Use the Lexology Getting The Deal Through tool to compare the answers in this article with those from other jurisdictions.
What national authorities regulate the provision of financial products and services?
The Swiss Financial Market Supervisory Authority (FINMA) is the primary regulator in Switzerland for all types of financial services. With respect to financial markets infrastructures (eg, securities settlement systems, central counterparties and exchanges), the Swiss National Bank (SNB) also has certain supervisory powers, albeit limited with respect to systemically important institutions. In addition, Swiss financial services rules and regulations rely to a large extent on the rule setting by the various self-regulatory organisations (SROs) and industry organisations (eg, the Swiss Bankers Association (SBA) and Swiss Funds and Asset Management Association (SFAMA)), the rules of which FINMA may recognise as binding minimum standards.
What activities does each national financial services authority regulate?
As mentioned above, FINMA is the primary regulator in Switzerland. As such, it regulates all types of financial services, including banking, securities trading, fund services and financial market infrastructures. By contrast, the SNB’s role is much more limited and its regulatory powers primarily cover systemically important financial market infrastructures and macro-level oversight of the financial system as such.
SROs are solely responsible for supervising non-FINMA supervised financial intermediaries (eg, financial advisers and portfolio managers) for the purposes of compliance with anti-money laundering laws. In addition, SROs, through their industry organisations, can also set minimum standards with respect to portfolio management.
The SBA is active in the area of banking, securities trading (eg, brokerage) and anti-money laundering laws. It has issued a comprehensive set of self-regulatory rules, most of which have been recognised by FINMA as binding minimum standards. SFAMA is the industry and self-regulatory organisation for the fund industry.
What products does each national financial services authority regulate?
Swiss legislation does not regulate the offering of financial products, with the exception of collective investment schemes. The Supervision of Institutions and Products group at FINMA is responsible for supervising products that fall within the scope of the Collective Investment Schemes Act (CISA). FINMA monitors whether Swiss collective investment schemes comply with the specifications set out in their fund contract and prospectus. FINMA’s assessment is based on an annual audit of the company’s financial statements and prospectus by an audit company.
The issuance and distribution of structured products to non-qualified investors shall comply with specific requirements laid down in article 5 of the CISA in order to fall outside its scope.
What is the registration or authorisation regime applicable to financial services firms and authorised individuals associated with those firms? When is registration or authorisation necessary, and how is it effected?
FINMA grants four types of authorisation: licensing, approval, recognition and registration. The degree of supervisory monitoring varies depending on the type of authorisation concerned. Companies or individuals wishing to engage in financial-market activity shall file an application to FINMA. They have to obtain the authorisation from FINMA, which attests that they meet the relevant regulatory requirements, prior to starting the supervised financial activity. Only those satisfying the financial, personnel-related and organisational requirements qualify for authorisation. With regard to legal entities, FINMA grants the licence to the legal entity pursuing supervised activities and not to the managers or the shareholders of the entity. If, at a later stage, any of the licence requirements are no longer satisfied, FINMA may take administrative measures as mentioned in question 12, including, in extreme cases, the withdrawal of the licence.
If the new Financial Institutions Act (FinIA) enters into force (see ‘Update and trends’), all financial institutions will require a licence from FINMA. The term ‘financial institution’ will encompass portfolio managers, trustees, managers of collective assets, fund management companies and securities firms. The various criteria to be complied with in order to obtain a licence will be set out in each relevant section of the FinIA.
What statute or other legal basis is the source of each regulatory authority’s jurisdiction?
FINMA takes actions based on the legal provisions set out in financial market law and their implementing ordinances. The regulations defined in the Financial Market Supervision Act (FINMASA) lay the legal foundations upon which FINMA was established. The following acts also govern financial market regulation:
- Mortgage Bond Act;
- Contracts of Insurance Act;
- Collective Investment Schemes Act;
- Banking Act;
- Stock Exchanges and Securities Trading Act;
- Anti-Money Laundering Act;
- Insurance Supervision Act; and
- Financial Market Infrastructure Act.
