While the proposed amendments may at first glance appear to be a technical update, they are in fact driven by significant developments in Swiss law, notably the shift toward remote application of the rules governing qualified electronic signatures and the forthcoming introduction of the Swiss governmental e‑ID. In both cases, FINMA goes beyond international practice by proposing an additional address verification requirement that may disrupt media continuity, unless geolocation proves to be viable.

Whether FINMA’s proposal, aimed at preventing money laundering as well as fraud in the financial sector, is fit for purpose remains open to debate. In any event, the proposed changes would have tangible implications for client onboarding, compliance costs and digital client journeys. Their relevance will be further accentuated as financial innovation progresses, for example in connection with the AML obligations of issuers of stablecoins in connection with the crypto regulation recently proposed by the Federal Council.

Current onboarding regulation

Swiss anti‑money‑laundering laws and regulations require financial intermediaries to identify individuals and representatives of legal entities at the outset of a business relationship.

For face‑to‑face onboarding, such as at a bank counter, a check of an official photo ID is sufficient.

Non-face-to-face onboarding requires

  • ID certification by a supervised intermediary, notary, or Swiss-qualified lawyer; plus
  • residential address verification (e.g., postal delivery)

(cf. art. 45 sec. 2 of the the Anti-Money Laundering Ordinance of FINMA, AMLO-FINMA; see also the Swiss Bankers Association’s self-regulatory Agreement on the Swiss Banks’ Code of Conduct with Regard to the Exercise of Due Diligence, CDB 20, recognised as generally binding by FINMA).

The Circular treats video identification as face-to-face onboarding, adding as additional requirements

  • machine readable zone MRZ decryption; and
  • two security feature checks (e.g., holographic-cinematic marks, printed elements with latent image effects).

The Circular further treats pure online onboarding as non-face-to-face onboarding and, in addition to MRZ decryption and two security feature checks, requires

  • ID certification by a supervised intermediary, notary, or Swiss-qualified lawyer;
  • residential address verification, for which the Circular explicitly names postal delivery, tax/utility bill, public register, trusted database, or geolocation; and
  • payment from a supervised bank account (in Switzerland or equivalent) or, alternatively, biometric chip check.

Geolocation, introduced by FINMA in 2021 as a means of address verification to enable a frictionless online non-face-to-face onboarding process, determines the location of a mobile device during real‑time transmission to verify the plausibility of an applicant’s stated place of stay. As geolocation does not guarantee the accuracy of the residential address, FINMA concedes that it may need to be repeated if no other residence check occurs.

Alternatively, currently electronic ID copies with qualified electronic signature (QES) under the Federal Certification Services Act (CertES) enable online onboarding, without any further certification, verification or bank transfer.

Another option, not further discussed in the following sections, is certification by a supervised financial intermediary, a notary or a Swiss-qualified lawyer with timestamp and employee signature. This option requires address verification unless the authentication is performed at the address of the client.

The proposed revision of the FINMA Circular

FINMA Circulars generally summarise FINMA’s supervisory practice and explain how FINMA expects supervised entities to comply with existing statutory requirements.

Apart from further updates, the current revision of the Circular is primarily a reaction to two developments: (1) the changes to the legal framework governing QES; and (2) the introduction of a new Swiss electronic identity (e-ID) approved by popular vote of the Swiss citizens in 2025 and expected to enter into force mid-2026.

FINMA’s response to both developments concerns pure online identification and not video identification.

Used of Qualified Electronic Signatures (QES)

QES revitalised: unattended remote identification

Under Swiss law, a QES is a legally valid functional equivalent of a handwritten signature, in particular where such a signature constitutes a mandatory formal requirement (for example, for the assignment of a receivable, the transfer of a share certificate or an uncertificated share, or the conclusion of a consumer credit agreement). Although the qualified electronic signature (QES) has been part of Swiss law for more than two decades, it has failed to achieve widespread acceptance in the market. One reason was that obtaining a QES originally required individuals to appear in person before a recognised certification service provider.

In an effort to modernise trust services and promote their practical use in everyday business, the requirement of physical presence was subsequently abolished. Since 2022, and in line with European standards on electronic signatures, the identity of a person applying for a QES may be verified remotely, provided that a conformity assessment body has confirmed that the identification procedure offers a level of security equivalent to in-person verification (art. 7 sec. 1 of the Ordinance to the CertES, in conjunction with the Annex to the BAKOM Ordinance on Certification Services for Electronic Signatures, which refers to the relevant European standards).

FINMA’s response

In its explanatory note to the proposed revision, FINMA expresses its willingness to promote innovation in the financial market while ensuring the highest level of security. In the context of online onboarding, it identifies the risk of fraudulent account openings, in particular using forged identification documents, the misuse of unsuspecting individuals, or the operation of fraudulent websites.

FINMA acknowledges that, since 2022, a QES can be obtained without physical presence. Given the possibility of QES issued without any live interaction, FINMA considers the opening of a bank account using a QES to constitute onboarding by correspondence, i.e., non-face‑to‑face onboarding. As noted above, AMLO‑FINMA generally requires for non-face‑to‑face onboarding both certification of the identity document and verification of the residential address (art. 45 para. 2 AMLO‑FINMA). Following the relaxation of the requirement of personal appearance for the QES, FINMA now infers from its own ordinance that address verification should be required for Know Your Customer (KYC) purposes (e.g., as mentioned above, via postal delivery, a tax or utility bill, a public register entry, a trusted database, or geolocation).

