I. INTRODUCTION

A. Purpose of the provision

1 The documentation requirement under Art. 7 para. 1 AMLA is one of the provisions of the Act that governs the due diligence obligations of financial intermediaries. The documentation requirement, which applies to all financial intermediaries (see Art. 8a para. 1 lit. c AMLA in relation to dealers), has several purposes. Firstly, it is intended to create a basis on which the supervisory authorities and external auditors can verify whether financial intermediaries are fulfilling their due diligence obligations and thus complying with the provisions of the AMLA. Second, the documentation requirement helps law enforcement agencies investigate potentially criminal acts related to money laundering by giving them access, if needed, to the information that financial intermediaries have gathered from transactions and investigations. And thirdly, it serves the obligated financial intermediaries themselves, enabling them to defend themselves against any allegations of negligence under Art. 305^ter para. 1 SCC. Furthermore, the documentation requirement also compels financial intermediaries to create the necessary written documentation to enable them to make well-founded and justified decisions even in the case of risky transactions.

2 The relevance of the documentation requirement in practice is also evident from the annual reports published by MROS. In connection with the clarification of what constitutes “evidence” (see below, n. 13 ff.), MROS emphasizes, for example, that it is difficult or impossible for it to fulfill its duty to analyze incoming suspicious activity reports and investigate the reported transactions if the documentation provided by financial intermediaries is inadequate. However, if financial intermediaries comply with their documentation requirements, this makes the MROS's work “considerably easier.”

B. History

3 With the exception of para. 1^bis, Art. 7 AMLA was already included in the law with the same wording when it came into force in 1998. Para. 1^bis was added as part of the revision of the AMLA to implement the most important recommendations from the fourth country report of the FATF in order to remedy what the FATF had identified as a significant deficiency, namely the lack of a general and explicit obligation on financial intermediaries to ensure that the information obtained remains accurate and relevant throughout the course of the business relationship. The new para. 1^bis (see n. 23 ff. below) entered into force on January 1, 2023.

C. Specification of the documentation requirement in other enactments

4 As a framework law, the AMLA only regulates the documentation obligation in broad terms. Depending on the type of financial intermediary, further regulations exist at the ordinance level (GwV-FINMA, GwV-ESBK, GwV-EJPD and GwV-BAZG; for dealers, the relevant regulations can be found in the GwV), in the VSB and in the regulations of the SROs. In this context, the Federal Supreme Court has explicitly stated, for example in relation to Art. 61 para. 2 GwV-FINMA (in the version of 2010), that this is a (technical) clarification of Art. 7 AMLA.

II. DOCUMENTATION OBLIGATION (PARAS. 1)

A. Preliminary remarks

5 The documentation requirement stipulates that the financial intermediary must prepare documentation on the transactions carried out and on the clarifications required under the AMLA in such a way that knowledgeable third parties can form a reliable opinion on the transactions and business relationships as well as on compliance with the provisions of the AMLA (Art. 7 para. 1 AMLA). In this context, industry- and activity-specific differences arise from the applicable implementing provisions. For example, in addition to general requirements in Art. 22 GwV-FINMA, GwV-FINMA also lays down special provisions for banks and securities firms (Art. 35 and 39 GwV-FINMA), fund management companies, CISA investment companies and collective asset managers (Art. 40 para. 3 and 4 and Art. 41 para. 3 GwV-FINMA) as well as for persons pursuant to Article 1b BankG, asset managers and trustees pursuant to Art. 2 para. 1 lit. a and b FinIA and trading systems for DLT securities pursuant to Art. 73a FinMIA (Art. 74 GwV-FINMA).

B. Addressees

6 According to the wording, the documentation obligation applies to financial intermediaries pursuant to Art. 2 para. 2 and 3 AMLA. Traders pursuant to Art. 2 para. 1 lit. b AMLA are also subject to the documentation requirement if they receive more than CHF 100,000 in cash in the course of a commercial transaction (Art. 8a para. 1 lit. c AMLA). However, traders are subject to simplified documentation requirements (see Art. 21 GwV), as they do not typically have a long-term legal relationship with their customers and are therefore generally only subject to the obligation to identify the contracting party (Art. 8a para. 1 lit. a AMLA) and the obligation to determine the beneficial owner (Art. 8a para. 1 lit. b AMLA).

C. Subject matter and scope of the documentation requirement

7 The subject matter of the documentation requirement is, on the one hand, the information on the transactions carried out by the financial intermediary (see n. 8 below) and the clarifications required under the AMLA (see n. 9 below) and, on the other hand, the supporting documents required to prove compliance with the provisions of the AMLA (see n. 10 below).

8 The AMLA does not define the term “transactions” in general terms. In connection with Art. 7 para. 1 AMLA, this term refers to all business transactions that are relevant to money laundering. This includes, in particular, activities in connection with the acceptance or safekeeping of third-party assets and assistance in investing or transferring such assets (see Art. 3 para. 3 AMLA).

9 The “necessary clarifications” required under the AMLA refer to the due diligence obligations under Art. 3-6 AMLA. Specifically, this means that the clarifications and conclusions regarding the identification of the contracting party (Art. 3), the determination of the beneficial owner (Art. 4), the re-identification or determination of the beneficial owner (Art. 5), and the special due diligence obligations (Art. 6; e.g. the obligation to carry out further clarification in the case of transactions or business relationships that appear unusual) must be documented.

