foreseen in Swiss financial market regulation.

• Financial intermediaries operating on a commercial basis are subject to the AMLA (see 2.2 Regulatory Regime) and must, unless otherwise supervised by FINMA (eg, as a bank), become a member of a self-regulatory organisation (SRO) recognised by FINMA. While having limited enforcement powers, SROs are responsible for supervising compliance with the due diligence obligations of the financial intermediaries. FINMA, in turn, actively supervises the SROs.
• Banks, insurers, managers of collective assets, fund managers and securities firms are required by financial market regulation to mandate an independent audit firm supervised by the Federal Audit Oversight Authority (FAOA) as statutory auditor.
• Asset managers and trustees are, under the new FinIA, required to associate themselves with an independent, privately organised supervisory organisation (SO); while FINMA retains the competence to authorise asset managers and trustees as well as to conduct any respective enforcement proceedings. The ongoing supervision of asset managers and trustees is delegated to the SO which, in turn, must obtain authorisation from FINMA and is itself supervised by FINMA.

Furthermore, there are many private for-profit and not-for-profit organisations active in the fintech industry, eg, to define industry standards. Most notably, the Swiss Bankers Association has defined several standards applied by banks, eg, on opening corporate accounts for distributed ledger technology (DLT) companies.

Although no specific rules on the conjunction of unregulated and regulated products and services apply, financial services providers are required to take appropriate measures to avoid conflicts of interest. As a general principle, most regulated entities (eg, asset managers, managers of collective assets, insurers) are also required by law to pursue activities only related to their respective regulatory status. FINMA may, however, grant exemptions subject to applicable laws.

As mentioned, many fintech companies are likely to qualify as financial intermediaries and may, therefore, be subject to AMLA.

Fintech companies subject to AMLA are not only required to join a self-regulatory organisation (unless otherwise supervised by FINMA – eg, as a bank), but anti-money laundering obligations also include due diligence obligations (including KYC rules and record keeping obligations), reporting obligations in the event of a suspicion of money laundering or obligations to freeze assets under certain conditions. Compliance with Swiss anti-money laundering regulation is relatively easy to achieve and should not represent a significant entry barrier. However, dealing with the associated costs requires careful planning and, possibly, the adaptation of envisaged business models. This applies particularly to fintech companies providing alternative finance (eg, crowd investment) platforms, payment services or the professional purchasing and selling of virtual currencies.

In Switzerland, financial advisors that provide financial advice or investment management online, so-called "robo-advisers", are growing in popularity. In particular, millennials between the ages of 24 and 35 are expected to constitute the customer base of online investment solutions, since they often adopt new technologies quickly and prefer self-service approaches. There are several companies that pursue a robo-adviser business model, and are hence based on mathematical rules or algorithms that allocate, manage and optimise clients' assents.

On automated investment advice, there are no specific applicable rules or regulations. As mentioned above, Swiss law is generally technology-neutral and principle-based. FINMA actively contributes to a fintech-friendly legal environment. FINMA regards innovation as key to Switzerland’s competitiveness as a financial centre, but adopts an essentially neutral approach to certain business models and technologies. FINMA has therefore been enhancing the regulatory framework to facilitate client onboarding via digital channels and has reviewed whether specific provisions in its ordinances and circulars disadvantaged some technologies and concluded that very few such obstacles existed. Therefore, FINMA has adopted its guidelines for asset management and has removed the requirement that asset management agreements have to be concluded in writing. Also, FINMA has eased the rules of the onboarding process for new businesses via digital channels.

See 3.1 Requirement for Different Business Models.

Under the new FinSA, financial services providers need to ensure that client orders are always executed in the best possible way regarding financial terms, timing of execution and other terms and conditions. Providers define, in a best execution policy to be reviewed annually, the criteria necessary for the execution of client orders. This includes the price, costs, timeliness and probability of execution and settlement. Upon the request of the client, the financial services provider evidences that the respective customer trades have been executed in compliance with this criteria. Regulatory best execution requirements do not apply in relation to institutional clients.

