Market overview 1 What kinds of outsourcing take place in your jurisdiction? Switzerland has a mature market for services, with outsourcing taking place in various industries and forms, including the outsourcing of IT, business processes, property management, facilities management and general business services. As home to two of the most important global financial centres, Zurich and Geneva, outsourcing in the financial industry is particularly important. 2 Describe the recent history of outsourcing in your jurisdiction. How well established is outsourcing? What is the size of the outsourcing market in your jurisdiction? There is no official data available on the outsourcing market in Switzerland, neither from the customer nor the provider side. However, according to statistics compiled by Active Sourcing, a Swiss outsourcing advisory firm, from all publicly reported outsourcing transactions in Switzerland, 2012 saw 24 outsourcing transactions over 10 million Swiss francs with a total contract volume of 1.8 billion Swiss francs. This level of activity is expected to have been maintained in 2013. Policy 3 Has the government of your jurisdiction adopted policies to encourage the development of the jurisdiction as an outsourcing centre, either for the domestic market or to provide outsourcing services to foreign customers? There are no particular policies in place to encourage the development of Switzerland as an outsourcing centre. 4 Are there in your jurisdiction any fiscal or customs incentives, development grants or other government incentives to promote outsourcing operations within your jurisdiction? There are no fiscal incentives exclusively applicable to outsourcing captives. However, a number of the tax incentives Switzerland offers are highly attractive for outsourcing captives (for more information see question 22). Legislation and regulation 5 Is outsourcing as a commercial or operational concept specifically recognised and provided for in your legal system? How? Outsourcing is not a concept expressly provided for by Swiss laws. However, in the financial industry, there are regulations of the supervisory authority (FINMA) specifically dealing with outsourcing (see question 8). Other legislation with particular relevance for outsourcing includes the following statutes:
Federal Act on Data Protection (Data Protection Act, SR 235.1; see questions 8, 14 and 15); • Federal Act on Merger, Demerger, Transformation and Transfer of Assets (Merger Act; SR 221.301; see questions 16, 17, 18 and 20); • Swiss Code of Obligations (Code of Obligations, SR 220; see questions 16, 17 and 18); • Federal Act on Employment Exchange and Personnel Leasing (Personnel Leasing Act, SR 823.11; see question 16); • Swiss Criminal Code (Criminal Code; SR 311.0; see question 8); and • Federal Act on Public Procurement (Public Procurement Act, SR 172.056.1; see question 8). 6 Is there any legislation or regulation that directly prohibits, restricts or otherwise governs outsourcing, whether in (onshore) or outside (offshore) your jurisdiction? No, except for certain sector-specific regulation (see question 8). 7 What are the consequences for breach of the laws directly restricting outsourcing? See question 8. 8 Describe any sector-specific legislation or regulation that applies to outsourcing operations. Sector-specific legislation applies in several sectors: Financial services Article 47 of the Swiss Federal Act on Banks and Savings Banks (Banking Act, SR 952.0) protects certain information, in particular the financial privacy of banking customers, and is applicable to banks and their employees and agents in Switzerland (including providers of outsourcing services). Such information must not be disclosed, except with the customer’s consent in each case, which may be given in (sufficiently detailed and properly agreed) general terms and conditions. In addition, the Swiss Financial Market Supervisory Authority (FINMA) issued the circular ‘Outsourcing Banks’ in 2008 (circular 08/7, last revised on 6 December 2012). This circular, based on an earlier circular of 1999 of FINMA’s predecessor, the Federal Banking Commission, applies to banks and securities dealers organised under the laws of Switzerland, as well as Swiss branches of foreign banks and securities dealers. This circular sets out certain principles for the outsourcing bank or securities dealer to comply with the requirements of an appropriate organisation, financial privacy and data protection, including these principles: • the outsourcing party must carefully select, instruct and supervise the provider; in a written agreement, the parties must agree on appropriate