Statutory provisions are also detailed in ordinances issued by the Federal Council and FINMA ordinances for each financial market regulation. Lastly, FINMA issues a series of circulars setting out its interpretation of the regulatory framework.
With regard the supervision activities of the SNB, the National Bank Act and its implementing ordinance, the National Bank Ordinance, circumscribe its jurisdiction.
What principal laws and financial service authority rules apply to the activities of financial services firms and their associated persons?
Switzerland does not have a unified set of rules applying to financial services firms (see Update and trends with regard to the FinIA). Rather, Swiss law provides for institution-specific sets of rules, such as the Banks and Savings Banks Act, the Stock Exchange and Securities Trading Act and the Collective Investment Schemes Act, which each have a set of implementing ordinances and regulatory guidance. In recent years, Swiss legislation tried to move away from being institution- or product-specific towards providing regulations that apply to all industry players, regardless of the type of licence they hold. The recently enacted Financial Market Infrastructure Act, governing, among other things, derivative trading and market conduct rules, is an example of such industry-wide rules. Similarly, with the proposed new Financial Services Act and the FinIA (see Update and trends), financial services rules are being harmonised across the financial services industry.
The above-mentioned Acts are, in line with the traditional Swiss approach to legislation, drafted with a principle-based approach, leaving room for regulatory guidance and self-regulation. Thus, on a practical level the circulars issued by FINMA and self-regulatory rules enacted by the industry organisations and SROs play an important role in financial services compliance. Examples of such self-regulatory rules are FINMA’s circulars on market conduct (Circular 2013/08), distribution of collective investment schemes (Circular 2013/9) and guidelines on asset management (Circular 2009/1). On the level of industry organisations, the following are examples of noteworthy self-regulatory rules: the SBA Code of Conduct with regard to the exercise of due diligence; and the SFAMA Code of conduct and its Guidelines on distribution of funds.
Scope of regulation
What are the main areas of regulation for each type of regulated financial services provider and product?
All regulated financial services providers have to obtain authorisation from FINMA prior to starting a supervised financial activity. The main areas of regulation for all types of regulated financial services providers concern, in particular, their organisation and their minimum capital requirement. They must establish appropriate corporate management rules and be organised in such a way that they can fulfil their statutory duties. They must also identify, measure, control and monitor their risks, including legal and reputational risks, and organise an effective internal control system. Moreover, the regulatory framework requires that the financial services providers must effectively be managed from Switzerland, which implies that the persons entrusted with managing must be resident in a place from which they may effectively exercise such management. The persons responsible for the administration and management of financial institutions and their qualified participants (ie, when an individual or legal entity directly or indirectly owns at least 10 per cent of the capital or voting rights of a licensed institution or can otherwise influence its business activities in a significant manner) must provide the guarantee of irreproachable business conduct.
In particular, banks and securities dealers are required to keep sufficient capital available for the business they conduct pursuant to the Capital Adequacy Ordinance. Banks shall further comply with qualitative and quantitative liquidity requirements enshrined in the Liquidity Ordonnance.
What additional requirements apply to financial services firms and authorised persons, such as those imposed by self-regulatory bodies, designated professional bodies or other financial services organisations?
As mentioned in question 1, Swiss financial services rules and regulations rely to a large extent on the rule setting by the various self-regulatory organisations. In this self-regulatory environment, the two most prominent organisations are the SBA with respect to the banking industry and SFAMA with respect to the fund industry.
Over the years the SBA has drawn up binding codes of conduct in the form of guidelines and agreements, which define what constitutes good industry practice. One of the most prominent examples of a code of conduct is the due diligence agreement, which applies to all banks and securities dealers. The agreement mainly focuses on the identification of a contracting partner as well as the beneficial owner of assets, and also includes provisions on the prohibition of active assistance in the flight of capital and tax evasion.
