Criminal Lawyers Switzerland 2026: Corporate Criminal Liability, AML Risks & Enforcement

Last updated: 11 May 2026

Swiss banks, asset managers and financial intermediaries face a sharply escalated criminal-enforcement landscape in 2026. The Federal Council’s adoption of its new anti-money-laundering strategy on 20 March 2026 has tightened expectations around risk-based controls, beneficial-ownership transparency and supervisory–criminal coordination, making the role of experienced criminal lawyers in Switzerland more critical than at any point in the past decade. Early-2026 decisions from the Federal Criminal Court have reinforced the trend, confirming that prosecutors will scrutinise the quality of documented AML controls when attributing corporate liability. For in-house counsel, compliance officers and boards, the question is no longer whether enforcement will intensify, but how quickly institutions can close the gaps that now attract the sharpest prosecutorial attention.

Executive TL;DR, Three Immediate Actions for Compliance Teams

Before diving into the detailed analysis, every compliance officer and general counsel reading this article should prioritise the following three steps immediately:

1. Audit controls against the attribution test. Map your existing AML policies, onboarding procedures and transaction-monitoring rules directly against the corporate criminal liability attribution criteria under Articles 102 and 102a of the Swiss Criminal Code. Document every gap.
2. Halt high-risk flows pending review. Identify client relationships and transaction corridors that carry elevated money-laundering risk, PEPs, VASP counterparties, complex cross-border structures, and apply enhanced due diligence or temporary holds until your controls meet the new standard.
3. Stress-test your incident response. Run a tabletop exercise simulating a FINMA enquiry or criminal investigation. Verify that your privilege protocols, evidence-preservation procedures and escalation chains work under pressure.

30 / 90 / 180-Day Compliance Checklist

1. What Changed in 2026, Federal Council AML Strategy & Early Court Signals

The Federal Council’s money laundering strategy 2026, adopted on 20 March 2026, represents the most significant recalibration of Switzerland’s AML posture in years. The strategy explicitly calls for closer coordination between FINMA’s supervisory arm and criminal prosecution authorities, expanded beneficial-ownership requirements, and more rigorous risk-based controls across all regulated financial intermediaries. Industry observers expect the practical effect to be a marked increase in referrals from FINMA to the Office of the Attorney General where compliance gaps are identified during routine supervision.

Crucially, the strategy addresses several weaknesses flagged by international assessments, including OECD anti-corruption evaluations that questioned whether Switzerland’s enforcement machinery was keeping pace with the sophistication of cross-border financial crime. The Federal Council’s response signals a commitment to aligning Swiss standards with the most demanding international benchmarks, a development that will directly affect how criminal lawyers in Switzerland advise their financial-sector clients.

Early-2026 decisions from the Federal Criminal Court have reinforced this trajectory. In cases involving banking intermediaries, the court examined in detail whether institutions had implemented documented, risk-proportionate AML controls, not merely whether controls existed on paper, but whether they were operationally effective. Early indications suggest that the evidentiary bar for demonstrating organisational failures has, in practice, been lowered: prosecutors are increasingly relying on audit trails, system logs and compliance committee minutes to establish attribution.

Timeline of 2025–2026 Legislative & Strategy Milestones

2. Legal Framework: Corporate Criminal Liability, Statutes & Attribution Tests

Corporate criminal liability in Switzerland rests on Articles 102 and 102a of the Swiss Criminal Code. Understanding these provisions is essential for any institution assessing its exposure, and for the criminal lawyers in Switzerland who defend against corporate prosecutions. The attribution framework operates on two distinct tracks, and the choice of track determines the evidence prosecutors must produce.

Primary liability (Article 102, paragraph 1) applies where a criminal offence is committed within a company and cannot be attributed to a specific individual due to deficient internal organisation. In other words, the company is liable precisely because its organisational structures failed to identify and prevent the conduct. This is the provision most directly engaged by AML control failures.