Crowdlending refers to loans for funding companies or individuals, which are consequently categorised as borrowed capital. Crowdlending is also known as peer-to-peer (P2P) or social lending because funding is provided by individuals or companies that are not financial institutions or financial intermediaries. Referring to the distinguishing criterion mentioned above to differentiate sub-types of crowdfunding, participants (funding providers) receive a payment in return for their funding made available to the project developer (borrower), typically in the form of interest, although participating loans or bond/note issuances are also possible. The amount of the interest or return payment varies depending on the risk of the project and borrower, but typically represents a lower interest charge for the borrower than in traditional bank lending. There are a number of crowdlending-based businesses in Switzerland which provide loans for both private persons and companies.

As a general principle, crowdlending offerings are subject to the general financial services regulation including the AML legislation, as applicable (see 2.2 Regulatory Regime). In addition, under the Swiss Consumer Credit Act (CCA), only authorised lenders are entitled to provide consumer credit. Registration must be obtained from the lender’s Swiss Canton of establishment or, if the activity is conducted on a cross-border basis by a foreign lender, with the Swiss Canton in which the lender intends to perform its services.

Certain amendments to the consumer credit legislation came into force on 1 April 2019. Consumer loans that are obtained through a crowdlending platform are now required to comply with the same consumer protection provided by the law as if they were extended by a professional lender. Certain implementing provisions in the Consumer Credit Ordinance have also been adopted, such as access to consumer credit information systems and professional indemnity insurance requirements for crowdlending platforms.

See 4.1 Differences in the Business or Regulation of Loans Provided to Different Entities.

See 4.1 Differences in the Business or Regulation of Loans Provided to Different Entities.

With regard to loans and loan syndication, it is predominantly banks that are active in the relevant market in Switzerland. There are a number of reasons for this, one being the Swiss tax law rules commonly referred to as the "Swiss non-bank rules". The basis for these rules is that under Swiss domestic tax law, payments by a Swiss borrower under a bilateral or syndicated financing are, as a rule, not subject to Swiss withholding tax. This, however, requires compliance with the Swiss non-bank rules. In a nutshell, these rules require that:

• a syndicate does not consist of more than ten lenders which are not licensed as banks, if there is a Swiss obligor (the ten non-bank rule);
• a Swiss obligor does not, on an aggregate level (ie, not on a transaction-specific level), have more than 20 lenders that are not licensed as banks (the 20 non-bank rule); and
• a Swiss obligor does not, on an aggregate level (ie, not on a transaction-specific level), have more than 100 creditors not licensed as banks, under financings that qualify as deposits within the meaning of the relevant rules (the 100 non-bank rule).

To ensure compliance with the Swiss non-bank rules, a number of provisions are included in facility agreements with Swiss borrowers, guarantors or security providers. This includes, depending upon the structure, assignment and transfer restrictions that limit the ability of the lenders to sell down the facilities to more than a specified number of non-bank lenders.

In Switzerland, the payment market has changed remarkably during the last few years. Since the first market entry of a mobile payment app, the Swiss market has seen several market entries and a rapid consolidation process. There are many electronic payment systems which are, at least, partially based on classic credit or debit card payment schemes; adding technology to facilitate payments at the point of sale in the context of e-commerce or, in some cases, between individuals (P2P).

In addition to credit and debit card-based payments, some payment apps can be linked to traditional bank accounts with partnering banks. While the user experience is similar, the payment is in this case executed as a bank transfer – ie, the payor allows the payment service provider to deduct the relevant amount from the payor’s bank account and to transfer a corresponding amount to the recipient’s bank account (often routed via a bank account of the payment service provider, subject to a fee). These systems are often bank-operated or bank-sponsored and may therefore be less constrained in regulatory matters.