10 In addition to the evidence relating to specific transactions and business relationships, the financial intermediary must also be able to demonstrate how it ensures compliance with the provisions of the AMLA. This means that the financial intermediary must document its basis for decisions and assessments in a manner that is comprehensible to third parties, particularly in the case of discretionary decisions (e.g. on whether a transaction is considered unusual).

11 Controversial with regard to the subject matter of the documentation requirement is whether it only refers to the due diligence obligations set out in the first part of the provision in accordance with Articles 3–6 AMLA or whether the documentation requirement also covers the other obligations under the AMLA. Due to the systematic integration of the documentation obligation in the section on due diligence obligations and, in particular, due to a grammatical interpretation, we believe that the documentation obligation in Art. 7 AMLA formally refers only to Art. 3–6 AMLA.

12 From a practical perspective, however, this does not result in any significant restrictions on the obligation to document transactions relevant under money laundering law. For example, the other obligations under the AMLA (e.g., compliance with the organizational, training, and control obligations under Art. 8 AMLA) must also be documented on the basis of corresponding implementing provisions (see, for example, Art. 26 GwV-FINMA). In addition, pursuant to Art. 34 para. 1 AMLA, financial intermediaries must maintain separate databases and files containing all documents relating to reports to MROS pursuant to Art. 9 AMLA or Art. 305^ter para. 2 SCC and to inquiries from MROS pursuant to Art. 11a AMLA.

D. Supporting documents

13 The term “supporting documents” is to be interpreted broadly and does not only include supporting documents in the accounting sense pursuant to Art. 957a para. 3 CO, but also the various documents, information and data that must be recorded in the customer profile as part of the due diligence obligations. Copies of identification documents and completed customer forms, as well as handwritten or electronic notes or comments made by the financial intermediary in the customer file, are also considered supporting documents.

14 In its practice, the MROS also assumes a broad interpretation of the term and states that it goes beyond traditional documents such as identification documents, documents identifying the beneficial owner, or information relating to transactions carried out in connection with the business relationships concerned. According to federal court rulings, the documentation and retention obligation with regard to any requests for information and seizure by law enforcement authorities pursuant to Art. 7 para. 2 AMLA extends to all necessary documents, including “internal investigation reports and the underlying structured documentation on extensive bank records and compliance forms.”

15 Art. 74 GwV-FINMA also proceeds from such a broad understanding, specifying in concrete terms for persons under Art. 1b BankG, asset managers, trustees, and DLT trading systems, in the sense of a non-exhaustive list, which documents these financial intermediaries must retain. According to Art. 74 para. 1 GwV-FINMA, the following must be included in the files:

• a copy of the documents used to identify the contracting party;

• where applicable, a written statement by the contracting party regarding the identity of the controlling owner or the beneficial owner of the assets;

• a written note on the results of applying the criteria for identifying business relationships with increased risks;

• a written note or the documents on the results of the clarifications in the case of business relationships or transactions with increased risks;

• the documents relating to the transactions carried out;

• a copy of any reports pursuant to Art. 9 para. 1 AMLA and Art. 305^ter para. 2 SCC;

• a list of AMLA-relevant business relationships maintained.

16 Similar lists of documents to be retained can also be found in various SRO regulations, e.g. in Art. 51 f. of the SRO SAV/SNV regulations.

17 For practical reasons, supporting documents should generally be drawn up in a national language or in English, as the addressees of the supporting documents (supervisory authorities, external auditors, criminal prosecution authorities, etc.; see n. 19 below) are located in Switzerland. However, there is no legal obligation to draw up supporting documents in accordance with Art. 7 AMLA in a national language or in English. The documentation requirement can therefore generally be fulfilled in any language. However, restrictions may arise for financial intermediaries subject to SROs from the SRO regulations applicable to them, for example if these require documents relevant to the determination of the facts to be translated.

E. Comprehensibility by knowledgeable third parties

18 The supporting documents must be understandable and comprehensible to knowledgeable third parties. This applies not only to the preparation of the supporting documents themselves, but also to their sensible organization and storage (see Art. 22 para. 1 GwV-FINMA). This primarily serves to relieve the financial intermediary of the burden of having to prepare the supporting documents in such a way that they are understandable to any third party.

19 The individual implementing provisions define who is considered an expert third party. According to Art. 22 GwV-FINMA, expert third parties are FINMA, the auditors it engages in accordance with Art. 25 FINMASA, the investigators it appoints in accordance with Art. 36 FINMASA, and the audit companies approved by the audit oversight authority. In the case of casinos, the documentation must be prepared in such a way that the ESBK, the criminal prosecution authority or other authorised bodies can form a reliable opinion (Art. 21 para. 1 GwV-ESKB) and in the case of commercial auditors who trade in bank metals themselves or through a group company (Art. 42^bis para. 1 EMKG) and in the case of companies that trade in bankable precious metals on behalf of an auditor to which they belong as part of a group of companies (Art. 42^bis para. 3 EMKG), the central office and the auditors and investigators called in must be able to understand the documentation (see Art. 45 para. 5 lit. b GwV-BAZG).

20 The expert third parties must be able to form a reliable opinion on the transactions and business relationships as well as on compliance with the provisions of the AMLA. A reliable opinion requires the ability to objectively assess the relevant transactions on the basis of the supporting documents provided. The documents and supporting evidence must therefore be prepared in such a way that individual transactions can be reconstructed, i.e., the documents and supporting evidence prepared must, in themselves, provide a complete and accurate picture of the transactions to be documented.