Catalogue-offence liability (Article 102, paragraph 2) applies to a defined list of offences, including money laundering under Article 305bis, where the offence was committed in the exercise of commercial activities consistent with the company’s purpose. Here, the company is liable if it failed to take all reasonable and necessary organisational measures to prevent the offence. The burden on the prosecution is to show that the firm’s controls were objectively inadequate.

The attribution test can be summarised in a practical decision flow:

1. Was a criminal offence committed (e.g., money laundering, bribery)?
2. Was it committed by an organ, employee or agent acting within the firm’s organisational structure?
3. Can the offence be attributed to a specific individual? If not → primary liability (Art. 102(1)).
4. If the offence falls within the catalogue (Art. 102(2)), did the firm take all reasonable organisational measures to prevent it? If not → catalogue-offence liability.

For compliance teams, the implication is stark: documented evidence of controls is the primary defence. Prosecutors in 2026 are expected to request onboarding records, transaction-monitoring alert dispositions, SAR filing logs, compliance committee minutes and training records to assess whether controls were reasonable and operational. The absence of documentation is itself evidence of organisational failure.

Penalties and Remedies

Under Article 102, a company may be fined up to CHF 5 million. In addition, prosecutors may seek confiscation of criminal proceeds under Articles 70–72 of the Swiss Criminal Code, which can result in asset seizures far exceeding the fine. FINMA retains separate supervisory powers, including licence revocation, disgorgement of profits and the appointment of an investigating agent, that can be deployed in parallel with criminal proceedings. The combined effect of criminal fines, confiscation and supervisory sanctions makes the cost of non-compliance potentially existential for mid-sized firms.

3. AML Compliance Switzerland, FINMA Expectations & Financial-Sector Obligations

AML compliance in Switzerland is governed by the Anti-Money Laundering Act (AMLA), supplemented by FINMA ordinances, circulars and the self-regulatory frameworks of bodies such as the Swiss Bankers Association’s Agreement on Due Diligence (CDB). FINMA’s supervisory expectations function as the de facto standard against which prosecutors will measure a firm’s AML controls when assessing corporate criminal liability.

FINMA’s current guidance on combating money laundering requires supervised entities to maintain proportionate, risk-based AML policies. This includes demonstrable enhanced due diligence (EDD) for high-risk client categories, politically exposed persons (PEPs), complex trust structures, non-face-to-face onboarding and relationships involving jurisdictions with weak AML frameworks. Transaction monitoring must be calibrated to detect unusual patterns, and suspicious activity reports (SARs) must be filed with the Money Laundering Reporting Office (MROS) without delay once a suspicion crystallises.

Where FINMA identifies deficiencies during supervision, the likely practical effect of the 2026 strategy is that the regulator will refer more cases to criminal prosecutors rather than relying solely on supervisory remediation. This closes a gap that practitioners have long noted: previously, some institutions could address FINMA findings through internal remediation without facing criminal consequences. That approach is increasingly untenable in 2026.

Reporting & SAR Timelines, PEPs, VASPs & Crypto-Specific Flags

Money laundering reporting in Switzerland follows a defined escalation path. When a financial intermediary forms a reasonable suspicion that assets are connected to criminal activity, it must file a SAR with MROS. Upon filing, the intermediary must freeze the relevant assets for five business days (extendable to a maximum of 20 business days by MROS or up to 50 days in total when court orders are sought). Failure to file a timely SAR is itself a criminal offence under Article 37 of the AMLA.

For VASPs and crypto custody providers, the 2026 landscape introduces additional obligations. The Federal Council’s strategy specifically targets virtual-asset flows, requiring wallet provenance checks, travel-rule compliance (originator and beneficiary information for transfers above CHF 1,000) and enhanced onboarding procedures for clients dealing in virtual assets. Firms operating in the FINMA/SRO licensing pathway for cryptocurrency businesses must treat these requirements as minimum standards.

