AML/CFT Compliance in Switzerland: FINMA, AMLA, and the 2026 Regulatory Landscape
Switzerland's AML/CFT regime has been under intense scrutiny in recent years. The Swiss Financial Market Supervisory Authority (FINMA) has taken a proactive approach to enforcing anti-money laundering (AML) and combating the financing of terrorism (CFT) regulations. The €490 million fine imposed on MBaer Merchant Bank AG in 2026 for AML and sanctions compliance failures serves as a evidence to the regulator's commitment to maintaining the integrity of Switzerland's financial system.
Key Facts at a Glance
- Primary regulator
- FINMA (Swiss Financial Market Supervisory Authority)
- Primary AML law
- Anti-Money Laundering Act (AMLA, SR 955.0) of 10 October 1997, substantively revised in 2023
- FIU
- Money Laundering Reporting Office Switzerland (MROS) at Federal Office of Police (fedpol)
- Self-regulatory organisations
- VQF, SO-FIT under AMLA Article 24
- Predicate offence
- Section 260 StGB (Criminal Code)
- EU supervisor
- N/A (Switzerland is not an EU member)
- Current guidance
- FINMA Circular 2009/1 (updated 2023)
- Recent revision
- AMLA revision 2024/2025, including expansion of predicate offences and tightening of DNFBP coverage
The Regulatory Landscape
Switzerland's AML/CFT framework is built around the Anti-Money Laundering Act (AMLA), which transposes international standards and codifies obligations for a wide range of obliged entities. The Money Laundering Reporting Office Switzerland (MROS), located within the Federal Office of Police (fedpol), serves as the country's Financial Intelligence Unit (FIU). Switzerland's AML/CFT regime also relies on self-regulatory organisations (SROs) such as VQF and SO-FIT, which play a crucial role in supervising and enforcing AML/CFT regulations.
The Swiss AML/CFT framework has undergone significant changes in recent years. The AMLA revision in 2024/2025 expanded predicate offences, tightened due diligence and reporting obligations for designated non-financial businesses and professions (DNFBP), and introduced new rules for crypto-asset service providers. These changes reflect Switzerland's commitment to maintaining its reputation as a secure and compliant international financial centre.
FINMA's Guidance and Enforcement Approach
FINMA has issued guidance on AML/CFT compliance, including Circular 2009/1, which provides detailed information on the regulator's expectations for AML/CFT risk management and compliance. The regulator has also taken a proactive approach to enforcing AML/CFT regulations, imposing significant fines on institutions that fail to comply with the relevant laws and regulations.
The MBaer Merchant Bank AG case demonstrates FINMA's commitment to enforcing AML/CFT regulations. The bank was fined €490 million for AML and sanctions compliance failures, and its licence was revoked. This case highlights the importance of documented AML/CFT risk-management and compliance frameworks for institutions operating in Switzerland.
Customer Due Diligence and KYC
Swiss CDD obligations follow international standards. Identification of natural persons under AMLA requires verified data on full name, place and date of birth, nationality, and a residential address. For legal entities, verification typically rests on commercial-register excerpts, articles of association, and beneficial-ownership records.
Beneficial-ownership thresholds follow the 25 % standard. Where no natural person can be identified above that threshold, the senior managing official is recorded as the “notional” beneficial owner. PEP screening is required for clients, beneficial owners, and counterparties.
Sanctions Screening
Sanctions implementation in Switzerland rests on international regulations and national laws, including the Foreign Trade Act and the Anti-Money Laundering Act. Enforcement responsibility is shared among various authorities, including FINMA and the Federal Office for Economic Affairs and Export Control.
For obliged entities, this means real-time screening against international sanctions lists, including the UN Consolidated List and the EU Consolidated Financial Sanctions List. Institutions are also expected to implement documented risk-management systems to identify and mitigate sanctions risks.
SAR/STR Reporting
Suspicious Activity Reports (SARs) must be filed with MROS, the FIU, via an electronic reporting platform. The Money Laundering Reporting Ordinance codifies formal and substantive minimum standards for SARs, including content requirements and timeliness expectations.
The timeliness standard for SARs sits at the centre of recent enforcement. Institutions are expected to file SARs without undue delay, which means same-day or next-working-day filing in most cases.
Risk-Based Approach
AMLA requires obliged entities to implement a risk-management system proportionate to their nature and size, anchored in a documented institution-wide risk assessment. FINMA's guidance emphasises the importance of a risk-based approach to AML/CFT compliance.
Crypto-Assets
Switzerland's crypto-asset framework was revised in 2024/2025 to align with international standards. The Kryptomärkte-Aufsichtsgesetz (KMAG) gives FINMA enhanced supervisory powers, including the authority to publish public warnings about non-compliant firms.
Recent Enforcement
FINMA's enforcement record demonstrates its willingness to use the full range of penalties available under AMLA. The MBaer Merchant Bank AG case highlights the regulator's focus on AML/CFT enforcement.
| Date | Institution | Penalty | Basis |
|---|---|---|---|
| 2026 | MBaer Merchant Bank AG | €490.0m | AML and sanctions compliance failures |
Practical Compliance Checklist for Swiss Institutions
Minimum Documentation Set Under FINMA Circular 2009/1
- Institution-wide risk assessment under AMLA, refreshed annually and on material change.
- Internal safeguards manual covering customer due diligence, ongoing monitoring, sanctions screening, training, and reporting.
- Written CDD procedures aligned with FINMA Circular 2009/1.
- Sanctions screening policy covering international lists with documented matching logic and false-positive review procedure.
- SAR/STR procedures referencing AMLA and the MROS reporting platform.
- PEP identification and EDD procedure including the 12-month post-departure continuation requirement.
- Designated AML Officer and deputy notified to FINMA.
- Staff training programme with documented annual refresher cycles.
Common Pitfalls
Three patterns dominate recent enforcement files. The first is SAR latency: institutions that have built escalation processes around weekly compliance committees rather than daily filing capacity find themselves systemically late. FINMA's view is that “without undue delay” is a real-time standard, not a weekly one.
The second is fragmented governance: where AML investigations sit across multiple business lines or geographies, FINMA treats the resulting coordination failures as substantive breaches in their own right.
Looking Ahead
Switzerland's AMLA and related regulations will continue to evolve to address emerging risks and international standards. Institutions should treat the period ahead as a transition window: build now to AMLA standards using FINMA guidance as a forward-looking interpretation.
How RegMantle Helps
RegMantle generates jurisdiction-specific AML/CFT documentation for Swiss institutions, citing AMLA, FINMA guidance, and applicable international regulations directly in the text. Generated documents include the institution-wide risk assessment, AML/CFT policy manual, KYC/CDD procedures aligned with FINMA Circular 2009/1, sanctions screening policy, SAR/STR procedures, and staff-training programme.
Generate your Swiss AML documentation in minutes
Stop paying for templated consultancy outputs. RegMantle produces audit-ready, AMLA-compliant documentation in under ten minutes.
Start Free →