New legislation came into force on 1 January 2020 that provides, inter alia, that a non-Swiss financial services provider acting on a cross-border basis is subject to Swiss rules of conduct as well as, under certain circumstances, registration requirements in Switzerland for its client advisors. Client advisors of foreign-based financial services providers are required to register in a Client Advisors Register in Switzerland prior to being able to offer financial services or products in Switzerland. In this context, the registration requirement does not apply at the level of the financial services provider, but at the level of the individuals qualifying as “client advisors” of that financial services provider.

Regarding AML obligations, the Swiss regime (see 2.2 Regulatory Regime and 2.13 Impact of AML Rules) only applies to financial intermediaries that have a physical presence in Switzerland and, as a rule, does not extend to foreign institutions active on a purely cross-border basis. As an example, payment service providers conducting their activity exclusively via electronic channels or the internet, for instance, are typically not subject to AMLA. That being said, irrespective of the application of AMLA, the general prohibition against money laundering under criminal law remains applicable.

The authorisation or licensing process for investment funds differs depending on whether Swiss or foreign investment funds are concerned. Regarding Swiss investment funds, it is further relevant how the investment fund is structured.

In essence, the Swiss regulatory regime distinguishes between open-ended and closed-ended collective investment schemes. The main differences between open-ended and closed-ended collective investment schemes are the different rules regarding the redemption of shares/units of collective investment schemes and different legal structures. Open-ended collective investment schemes must be established in the form of either a contractual fund or an investment company with variable capital (SICAV). On the other hand, closed-ended collective investment schemes may only be set up as either a limited partnership for collective investments (LP) or an investment company with fixed capital (SICAF). The CISA further distinguishes open-ended funds based on the type of investments. Accordingly, securities funds, real estate funds, other traditional investment funds and alternative investment funds each follow a different set of rules regarding investment policy and permitted investment techniques.

Both the limited partnership for collective investment schemes and the SICAF must have obtained the relevant licence from FINMA. In doing so, both the limited partnership agreement of the limited partnership for collective investment schemes and the articles of association and the investment regulations of the SICAF are subject to FINMA’s approval.

In addition, fund managers also require FINMA's authorisation under the new FinIA (see 2.2 Regulatory Regime).

See 6.1 Regulation of Fund Administrators.

Marketplaces and trading platforms are regulated by the Financial Markets Infrastructure Act (FMIA). Under the FMIA, organised trading facilities for the multilateral trading of securities and other financial instruments require authorisation from FINMA. Trading facilities can seek authorisation as either a stock exchange or a multilateral trading facility. Furthermore, authorised banks, marketplaces (ie, stock exchanges or multilateral trading facilities) and securities firms may also operate an organised trading facility without additional authorisation.

Payment systems are also regulated by the FMIA. They are, however, not subject to authorisation from FINMA, unless the authorisation of the payment system is necessary for the proper functioning of the financial market or the protection of financial market participants. Most recently, the Libra Association applied for a licence as payment system for its stablecoin-based payment system with FINMA.

With respect to the trading of digital assets, the recently adopted DLT/blockchain legislation will introduce DLT trading facilities as an additional regulatory status (see 12.2 Local Regulators’ Approach to Blockchain). As the main difference to current regulation, the new authorisation as a DLT-trading facility will allow individuals to participate in such a trading facility without an intermediary.

The FMIA essentially differentiates between two asset classes:

• derivatives or derivatives transactions – financial contracts whose value depends on one or several underlying assets and which are not cash transactions; and
• securities – standardised certificated and uncertificated securities, derivatives and intermediated securities, which are suitable for mass trading.

With respect to derivatives, the FMIA foresees additional obligations, eg:

• clearing through a central counterparty;
• the use of authorised trading facilities; and
• position limits in the case of commodity derivatives.