security measures, in particular to protect customer information, and the provider must commit to safeguarding confidentiality, banking secrecy and the requirements of Swiss data protection law and to allow audits by the outsourcing party, its internal and external auditors and FINMA; • affected customers must be informed in advance (eg, in general terms and conditions, provided the planned outsourcing transactions are set out in sufficient detail); and • where customer data is transferred abroad, affected customers must be informed in a separate and detailed document and then be allowed to terminate the banking relationship without prejudice and the outsourcing party must submit a legal opinion or a confirmation from the relevant supervisory authority to FINMA confirming that the required audit rights can be enforced. In its recent amendment of the circular 08/21 ‘Operational risks at banks’, last revised on 29 August 2013, FINMA has further clarified the data protection obligations on banks and securities dealers with regard to electronic customer data, and how these apply to outsourcing service providers. In particular, • an independent assessment of privacy protection of potential service providers is required when selecting a provider; • the outsourcing party must regularly audit the outsourcing provider’s compliance with data protection and security requirements; and • the outsourcing party must appoint a person responsible for ensuring the outsourcing provider’s compliance with the data protection and security requirements. Insurance and reinsurance undertakings may need to notify FINMA within 14 days of the conclusion of the agreement if essential business processes are outsourced (article 4 et seq of the Swiss Federal Act on the Supervision of Insurance Undertakings). FINMA approval is required. The transaction is deemed approved by FINMA if FINMA does not commence an assessment of the outsourcing transaction within four weeks following the notification. Under article 321 of the Criminal Code, auditors are bound by a duty of professional secrecy. If an auditor intends to use an outsourcing provider located outside Switzerland, its clients must first provide express and informed consent to the disclosure of client-related data and waiver of the duty of professional secrecy (article 321, paragraph 2 of the Criminal Code), and the outsourcing party must ensure that only those employees of the outsourcing provider who have a need to know client-related data have access to that data. Health care Under articles 321 and 321bis of the Criminal Code, doctors and certain other members of the medical profession are bound by a duty of professional secrecy. Outsourcing is not prohibited, but if the outsourcing provider is located abroad, the patient must first provide express and informed consent to the disclosure of patientrelated data and waiver of the duty of professional secrecy (article 321, paragraph 2 of the Criminal Code) and again the outsourcing party must ensure that the outsourcing provider maintains a needto- know-principle for access to patient-related data. According to article 84 of the Swiss Federal Health Insurance Act and a circular issued on 1 July 2013 by the Federal Office of Public Health, outsourcing is permitted for health insurers, provided that outsourcing service providers are carefully selected and controlled and enter into written agreements specifying the provider’s tasks and measures to ensure secrecy and data protection. However, according to the Swiss Federal Supreme Court, licensed social health insurance providers cannot outsource core business activities to third parties. Under article 85a of the Swiss Federal Act on Occupational Retirement, Survivors’ and Disability Pension Plans, the entities in charge of implementing this act may outsource tasks, but the outsourcing provider must undertake to process personal data only for the purposes of the outsourcing entity. Legal services Attorneys are bound to professional secrecy by article 321 of the Criminal Code, by article 13 of the Swiss Federal Act on the Free Movement of Attorneys, by the Code of Obligations and by rules of professional conduct. They are not banned from outsourcing, but where client-related information is transferred the outsourcing provider must be committed to maintaining appropriate measures to protect this information. If the outsourcing provider is located abroad, the client must first provide express and informed consent to the disclosure of client-related data and waiver of the duty of professional secrecy (and again the outsourcing provider must limit access to his or her employees who have a need to know client-related information). Telecommunications Article 321ter of the Criminal Code and article 43 of the Telecommunications Act (SR 784.10) establish duties of secrecy for telecommunication providers similar to the duties of professional secrecy mentioned before. Outsourcing is permitted, but for outsourcing providers located abroad, the customers must first provide express and informed consent to the disclosure of customer-related data and waiver of the duty of secrecy. Public sector A mandatory tender process applies whenever the volume of the services procured by authorities exceeds certain thresholds: • for federal authorities, the current threshold for the procurement of services is 230,000 Swiss francs (article 6 of the Public Procurement Act); and • cantonal authorities must apply an invitation procedure for the procurement of services with a value of at least 150,000 Swiss francs or more, and 350,000 Swiss francs if the WTO Agreement on Government Procurement 1994 is applicable (article 7 of the Inter-cantonal Agreement on Public Procurement). The processing of personally identifiable data by public authorities is regulated by the Data Protection Act (see question 14). Other sectors There is no specific regulation applicable to outsourcing in the IT, business processes or utilities sectors. 