F. Point in time

21 In principle, the documentation obligation arises when a customer contact actually leads to a business relationship or the conclusion of a cash transaction in accordance with Art. 3 para. 2 AMLA.

22 Exceptions exist in connection with the reporting obligation under Art. 9 para. 1 lit. b AMLA, according to which a financial intermediary must report to MROS if it breaks off negotiations to establish a business relationship due to a suspicion of money laundering. The financial intermediary can only comply with this suspicious transaction report if it documents its findings and clarifications in this regard. In such cases, the financial intermediary is therefore obliged to prepare supporting documents before formally establishing a business relationship or concluding a cash transaction. This is the only way in which it can report the matter to MROS. In other words, the financial intermediary is only exempt from the documentation requirement during the initiation phase if it refrains from entering into a business relationship or cash transaction as a precautionary measure and this does not trigger a reporting obligation under Art. 9 para. 1 lit. b AMLA, i.e. if it breaks off negotiations without reasonable suspicion of criminal conduct within the meaning of Art. 9 para. 1 lit. a AMLA.

III. PERIODIC REVIEW AND UPDATING (PARAS. 1^BIS)

A. Criticism by the FATF as the reason for the insertion

23 The obligation to periodically review and, if necessary, update (see n. 26 f.) the documentation prepared in accordance with para. 1 has been in force since January 1, 2023, and originates from FATF Recommendation 10. The FATF considered the previous lack of an explicit obligation to regularly review and update customer data to be a significant deficiency, particularly with regard to risk identification and management. Originally, it was planned to implement this FATF requirement by supplementing the GwV-FINMA and the relevant regulations of the SROs. However, for reasons of legal certainty, this was rejected and the provision was incorporated into the AMLA. From the FATF's point of view, the significant deficiency mentioned above was remedied by the entry into force of Art. 7 para. 1^bis AMLA.

24 The obligation to (re)verify the identity of the beneficial owner is not a new obligation, but rather a legal anchoring of existing practice and case law. Even though such an obligation was not explicitly provided for in the law, periodic checks of the information available to the financial intermediary and documented in accordance with Art. 7 para. 1 AMLA had to be carried out to ensure its accuracy even before the entry into force of para. 1^bis, in particular on the basis of Art. 6 para. 1 AMLA. This also applied, for example, to the risk analysis pursuant to Art. 25 para. 2 GwV-FINMA, which also had to be updated periodically.

25 Financial intermediaries were also required to regularly update other information on clients already in the past, although this primarily applied to larger clients. In business with small customers, however, there were generally no event-related opportunities (e.g., in the context of periodic customer meetings) to update customer information. In this segment, para. 1^bis led to an extension of the obligations of financial intermediaries, whereby the corresponding additional expense for financial intermediaries was offset by the planned risk-based approach (see n. 28 f.).

B. Regular updating obligation

26 According to Art. 7 para. 1^bis AMLA, the financial intermediary must periodically check the supporting documents to ensure that they are up to date and update them if necessary. This fundamental obligation applies regardless of events and exists for all business relationships, regardless of the associated risk and regardless of whether the business relationship already existed when para. 1^bis came into force or is a new business relationship.

27 The data must be updated in accordance with the rules applicable at the time of the update. If the applicable rules change between the time the data was obtained and the time of the update, the update must be carried out in accordance with the new rules and the data must be brought up to date in accordance with these rules. The message does not further explain what is meant by the applicable or “valid rules.” This must undoubtedly apply to changes that have a material impact on the documents to be created (such as additional due diligence obligations). If the new rules are merely formal changes that have no material impact, then, in our opinion (in accordance with the ratio legis), no update in line with the new formal requirements is necessary, provided that this has no impact on the financial intermediary's ability to identify and manage risks. Ultimately, the financial intermediary must also decide this question on the basis of a risk-based approach (see n. 28 ff. below) and after weighing up the associated costs (e.g. whether a signed version must be obtained from each customer again when updating a form that has only been formally adapted).

C. Risk-based approach

1. Basic principle

28 A risk-based approach must be applied with regard to the scope, frequency and type of review and updating of supporting documents (Art. 7 para. 1^bis 2nd sentence AMLA).

29 The legislator has refrained from specifying, for example, the frequency of reviews, leaving it to the financial intermediaries to define their own approach. The criteria for this must be laid down in an appropriate manner (e.g. in internal guidelines). In addition, the updating or confirmation of the validity must be documented in a manner that is comprehensible to professional third parties (Art. 7 para. 1 AMLA).

2. Scope

30 In principle, all documents, information, and data collected in the context of customer due diligence obligations for the customer profile are subject to verification and updating. Unlike Art. 5 para. 1 AMLA, however, the data to be updated is not limited to the identification of the customer or the determination of the beneficial owner. If relevant for the risk classification, the nature and purpose of the business relationship must also be reviewed. However, if, for example, the document used for the original identification of the contracting party (such as an identity card) has expired at the time of the review pursuant to Art. 7 para. 1^bis AMLA, this does not necessarily mean that the identification must be renewed, provided that the relevant data relating to the customer's identity has not changed since then. The data that must be updated in each individual case is determined primarily on the basis of its relevance for the risk classification or monitoring of the business relationship.