By definition, decentralised systems are particularly vulnerable to anonymity risks. Indeed, in contrast to traditional financial services, virtual currency users’ identities are generally unknown, although in most cases they are only pseudonymous and there is no regulated intermediary which may serve as gatekeeper for the mitigation of money laundering and financing of terrorism risks. The majority of virtual currencies, such as Bitcoin or Ether, have anonymity or pseudonymity by design, meaning that an individual user’s identity is not linked to a certain wallet or transaction. However, while a user’s identity is not visible on the relevant distributed ledger underpinning the virtual currency infrastructure, information on transactions – such as dates, value and the counterparties’ addresses – are publicly recorded and available to anyone. For the purposes of their investigation and prosecution work, enforcement authorities are therefore able to track transactions to a point where the identity may have been linked to an account or address (such as wallet providers or exchange platforms).

Swiss AML legislation does not provide for a definition of virtual currencies. However, since the revision of the FINMA AML Ordinance in 2015, exchange activities in relation to virtual currencies – eg, money transmission with a conversion of virtual currencies between two parties – are subject to AML rules.

The FMIA requires authorised stock exchanges and multilateral trading facilities to implement appropriate self-regulation, which is binding on the respective participants. SIX Swiss Exchange, as the dominant stock exchange, issues respective Listing Rules which have been amended as per 1 January 2020 to reflect the new financial market regulation (see 2.2 Regulatory Regime).

The FMIA requires authorised stock exchanges and multilateral trading facilities to implement rules on orderly and transparent trading and to monitor trading in order to detect violations of statutory and regulatory provisions. The detailed rules are thus issued by the relevant trading facility, eg, SIX Swiss Exchange. Further, best execution rules apply (see 3.3 Issues Relating to Best Execution of Customer Trades).

Under the FMIA, organised trading facilities for trading securities and other financial instruments require the respective FINMA authorisation (see 7.1 Permissible Trading Platforms), which includes strict limitations – eg, on authorised participants in such a trading facility. The new DLT trading facility will, to a certain extent, allow for P2P trading of digital assets (see 7.1 Permissible Trading Platforms).

See 3.3 Issues Relating to Best Execution of Customer Trades.

The rules on best execution (see 3.3 Issues Relating to Best Execution of Customer Trades) as well as the general principles on fees apply (see 2.3 Compensation Models).

The FMIA is designed to ensure the transparency and effectivity of the securities markets. Therefore, the FMIA sets forth two cases of unlawful market conduct.

Insider Trading

The use of insider information is unlawful if the person knows or should know that it is insider information and such person:

• exploits it to buy or sell securities admitted to trading on a trading venue in Switzerland or to use financial instruments derived from such securities; or
• discloses it to another person; or
• exploits it to recommend to another person the acquisition or sale of securities admitted to trading on a trading venue in Switzerland or to use financial instruments derived from such securities.

Market Manipulation

It is unlawful to:

• publicly disseminate information; or
• carry out transactions or to give buy or sell orders.

If the person knows or should know that such behaviour gives false or misleading signals regarding the supply, demand or price of securities admitted to trading on a trading venue in Switzerland.

In addition, most FINMA-supervised institutions must also comply with certain organisational requirements with regard to market integrity which FINMA has detailed in its Circular 2013/8 Market Behaviour. The requirements include, inter alia, to further investigate trades that – based on obvious indications – may constitute unlawful market behaviour, to organise the handling of insider information in a way that avoids unlawful market behaviour and enables its discovery, to ensure that persons deciding on securities and/or derivatives transactions do not have access to insider information and to monitor employee transactions.

Algorithmic trading is based on computer algorithms which automatically determine the triggering and the individual parameters of an order (such as time, price or quantity). High frequency trading is a subcase of algorithmic trading, has very low delays in order transmission and a usually short-term trading strategy. Its distinctive feature is a high number of order entries, changes or deletions within microseconds.

With the Financial Market Infrastructure Act (FMIA) and the associated implementing ordinance of the Federal Council, the Financial Market Infrastructure Ordinance (FMIO), the necessary measures were taken in Switzerland to counter the negative effects of algorithmic trading and high-frequency trading. The regulation created complies with international standards and is based on EU law.