9 How does competition regulation apply to outsourcing contracts or structures? The Federal Cartel Act of 6 October 1996 (Cartel Act, SR 251) applies to any restraints on competition affecting the Swiss markets. Under this law, outsourcing contracts between parties that are not competing on the same markets generally do not give rise to competition law concerns. In particular, the Cartel Act does not limit the duration of outsourcing contracts between non-competitors. In contrast, outsourcing contracts between competitors may be deemed anti-competitive under the Cartel Act. If competitors, while performing their duties under the outsourcing contract, exchange sensitive information that allows them to coordinate their strategic behaviour, this conduct may qualify as an unlawful horizontal agreement according to article 5 of the Cartel Act. In particular, if the outsourced services are an essential part of the services or products offered by the outsourcing party to its customers, thus standardising the services or products of both parties to some extent, or if the outsourced services are a crucial factor in the outsourcing party’s
development or provision of its services or products, the contract may be deemed an anti-competitive horizontal agreement. In addition, if the outsourcing party or the service provider holds a dominant position, the provisions of the outsourcing contract are subject to an assessment under article 7 of the Cartel Act (unlawful abuse of a dominant position). If, for example, a dominant party imposes an unfair remuneration obligation on the other party or unfairly restricts the other party’s freedom to switch to another contracting party, this conduct may, depending on the individual circumstances, qualify as abusive and unlawful. According to the prevailing opinion, in cases of ‘economic dependence’, the strong party to the outsourcing contract may also qualify as a dominant undertaking unless the dependent party is responsible for its dependence. According to the Cartel Act, both hard-core horizontal agreements and abuses of a dominant position are subject to direct sanctions (ie, fines). 10 Are there any draft laws or legislative initiatives specific to outsourcing that are being developed or are contemplated? At present, the Swiss Pparliament is debating a new supervisory act for health insurers. Article 5 of the proposed act would prevent health insurers from outsourcing the ultimate direction of the company and the board of directors’ monitoring role, and other central management functions. At present, the Swiss parliament is debating an act on electronic patient files, article 16 of which foresees the creation of a legal basis for the outsourcing of certain services. Contractual considerations 11 What are the typical corporate or quasi-corporate structures or vehicles used to create outsourcing arrangements? The structures used for outsourcing arrangements are many and varied. They include, broadly in order of increasing risk: • group-internal subsidiaries (captives), possibly assisted by third parties (assisted captives); • joint venture vehicles or contractual arrangements involving an external service provider and the customer in the provision of the outsourced services; • build-operat-transfer (BOT) vehicles, where the service provider sets up and runs a facility or service centre before handing it over to the customer; and • fully fledged outsourcing to an external provider, which may involve a transfer of assets and employees from the customer to the service provider or a demerger or share sale of the relevant business entity or subsidiary. Multi-sourcing arrangements, where two or more service providers are involved in delivering a package of services to the customer, are also seen. 12 What forms of outsourcing contract are usually adopted in your jurisdiction? The contractual arrangements for an outsourcing can take various forms. Framework or master services agreements with individual call-off contracts or statements of work are common. These may be entered into on the customer side by one group company acting on its own behalf and as an agent for other group companies, or each local subsidiary may enter into its own local contract under the framework agreement. Where the services to be provided are simple in nature, a straightforward outsourcing or services contract may be used. For certain standard IT offerings, cloud solutions including private and quasi-private clouds (and the associated contracts) are replacing traditional outsourcing agreements. 