31 However, documents and records that are requested as part of the documentation of individual transactions in accordance with Art. 6 para. 2 AMLA are not covered by the updating obligation, as these obviously do not relate to a permanent situation but to a one-off action. Furthermore, an expired copy of identification used for customer identification does not necessarily have to be obtained again as long as the relevant information on the customer's identity has not changed.

3. Frequency

32 The financial intermediary also has discretion with regard to the frequency of checks to ensure that information is up to date. The starting point for determining the appropriate frequency is the risk classification. Although the obligation to update customer data applies in principle to all customer relationships, business relationships with a higher risk require more frequent checks than those with a low risk due to the risk-based approach.

33 A point of reference for the required frequency of review can sometimes be derived from the obligation to decide annually on the continuation of business relationships with increased risks in accordance with Art. 6 para. 2 lit. c AMLA (Art. 19 para. 1 lit. a GwV-FINMA). Since this obligation can only be fulfilled if the documentation relating to the customer relationship is up to date, this interval is likely to represent the maximum period within which the file must be updated in accordance with Art. 7 para. 1^bis AMLA for business relationships with increased risks.

34 A longer period should be permissible for other business relationships, although it would make sense to differentiate within the individual categories based on the risk classification. Such an approach would also be in line with the approach taken in Germany. According to the BaFin's interpretation and application guidelines on the German Money Laundering Act, a distinction can be made between the classification of business relationships/customers into risk categories when determining the frequency of ongoing monitoring. While for customers subject to enhanced due diligence requirements, the interval between updates of customer information must not exceed one year, for customers who are not subject to enhanced or simplified due diligence requirements, updates may be made at intervals of up to five years. For customers subject to simplified due diligence obligations, there are no specific time requirements from BaFin. Instead, updates must be made in a manner appropriate to the risk. These deadlines were shortened in the latest revision of the interpretation and application guidelines. Until November 2024, it was standard practice to update information at least every two years for high risks, at least every ten years for normal risks, and at least every 15 years for low risks.

4. Type of review

35 Measures to review the plausibility of the data must also be based on a risk-based approach. The sources may include the bank's own knowledge of the customer profile, public information, and information from an external source. Direct contact with the customer for the purpose of updating is not necessary in every case. If information from the customer is required for verification and updating, this can be obtained in the retail business, for example, via standardized queries using a form in online banking. If a customer does not respond to a request to update their information, further measures must be decided on a risk-based basis.

D. Event-driven updating obligation

36 In addition to periodically reviewing and updating the supporting documents, the financial intermediary must repeat the identification or determination of the beneficial ownership in accordance with Articles 3 et seq. AMLA if doubts arise in this regard in the course of the business relationship (Art. 5 para. 1 AMLA). The relevant event-driven clarifications and their results must be documented in accordance with Art. 7 para. 1 AMLA. Under the previous law, financial intermediaries were already required to establish appropriate processes to identify any indications of this in existing business relationships and to act accordingly.

37 Clarifications and changes to the customer profile of a business relationship resulting from the special due diligence requirements of Art. 6 AMLA must also be documented.

IV. READINESS TO PROVIDE INFORMATION AND HAND OVER DOCUMENTS (PAR. 2)

A. Preliminary remarks

38 Financial intermediaries must retain the supporting documents in accordance with Art. 7 para. 2 AMLA in such a way that they can comply with any requests for information and seizure by the criminal prosecution authorities within a reasonable period of time. In this context, the question arises, among other things, of how requests for information and seizure can be reconciled with confidentiality obligations such as bank customer secrecy (see N. 39 below) and what constitutes a reasonable period of time (see N. 44 below). The permissible form of storage and the place of storage must then be clarified (see N. 45 f. below).

B. Requests for information and seizure by criminal prosecution authorities

39 The purpose of Art. 7 para. 2 AMLA is to enable the procurement of information that is likely to facilitate any criminal investigation into the origin of the assets. Contrary to the wording of Art. 7 para. 2 AMLA, the criminal procedural measure of seizure is not carried out as a request but as an order (Art. 263 para. 2 CrimPC). This also applies to disclosure by means of a disclosure order within the meaning of Art. 265 CrimPC. In contrast, the addressee of a request for information, whereby the criminal prosecution authorities informally request information and documents, is not obliged to comply with this request. This distinction is relevant in practice insofar as banks (see Art. 47 BankG) and financial institutions subject to FinIA (see Art. 69 FinIA) are prevented from voluntarily disclosing information by client confidentiality. The disclosure of a secret protected by the aforementioned provisions is therefore only justified if there are federal or cantonal provisions on the duty to provide evidence and information to an authority.

40 From a procedural point of view, the conditions for seizure are governed by Art. 263 para. 1 lit. a CrimPC, according to which only items that are likely to be used as evidence may be seized. Since this is a coercive measure, the provisions of Art. 197 para. 1 CrimPC are also relevant, according to which coercive measures may only be taken if they are provided for by law, there is sufficient suspicion of a crime, the objectives sought cannot be achieved by less severe measures, and the significance of the crime justifies the coercive measure.