SFAMA has taken a similar approach and issued a Code of Conduct that constitutes the core element of the code of the self-regulation. It is deliberately restricted to the essentials and specifies the minimum standards that are to be observed. It therefore takes into account the differences in the business operations of the licensees that must comply with its provisions. The Code of Conduct covers the main functions of the fund business, especially the management and administration of collective investment schemes, the investment of the assets of a collective investment scheme, the communication with investors and the distribution.
What powers do national financial services authorities have to examine and investigate compliance? What enforcement powers do they have for compliance breaches? How is compliance examined and enforced in practice?
As a rule, compliance is enforced by way of a dualistic system in which regular compliance reviews are undertaken by regulatory auditors (ie, audit firms appointed by each supervised institutions). These regulatory auditors review the supervised institutions on an annual basis and will prepare a regulatory audit report that is shared with FINMA. Based on these reports, FINMA may decide to issue recommendations, order follow-up audits or take other enforcement measures (see question 10).
FINMA will also follow-up and investigate any information it receives about potentially unauthorised activities. Such information may be brought to FINMA’s attention by other market participants, investors or other third parties. Where there are grounds to suspect unauthorised activity, FINMA will open formal investigative proceedings to decide whether enforcement actions are warranted.
What are the powers of national financial services authorities to discipline or punish infractions? Which other bodies are responsible for criminal enforcement relating to compliance violations?
FINMA has a wide set of enforcement tools, which are, however, all of an administrative nature. FINMA does not have the power to impose civil or criminal liability. Rather, where FINMA is of the view that non-compliance with financial services regulations also constitutes a criminal offence, it will notify the relevant prosecutors (eg, the Swiss Department of Finance or the Swiss Attorney General’s Office).
FINMA’s administrative law enforcement tools include the following: preliminary injunctions; ordering a supervised institution to restore compliance with the law; declaratory rulings; prohibiting individuals from exercising a professional activity; cease-and-desist orders and bans on trading; publication of rulings (‘naming and shaming’); disgorgement of profits; withdrawal of licences; and ordering the liquidation of financial institutions. As mentioned above, FINMA does not have the power to impose criminal liability and as a result, FINMA may not impose monetary penalties on supervised institutions.
When deciding which enforcement tools to apply in a particular case, FINMA has to take into account the goals of the relevant financial services legislation (eg, protection of investors, fair competition or the stability of the financial system as a whole) and the general principles of constitutional and administrative law (such as proportionality).
What tribunals adjudicate criminal and civil financial services infractions?
Where criminal infractions are found and when the facts are clear, FINMA files a criminal complaint pursuant to the administrative criminal law directly with the Federal Department of Finance (FDF). In some cases, an appeal could be brought against the decision rendered by the FDF to the Federal Criminal Court and then to the Federal Supreme Court.
With regard to civil infractions, civil proceedings take place in two instances, usually within the state where the parties are domiciled. It is also possible to appeal to a third court, the Federal Supreme Court.
What are typical sanctions imposed against firms and individuals for violations? Are settlements common?
FINMA has a broad range of enforcement tools to uphold supervisory law. Typical enforcement tools at FINMA’s disposal include the following:
- Precautionary measures: FINMA takes appropriate precautionary measures where there is a risk to investors, policyholders, creditors or the financial market as a whole. A typical example is appointing an investigating agent.
- Ordering action to restore compliance with the law: pursuant to article 31 of the FINMASA, FINMA shall take action when supervised institutions violate financial market laws or other irregularities arise. It empowers FINMA to issue a ruling ordering proportionate measures to address the problem. In contrast to the enforcement instruments set out in articles 32-37 of the FINMASA, article 31 only applies if no serious violation of supervisory law has occurred.
- Declaratory rulings: pursuant to article 32 of the FINMASA, declaratory rulings or reprimands are the mildest official measure FINMA can use to sanction licence holders and individuals found to have committed market abuse.