13 Outline the contractual approaches that are adopted in your jurisdiction to address regulations affecting outsourcing. Banks and securities dealers outsourcing services that relate to the recording, limitation or monitoring of risks must comply with the requirements of the FINMA ‘Outsourcing Banks’ circular. These requirements provide inter alia that the outsourcing contract must set out the security requirements to be met by the service provider, the supplier must be obliged to comply with business, banking and professional secrecy rules, the customer must have audit and supervision rights and the customer’s financial regulator must be able to control the service provider. Many requirements of the FINMA circular are also recognised as best practice by other entities in the financial sector. Apart from that, insurers require FINMA approval for outsourcing where it is to be considered as a change in essential business processes. Where relevant, this approval requirement would typically be included as a condition precedent in the outsourcing contract. Data protection requirements must be passed on to service providers, namely an obligation to process only in accordance with instructions and to implement technical and organisational measures to protect personal data. The Telecommunications Act requires that telecom service providers observe secrecy and this obligation is typically passed on to service providers by contract where relevant. Auditors and attorneys who are bound by professional secrecy requirements also require their service providers dealing with client-related data to agree to strict confidentiality obligations. Data protection 14 Identify the principal data protection legislation applicable to outsourcing operations. Data protection for private entities is regulated on a federal level. For outsourcing operations, the most relevant pieces of data protection legislation are the Data Protection Act and the Ordinance to the Federal Act on Data Protection (Data Protection Ordinance, SR 235.11). In the public sector, data protection is regulated on a federal level, most importantly by the Data Protection Act and the Data Protection Ordinance, for federal authorities, and on a cantonal level for cantonal authorities (in the canton of Zurich, in the Information and Data Protection Act of the Canton of Zurich of 12 February 2007). Communal outsourcing is subject to communal legislation, such as the Data Protection Ordinance of 25 May 2011 of the city of Zurich. ‘Personal data’ is any information relating to identified or identifiable persons. Different to the relevant laws of most European countries, Swiss data protection law protects data relating to legal entities as well. In an international context, the relevant provisions of the Data Protection Act apply if any of the following conditions are met: • such processing affects individuals or legal entities with their ordinary residence in Switzerland; • the data processor is located in Switzerland; or • it was foreseeable to the data processor that a breach of privacy would have effects in Switzerland and such effects do in fact occur. Where both Swiss and foreign laws may apply based on the above criteria, the data subject has the right to opt for the application of Swiss or foreign law. 15 How do rules on the ownership, location, processing and distribution of data apply to outsourcing in your jurisdiction? Under the Data Protection Act (for its applicability see question 14), the outsourcing entity is required to enter into an appropriate processor or controller agreement with the outsourcing provider to ensure that the relevant data are only used in ways and for purposes that
would be lawful for the outsourcing entity, and that the outsourcing provider ensures adequate data security (article 10a of the Data Protection Act). Moreover, both the outsourcing entity (controller) and the provider (processor) must observe the general principles established by the Data Protection Act, legality, acting in good faith, transparency, purpose limitation, proportionality, correctness and data security (articles 4 to 7 of the Data Protection Act and article 8 et seq of the Data Protection Ordinance). The data processor is not exempt from liability under Swiss data protection law. The federal data protection and information commissioner (FDPIC) must be notified of data files if sensitive personal data or personality profiles are regularly processed in the data file or if personal data is regularly disclosed to third parties, unless statutory exemptions apply (article 11a of the Data Protection Act). If personally identifiable information is to be transferred outside Switzerland, including to providers within the same group of entities (eg, in a private cloud structure), such information may be transferred freely to countries that provide adequate protection for personal data (article 6, paragraph 1 of the Data Protection Act). If, however, data is transferred to countries where personally identifiable data is inadequately protected (for example the United States, and, for data relating to legal entities, also the EU countries that do not protect such data), such a transfer is permitted only with additional safeguards (article 6, paragraph 2 of the Data Protection Act), most importantly: • the provider is safe harbour certified, and the relevant personal data and its intended use are covered by the certification; • the provider and the recipient have entered into a cross-border data flow agreement that commits the recipient to adequately protect the relevant personal data; or • the recipient is a group company bound by binding corporate rules. The FDPIC must be notified of cross-border data flow agreements or binding corporate rules (article 6, paragraph 3 of the Data Protection Act and article 6 of the Data Protection Ordinance). If these do not comply with one of the recognised standard documents (including the EU standard clauses), the FDPIC will examine the content of the agreement and may refuse it as insufficient. There are no additional specific requirements for the