Specifically, stock exchanges, multilateral trading systems and organised trading systems must ensure orderly trading. In particular, they must ensure that their trading systems are in a position to temporarily suspend or restrict trading if there is a significant price movement in the short term as a result of an effect on this market or a neighbouring market (so-called circuit breakers). It must also be possible to identify orders generated by algorithmic trading.

In addition, traders who engage in algorithmic trading and high-frequency trading are subject to various obligations. In particular, they must ensure their systems cause no disruption to the trading venue and are subject to appropriate testing of algorithms and control mechanisms. Further, certain transparency requirements apply (see 8.2 Requirement to Register as Market Makers when Functioning in a Principal Capacity). It should be emphasised that higher fees may be charged for typical high-frequency trading techniques.

Pursuant to FMIO, authorised trading facilities are required to impose upon all participants an obligation to notify the trading facility of the use of algorithmic trading and to flag all orders made by algorithmic trading.

In addition, a market participant requires authorisation as a securities firm by FINMA pursuant to FinIA if:

• it trades in securities in its own name for the account of clients;
• it trades in securities for its own account on a short-term basis and publicly quotes prices for individual securities upon request or on an ongoing basis; or
• it trades in securities for its own account on a short-term basis, operates primarily on the financial market and is a member of a trading facility.

The transparency requirements in relation to algorithmic trading apply to all market participants alike (see 8.2 Requirement to Register as Market Makers when Functioning in a Principal Capacity). In addition, funds and fund managers are subject to the respective regulatory regime (see 6. Fund Administrators), while dealers may qualify as securities firms (see 8.2 Requirement to Register as Market Makers when Functioning in a Principal Capacity). The FinIA foresees that authorisation as either a securities firm or as a fund manager is, in principle, alternative in nature.

Under Swiss law, there is no specific regulation of programmers and programming. However, the FMIA requires marketplaces to identify and monitor algorithmic and high-frequency trading (see 8.1 Creation and Usage Regulations) which may indirectly affect programmers and programming.

Under Swiss law, which is generally technology-neutral and principle-based, there is no legislation specifically referring to financial research platforms. Accordingly, financial research platforms based in Switzerland have considerable regulatory latitude compared with other jurisdictions. Hence, regulatory implications, if any, for specific financial research platforms must be assessed under the ordinary principles governing the provision of services (including financial services) in Switzerland.

See 9.1 Registration.

See 9.1 Registration.

The insurtech market in Switzerland is growing rapidly, including due to organisations pursuing business models that are based on general challenges faced by incumbent insurance institutions (eg, new regulatory frameworks, the inflow of alternative capital, and the ongoing low interest rate environment). In general, incumbent insurance institutions have lower barriers when entering the insurtech market as they already have the corresponding licences and are able to focus on the development of the technology.

To date, there is no legislation specifically referring to insurtech business models. Hence, regulatory implications, if any, for specific insurtech business models must be assessed under the ordinary principles governing the provision of insurance services, in particular as regards maintaining the protection objectives of insurance supervision by FINMA.

Swiss insurance supervisory law contains specific provisions for different types of insurance in several aspects. Under the Insurance Supervisory Act (ISA), three categories of insurance are differentiated: life insurance, indemnity/non-life insurance and reinsurance. Most importantly, insurers providing life insurance are not allowed to provide any other insurance except for casualty and sickness insurance. Different rules also apply with regard to capital requirements. Further, a completely different regulatory regime applies to insurers providing mandatory sickness insurance pursuant to Swiss law. While FINMA is the competent supervisory authority under ISA, the Federal Office of Public Health supervises insurers providing mandatory sickness insurance.

Regtech is a subset of fintech focusing on technologies that may facilitate the delivery of regulatory requirements in a cost-effective and comprehensive way. Regtech refers to technology and software created to address regulatory requirements and help companies stay compliant by leveraging software and automation to close compliance gaps and to monitor and detect risks on a permanent basis.

