Fintech 2025

SWITZERLAND Law and Practice Contributed by: Lukas Morscher and Lukas Staub, Lenz & Staehelin

FINMA’s supervision. Therefore, to a certain extent, fintech providers that are FINMA-regu - lated also act as gatekeepers. From a civil law perspective and as a general principle, a fintech provider would be liable for damages resulting from negligence or wilful misconduct in breach of applicable law or con - tractual obligation. However, under Swiss civil law, liability can be limited or even excluded to a large extent by contractual agreement. Civil liability would thus have to be assessed on a case-by-case basis. 2.10 Significant Enforcement Actions FINMA has executed several enforcement pro - ceedings in the fintech industry, in particular in the case of initial coin offerings (ICOs) that were suspected of acting as a bank without being authorised to do so (ie, accepting depos - its from the public without a banking licence; see 2.2 Regulatory Regime ). In its annual report 2022, FINMA stressed its supervisory focus on capital and liquidity requirements. In relation to this, FINMA stated in its annual report for 2022 that certain companies holding a fintech licence faced financial obligations that threatened their solvency and/or liquidity. As a result, FINMA had to withdraw a fintech licence for the first time. Only in very few cases did FINMA make indi - vidual enforcement cases public: • in September 2017, FINMA ruled that the e-coin issued by QUID PRO QUO Association with the involvement of DIGITAL TRADING AG and Marcelco Group AG constituted fake cryptocurrency – in addition, FINMA ruled that the e-coin involved the acceptance of deposits from the public for which the issuer was not authorised (all three entities involved with the e-coin were liquidated);

• in March 2019, FINMA ruled that the EVN- Token issued by envion AG, which offered a repayment claim after 30 years, constituted the acceptance of deposits from the pub - lic for which the issuer was not authorised – envion AG had accepted deposits in an amount exceeding CHF90 million from at least 37,000 investors and was already in liq - uidation prior to FINMA’s order due to viola - tion of corporate law requirements; and • in May 2023, FINMA ruled that the Dohr - nii Foundation and its founder and former managing director had carried out several business activities requiring a licence in the crypto sector without obtaining the relevant licence from FINMA, and that the foundation is currently being liquidated by the competent bankruptcy authority. FINMA also maintains a warning list on its web - site of individuals and entities who are presumed to carry out unauthorised activities under finan - cial market regulations. 2.11 Implications of Additional, Non- Financial Services Regulations The processing of personal data by private persons and federal bodies is regulated in par - ticular by the Data Protection Act (DPA) and the Data Protection Ordinance (DPO), which in their recently revised versions entered into force on 1 September 2023. The revised DPA is largely modelled after the EU General Data Protection Regulation (GDPR) and provides for consider - able organisational and administrative require - ments, as well as significant sanctions. The DPA and the DPO apply, with some exceptions, to the processing of data relating to natural per - sons. Personal data must be protected against unauthorised processing by appropriate techni - cal and organisational measures.

812 CHAMBERS.COM

Powered by