transfer abroad of sensitive data or personality profiles. However, where professional secrets apply, the outsourcing party needs to obtain the relevant party’s consent before transferring privileged information abroad (see question 8). In the event of a breach of data protection law, there is a risk of civil liability towards the concerned data subjects (article 15 of the Data Protection Act) and, depending on the circumstances, a risk of negative publicity. On the other hand, there is normally no financial risk. There are no criminal sanctions except in the event of a breach of the duties towards the FDPIC, for example, the notification duty mentioned above. Labour and employment 16 What is the relevant labour and employment legislation for outsourcing transactions? The Code of Obligations is the most relevant legislation for labour and employment. In addition, the Merger Act contains relevant provisions (see question 17). The Personnel Leasing Act is applicable if employees of the outsourcing provider are placed in the undertaking of the outsourcing party, provided that the authority to give directives to the employee is passed on to the outsourcing party. Swiss outsourcing providers engaging in personnel leasing on a regular basis must obtain an official licence from the competent Cantonal authority and, if they work with outsourcing entities abroad, from the State Secretariat for Economic Affairs, SECO. In-bound personnel leasing by foreign providers to Swiss outsourcing parties is prohibited (article 12 of the Personnel Leasing Act). 17 In the context of an outsourcing, how does labour and employment law apply to a change in initial or subsequent service providers, or transfers of undertakings or parts of undertakings? Where an undertaking or a part of an undertaking is transferred to a third party (as an asset deal by operation of law under the Merger Act) and if the acquirer continues the undertaking with the same or a similar purpose, the relevant employment relationships pass to the acquirer with all rights and duties on the transfer date, unless the employee opts out of such transition (article 333 of the Code of Obligations). In the case of an opting out, the relevant employment terminates after the statutory termination period, but not before the transfer date (article 333, paragraph 2 of the Code of Obligations). Article 333 of the Code of Obligations is mandatory law, and the seller and the acquirer cannot validly agree to transfer only certain employees in such a scenario. Article 333 of the Code of Obligations is effectively an implementation of directive 77/187/ EC, and Swiss courts consider the relevant case law of the European Court of Justice. Collective labour agreements (where applicable) continue for the acquirer for one year. In the context of outsourcing, article 333 of the Code of Obligations is relevant where the outsourcing entity transfers an undertaking (or, more often, an organisational unit from an undertaking) to a third party that then functions as an independent service provider for the outsourcing entity alone or for others as well. Article 333 of the Code of Obligations may also apply to insourcing transactions and between two providers in the case of a transfer of an undertaking from one outsourcing provider to another. However, because the applicability of article 333 of the Code of Obligations depends on multiple criteria, it can be difficult to determine if article 333 of the Code of Obligations applies in a specific scenario. Where it is not applicable, transferring an employment agreement requires the relevant employee’s consent. Where the acquirer of the undertaking intends to modify the employment agreements (eg, because the terms of the transferred employment relationships contradict the policies or compensation schemes of the acquirer), the acquirer may either negotiate amendments or dismiss the transferred employees with the option to remain employed with altered conditions (unless applicable collective agreements provide otherwise). In the second alternative the acquirer must respect the applicable notice periods. The seller and the acquirer are jointly and severally liable for claims of employees that became due before the transfer or thereafter but before the date when the employment relationship could normally be terminated or is terminated following refusal of the transfer (article 333, paragraph 3 of the Code of Obligations). 18 Are there any requirements to consult or negotiate with organised labour, works councils or employees regarding an outsourcing? Where the seller transfers the undertaking in full or part, he or she (and, if the outsourcing transaction is carried out as a transfer of assets under the Merger Act, also the acquirer) must inform the workers’ committee, or if there is none, the employees, of the reason for the transfer and of its legal, economic and social impact for the employees, in due time before the transfer takes place (article 333a, paragraph 1 of the Code of Obligations). If the seller or the acquirer plan measures as a result of such a transfer that will affect the employees (for example a cut in salary or dismissals), the relevant entity must consult with the workers’ committee or with the employees sufficiently early (article 333a, paragraph 2 of the Code of Obligations).