41 As already explained (see n. 14 above), according to Federal Supreme Court case law, the documentation and retention obligation also extends to internal bank investigation reports and the findings on which they are based. Such investigation reports are often prepared by the financial intermediary's own second line legal and/or compliance functions. However, in complex or particularly sensitive cases, financial intermediaries often call on external experts. If these are lawyers, the question arises as to whether these reports are protected by attorney-client privilege and therefore cannot be disclosed. The Federal Supreme Court has addressed this question in various decisions. According to the practice of the Federal Supreme Court, so-called (accessory) “business activities” of lawyers are not protected by professional secrecy. The decisive criterion for the distinction is whether the commercial/operational or the lawyer-specific elements objectively predominate in the services in question. In the case of mixed or global mandates, where lawyer-specific services and ancillary business activities overlap, a decision must be made on a case-by-case basis as to which facts or documents are covered by attorney-client privilege. If a financial intermediary delegates its own statutory compliance and controlling tasks and the associated obligation to document suspicious business transactions appropriately to lawyers, it cannot, according to case law, invoke attorney-client privilege “in its entirety” in the event of criminal investigations in this regard.

42 The Federal Supreme Court has clarified the case law mentioned in the previous paragraph in a recent ruling. In connection with internal investigations by law firms, the Federal Supreme Court held that the investigation of facts (and not merely the examination of the legal situation) also falls within the core area of a lawyer's activities and is therefore protected by attorney-client privilege. However, it is not a typical activity of a lawyer if a lawyer performs compliance tasks in connection with money laundering legislation or internal supervision thereof. The question of whether it seems necessary to get a law firm involved in a specific case isn't relevant to the question of typical lawyer activities, since lawyers are only allowed to work in areas where they have a monopoly (but the protection of lawyer-client privilege isn't limited to these areas). According to the Federal Supreme Court, the decisive factor is rather “whether legally prescribed documentation and retention obligations are circumvented by delegating them to a law firm.” In the case in question, the investigation of the facts took place in connection with the provision of advice and representation in relation to existing or impending legal disputes, which qualifies as typical legal work protected by attorney-client privilege. However, the Federal Supreme Court expressly left open the question of whether complex internal investigations and assignments limited to the mere investigation of the facts can generally be classified as activities typical of a lawyer. Finally, in the aforementioned decision, the Federal Supreme Court also addressed the question of whether the “pre-existing” evidence referred to in the investigation report or attached to it is protected by attorney-client privilege and whether documents considered to be attorney correspondence lose their confidential nature when disclosed to a third party (FINMA).

43 It should also be noted that financial intermediaries are required to provide information and hand over documents not only to the criminal prosecution authorities, but also to MROS (Art. 9 and 11a AMLA), the supervisory authorities responsible for them (Art. 12 AMLA) or SROs and their audit bodies.

C. Compliance within a reasonable period of time

44 Financial intermediaries must comply with requests for information and seizure within a reasonable period of time. Neither the law nor the ordinance specifies what constitutes a “reasonable” period. The law enforcement authorities have an interest in securing evidence as quickly as possible, but financial intermediaries must also be given time to carefully examine the requirements of the request and to provide the relevant documents. A period of five days is generally considered reasonable. In the case of seizure orders, the criminal authority usually sets a deadline by which the documents must be made available (Art. 265 para. 3 CrimPC).

D. Requirements for storage

45 The documentation may be kept in paper form or on an electronic data carrier. Pursuant to Art. 74 para. 3 GwV-FINMA, which applies to persons under Art. 1b BankG, asset managers, trustees and DLT trading systems, the documents and supporting evidence must be kept in a secure location in Switzerland that is accessible at all times. In line with this provision, various SRO regulations also expressly require storage in Switzerland. The ultimate aim is to ensure that the financial intermediary can comply with any requests for information or seizure by a criminal prosecution authority “within a reasonable period of time” (see n. 44 above).

46 If the documents and supporting documents are stored electronically, the server must be located in Switzerland. If, however, the server used is not located in Switzerland or if a cloud solution is used, the financial intermediary must have up-to-date physical or electronic copies of the relevant documents in Switzerland (Art. 74 para. 4 GwV-FINMA). At the same time, the IT solution must also meet the requirements of the Ordinance on Business Records, for example by ensuring that changes or deletions to the stored data can be traced.

V. RETENTION PERIOD (PAR. 3)

47 According to Art. 7 para. 3 AMLA, financial intermediaries must retain supporting documents for at least ten years after the termination of the business relationship or after the transaction has been completed. For the start of the aforementioned period, a distinction must therefore be made between transaction-related supporting documents and supporting documents relating to the results of the clarifications pursuant to Art. 3–6 AMLA. In the case of transaction-related documents, the period does not begin on the date on which the transaction document is created, but after the relevant transaction has been completed. In the case of other documents (such as documents identifying the contracting party), the period begins when the business relationship ends or, in the case of cash transactions, when the transaction is completed.

48 The MROS also points out that in cases where financial intermediaries have information that is more than 10 years old, it assumes that the financial intermediaries will also make this information available to the MROS (in suspicious transaction reports and in connection with requests from the MROS pursuant to Art. 11a AMLA). According to MROS, this also follows from Art. 11a paras. 1 and 2 AMLA, which stipulates the obligation to disclose information if it is available (the “availability principle”).

49 A special feature arising from data protection considerations can be found in Art. 34 AMLA. According to para. 4 of this provision, data from reports to MROS must be destroyed five years after the report has been made. However, this obligation to destroy data only applies to data collected in the course of compiling the report and not to the ordinary supporting documents retained in accordance with Art. 7 AMLA. In its 2021 annual report, MROS also pointed out that the deletion obligation under Art. 34 para. 4 AMLA (after five years) only applies to copies that were transmitted in the course of a suspicious activity report or a request for disclosure under Art. 11a AMLA, and not to the originals.