To date, there is no legislation specifically referring to regtech. FINMA has generally been welcoming to technology applications that support supervised entities in complying with regulatory requirements. It is expected that, once and where there is a market need, FINMA may define technical standards and formats.

The use of regtech providers by regulated financial services firms is subject to the general requirements on outsourcing (see 2.7 Outsourcing of Regulated Functions). In addition to terms required by outsourcing regulation, a regtech provider would, depending on the specific services involved, be required to comply with a service-level agreement and provide for service credit payments and other remedies in order for the customer to assure and enforce performance and accuracy.

Distributed ledger technologies (DLT) such as various blockchain implementations have been the focus of many public and private initiatives. First, traditional fundraising techniques and processes have been challenged in the last couple of years by the emergence of a new form of capital raising by start-ups in the form of initial coin offerings (ICOs) or token-generating events based on DLT. With the advance of this technology, the focus is now shifting on tokenising more traditional assets such as shares and other securities.

In this respect, some Swiss companies have already issued shares on the blockchain and FINMA has granted the first two banking and securities firms licences to blockchain service-providers Seba and Sygnum. Driven by the fast-moving industry, traditional players such as banks are also increasingly offering services in relation to digital assets and blockchain related businesses. Several players such as the Swiss Bankers Association, Crypto Valley Association and the Capital Market and Technology Association promote the growing blockchain based business model for traditional and new players alike.

In Switzerland, first and foremost, the general rules apply with regard to risks, liability, intellectual property, AML and data privacy.

As to the application of the existing regulations on ICOs, FINMA published corresponding guidelines on 16 February 2018. Generally, FINMA focuses on the economic function and purpose of the tokens, as well as whether they are tradeable or transferable, in order to classify the tokens broadly into three archetypes which are payment tokens (including cryptocurrencies), utility tokens or asset tokens. The classification of the tokens has an impact on the applicable legal and regulatory framework (see 12.3 Classification of Blockchain Assets). Since then, FINMA has issued further guidelines on money laundering on blockchain and, most recently, on stablecoins.

The Swiss Federal Council published a report in December 2018 on the legal framework for blockchain and distributed ledger technology in the financial sector. The report noted that Swiss legal framework is, in principle, well-suited to deal with new technologies. Thereupon, the Federal Council initiated a consultation process on selective adjustments of federal law to adapt for developments in distributed ledger technology.

On 25 September 2020, the Swiss Parliament adopted new legislation in order to increase legal certainty by removing hurdles for DLT-based applications and limiting risks of misuse. In a nutshell, the legislative amendments include:

• a civil law change aimed at increasing the legal certainty in the transfer of DLT-based assets;
• the possibility of segregation of crypto-based assets in the event of bankruptcy; and
• a new authorisation category called DLT Trading Facilities, from which DLT Trading Facilities may provide services in the areas of trading, clearing, settlement and custody with DLT-based assets (see also 7.1 Permissible Trading Platforms).

Overall, these legislative amendments are expected to increase market access to fintech companies in the DLT/blockchain field by improving legal certainty and removing certain regulatory barriers. The provisions enabling the introduction of uncertificated register securities that are represented on a blockchain entered into force on 1 February 2021, and the remaining provisions entered into force on 1 August 2021.

According to FINMA's own guidelines, the following three tokens can be differentiated:

• payment tokens are synonymous with cryptocurrencies and offer no further functions or links to projects; they may, in some cases, only gain the necessary functionality and become accepted as a means of payment over a period of time – FINMA requires compliance with anti-money laundering regulations but does not treat such tokens as securities;
• utility tokens are tokens which are intended to provide access to a digital functionality or a service; they do not qualify as securities, unless they function, at least partially, as an investment in economic terms; and
• asset tokens represent assets such as participation in real physical underlyings, companies, earnings streams or an entitlement to dividends or interest payments; their economic function is, dependent on its terms, analogous to equities, bonds or derivatives – FINMA generally considers asset tokens as securities.

