Skip to main content

B-04-19 FINMA Guidance 05/2020

Duty to Report Cyber Attacks

Articles en relation

Transfer of customer data to the Department of Justice

Data protection to the rescue of the beneficial owner

The RGPD also protects the banking data of legal entities when the beneficial owner objects to the transfer of the data to the Department of Justice (judgment no. 141/23-II-CIV of 6 December 2023 of the Luxembourg Superior Court of Justice). A person holds bank accounts with the Luxembourg branch of a Swiss bank. He is also the beneficial owner of a company which has two bank accounts with this branch. Another company, of which the customer's ex-wife and son are[...]

Fraudulent obtaining of "COVID-19" credits

The Federal Supreme Court confirms the classification as a fraud

Since March 2020, more than 100,000 Swiss companies have made use of the bonded loans set up by the Confederation to make up for a lack of liquidity following the COVID-19 pandemic. The Swiss authorities' desire to respond quickly to an exceptional situation and to ensure rapid access to funds led them to introduce a facilitated procedure, based essentially on a self-declaration by the credit applicant, which has unfortunately seen its share of abuses. In a recent ruling to be[...]

Cyber attacks

New reporting obligation takes shape

From 1 January 2025, banks, insurance companies and financial market infrastructures will have to report cyber attacks to the Federal Office for Cyber Security (FOCS) within 24 hours. The Federal Council has just put out to consultation the draft ordinance that implements art. 74a ff of the Federal Act on Information Security (obligation to report cyber attacks). As we explained earlier (see Hirsch, cdbf.ch/1261), banks will now have to inform the OFCS in the event of a cyber attack. The[...]

FINMA's Watchlist

Limits to the right of access under the aDPA

Obtaining the relevant extracts from the database needed to assess FINMA's guarantees of irreproachable activity (formerly Watchlist) is a real crossroads for an employee who has temporarily given up exercising an activity subject to FINMA. The Federal Administrative Court (FAT) has confirmed that art. 8 aLPD (now art. 25 LPD) does not allow access to the documents that justified inclusion on the Watchlist to the same extent as in a genuine procedure on the merits to determine whether an individual[...]

Plus d'articles en relation