VI. APPLICATION ISSUES

A. Possibility and limits of delegation

50 The possibility of delegating the documentation obligation under Art. 7 AMLA is controversial. According to prevailing opinion, in addition to the clarifications pursuant to Art. 3–6 AMLA, the storage of supporting documents pursuant to Art. 7 para. 2 AMLA may also be delegated to third parties (see n. 52 below).

51 With regard to the tasks under Art. 7 para. 1 AMLA, however, some legal scholars argue that these obligations must be fulfilled by the financial intermediaries themselves, since the supporting documents for compliance with the documentation obligation serve, among other things, the financial intermediaries themselves by providing them with a secure knowledge base for well-founded and justified decisions. In addition, the supporting documents also form the basis for the ongoing risk assessment pursuant to Art. 6 AMLA. For these reasons, the aforementioned doctrine concludes that the documentation obligation cannot, in principle, be delegated and must therefore be exercised by the financial intermediary itself. Other doctrines, however, also allow the delegation of the preparation of supporting documents to third parties within the scope of the usual duties (selection, instruction, and supervision). In our opinion, the same conclusion applies to the possibility of delegating the periodic review and updating pursuant to Art. 7 para. 1^bis AMLA. However, delegating the periodic review and updating to third parties does not release the financial intermediary from its responsibility to ensure that, despite the involvement of a third party, it complies with the due diligence obligations under the AMLA and is in a position to take the necessary measures where necessary on the basis of the updated information.

52 As mentioned (see n. 50),the storage of supporting documents may be delegated to third parties, which has become particularly relevant in the age of electronic files and cloud applications. However, data protection aspects must be taken into account and banks and securities firms, for example, must comply with the requirements of FINMA Circular 2018/3 (Outsourcing).

B. Compliance with the documentation requirement for AI applications

53 Unless an exception applies, banks and securities firms must, in accordance with Art. 20 para. 2 GwV-FINMA, have IT systems in place that enable them to automatically detect suspicious transactions. Banks are currently examining the use of systems based on “artificial intelligence” (hereinafter “AI applications”). The aim of such technical solutions is to meet regulatory requirements more efficiently and effectively. The documentation requirements apply regardless of the technology used. When monitoring transactions using AI applications, the documentation requirement has two levels. First, documentation on how the AI application works must be available. This includes, among other things, that the documentation shows which data is fed into the system and according to which rules and indicators evidence of conspicuous criteria is generated. It must also be possible to verify that the selected rules, parameters, etc. comply with the minimum legal standards. Second, as with any transaction monitoring, the clarifications made by employees and the analyses performed by the AI application must be documented.

VII. LEGAL CONSEQUENCES OF A VIOLATION

A. Preliminary remarks

54 The AMLA does not stipulate any supervisory or criminal law consequences for a violation of the documentation obligation. It is incumbent on the competent supervisory authorities or self-regulatory organizations to take the appropriate supervisory measures in the event of violations (see n. 55 ff.). In addition, a violation of Art. 7 AMLA may result in criminal (see n. 58 f.) and civil law consequences (see n. 60 ff.).

B. Supervisory consequences

55 A violation of Art. 7 AMLA may result in supervisory measures for financial intermediaries subject to special legislation. If there is suspicion of a violation of supervisory provisions, FINMA may, for example, initiate enforcement proceedings against financial intermediaries subject to its supervision. In this case, it has the supervisory instruments listed in Art. 31 ff. FINMASA at its disposal. Serious organizational deficiencies may call into question the necessary guarantee of proper business conduct and result, for example, in a professional ban pursuant to Art. 33 FINMASA. In particularly serious cases, the licence will be revoked. The ESBK, the intercantonal supervisory and enforcement authority in the area of gambling, and the Central Office also have far-reaching powers of intervention with regard to licence holders under Art. 42^bis EMKG.

56 Banks and other financial intermediaries that are required to comply with the VSB are generally sanctioned for violating the obligation to ensure compliance under Art. 44 VSB 20 and not for violating the relevant duty of care if, due to a lack of documentation, compliance with the due diligence obligations under Art. 3-5 AMLA can no longer be verified.

57 If a member of an SRO violates the relevant regulations, the SRO may take the enforcement measures provided for in its regulations (Art. 25 para. 3 lit. c AMLA). Sanctions of up to CHF 1 million are possible in some cases. As a last resort, it may expel the member concerned (Art. 25 para. 3 lit. a AMLA), which is equivalent to a ban on acting as a financial intermediary if the financial intermediary concerned does not join another SRO or submit an application for affiliation within two months (Art. 12 para. 1 AMLO).

C. Criminal law consequences

58 A breach of the documentation obligation may also have criminal law consequences. In particular, criminal liability under Art. 305^ter SCC may arise if a natural person breaches the obligations under Art. 7 AMLA and is therefore accused of not having exercised due diligence in identifying the beneficial owner. By keeping appropriate documentation in accordance with Art. 7 AMLA, companies can prove that they are complying with their due diligence obligations under the AMLA, thereby ruling out criminal liability for inadequate organization under Art. 102 para. 2 SCC in this context.

