Since 2010, the Global Law Experts annual awards have been celebrating excellence, innovation and performance across the legal communities from around the world.
posted 3 hours ago
The FINMA AML crypto Switzerland landscape shifted materially in 2026, creating urgent compliance work for every crypto exchange, token issuer and fintech operating under Swiss financial-market supervision. FINMA published substantial revisions to its Anti-Money Laundering Ordinance (AMLO-FINMA) during April–May 2026, tightening enhanced due diligence triggers, expanding supervisory expectations for virtual asset service providers (VASPs) and responding directly to criticisms raised in Switzerland’s latest FATF mutual evaluation. Separately, the expansion of MRK-style reporting to crypto assets, effective 1 January 2026, introduced new transaction-reporting obligations channelled through the Money Laundering Reporting Office Switzerland (MROS). This article provides a practitioner-ready, step-by-step compliance checklist that maps every obligation by entity type so compliance officers, general counsels and exchange founders can act immediately.
Six immediate actions every affected Swiss crypto business should take:
Switzerland does not regulate crypto assets through a standalone statute. Instead, it applies its existing financial-market laws, principally the Federal Act on Combating Money Laundering and Terrorist Financing (AMLA, SR 955.0) and its implementing ordinances, to crypto activities that constitute financial intermediation. The AMLO-FINMA ordinance sits beneath the AMLA and translates statutory obligations into operational rules that FINMA-supervised institutions must follow.
The April–May 2026 AMLO-FINMA revisions address several areas that the FATF had flagged as deficient during Switzerland’s most recent evaluation cycle. The key amendments cover the following areas:
For VASPs already operating under FINMA supervision or affiliated with a self-regulatory organisation (SRO), the 2026 revisions require an immediate gap analysis. Industry observers expect the lowered thresholds alone to increase compliance costs by requiring identity verification for transactions that were previously processed under simplified procedures. Exchanges processing high volumes of small-denomination transfers will likely need to invest in automated identity-verification technology or face operational bottlenecks.
The expanded EDD triggers are particularly significant for platforms that list privacy coins or offer mixer-adjacent services. The likely practical effect is that many exchanges will delist or restrict privacy-enhancing tokens rather than absorb the cost of continuous enhanced monitoring, a trend already visible in other FATF-compliant jurisdictions.
The revised AMLO-FINMA text was published for consultation in April 2026 and finalised in May 2026. FINMA has indicated that supervised entities should implement the changes within a reasonable transition period from the date of publication. Early indications suggest FINMA expects operational compliance by late 2026, though formal transitional guidance may follow. Entities that have not yet commenced their gap analysis face material enforcement risk.
MRK crypto reporting refers to the systematic transaction-reporting framework that expanded to cover crypto-asset transactions with effect from 1 January 2026. Under this framework, financial intermediaries that process qualifying crypto transactions must submit structured reports to MROS, Switzerland’s financial intelligence unit. The expansion aligns Switzerland with the FATF’s requirement that countries apply the same AML reporting standards to virtual assets as they apply to traditional financial transactions.
Any financial intermediary supervised by FINMA, or subject to the AMLA through SRO membership, that executes, facilitates or intermediates crypto-asset transfers meeting the applicable thresholds must report. This includes centralised exchanges, broker-dealers in crypto assets, custodians that execute transfers on behalf of clients, and payment service providers handling crypto-to-fiat conversions.
MRK reports must include originator and beneficiary identification data, name, account or wallet identifier, and, where available, address and date of birth. These data elements overlap substantially with the information required under Switzerland’s implementation of the FATF Travel Rule, meaning that entities with functioning Travel Rule infrastructure can repurpose much of the same data pipeline for MRK reporting.
The required data fields for MRK reporting typically include:
Entities should evaluate whether their existing compliance technology stack can generate MRK-compliant reports in the format required by MROS. Automated extraction from blockchain analytics platforms, combined with customer-data enrichment from KYC databases, is the most efficient approach. Manual reporting is feasible for low-volume operators but introduces error risk and scalability constraints.
Swiss AML law applies to “financial intermediaries”, a broad category defined in Article 2 of the AMLA. For crypto businesses, the critical question is whether a given activity constitutes financial intermediation. FINMA’s crypto-services dossier provides a detailed mapping of specific crypto activities to regulatory categories.
| Entity type | Primary reporting obligations (MRK / FINMA 2026) | Notes & effective date |
|---|---|---|
| Crypto exchanges (centralised) | MRK reporting for covered transactions; full FINMA AML programme; transaction monitoring; Travel Rule implementation | MRK expansion effective 1 Jan 2026; FINMA ordinance revisions published Apr–May 2026 |
| Token issuers (stablecoins / asset tokens) | Possible reporting if issuer controls transfers or maintains registry; enhanced KYC for stablecoins per FINMA guidance | Stablecoin guidance requires issuer onboarding and transfer controls; apply FINMA classification tests |
| Custodians / wallet providers | FINMA supervision if holding client assets; MRK reporting if transactions meet thresholds | Custody guidance from FINMA applies, technology and segregation expectations |
| Payment service providers (crypto-to-fiat) | Full AML programme; MRK reporting; Travel Rule compliance | Classified as financial intermediaries under AMLA Article 2 |
| DeFi gateway operators | In scope where operator exercises control over user assets or transaction execution | Revised AMLO-FINMA clarifies custodial-adjacent activities |
Use this five-step decision flow to determine whether your business falls within FINMA AML crypto Switzerland obligations:
This Swiss crypto compliance checklist covers the operational steps that centralised crypto exchanges must implement to satisfy both the revised AMLO-FINMA and MRK reporting requirements. Crypto exchange compliance in Switzerland now requires a layered approach spanning governance, technology, and ongoing monitoring.