If the acquirer of an undertaking or a part of an undertaking dismisses employees taken over by operation of article 333 of the Code of Obligations (see question 17) and if the number of dismissed employees exceeds applicable thresholds (10, if the acquirer usually employs more than 20 and fewer than 100 persons, or 10 per cent of all employees if he or she usually employs more than 100 and fewer than 300 persons or 30 if the acquirer usually employs at least 300 persons (mass dismissal)), the acquirer is required to consult with all employees or with the workers’ committee if there is one. 19 Are there any notification or approval requirements that apply to an outsourcing transaction? There are no general notification or approval requirements for outsourcing transactions, but see questions 18 and 20. 20 What are the legal implications, including penalties, for noncompliance with the labour and employment rules and procedures? If an undertaking or part of an undertaking is transferred in the form of a transfer of assets under the Merger Act, and if the workers’ committee or the employees (as applicable, see question 18) are not informed, the workers’ committee may request the competent court to prevent the registration of the transfer of assets in the commercial register, thereby blocking the closing of the outsourcing transaction (article 77, paragraph 2 and article 73, paragraph 2 of the Merger Act). A breach of the duties of information and consultation with the workers’ committee or the employees (see question 18) may lead to civil liability for damages arising out of such breach, if any. In addition, if a court had expressly ordered compliance with these duties, such a breach may be punished with a fine of up to 10,000 Swiss francs (articles 292 and 106, paragraph 1 of the Criminal Code, SR 311.0). 21 What are the key immigration and visa requirements for employees of customers or providers entering your jurisdiction to manage outsourced operations or to receive or provide training? Nationals of the EU-25 and of the EFTA states are entitled to obtain permission to take up employment in Switzerland, based on Switzerland’s bilateral treaties with the EU or EFTA member states. However, the Swiss Federal Council has imposed (relatively generous) numerical limitations for residence permits on nationals from EU-8 and EU-17 states, with these limitations expiring on 30 April 2014 for EU-8 nationals and on 31 May 2014 for EU-17 nationals. Moreover, there are numerical limitations on visas for non-EU and non-EFTA nationals, as well as for nationals of Romania and Bulgaria, based on the Federal Act on Foreigners (SR 142.20). For these nationals, it must be demonstrated that no suitable employee could be recruited from among Swiss, EU or EFTA nationals and visas are granted, as a rule, only to highly qualified specialists or top executives. Taxation 22 Outline the taxation rules that apply to the establishment and operation of outsourcing captives or similar establishments in your jurisdiction. Switzerland, again named as the world’s most competitive country in the annual report of the World Economic Forum 2012/13, offers a highly attractive tax system not only, but in particular, for the establishment and operation of outsourcing captives, with effective corporate income and capital tax rates as low as 12 to 25 per cent and 0.01 to 0.5 per cent respectively (depending on the domicile of the company). With thorough tax planning, these rates may be reduced even further. One of the tax schemes that Switzerland offers and which may be of particular interest for outsourcing captives is the relief for ‘auxiliary companies’, namely, companies that only have administrative or ancillary activities in Switzerland and that are primarily engaged in commercial activities abroad. Such companies are completely exempt from cantonal tax on income from dividends and capital gains from financial participations and income generated abroad is taxed at substantially reduced rates. Further, newly established companies, which are in the interest of the economy, may benefit from a partial or full tax exemption at federal level, cumulated with cantonal and communal exemption, for a maximum of 10 years, thereby relieving such companies partially or fully from corporate income and capital taxes. The incentives depend upon the type and amount of investments, turnover, number of employees, regional economic planning aspects, etc. Further advantages are the availability of binding advance tax rulings unlimited in time, no controlled foreign corporation rules, an extensive double taxation treaty network, the exemption of shareholder contributions from withholding tax upon repatriation, etc. Due to the lack of unilateral, specific transfer pricing rules, Switzerland follows the OECD Transfer Pricing Guidelines for Multinational Enterprises and Tax Administration. 