59 If a financial intermediary is subject to accounting requirements and the documents affected by the breach of the documentation requirement are accounting documents, this may result in a fine of up to CHF 10,000 under Art. 325 SCC (improper keeping of business records) in conjunction with Art. 106 para. 1 SCC. For banks and collective investment schemes, the relevant special provisions pursuant to Art. 46 para. 1 lit. b BankG and Art. 148 para. 1 lit. e CISA apply.

D. Civil law consequences

60 According to Federal Supreme Court case law, the documentation requirement under Art. 7 AMLA, like the other due diligence obligations under the AMLA, does not constitute a protective provision within the meaning of Art. 41 CO.Thus, non-contractual liability under Art. 41 CO in connection with a breach of the documentation requirements is excluded due to lack of illegality.

61 Contractual liability on the part of the financial intermediary may arise if the supervisory provision of Art. 7 AMLA is used to specify the documentation obligations of the agent under private law (according to the theory of spillover effect). In addition to a breach of the duty of care, however, damage and an adequate causal link must also be proven in order for a contractual claim for damages to be upheld.

62 In the case of financial intermediaries subject to accounting requirements, a breach of the supervisory documentation obligation may also constitute a breach of the retention obligation under accounting law (Art. 957 et seq. CO) and thus give rise to civil law claims for damages.

VIII. Outlook

63 In its message on the Federal Act on Transparency of Legal Entities and Identification of Beneficial Owners (TJPG), the Federal Council proposed various measures designed to strengthen the integrity and competitiveness of Switzerland as a financial and business center. In addition to the introduction of a federal register of beneficial owners, this also applies in particular to the extension of due diligence obligations to certain advisory activities (in particular legal advice) that involve an increased risk of money laundering. The structuring of companies and real estate transactions are considered particularly risky. The due diligence requirements for this new category of advisors would also include the documentation requirement under Art. 7 AMLA. However, during its 2024 winter session, the Council of States decided to separate the planned amendments to the AMLA from the bill introducing the TJPG. While the Council of States has approved the latter, the amendments to the AMLA are expected to be debated in the 2025 spring session. It is not yet possible to estimate when the bill, which has been criticized by the preliminary consultation committee, will come into force.

Bibliography

Bommer Felix/Goldschmid Peter, Kommentierung zu Art. 265 StPO, in: Niggli Marcel Alexander/Heer Marianne/Wiprächtiger Hans (Hrsg.), Basler Kommentar, Schweizerische Strafprozessordnung, 3. Aufl., Basel 2023.

Bühlmann Lukas/Reinle Michael, Kommentierung zu Art. 6 DSG, in: Blechta Gabor P./Vasella David, (Hrsg.), Basler Kommentar, Datenschutzgesetz/Öffentlichkeitsgesetz, 4. Aufl., Basel 2024.

De Capitani Werner, Kommentierung zu Art. 7 GwG in: Schmid Niklaus/Bernasconi Paolo/de Capitani Werner, Kommentar Einziehung – Organisiertes Verbrechen – Geldwäscherei, Bd. II, Zürich 2002.

Fritsche Claudia M., Kooperieren oder nicht?, in: GesKR 2016, S. 376–386.

Goldberg Emmanuel, Überprüfung des wirtschaftlich Berechtigten und Aktualisierung der Kundendaten nach der Revision von Geldwäschereigesetz und -verordnung, in: Recht relevant. für Compliance Officers, S. 2–4, Zürich 2023.

Graber Christoph K./Oberholzer Dominik, Das neue GwG, 3. Aufl., Zürich 2009.

Heim Kathrin/Wettstein Tamara, Praxiskommentar zur Vereinbarung über die Standesregeln zur Sorgfaltspflicht der Banken, 4. Aufl., Zürich 2019.

Huber Roman, Interne Untersuchungen und Anwaltsgeheimnis, in: GesKR 2019, S. 65–82.

Jutzi Thomas/Wess Ksenia, Die (neuen) pflichten im Execution-only-Geschäft: Zusammenspiel von FIDLEG und OR, SZW 2019, S. 589–617.

Kilgus Sabine/Losinger Paolo, Kommentierung zu Art. 1 GwG, in: Hsu Peter Ch./Flühmann Daniel (Hrsg.), Basler Kommentar, Geldwäschereigesetz, Basel 2021.

Lang Carsten, Aktualisierung der Auslegungs- und Anwendungshinweise der BaFin zum Geldwäschegesetz, in: Geldwäsche & Recht 2025, S. 5-10.

Lengauer Daniel/Ruckstuhl Lea, Compliance, Zürich 2017.

Lötscher Bernard/Sievi Nino, Kommentierung zu Art. 7 GwG, in: Hsu Peter Ch./Flühmann Daniel (Hrsg.), Basler Kommentar, Geldwäschereigesetz, Basel 2021.

Meyer Patrick K./Ryhner Samuel, Kommentierung zu Art. 5 GwG, in: Hsu Peter Ch./Flühmann Daniel (Hrsg.), Basler Kommentar, Geldwäschereigesetz, Basel 2021.

Müller Thomas, Kommentierung zu Art. 7 GwG, in: Kunz Peter V./Jutzi Thomas/Schären Simon (Hrsg.), Stämpflis Handkommentar, Geldwäschereigesetz (GwG), Bern 2017.