Reporting Obligations by Entity Type

4. Practical Compliance Playbook for Criminal Lawyers in Switzerland & Their Clients

This section provides the operational detail that compliance officers and in-house counsel need to translate the 2026 regulatory changes into defensible, documented controls. The heart of any white collar crime defence in Switzerland begins long before a prosecution, it starts with the controls your institution builds, tests and documents today.

Onboarding & KYC Controls

Onboarding is the single highest-risk control point for corporate criminal liability. Every new client relationship creates either a documented defence or a potential prosecution exhibit. The 2026 standard requires institutions to go beyond checkbox compliance and demonstrate risk-calibrated onboarding decisions.

• Risk-tiered onboarding. Classify each prospective client into a risk tier (low, medium, high, prohibited) at intake. High-risk categories, PEPs, complex corporate structures with opaque beneficial ownership, clients domiciled in FATF grey-list jurisdictions, require documented EDD before the relationship may proceed.
• Beneficial-ownership verification. Obtain and verify beneficial-ownership information using independent sources. For corporate clients, trace through to the natural person(s) exercising ultimate control. Document every verification step, including the sources consulted and dates of verification.
• Source-of-wealth and source-of-funds documentation. For high-risk clients, record the stated source of wealth and corroborate it with third-party evidence (tax filings, audited accounts, employment records). Flag inconsistencies for compliance committee review.
• Sample KYC script language. “We are required by Swiss law to verify your identity, the source of your funds and the purpose of this business relationship. Please provide [list of specific documents]. Failure to provide adequate documentation will result in the onboarding being declined.”

Transaction Monitoring & Alerts

Effective transaction monitoring is the second line of defence. Prosecutors assessing corporate criminal liability will examine whether monitoring parameters were calibrated to the firm’s risk profile, whether alerts were investigated promptly, and whether dispositions were documented.

• Calibrate alert thresholds. Review and adjust monitoring scenarios at least annually to reflect the firm’s current client base, product mix and geographic exposure. Document the rationale for each threshold.
• Investigate and document alert dispositions. Every alert must be investigated and the outcome recorded, whether escalated, filed as a SAR, or closed with a documented rationale. An uninvestigated alert is, from an enforcement perspective, evidence of organisational failure.
• Sanctions screening. Screen all transactions and client names against current sanctions lists (Swiss SECO, EU, UN, OFAC where applicable) in real time. Maintain logs of screening hits and disposition decisions.

SAR Escalation & Documentation

The SAR filing process is a critical juncture. Under Article 9 of the AMLA, financial intermediaries must report to MROS if they know or have reasonable suspicion that assets involved in the business relationship are connected to criminal activity, are the proceeds of a felony, or are controlled by a criminal organisation.

• Establish a clear escalation path. Define who within the organisation may authorise a SAR filing, and ensure that compliance officers can escalate directly to the board or audit committee if senior management is implicated.
• Preserve contemporaneous records. Draft SAR narratives at the time the suspicion is identified, not retrospectively. Include the factual basis for the suspicion, the transactions or patterns observed, the client’s responses (if any) and the decision-making process.
• Sample SAR narrative structure. (1) Client identification and relationship summary; (2) chronology of suspicious activity; (3) transaction details (amounts, dates, counterparties); (4) assessment against risk indicators; (5) conclusion and filing rationale.

Third-Party & Vendor AML Controls

The 2026 enforcement focus extends to the AML controls of third parties and vendors with whom a financial institution interacts. Correspondent banking relationships, payment-processing partnerships and outsourced compliance functions all create attribution risk if the third party’s controls are deficient.

• Conduct due diligence on third-party AML frameworks. Before entering into material relationships, obtain and review the third party’s AML policies, assess their regulatory status and licensing, and document the assessment.
• Contractual AML covenants. Include in third-party contracts a covenant requiring the counterparty to maintain AML controls that meet Swiss standards, together with audit rights and termination provisions for material AML breaches.
• Ongoing monitoring. Periodically reassess third-party AML risks, especially where the counterparty operates in a higher-risk jurisdiction or handles VASP-related flows.