Other players have used other classifications adapted to the particular case at hand.

See 12.2 Local Regulators’ Approach to Blockchain.

See 12.2 Local Regulators’ Approach to Blockchain.

Since there is no specific regulation, the general regulation of funds applies (see 6. Fund Administrators).

Transactions in cryptocurrencies may be carried out on an anonymous basis and related money laundering risks are accentuated by the speed and mobility of the transactions made possible by the underlying technology. KYC principle is the cornerstone of AML and CFT due diligence requirements, generally imposed on financial institutions whose AML/CFT legislation is aligned with international standards (see 2. Fintech Business Models and Regulation in General). KYC requires that financial institutions duly identify and verify their contracting parties (ie, customers) and the beneficial owners (namely when their contracting parties are not natural persons) of such assets as well as their origin.

Together with transaction monitoring, KYC ensures the traceability of assets (ie, a paper trail) and allows the identification of money laundering and financing of terrorism indicia. With respect to DLT/blockchain applications, one of the challenges is that KYC and other AML/CFT requirements are designed for a centralised intermediated financial system in which regulatory requirements and sanctions can be imposed by each jurisdiction at the level of financial intermediaries operating on its territory (ie, acting as gatekeepers).

By contrast, virtual currency payment products and services rely on a set of decentralised cross-border virtual protocols and infrastructure elements, neither of which has a sufficient degree of control over, or access to, the underlying value (asset) and/or information, meaning that identifying a touch-point for implementing and enforcing compliance with AML/CFT requirements is challenging.

Under Swiss law, there is no specific definition of Decentralised Finance (DeFi). The aspects of DeFI specifically regulated under Swiss law is the area of DLT/blockchain already described above (see 12.2 Local Regulators’ Approach to Blockchain).       

As mentioned above, the Swiss approach to regulation of crypto-assets is technology neutral and follows a substance over form approach. In other words, if crypto-assets, such as NFTs, are comparable to a traditional financial or payment instrument in terms of function, the regulations applicable to such traditional financial or payment instruments would in most cases also apply to the relevant crypto-asset. Thus, whether a NFT and/or NFT platform triggers regulatory obligations and requirements for the parties involved depends on the underlying. It is therefore necessary to determine the rights represented by such NFTs (if any) in order to classify a NFT, eg, whether a NFT serves the purpose of a payment token, utility token or asset token, with the resulting regulatory consequences  (see 2.2 Regulatory Regime and 12.3 Classification of Blockchain Assets).

Banks in Switzerland have embraced the open banking concept. Innovative business models are being implemented, notably with regard to relevant banking infrastructure. Such infrastructure may include open banking interfaces (APIs), identity and security management, information and transaction platforms, finance management systems and financial compliance systems. To date, there is no legislation specifically referring to open banking. Hence, regulatory implications for specific open banking applications must be assessed under the ordinary principles governing the provision of financial services, in particular when maintaining the protection objectives of the supervision of financial institutions by FINMA.

Given the importance of digital transformation for banks and the size of the established financial sector in Switzerland, fintech organisations in the field of banking infrastructure can draw on a large pool of potential customers. The challenge of meeting customer expectations as well as its financial aspects (in terms of revenue increase and reduction of operational costs) has accelerated the implementation of open banking, including when based on Bank as a Platform (BaaP) solutions.

Open banking raises several concerns in the areas of, for example, data protection, IT security and Swiss banking secrecy. The success of open banking in Switzerland will thus be highly dependent on transparent information for clients, obtaining the relevant consents and waivers as well as adhering to the highest standards of IT security. Swiss banking secrecy and the lack of a common standard for open banking may be reasons for the slow adoption of open banking in Switzerland, despite an increasing number of open banking initiatives from several private actors.

The Swiss Bankers Association published in July 2020 its working paper "Open Banking – An overview for the Swiss financial centre", which gives an overview of the Swiss market based approach to open banking without mandatory requirements for data sharing. It encourages its members to take an active role in open banking.