23 Outline the indirect taxes in your jurisdiction that apply to the import of offshore outsourcing services by companies within your jurisdiction. Although Switzerland is not a member state of the European Union, its value added tax (VAT) system is similar to the one adopted by the European Union. As such, it is designed as a general tax on consumption applied to the value added at every stage of the production and distribution of goods and the provision of services with the purpose to be borne ultimately by the final consumer. The Swiss VAT system provides for two kinds of exemptions, one without credit for input tax (such as health-care treatment, education, cultural services, insurance and certain banking operations, etc) and another with credit for input tax (zero-rated, such as exports, the rendering of transport services and ancillary logistic activities, such as loading, unloading, trans-shipment, clearing or temporary warehousing, abroad, etc). In respect of goods and services supplied by an offshore provider to a person in Switzerland, it is important to note that the Swiss VAT system follows the destination principle whereby the supply of goods and services is taxed in the country of consumption. Accordingly, not only the import of goods but also the import or purchase of services from providers located abroad is generally subject to Swiss VAT. In respect of the latter, if the recipient does not already qualify as a taxable person (in principle any person carrying on a business and generating a turnover of 100,000 Swiss francs or more), the import and purchase of services from abroad is not subject to VAT if the value of the services received does not exceed 10,000 Swiss francs per year. Swiss VAT is only levied at federal level at a standard rate of 8 per cent (or at a reduced rate of 2.5 per cent for goods such as tap water, food, medicine, books and newspapers, etc, or, until the end of 2017, at a special rate of 3.8 per cent for lodging services). Current issues 24 Identify and give details of any notable cases or administrative or regulatory determinations within the past three years in your jurisdiction that have directly involved outsourcing. There have been no notable cases or determinations directly involving outsourcing in the past three years. However, there have been a number of court decisions of relevance to outsourcing contracts. For example, the Federal Supreme Court confirmed in a decision in 2011 (BGer 4A_141/2011) that article 404 of the Code of Obligations, which provides for a right of termination of a mandate relationship by either party at any time, is mandatory law also for atypical contract relationships with a mandate element. Depending on the way an outsourcing relationship is structured, article 404 and the right of termination it contains may apply to the outsourcing contract.
There have also been a number of recent decisions on the criteria for distinguishing between contractual warranties and independent guarantees (BGer 4A_220/2013, with references therein), which have a bearing on how the corresponding contractual provisions should be worded. 25 What are the main challenges facing outsourcing within, from or to your jurisdiction? The loss of control that comes with an outsourcing and the associated increased risks remain one of the major challenges for outsourcing companies. In addition, there are increasing legal and regulatory hurdles in outsourcing. Data protection laws and the requirements set for outsourcing by the regulatory bodies in certain industries, particularly the financial and insurance industries, pose substantial challenges. It is also difficult for foreign employees of outsourcing providers from outside the EU (as is often the case) to obtain work permits to enter Switzerland in order to provide services on site. Also, the traditional outsourcing model is under pressure from cloud computing and other new business forms and technological developments. Customers are looking to work with multiple service providers, contract terms are getting shorter and flexibility is playing a central role. This puts increased pressure on the customers themselves to ensure integration and to coordinate their suppliers.
Update and trends
The most important outsourcing market in Switzerland is probably the financial sector, given its importance to the Swiss economy as a whole. The clear trend of FINMA, the financial regulator, is to require ever tighter standards for outsourcing by banks and securities dealers, which are already subject to rigorous controls. So, for example, in a recent clarification of the data protection rules for client data, introduced by way of an amendment to FINMA’s ‘Operational Risks – Banks’ Circular, FINMA set out its substantial requirements for banks to assess, monitor and report on outsourcing service providers dealing with client data. As FINMA continues to focus on the issue of banks ‘too big to fail’, it is seeking primarily to protect access to client data in the event of a bank collapse. For this purpose, it is increasingly looking to have data stored in Switzerland, not with a group company or branch, let alone a third-party service provider, located outside Switzerland. This trend to restrict outsourcing abroad or to impose increased obligations in relation to such outsourcings looks set to continue. As outsourcing to far-away destinations such as China increases in cost, nearshoring to low-cost countries in Europe is becoming more popular. The common time zone, sometimes common language and shorter communication lines are cited as advantages of this approach. However, at least for FINMA, this trend does not solve the issues of outsourcing abroad. Finally, recent discussion on the effectiveness of the US selfregulatory safe harbour regime accepted by Switzerland and the EU as a guarantee of adequate data protection standards may have a major effect on outsourcing to the US. At present, safe harbour-certified companies in the US are considered to offer an adequate level of data protection from a Swiss perspective. However, the EU Commission is reviewing its adequacy decision on safe harbour at present. If the EU decides to abolish the safe harbour scheme or to impose a more onerous compliance burden, Switzerland will almost certainly follow that decision and companies outsourcing to the US will need to consider not only entering into new contractual arrangements to guarantee an adequate data protection level but also if and how to monitor compliance with those contractual guarantees.