Training & Accountability Matrix

Documented training is a core element of the defence against corporate criminal liability. The training programme should be tailored to the risks faced by each function, and attendance must be logged and retained.

• Role-specific training modules. Front-office staff need scenario-based training on recognising red flags; compliance teams need advanced training on SAR drafting and investigation techniques; board members and senior management need training on their supervisory obligations and personal criminal exposure.
• Annual certification. Require annual sign-off from all relevant staff confirming they have completed AML training and understand their obligations.
• Accountability mapping. Maintain a documented matrix that assigns AML responsibilities to named individuals (first line, second line, third line). This demonstrates to prosecutors that the firm took reasonable organisational measures, the precise standard under Article 102(2).

5. Internal Investigations, A Stepwise Guide for White Collar Crime Defence

When a potential AML or criminal-conduct issue surfaces, the quality of the institution’s response can determine whether the matter escalates to a full prosecution or is resolved through remediation and cooperation. Internal investigations in Switzerland require careful navigation of privilege rules, data-protection constraints and potential cross-border evidence requests. This is where experienced criminal lawyers in Switzerland add the most immediate value.

Forensic Steps & Privilege Checklist

1. Engage external counsel immediately. The investigation should be led, or at minimum supervised, by external lawyers to maximise the scope of legal privilege. In-house counsel-led investigations can create privilege complications, particularly where findings may later need to be disclosed to regulators or prosecutors.
2. Define and document the investigation scope. Issue a written investigation mandate specifying the conduct under review, the time period, the data sources to be examined, and the reporting line. This memo should be marked as privileged.
3. Preserve evidence before collecting it. Issue litigation holds for relevant documents, communications and system logs. Ensure that automated deletion policies are suspended for in-scope data. Document the preservation steps taken.
4. Segregate privileged materials. Maintain separate channels for privileged communications (investigation findings, legal analysis) and factual evidence. Never commingle legal advice with business-as-usual communications.
5. Interview relevant personnel. Conduct interviews with a clear protocol, inform interviewees that the interview is conducted on behalf of the institution (not the individual), that no individual legal advice is being given, and that interview notes may be shared with regulators. Document these warnings in writing.

Cooperating With Foreign Authorities

Cross-border investigations increasingly involve Mutual Legal Assistance Treaties (MLATs) and parallel requests from foreign prosecutors. Before producing any documents or evidence to a foreign authority, institutions should assess whether such production is consistent with Swiss blocking-statute provisions (Article 271 of the Swiss Criminal Code, which prohibits unauthorised acts on behalf of a foreign state). Early legal advice on the interplay between cooperation and blocking statutes is essential, missteps can create additional criminal exposure.

Where a self-report is being considered, the decision should be taken at board level with input from experienced white-collar criminal defence counsel. Self-reporting can reduce the severity of sanctions, but it forecloses certain defence options and triggers disclosure obligations that cannot be reversed.

6. Director & Senior Manager Criminal Liability, Mapping & Mitigation

Director liability under Swiss law is not merely theoretical. Individual directors and senior managers can face personal criminal charges where they knowingly permitted, actively facilitated, or negligently failed to prevent criminal conduct within the organisation. The most common triggers for personal exposure are: failure to implement adequate supervisory structures; wilful blindness to known compliance deficiencies; and active participation in or concealment of the underlying offence.

Under the Swiss Code of Obligations, directors owe a duty of diligent management. Breach of that duty can give rise to both civil liability (damages claims by the company or its shareholders) and, where the breach intersects with criminal conduct, personal criminal prosecution. In practice, prosecutors tend to target individuals who held decision-making authority over the compliance function and who either blocked remediation efforts or failed to act on clear warnings.

