We are a Swiss law firm, dedicated to providing legal solutions to business, tax and regulatory matters.
SWISS LAW AND TAX
Services
Intellectual Property
Life Sciences, Pharma, Biotech
Litigation and Arbitration
Meet our team
Our knowledge, expertise & publications
View all
Events
Blog
In the VISCHER Innovation Lab, we not only work in the field of law, we also develop our solutions ourselves as far as possible from a technical point of view.
VISCHER Legal Innovation Lab
Red Ink
Careers
Categories: Banking & Finance, Blog
On 7 June 2024 FINMA published guidance on its findings from its cyber risk supervision and related topics. The guidance sheds further light on FINMA's approach to cyber risks and is essential reading for any regulated entity as it provides specific information on how to manage those risks.
FINMA reminds readers that cyber risks have for many years been listed in its annual Risk Monitor and that reports of successful or partly successful cyber-attacks increases every year. It further published recommendations on a range of topics:
FINMA has received a number of enquiries about how its Guidance 05/2020 on the duty to report cyber-attacks should be interpreted. It used the opportunity to clarify several points in the current guidance. More information on the guidance generally can be found in our blog post Cyber-Security Obligations for Financial Services Providers in Switzerland here.
Regulated entities should carefully review the new guidance and ensure that its findings are applied across their organizations, remediating any areas that might not be fully compliant with FINMA's expectations. While outsourcing may improve cybersecurity by choosing best-in-class service providers, it may also substantially increase risks as experience shows. It is therefore key to adopt an appropriate risk management framework and to reinforce the operational resilience of the outsourced functions. This requires that banks continue to keep sufficient know how regarding the outsourced functions to be able to analyze and monitor the provision of services. We will continue to publish updates on the area of cyber security and financial services.
Authors: Jana Essebier, Maximilian Riegel
Attorney at Law
Solicitor (admitted in Ireland (non-practising)) Law Society of Ireland
Die neue EU-Verordnung 2022/2554, auch bekannt als "Digital Operational Resilience Act" oder...
On 1 January 2025, the new FINMA circular 2025/2 on the "Rules of conduct under FinSA/FinSO" entered...
We are very pleased to announce that several of our lawyers have once again been recognized as...