- Industry bans: pursuant to article 33 of the FINMASA, FINMA can ban individuals responsible for serious violations of supervisory law from acting in a senior function at a supervised institution for up to five years.
- Cease-and-desist orders and bans on trading: where FINMA identifies financial market participants operating without the requisite authorisation, it can issue a ruling expressly banning those responsible from continuing to operate. It also has the power to ban securities dealers’ employees who have committed serious violations of stock exchange law from trading.
- Publication of rulings: pursuant to article 34 of the FINMASA, FINMA can publish its final rulings and name those involved, once a ruling becomes legally binding.
- Ordering the disgorgement of profits: pursuant to article 35 of the FINMASA, FINMA can confiscate profits generated or losses avoided through serious violations of supervisory law by supervised institutions or individuals in senior functions. Any confiscated assets that do not have to be paid out to injured parties are passed to the federal government.
- Withdrawal of authorisation, liquidation and bankruptcy: pursuant to article 37 of the FINMASA, FINMA can withdraw its authorisation of individuals and legal entities that no longer meet the authorisation requirements or have committed serious violations of supervisory law. The law requires certain licence holders to be liquidated when this happens. FINMA also applies these rules to financial market participants operating without the requisite authorisation.
The Swiss regulatory framework does not provide for a proper settlement procedure. This being said, the supervised entity under investigation by FINMA usually makes every reasonable effort to restore compliance with the law during the enforcement proceeding in order to mitigate the effect of the supervisory violation and diminish the risk of incisive measures rendered by FINMA.
What requirements exist concerning the nature and content of compliance and supervisory programmes for each type of regulated entity?
The main requirements relating to the structure and content of compliance programmes are enshrined in FINMA Circular 2017/1 on corporate governance, risk management and internal controls at banks (FINMA Circular 17/1). Even if FINMA Circular 17/1 applies per se to banks and securities dealers, it constitutes a market standard for all regulated entities.
FINMA Circular 17/1 consistently implements the principle of proportionality, leaving institutions free to implement the requirements in a way that takes account of their differing business models and of the particular risks associated with them. It therefore takes into account the differences in the business operations of the licensees that must comply with its provisions.
The duties and responsibilities of the compliance function include at least the following activities:
- Conducting an annual assessment of the compliance risk of the institution’s business activities and developing a risk-oriented activity plan for approval by the executive board. The activity plan must also be made available to internal audit.
- Reporting promptly to the executive board on any major changes in the compliance risk assessment.
- Reporting annually to the board of directors on the assessment of compliance risk and the activities of the compliance functions. A copy of the relevant reports must be provided to internal audit and the regulatory audit firm.
- Reporting serious compliance breaches and matters with far-reaching implications in an efficient manner to the executive board and the board of directors, as well as supporting the executive board in the choice of appropriate instruction and measures. Internal audit must be informed accordingly.
How important are gatekeepers in the regulatory structure?
The function of chief compliance officer is crucial in the regulatory structure and, as such, must provide the guarantee of irreproachable business conduct. This particularly means that the person acting as a chief compliance officer within a financial services firm is subject to enhanced administrative supervision by FINMA.
According to FINMA Circular 17/1 banks and securities dealers shall establish an internal auditor. If it seems inappropriate to establish an internal audit because of the size of the regulated entity, the relevant duties and responsibilities can be delegated to an internal audit of another company of the same group, a second audit firm that is independent of the regulatory audit firm or an independent third party.
Internal audit reports directly to the board of directors or its audit committee, and fulfil the auditing and monitoring responsibilities assigned to it in an independent fashion. This means that it has an unlimited right of inspection, information and audit within the regulated entity.
The main roles of the internal audit are to deliver independent audits and assessments of the appropriateness and effectiveness of the regulated entity’s organisation and business processes, particularly with regard to the risk management and internal control system, and ensure that the executive board, the board of directors or its audit committee and the regulatory audit firm are informed about the risk assessment and audit objectives. Furthermore, the internal audit defines the audit objectives and planning for the next audit period and submits them and any necessary changes to the board of directors or its audit committee for approval.
