FINMA Grants Banking Licenses to New Swiss Crypto Banks, Introduces New Strict AML Rules regarding Payments on Blockchain

On 26 August 2019, the Swiss financial regulator FINMA granted full banking and securities dealer licenses to two new financial institutions focusing on services in the area of crypto currencies and other digital assets. At the same time, FINMA issued new guidance on its interpretation of Swiss anti-money laundering regulation in respect of digital token transfers. The practice adopted by FINMA is very strict, especially in the light of international standards, and will challenge regulated financial services providers, new and old alike, intending to offer services regarding digital assets.

By Daniel Flühmann / Rashid Bahar (Reference: CapLaw-2019-42)

1) Licensed Swiss Crypto Banks Enter the Scene

On 26 August 2019, SEBA Crypto AG and Sygnum Bank AG, two Swiss start-ups, announced that they had been granted full banking and securities dealer licenses by the Swiss Financial Market Supervisory Authority FINMA, the Swiss financial regulator. Both entities were established with the goal of building a new generation of bank in the age of crypto currencies and other digital assets, the first such entities in the Swiss financial market. Both also focus on professional clients and intend to offer brokerage, asset management and custody services for digital assets as well as tokenization services. In both cases, FINMA conditioned the banking and securities dealer license decrees on the satisfaction of certain requirements prior to the actual launch of the regulated business. In addition to servicing professional clients directly, the two new players could also become cooperation partners for traditional banks looking to cover this emerging segment. It will be interesting to see the impact of these new digital asset service providers on the market.

2) Swiss AML Regulation Develops in Light of the Challenges of
Digital Assets 

On the same day as these announcements, FINMA published the FINMA Guidance 02/2019 – Payments on the blockchain (Guidance). The Guidance sets out FINMA’s interpretation of how Swiss anti-money laundering (AML) regulation applies in the context of blockchain payment services and, in particular, what measures financial services providers under FINMA supervision must take to comply with the obligation to provide information on the originator and beneficiary of payment orders pursuant to article 10 of the FINMA-Anti Money Laundering Ordinance (AMLO-FINMA). 

As the date of the announcement shows, the Guidance is aimed squarely at SEBA and Sygnum. However, it will also impact existing Swiss banks and other financial services providers subject to FINMA supervision that intend to offer blockchain-related services or have already started to do so.

The Guidance should not be viewed as a stand-alone effort by the Swiss regulator, but is part of a global effort to address the AML risks related to virtual assets. As such, the Guidance takes its cue from the recent FATF Guidance on the application of the risk-based approach to virtual assets and virtual asset service providers of June 2019 (FATF VASP Guidance), which, together with earlier interpretative notes, addresses how FATF Recommendation 16 on wire transfers applies to transfers of virtual assets.

3) Key Points of the Guidance

Article 10 AMLO-FINMA requires the financial intermediary of a payment originator to transmit the originator’s name, account number (or, alternatively, a transaction-based reference number) as well as its address (or, alternatively, the place and date of birth, client number or national identity number). Further, it must transmit the name and account number (or a transaction-based reference number) of the beneficiary of the payment.

In the Guidance, FINMA reaffirms its “technology neutral” approach to regulation and states, in particular, that operators of blockchain-based business models cannot be allowed to circumvent the existing regulatory framework. In the context of article 10 AMLO-FINMA, this means, as stated in the Guidance, that “token transfers” must be treated in the same way as traditional wire transfers and are not entitled to any relief. Against this backdrop, FINMA reaches the following conclusions:

– The transmission of the data required for compliance with article 10 AMLO-FINMA does not need to be performed using blockchain architecture, but may use other, separate communications channels.

– However, FINMA is currently not aware of any system at national or international level (such as the SWIFT messaging system) nor of any bilateral agreements between individual service providers that would enable the reliable and compliant transmission of originator and beneficiary identification data for payment transactions on blockchain. For such systems or agreements to meet Swiss regulatory requirements, eligible participants would need to be limited to service providers subject to appropriate AML supervision.

– In the absence of a suitable information transfer system or network of bilateral or multilateral agreements between regulated correspondent institutions, financial institutions subject to FINMA’s supervision are required to ensure that transfers of tokens to or from external wallets only involve their own clients who have been appropriately onboarded. This also means that the financial institutions must verify the “ownership” of the external wallet using “suitable technical means”, which may prove challenging in practice. The same applies to exchange transactions involving an external wallet of a client.

– Where a token transfer involves the external wallet of a third party, i.e. a person who is not a client of the FINMA supervised financial institution, the financial institution will need to complete a full onboarding of the third party, as if it were onboarding a new client. This will substantially burden the transfer process and will, in practice, limit the potential to use tokens as payment instrument.

At this point, the Guidance only provides a relatively high-level interpretation of Swiss AML regulation as applicable in the area of blockchain payments. A number of important points remain open, in particular the question as to the relevant universe of “tokens” (with FINMA in other communications distinguishing between payment tokens or “pure” crypto currencies, utility tokens and asset tokens). FINMA also provides no further guidance as to the specificities an information transfer system or bilateral agreement between regulated institutions would need to satisfy FINMA’s requirements.

FINMA’s interpretation of article 10 AMLO-FINMA with respect to blockchain payments forms a rather restrictive corset for supervised market participants. Indeed, the Guidance applies not only to payment services, which are perhaps not the key use case for crypto currencies for the time being, but can also be expected to impact brokerage and trading services in crypto currencies.

In the media release accompanying the Guidance, FINMA states that the Guidance is intended to set high standards that will be among the most stringent in the world. Because the Guidance does not refer to any de minimis thresholds, it is to some extent even more stringent than the requirements applicable to over-the-counter cash transactions. FINMA’s interpretation of article 10 AMLO-FINMA also goes beyond what is required by the FATF VASP Guidance, which allows member states to provide for certain exemptions in the context of payment transactions in virtual assets that are originated by or whose beneficiary is an individual that is not a client of an entity subject to AML supervision. FINMA declined to introduce such exemptions in its application of Swiss AML regulation because, in its view, this would create an imbalance between unregulated and regulated service providers and would ultimately defeat the purpose of article 10 AMLO-FINMA.

4) Outlook

In the recent past, it has become apparent that AML compliance is a priority for financial institutions and their regulators worldwide. FINMA in particular has sharpened its focus on AML regulation and enforcement in connection with blockchain technology, which approach has clearly found its way into the Guidance. The new crypto banks as well as other FINMA supervised institutions will need to devise methods to structure their business set-up, internal policies and procedures in line with FINMA’s stringent interpretation of the law. 

While the Guidance applies only to service providers subject to FINMA supervision, we expect recognized Swiss AML self-regulatory organizations to follow suit with respect to their interpretation of analogous provisions in their regulations. These apply to a range of Swiss blockchain service providers such as certain custody wallet providers, trading or exchange platforms, meaning that these businesses can expect to be faced with similar challenges in this area as the prudentially regulated financial institutions.

Overall, this development is somewhat paradoxical in light of the original intention of developers of blockchain technology, who aimed at reducing or eliminating the need for (trusted) intermediaries. However, transactions between unregulated individuals or entities that do not avail themselves of the services of a financial intermediary subject to AML regulation will remain unaffected by the new practice. 

Daniel Flühmann (daniel.fluehmann@baerkarrer.ch)
Rashid Bahar (rashid.bahar@baerkarrer.ch)