Peyer Martin, Kommentierung zu Art. 8 GwG, in: Hsu Peter Ch./Flühmann Daniel (Hrsg.), Basler Kommentar, Geldwäschereigesetz, Basel 2021.

Rappo Aurélia, LBA - Actualisation des données clients, in: EF 2019, S. 1013–1016.

Roth Pellanda Katja/Kopp Lara, Kommentierung zu Art. 29 FINMAG, in: Watter Rolf/Bahar Rashid (Hrsg.), Basler Kommentar, Finanzmarktaufsichtsgesetz/Finanzmarktinfrastrukturgesetz, 3. Aufl., Basel 2019.

Stengel Cornelia, Transaktionsmonitoring mittels künstlicher Intelligenz, in: Jusletter vom 5.6.2023.

Taube Tamara, Entstehung, Bedeutung und Umfang der Sorgfaltspflichten der Schweizer Banken bei der Geldwäscherei Prävention im Bankenalltag in: Bertschinger Urs (Hrsg.), SGFM Nr. 9, Zürich 2013.

Thelesklaf Daniel/Ordolli Stiliano, Kommentierung zu Art. 34 GwG, in: Thelesklaf Daniel/Wyss Ralph/van Thiel Mark/Ordolli Stiliano (Hrsg.), Orell Füssli Navigator Kommentar, GwG Kommentar/AMLA Commentary, 3. Aufl., Zürich 2019.

Wyss Ralph, Kommentierung zu Art. 7 GwG, in: Thelesklaf Daniel/Wyss Ralph/van Thiel Mark/Ordolli Stiliano (Hrsg.), Orell Füssli Navigator Kommentar, GwG Kommentar/AMLA Commentary, 3. Aufl., Zürich 2019.

Materials

BaFin, Bundesanstalt für Finanzdienstleistungen, Auslegungs- und Anwendungshinweise zum Geldwäschereigesetz, Stand März 2025, abrufbar unter https://www.bafin.de/SharedDocs/Downloads/DE/Auslegungsentscheidung/dl_ae_auas_2025_gw.pdf?__blob=publicationFile&v=6, besucht am 10.3.2025.

Botschaft zum Bundesgesetz zur Bekämpfung der Geldwäscherei im Finanzsektor (Geldwäschereigesetz, GwG) vom 17.6.1996, BBl 1996 III 1101 ff., abrufbar unter https://www.fedlex.admin.ch/eli/fga/1996/3_1101_1057_993/de, besucht am 10.3.2025.

Botschaft zur Änderung des Geldwäschereigesetzes vom 26.6.2019, BBl 2019 5451 ff., abrufbar unter https://www.fedlex.admin.ch/eli/fga/2019/1932/de, besucht am 10.3.2025.

Eidgenössische Finanzmarktaufsicht FINMA, Erläuterung zur Teilrevision der Geldwäschereiverordnung der FINMA (GwV-FINMA) vom 27.10.2022, abrufbar unter https://www.finma.ch/de/~/media/finma/dokumente/dokumentencenter/anhoerungen/laufende-anhoerungen/20221102-gwv-finma/erlaeuterungen_gwv_finma_20221027_de.pdf, besucht am 10.3.20205.

Eidgenössisches Justiz- und Polizeidepartement EJPD, Bundesamt für Polizei fedpol, Meldestelle für Geldwäscherei (MROS), Jahresbericht 2020, Bern 2021, abrufbar unter https://www.fedpol.admin.ch/dam/fedpol/de/data/kriminalitaet/geldwaescherei/jabe/jb-mros-2020-d.pdf.download.pdf/jb-mros-2020-d.pdf, besucht am 10.3.2025.

Eidgenössisches Justiz- und Polizeidepartement EJPD, Bundesamt für Polizei fedpol, Meldestelle für Geldwäscherei (MROS), Jahresbericht 2021, Bern 2022, abrufbar unter https://www.fedpol.admin.ch/dam/fedpol/de/data/kriminalitaet/geldwaescherei/jabe/jb-mros-2021.pdf.download.pdf/jb-mros-2021-d.pdf, besucht am 10.3.2025.

Einsatz innovativer Technologien im Bereich der Finanzmarktaufsicht und -regulierung (RegTech), Bericht des Bundesrates in Erfüllung des Postulats 16.3256 Landolt vom 18.3.2016, abrufbar unter https://www.parlament.ch/centers/eparl/curia/2016/20163256/Bericht%20BR%20D.pdf, besucht am 10.3.2025.

FATF, Anti-money laundering and counter-terrorist financing measures - Switzerland, Fourth Round Mutual Evaluation Report, Paris 2016, abrufbar unter https://www.fatf-gafi.org/content/dam/fatf-gafi/images/mer/mer-switzerland-2016.pdf.coredownload.inline.pdf, besucht am 10.3.2025.

FATF, Anti-money laundering and counter-terrorist financing measures - Switzerland, 4th Enhanced Follow-up Report, Paris 2023, abrufbar unter https://www.fatf-gafi.org/content/dam/fatf-gafi/fur/Switzerland-FUR-2023.pdf.coredownload.inline.pdf, besucht am 10.3.2025.

Medienmitteilung des Bundesrates vom 22.5.2024 «Bundesrat verabschiedet Botschaft zur Stärkung der Geldwäscherei-Bekämpfung», abrufbar unter https://www.admin.ch/gov/de/start/dokumentation/medienmitteilungen.msg-id-101100.html, besucht am 10.3.2025.