Beginning on April 1, 2018, FINMA (The Swiss Financial Market Supervisory Authority) will begin enforcing a number of new regulations on Banks and Insurance companies. Officially the 2018/03 Outsourcing – Banks and Insurance Companies, the new circular requires a range of new requirements to be adhered to by Swiss banks, securities dealers and insurance companies with regards to outsourcing their business operations to other third-parties and service providers.
The new legislation outlines a new type of principle-based attitude which is positioned to present a less intrusive and more neutral approach toward the use of technology for financial business. Technology and other means are able to be implemented into business operations to assist in improving risk management and business operations.
— These new outsourcing regulations now apply to insurance companies and insurance companies with legal domicile in Switzerland, branches and also foreign insurance businesses. The framework also applies to Swiss banks, securities dealers and the Swiss branches of foreign banks and securities dealers.
— The way in which companies determine whether their outsourcing activities are within the scope of this new framework has been redesigned to be more abstract and ambiguous. Those who operate within this scope are responsible for determining whether this function is ‘material’, with regard to the business model of the governing company. The new framework describes a ‘material’ function as one which is required to comply with provisions and regulations and when major financial supervision is required.
— Data protection and bank secrecy are no longer listed within the framework, though, there are still the original requirements when outsourcing agreements are concerned.
— Financial businesses within the scope of the new framework are now required to keep inventory tabs of all functions which have been outsourced. This new requirement may cause a minor financial load on these businesses.
— All outsourcing activities must be pre-planned and there must also be a risk analysis conducted in direct relation to the outsourcing activities before they take place.
There are no major specific exceptions outlined in the framework which are relevant to intragroup outsourcing agreements. That said, there are some regulatory requirements which must still be adhered to. There also may be exceptions if the intragroup;
– Previously there was a FINMA requirement for Swiss financial companies to disclose to their customers that their data and information is being outsourced to a foreign service provider. This is no longer required. Though, there are still frameworks in place which require the Swiss companies, on occasion, to notify their customer that there is a third party involved.
These changes are all subject to a 5-year transition period. Within the next 5 years, all of the above changes must be amended and added to banks and securities dealers operations. This also requires amendments with outsourcing companies to be made.
Once a bank or-or securities dealer makes these changes, the new rules are immediately required to come into effect, regardless of when, within the 5 years, the changes were made.
On April 1, 2018, all new insurance companies will be required to follow the regulations set out in the new framework. All existing insurance companies are required follow the new rules either within the 5 year transition period or as soon as their business plan and internal regulations are updated.