With regard to all entities authorised by virtue of CISA, FINMA may require that an internal audit be performed if the scope and nature of their activities demands it.
Directors' duties and liability
What are the duties of directors, and what standard of care applies to the boards of directors of financial services firms?
The board of directors of a Swiss company is responsible for the ultimate management and oversight of the company. As such, the board of directors is also responsible for the oversight of compliance matters. FINMA has issued regulatory guidance with respect to corporate governance that further specifies the board of director’s corporate governance-related obligations. According to the guidance, the board of directors is responsible for ensuring an adequate organisation, and appropriate and effective internal control systems. The board of directors is also responsible for appointing the head of internal audit and, where required by FINMA regulations, the chief risk officer.
When are directors typically held individually accountable for the activities of financial services firms?
Traditionally, FINMA enforcement actions have focused on the institutions rather than individual members of the management. More recently, FINMA has also started to focus on individual decision makers as part of its enforcement actions. From a regulatory perspective, directors (and other members of the senior management of financial institutions) are held responsible where they have breached their duties (see question 15) and where such breaches were of a significant nature. In such cases, FINMA has, in the past, ordered bans of professional activity in the regulated sector. Generally speaking, FINMA will open enforcement proceedings against individuals, where it has reasons to believe that the individual no longer guarantees proper business conduct.
Private rights of action
Do private rights of action apply to violations of national financial services authority rules and regulations?
Traditionally, Swiss law does not provide for private rights of action to enforce violations of financial market rules. Rather, enforcement of such rules is seen as a task that should fall within the scope of activity of regulators and prosecutors. As a rule, clients of financial institutions may sue financial services providers for individual breaches of contract (ie, breaches of the contractual relationship between the financial services provider and its client), though in such a civil suit, non-compliance by a financial services provider with regulatory rules of conduct (or similar) would be taken into account when assessing an alleged breach of contractual obligations. In cases where Swiss law provides for possibilities of civil law right of action for breaches of financial services regulations (eg, in the context of the CISA), a plaintiff would still have to show individual damages in order for such suit to be successful.
Standard of care for customers
What is the standard of care that applies to each type of financial services firm and authorised person when dealing with retail customers?
From a regulatory point of view, the standard of care does not differ based on the sophistication of the customer or counterparty, except in the funds industry. In the current state of the legislation, the appropriate and proper business conduct requires all types of financial services firms and their agent to act namely with loyalty, diligence and provide all necessary information to their customers.
The codes of conduct enshrined in the CISA and the Stock Exchanges and Securities Trading Act are recognised as minimum standards by FINMA. In addition to the administrative nature of these rules, they also impact the contractual relationship between the financial services firm and its customers under private law. These codes of conduct provide clarification as to the duties with which the financial services firm shall comply when dealing with customers:
- duty of loyalty: they act independently and exclusively in the interests of the investors and avoid all conflict of interests;
- due diligence: they implement the organisational measures that are necessary for proper management and ensure the best execution of the clients’ orders; and
- duty to provide information: they ensure the provision of transparent financial statements and provide appropriate information about their activity; they disclose all charges and fees incurred directly or indirectly by the investors and their appropriation and inform them, in particular, about the risks related to a given type of transaction.
Once the FinSA enters into force, all financial services firms and authorised person will need to comply with the following rules of conduct when dealing with retail customers: duty to provide information; assessment of the appropriateness and suitability of investment advice given to customers; documentation and rendering of accounts; and transparency and care in client orders.
Does the standard of care differ based on the sophistication of the customer or counterparty?