Indemnity & Insurance Practical Checklist

• Review D&O insurance coverage. Confirm that the policy covers criminal defence costs (many policies exclude coverage once a conviction is obtained, but cover defence costs during the investigation and trial phases). Check whether the policy has adequate limits for multi-jurisdictional proceedings.
• Indemnity clauses in employment agreements. Ensure that employment contracts for senior executives include indemnity provisions, subject to applicable legal limits, covering defence costs and civil liabilities arising from good-faith discharge of duties.
• Board minutes and delegation records. Maintain clear records of board decisions on compliance matters, including dissenting views. These records can be critical in demonstrating that a particular director took reasonable steps even if the institution’s controls ultimately failed.
• Personal legal counsel. Where a director or senior manager is personally implicated, they should engage separate personal legal counsel immediately. The institution’s lawyers represent the institution, not the individual, conflicts of interest must be identified and managed from the outset.

7. Cross-Border Enforcement & Asset Recovery in Switzerland

Switzerland’s extensive network of MLATs and its membership in international cooperation frameworks make it a central node in cross-border criminal enforcement. For asset managers and banks, this means that foreign prosecutors, from the US Department of Justice, EU member states, and other jurisdictions, can and do seek Swiss cooperation to freeze, trace and recover assets linked to money laundering, corruption and other financial crimes.

The Federal Act on International Mutual Assistance in Criminal Matters (IMAC) governs cooperation requests. When a foreign state submits a properly documented request, Swiss authorities can freeze bank accounts, compel document production and facilitate the transfer of evidence, subject to dual-criminality and other safeguards. The timelines can be compressed: emergency freezing orders may be obtained within days of a request.

Asset Recovery Pathways & Timelines

• Provisional measures. Swiss prosecutors or judges can freeze assets as a provisional measure during both domestic and international proceedings. The threshold for a freeze is relatively low, a reasonable suspicion of a connection to criminal activity suffices.
• Confiscation. Under Articles 70–72 of the Swiss Criminal Code, assets that are the proceeds of crime or were used to commit an offence can be confiscated. Equivalent-value confiscation (Ersatzforderung) allows the state to claim the value of proceeds even if the original assets have been dissipated.
• Practical defence steps. Institutions facing asset-recovery proceedings should immediately review data-governance protocols, ensure that privileged communications are segregated from production-ready materials, and engage counsel experienced in both Swiss domestic procedure and MLAT negotiations. Preserving a clean cross-border audit trail is the single most effective mitigation measure.

For asset managers holding client assets in Swiss custody, the cross-border enforcement risk underscores the importance of robust legal counsel in Switzerland who can navigate both the domestic criminal framework and international cooperation requests simultaneously.

8. Recommended Next Steps for Criminal Lawyers in Switzerland & Their Clients

The 2026 enforcement landscape demands immediate, documented action. The following five steps represent the minimum response for any Swiss bank, asset manager or financial intermediary seeking to defend against corporate criminal liability:

1. Complete a controls-versus-attribution-test gap analysis within 30 days, mapping every AML control to the specific requirements of Articles 102 and 102a of the Swiss Criminal Code.
2. Remediate and document all identified gaps in onboarding, transaction monitoring and SAR procedures within 90 days.
3. Stress-test incident response through a realistic tabletop exercise involving external counsel, and document the findings and remediation actions.
4. Brief the board and senior management on their personal director liability exposure and ensure D&O insurance and indemnity arrangements are current.
5. Engage experienced criminal lawyers in Switzerland on a proactive basis, retaining external counsel before an investigation begins is materially more effective and cost-efficient than scrambling after a dawn raid or FINMA referral. Qualified specialists can be found through the Global Law Experts Switzerland directory.

Sources

1. Federal Council, AML Strategy (Federal Department of Finance)
2. FINMA, Combating Money Laundering
3. Swiss Criminal Code, Fedlex (Official Law Text)
4. Global Investigations Review, Switzerland Corporate Criminal Liability 2026
5. ICLG, Anti-Money Laundering Laws & Regulations Switzerland 2026
6. Bär & Karrer, Switzerland Banking & Finance Overview 2026
7. OECD, Anti-Corruption and Integrity
8. Federal Supreme Court / Federal Criminal Court Portal