Suisse Leaks: Swiss banking returns to the spotlight

Yesterday saw the announcement of yet another major financial leak, exposing details of the accounts and wealth of foreign clients of Credit Suisse, allegedly including “criminals, dictators, intelligence officials, sanctioned parties and political actors with outsized wealth”.  Credit Suisse has issued the usual rebuttals - that many of the cases are historic, or are isolated incidents not representative of the bank’s overall business.  And many believe Credit Suisse is unlikely to be an outlier, with the whole Swiss banking industry thrust into the spotlight.

Having worked in anti-financial crime for multinational banks with a significant presence in Switzerland, I’m acutely aware of the challenges of navigating its infamous secrecy laws, and the difficulties of implementing global financial crime programmes under these restrictions.  I’ve also worked with a large number of Swiss compliance staff and relationship managers, and know that most do care about financial crime, and are far from the sinister or negligent figures they are often portrayed to be.  Culture, governance and risk appetite obviously vary from bank to bank and can be very hard to assess from the outside, even with vast troves of leaked data.  So putting aside the specific allegations against Credit Suisse, what do we need to understand about Switzerland and its legal and regulatory framework to better understand this story?

Switzerland is notorious for its banking secrecy.  Its 1934 Federal Act on Banks and Savings Banks criminalises the disclosure of client banking information to any foreign authorities.  The first major roll-back of this provision occurred in 2018, when Switzerland started sharing information under the Common Reporting Standard for the automatic exchange of banking information.  (Side note: this development came about as the result of another whistleblowing incident, when a banker violated Swiss banking secrecy laws to tell US authorities how UBS Group was facilitating tax evasion by foreign customers.)

However, it is clearly wildly inaccurate to say (as some have done) that this was the end of Swiss banking secrecy.  For a start, it is still impossible for countries which are not signed up to the common reporting standard to receive any information from Switzerland.  It’s worth noting these are predominantly poorer nations, in many cases those most affected by the kleptocracy and capital flight Credit Suisse is accused of abetting.  Notwithstanding this one area of concession, the law remains in place and has been accused of effectively criminalising whistleblowing, preventing people reporting illegal behaviour to the relevant authorities.  It also restricts investigations by outside parties, with journalists inside Switzerland at risk of being prosecuted for publishing or even possessing private banking data. It also prohibits the sharing of information within financial groups, meaning Swiss subsidiaries of global banks cannot share any information with their parent bank, making holistic risk management impossible.  A telling indicator of the authorities’ overall attitude has to be a legal revision in 2018 (the same year Switzerland started sharing tax information) raising the maximum sentence for breaching the law from six months to three years.  

Many commentators believe that recriminations following this latest leak should be directed not just at Credit Suisse, but also the Swiss authorities for creating a lax regulatory environment and upholding laws that punish the exposure of illegal activities.  They believe the various leaks and scandals that have emerged over recent years indicate wider failings in banking supervision, with insufficiently rigorous monitoring and oversight.  The Swiss regulatory framework has also been criticised for being insufficiently robust.  Organisations like Transparency International and Public Eye have said the Anti-Money Laundering Act is too narrow in scope, as it does not apply to parties such as lawyers, fiduciaries, trustees, and other consultants.  This contravenes international best practice and the recommendations of the Financial Action Task Force (FATF). The number of SARs filed has also been criticised for being noticeably low given the overall volumes of funds flowing into the country, and the flows from overseas clients and high-risk jurisdictions.

Arguably, responsibility may even go beyond Switzerland itself - to international bodies and standard setters.  Like most financial centres in economically developed countries, Switzerland receives positive ratings and assessments in nearly all global financial crime indices, such as the Basel AML Index and Transparency International’s Corruption Perceptions Index.  In 2020, the OECD’s Global Forum rated Switzerland as “largely compliant” on issues relating to availability, access and exchange of ownership information on entities and bank accounts, even while contradictorily acknowledging that the availability of beneficial ownership information was not guaranteed.  The Global Forum also noted that Switzerland would seemingly not respond to foreign requests for banking information if the request was based on “stolen data” (i.e. a leak) or if the requesting authority “actively sought out” the information outside of an administrative assistance procedure.  

The aftermath of the 2007 whistleblowing case and the subsequent pressure by US authorities shows that outside parties can be effective in bringing about meaningful change.  There is clearly much more international bodies can do to apply pressure to Switzerland to address specific loopholes and to change the overall tenor of its banking laws.  Individual financial institutions can also consider how they treat Switzerland as a jurisdiction, and whether they are content to rely on international indices which do not call out issues around transparency and the availability of information.


FINTRAIL can help financial institutions to assess country risk using objective methodologies that go beyond the usual global risk tables. This can be aligned to custom designed risk-based CDD and ongoing monitoring controls. We also perform enhanced due diligence and investigations on customers, partner institutions and other third parties in jurisdictions where public information is hard to obtain. If you would like to speak to us about this or any other services, please do get in touch: contact@fintrail.com