Token issuer reporting in Switzerland begins with classification. FINMA distinguishes between payment tokens, utility tokens and asset tokens. Any token that functions as a means of payment triggers full AML obligations. Asset tokens that qualify as securities under Swiss law also attract prospectus and ongoing-disclosure requirements. Utility tokens may trigger AML obligations at the point of issuance if the issuer accepts funds from investors in a manner that constitutes financial intermediation.
Token issuers who maintain a registry or whitelist of holders, or who control the smart-contract functions governing transfers, fall within MRK reporting scope for transactions they facilitate. This is particularly relevant for stablecoin issuers, who typically operate permissioned transfer systems. These issuers must implement transaction-monitoring and SAR-filing processes equivalent to those required of exchanges.
FINMA’s guidance on stablecoins emphasises that all stablecoin holders must be thoroughly identified before tokens can be transferred to them. Anonymous transfers of stablecoins are prohibited where the issuer controls the transfer mechanism. This means that stablecoin issuers must maintain a complete, verified register of holders and apply ongoing KYC monitoring. The practical effect is that stablecoins cannot circulate freely among unverified wallets if the issuer retains any transfer-gating capability.
Meeting KYC requirements in Switzerland now demands a technology-enabled approach. Automated identity-document verification (IDV), sanctions screening (against SECO and international lists), PEP databases and blockchain analytics should be integrated into the onboarding workflow. Red flags requiring escalation include mismatches between declared source of funds and on-chain transaction history, newly created wallets receiving large deposits, and connections to known mixer or tumbler services.
Swiss crypto projects structured as stock corporations (AG) or limited liability companies (GmbH) require notarial authentication for certain corporate actions, including share-capital increases associated with token issuances and changes to articles of association. Where a token sale involves the creation of new shares or participation rights, a Swiss notary must authenticate the relevant corporate resolutions. Additionally, subscription agreements for token sales should include AML representations and warranties from investors, and beneficial-ownership declarations should be embedded in the subscription documentation.
The following data should be captured for every investor or customer at onboarding:
Swiss-based VASPs have several technical options for satisfying Travel Rule obligations:
MRK reports should be generated programmatically from existing transaction databases and submitted to MROS using the prescribed format and channel. Compliance teams should establish automated triggers that flag reportable transactions, populate report templates and route them for review before submission. Integrate MRK reporting into your existing compliance case-management system to avoid duplication and ensure complete audit trails.
Swiss data-protection law (the Federal Act on Data Protection, FADP) applies alongside AML obligations. Entities must ensure that personal data collected for AML purposes is processed lawfully, stored securely and retained for the minimum period required by the AMLA (ten years from the end of the business relationship). Cross-border data transfers, for example, sending originator data to a counterparty VASP in another jurisdiction, must comply with FADP requirements, including appropriate safeguards where the recipient country does not provide adequate data-protection standards.
FINMA’s supervisory practice in the crypto AML space has highlighted several recurring deficiencies: incomplete beneficial-ownership documentation, failure to apply EDD to high-risk business relationships, inadequate transaction-monitoring systems that generate excessive false positives without effective triage, and delays in SAR filing. FINMA’s 2024 risk-monitoring report specifically flagged rising money-laundering risks in the crypto sector, signalling an increasingly assertive supervisory posture.
If your gap analysis reveals non-compliance, prioritise remediation in order of enforcement risk: SAR-filing backlogs first, then KYC deficiencies, followed by technology upgrades. Document every remediation step with dates, responsible persons and evidence of completion. Industry observers expect FINMA to apply stricter sanctions where entities have failed to act promptly after the publication of the revised ordinance.
The 2026 reforms to FINMA AML crypto Switzerland rules represent the most significant compliance event for the Swiss digital-asset sector in recent years. Every exchange, token issuer, custodian and fintech operating in or from Switzerland must act now to avoid enforcement exposure. To find qualified Swiss commercial counsel who can assist with AML programme design, FINMA submissions and ongoing compliance, visit the Global Law Experts lawyer directory.
This article was produced by Global Law Experts. For specialist advice on this topic, contact Martin Eisenring at EISENRING Attorneys & Notaries, a member of the Global Law Experts network.
posted 3 hours ago
posted 5 hours ago
posted 5 hours ago
No results available
Find the right Legal Expert for your business
Sign up for the latest advisor briefings and news within Global Advisory Experts’ community, as well as a whole host of features, editorial and conference updates direct to your email inbox.
Naturally you can unsubscribe at any time.
Global Advisory Experts is dedicated to providing exceptional advisory services to clients around the world. With a vast network of highly skilled and experienced advisors, we are committed to delivering innovative and tailored solutions to meet the diverse needs of our clients in various jurisdictions.