As mentioned in question 18, the standard of care does not differ based on the sophistication of the customer or counterparty, except in the funds industry. Indeed, the CISA distinguishes three types of customer: regulated qualified investors; non-regulated qualified investors; and retail investors. The CISA allows for the switch from one category to another and for the benefit of a higher or lower level of protection under certain conditions. For instance, high net worth retail clients may declare that they wish to be treated as non-regulated qualified investors (opting out).
Under the new FinSA, financial services providers will have to distinguish retail customers from professional customers. This second category will include a subgroup that reassembles institutional clients. By contrast, for retail customers, the FinSA provides that no rule of conduct will apply to institutional clients. With respect to professional clients, they may waive the application of certain rules of conduct, such as the duty to provide information and the documentation and rendering of accounts by express declaration to the financial services provider.
How are rules that affect the financial services industry adopted? Is there a consultation process?
New legislation in Switzerland, including that which relates to the financial services industry, is adopted only after a consultation process. These consultation procedures are available at all levels of the legislative process, with consultation periods typically being longer for parliamentary acts as opposed to implementing ordinances or regulations issued by the Swiss regulator. The consultation process is generally open to all interested parties. In addition, the relevant industry organisations (such as the SBA, SFAMA and the SROs) regularly participate in the consultation process in order to ensure that the industry points of view are taken into account early on in the legislative process.
How do national financial services authorities approach cross-border issues?
Swiss financial regulatory laws currently have a rather liberal stance with respect to cross-border provision of financial services. As a rule, financial services such as banking, securities brokerage or investment advice can be offered to Swiss clients on a purely cross-border basis without triggering licensing or registration requirements in Switzerland. Where, however, a foreign financial services provider maintains a physical presence in Switzerland (ie, employs, on a permanent basis, staff in Switzerland that act for the foreign financial services provider (eg, for marketing purposes)), licensing requirements will be triggered.
One key exemption to the above-mentioned liberal cross-border regime is the distribution of investment fund products to Swiss investors. Unlike other types of financial services, the relevant Swiss fund distribution rules provide for product authorisation requirements with respect to funds that are distributed or marketed (or both) to Swiss retail investors. Even where funds are distributed or marketed to qualified investors in Switzerland, certain documentation and local representative requirements may apply.
Finally, Swiss financial services legislation is currently in the process of being substantially amended by the new FinSA. Among other things, the draft rules provide for certain registration requirements with respect to foreign financial services providers that wish to offer their products to Swiss clients.
What role does international standard setting play in the rules and standards implemented in your jurisdiction?
International standard setting plays a significant role in the legislative process and such standards are generally taken into account when drafting and implementing new legislation. This is particularly true with respect to legislative developments in the European Union and the European Economic Area. While not itself a member of the EU or the EEA, Switzerland generally tries to implement financial services legislation that is largely in line with the rules in the EU and EEA, in particular where such European rules provide for third-country regimes that require comparable and equivalent rules in order to gain access to the European markets.
Update and trends
Update and trends
Updates and trends
The Swiss parliament is currently deliberating the proposed new FinSA and FinIA. It is currently expected that parliament will conclude its deliberations in summer or early autumn 2018 and that the two new Acts will enter into force no earlier than mid-2019.
The FinSA will significantly change the regulatory landscape for financial services firms in Switzerland. Among other things, it will provide for comprehensive rules of conduct with respect to provision of financial services to Swiss clients. The new rules - which were to a large extent inspired by the Markets in Financial Instruments Directive (MiFID II) - will apply to all financial services providers, regardless of their regulatory status or their country of incorporation (ie, also in a cross-border scenario). In addition, the current draft FinSA also provides for a registration duty for client advisers of foreign financial services providers that offer their services into Switzerland on a cross-border basis.
In addition to the rules of conduct laid out in the FinSA, the FinIA will introduce new licence requirements for portfolio managers and trustees. Under the FinIA, portfolio managers and trustees will be subject to supervision of semi-private supervisory organisations (which are yet to be established). Furthermore, the FinIA will harmonise the rules applicable to cross-border services (see question 21) for the various financial institutions.