AI Regulation in Switzerland
Switzerland has 27 tracked AI regulatory updates across 2 frameworks. This page provides an overview of the current regulatory landscape, upcoming deadlines, and recent enforcement activity.
Upcoming Deadlines
BAIT continues for some firms during transition period before DORA replacement
BaFin DORA implementation guidance and filing proceduresRemaining FinmadiG transition ends for certain German institutions
BaFin DORA implementation guidance and filing proceduresRecent Regulatory Updates
ISO/IEC 42005:2025 published for AI system impact assessments
ISO published ISO/IEC 42005:2025 in May 2025, adding a formal AI system impact-assessment standard that organizations can now use to evidence structured AI governance alongside ISO/IEC 42001.
FINMA guidance on governance and risk management when using artificial intelligence
FINMA’s 18 December 2024 guidance says supervised institutions must adapt governance and controls to the materiality and probability of AI risks, including operational, model, data, IT/cyber, third-party, legal, and reputational risks.
FDPIC AI and data protection guidance
The FDPIC states that Switzerland’s FADP applies directly to AI-supported processing and expects manufacturers, providers, and users to be transparent about purpose, functionality, and data sources.
FDPIC guidance on AI and data protection
The FDPIC’s AI guidance states that the Swiss FADP applies directly to AI-supported processing and requires transparency about purpose, functionality, and data sources, which elevates compliance expectations for AI deployments in Switzerland.
FINMA guidance on AI governance and risk management
FINMA’s AI guidance highlights operational, model, cyber, data-quality, third-party, legal, and reputational risks, so Swiss financial institutions should formalize AI governance and oversight now.
BSI publishes G7 SBOM for AI guidance
BSI released a G7-developed guideline setting minimum requirements for a Software Bill of Materials for AI, so organizations should tighten AI component inventory and supply-chain traceability practices.
FINMA Guidance on Governance and Risk Management When Using Artificial Intelligence
FINMA published AI governance guidance on December 18, 2024, making governance, model risk, data quality, cyber risk, third-party dependence, and legal/reputational risk explicit supervisory priorities for Swiss financial institutions using AI.
Swiss FDPIC AI and data protection guidance
The FDPIC’s 2025 guidance makes clear that Swiss data protection law applies directly to AI-supported processing, so organizations must treat transparency, DPIAs, and human review rights as immediate design requirements for AI systems using personal data.
FDPIC confirms Swiss data protection law applies directly to AI processing
The FDPIC’s AI and data protection page confirms the nFADP has applied directly to AI-supported data processing since 1 September 2023, so Swiss organizations must treat AI use as already in scope for data protection controls.
FDPIC guidance on AI and data protection
The FDPIC states that Switzerland’s data protection law applies directly to AI-supported processing, so organizations must document purpose, data sources, and automated-decision safeguards now.
FINMA Guidance on AI Governance and Risk Management
FINMA’s AI supervisory guidance highlights operational, model, data, cyber, third-party, legal, and reputational risks, so Swiss financial institutions should treat AI governance as an immediate supervisory issue.
FINMA survey shows broad AI adoption and ongoing supervisory expectations
FINMA’s April 2025 survey shows AI is already widespread in Swiss financial institutions and reiterates that firms planning to use AI in critical processes or to calculate regulatory parameters should contact FINMA early.
Data Protection Day 2026 remarks on generative AI
The FDPIC’s 2026 public remarks reiterate that generative AI is subject to the FADP when it processes personal data, reinforcing the need to disclose AI use and prompt-data practices.
FDPIC says current data protection law applies directly to AI
The FDPIC reaffirmed that Switzerland’s Federal Data Protection Act applies directly to AI-supported processing, so AI deployments must already meet transparency, DPIA, and human-review requirements without waiting for new AI-specific legislation.
FINMA survey on AI use in Swiss financial institutions
FINMA’s April 2025 survey confirms widespread AI adoption in Swiss finance and reiterates that institutions should contact FINMA in good time before using AI in critical processes or to calculate regulatory parameters.
Applicable Frameworks
Key Topics
Weekly digest — coming soon
Leave your email to get the first issue when it ships. Free, no account required.
We use your email only for the digest. Privacy policy