Switzerland is well known as an innovation-friendly jurisdiction, in particular in the financial sector. This is partly due to the technology-neutral and principle-based approach of its regulation, which has allowed the Swiss Financial Market Supervisory Authority (FINMA) and other Swiss authorities and self-regulatory organisations to flexibly address the challenges of emerging technology, such as distributed ledger technology (DLT), being used in financial services. Furthermore, Swiss regulation typically aims to create a level playing field between traditional players and innovators, seeking to ensure that the goals of financial regulation are met regardless of the technology used in a business model.
New FINMA Guidance
Against this backdrop, on August 26 2019, FINMA published the FINMA Guidance 02/2019 – Payments on the Blockchain (Guidance). The Guidance advises market participants on FINMA's interpretation of Swiss anti-money laundering (AML) regulation in the context of blockchain payment services. In particular, it deals with the requirements for financial services providers under FINMA supervision to transfer payment originator and beneficiary information to the recipient institutions under Article 10 of the FINMA-Anti Money Laundering Ordinance (AMLO-FINMA).
The Financial Market Supervisory Authority issued the Guidance with reference to the FATF Guidance on the application of the risk-based approach to virtual assets and virtual asset service providers of June 2019 (FATF VASP Guidance). The FATF VASP Guidance addresses, together with preceding interpretative notes, the application of FATF Recommendation 16 (which forms the basis for Article 10 AMLO-FINMA) to transfers of virtual assets. The Guidance is further issued at a point in time in which FINMA for the first time issued full banking and securities dealer licences to two newly established Swiss 'crypto banks'.
Under Article 10 AMLO-FINMA, the financial intermediary of a payment originator is required to transmit the originator's name, account number (or, alternatively, a transaction-based reference number) as well as its address (or, alternatively, the place and date of birth, client number or national identity number). Further, the payment beneficiary's name and account number (or a transaction-based reference number) must be transmitted. This is to enable the financial intermediary on the receiving end of the payment transaction to review the matter and take appropriate action in line with applicable AML regulation.
In the Guidance, FINMA clarifies that Article 10 AMLO-FINMA also applies to services based on blockchain technology, in other words, that 'token transfers' are to be treated in the same way as traditional wire transfers. The Guidance leaves room for interpretation as to the relevant universe of 'tokens'. Under earlier guidance in the context of the regulation of initial coin offerings, FINMA distinguishes between payment tokens (or 'pure' crypto currencies), utility tokens and asset tokens. Payment tokens are intended or used as a means of payment and their issuance out of Switzerland is, inter alia, subject to AML regulation. The application of Swiss AML regulation to the issuance of utility tokens (or hybrid token forms) is dependent on the specifics of their intended or actual use in the individual case, while the issuance of asset tokens typically falls outside the scope of Swiss AML regulation. It appears reasonable to assume that similar considerations will also need to be applied to the question as to whether a 'token transfer' is subject to Article 10 AMLO-FINMA (as interpreted under the Guidance).
The Financial Market Supervisory Authority further specifies that the transmission of the data required for compliance with Article 10 AMLO-FINMA does not need to be performed using blockchain architecture, but that other, separate communications channels may be used for such data transmission. In this context, FINMA notes that it is not aware at the moment of any system at national or international level (such as the SWIFT messaging system) nor of any bilateral agreements between individual service providers that would enable the reliable and compliant transmission of originator and beneficiary identification data for payment transactions on blockchain. According to the Guidance, for such systems or agreements to meet Swiss regulatory requirements, eligible participants must be limited to service providers subject to appropriate AML supervision.
In the absence of an information transfer system for blockchain payments fulfilling FINMA's requirements or, alternatively, a suitable network of bilateral or multilateral agreements between regulated correspondent institutions, financial institutions subject to FINMA's supervision will in principle need to ensure that transfers of tokens to or from external wallets only involve their own clients who have been appropriately onboarded. This also means that ownership of the external wallet by a client must first be verified using suitable technical means, which may prove challenging in practice. The same applies to exchange transactions involving an external wallet of a client.
Where a token transfer involves an external wallet of a third party, that is, a person who is not a client of the FINMA supervised financial institution, the financial institution will need to complete a full onboarding of the third party, as if it were onboarding a new client.
FINMA concedes that its interpretation of Article 10 AMLO-FINMA goes beyond what is required by the FATF VASP Guidance, the latter allowing member states to provide for certain exemptions in the context of payment transactions in virtual assets that are originated by or whose beneficiary is an individual that is not a client of an entity subject to AML supervision. FINMA declines to introduce such exemptions in its application of Swiss AML regulation because, in its view, this would create an imbalance between unregulated and regulated service providers and would ultimately defeat the purpose of Article 10 AMLO-FINMA.
In the recent past, FINMA emphasised its focus on AML regulation and enforcement, and this approach has clearly found its way into the Guidance. In the accompanying media release, FINMA stresses that its treatment of payment transactions on a blockchain is among the most stringent in the world, going beyond the expectations set by the FATF.
As activities of traditional banks and financial services providers as well as of new crypto banks with respect to digital assets are set to increase, the new practice communicated by FINMA in the Guidance will – for the time being – substantially limit affected Swiss market participants in offering payment transactions in digital tokens. While the Guidance applies to service providers subject to FINMA supervision only, such as banks, it can be expected that recognised Swiss AML self-regulatory organisations will be required to follow suit with respect to their interpretation of analogous provisions in their regulations (which apply to a number of Swiss blockchain service providers such as certain custody wallet providers, trading or exchange platforms). In contrast, it should be noted that transactions between unregulated individuals or entities that do not avail themselves of the services of a financial intermediary subject to AML regulation will remain unaffected by the new practice.
In light of the Guidance, Swiss banks and other regulated financial intermediaries are well advised to thoroughly consider their business set-up and internal procedures if they are active in or considering entering into the business of custody and/or transfer services for crypto currencies and other types of digital tokens. The market impact of the Guidance remains to be seen.
|Daniel Flühmann||Peter Hsu|