As a result, onboarding via QES will no longer qualify as a fully digital identification pathway. Geolocation may offer an alternative for address verification, but its effectiveness as a standard method remains to be seen, particularly since it is not used in onboarding processes by non‑Swiss competitors. All in all, with the new proposed requirements, FINMA goes beyond international practice.

Critical assessment

From a practical perspective, this approach will further reduce the already low attractiveness of QES-based onboarding. From a regulatory policy standpoint, the proposed tightening raises questions.

The legislator explicitly sought to simplify access to QES and promote its use as a trusted digital instrument. By doing so, it relied on European standards allowing for reliable substitutes of physical appearance, requiring a safety check by a conformity assessment body.

By reintroducing elements of physical or quasi-physical verification, FINMA goes beyond international practice, effectively neutralises part of this legislative relief and questions the reliability of the QES. This is all the more surprising in light of the newly introduced e-ID (see below), which will be available through a fully remote application process and in respect of which the CertES will be adapted to allow the issuance of a qualified electronic signature on the basis of an e-ID.

While FINMA justifies its proposed revision of the Circular by reference to its ordinance, AMLO‑FINMA, which requires address verification (by mail or an equivalent method) for non‑face‑to‑face onboarding, its Circular already lists QES‑based onboarding under the non‑face‑to‑face onboarding methods (under section “IV. Online identification”, which, unlike video identification in note 5, is not declared equivalent to physical appearance) – without imposing any address‑verification requirement. It is not apparent how the formerly required physical presence during the issuance of a QES would have turned QES‑based onboarding into a genuinely face‑to‑face process. Rather, FINMA has previously demonstrated openness to technical developments by treating QES‑based onboarding as a special case, by analogy to a face‑to‑face process. Against this background, there is no evident practical reason why the fact that a QES can now be obtained remotely should suddenly necessitate address verification or geolocation. FINMA therefore retains discretion to adopt an appropriate solution.

Whether the additional address verification requirement is necessary, suitable, and proportionate to address the risks identified by FINMA, namely fraudulent account openings, considering the safeguards inherent in the use of qualified electronic signatures, and whether it is consistent with the broader digitalisation strategy pursued at the legislative level, remains open to debate. This aspect of the proposed revision is therefore likely to attract comments during the consultation phase.

The future Swiss e-ID

The e-ID project

Switzerland is preparing to introduce a state-recognised e-ID. Following a revised legislative approach and strong emphasis on data protection and public control, the new e-ID is expected to enter into force in 2026 following the positive popular vote of the Swiss citizens in 2025. It will enable citizens and eligible residents to obtain within minutes a free government-issued e-ID via the official swiyu Wallet app starting summer 2026. The fully remote process requires scanning a valid Swiss ID, passport, or foreign national ID issued in Switzerland, followed by a short liveness video selfie for biometric verification against government records. In-person options exist at offices for those unable to complete it online. The e-ID, stored as a verifiable credential, supports secure digital authentication while prioritizing privacy through decentralized storage.

The E‑ID could streamline onboarding processes by reducing duplicative identification steps, increasing legal certainty for institutions, and enabling end‑to‑end digital client journeys. However, several practical questions still need to be clarified.

Treatment in the revised Circular

The proposed revision of the Circular recognises the Swiss e-ID as a valid identification document for online identification. FINMA allows financial intermediaries to rely on an e-ID issued under the federal E-ID as a full alternative to physical identity documents, provided that the validity of the e-ID and its attribution to the client are verified.

In addition, FINMA requires verification of the residential address (e.g., via postal delivery, a tax or utility bill, a public register entry, a trusted database, or geolocation, see above). Requiring an additional address verification once again introduces a break in media continuity (unless other means such as geolocation would be used). The considerations outlined above apply all the more in this context, as the e‑ID is expected to be used more widely in practice than the QES, thereby giving them greater practical significance.

It therefore warrants closer examination why an e‑ID, designed for secure digital interaction with both public authorities and private businesses, would nonetheless require this additional step for KYC purposes in view of the specific risks addressed by FINMA.

Further changes: reverse bank transfer, exclusion of non-banks, QR codes

FINMA maintains the requirement that pure online identification must be supplemented by a bank transfer to confirm that the client has previously been identified in an AML-compliant manner by a bank. The revision of the Circular introduces a pragmatic innovation: as an alternative to the traditional client-to-institution transfer, FINMA now accepts a “reverse” bank transfer, whereby the financial intermediary sends an identification code to an account held in the client’s name with a bank in Switzerland or Liechtenstein.

At the same time, FINMA tightens expectations regarding the verification of the origin of such transfers. The revision requires financial intermediaries to ensure that the transfer originates from a regulated institution that is subject to supervision comparable to that of a Swiss bank, thereby explicitly excluding payments from non-bank payment service providers such as card issuers, PayPal or similar services. This clarification increases legal certainty but also reinforces compliance obligations in online onboarding processes.

Furthermore, in terms of eligible ID documents the revision permits documents containing QR codes, in addition to those with an MRZ. FINMA makes clear that responsibility for assessing the security of such documents continues to rest with the financial intermediary.

Finally, the revised Circular will limit the scope of its application to FINMA supervised entities, excluding casinos and promoters of large-scale games (i.e., namely, online gambling) under the Swiss Gambling Act as well as some actors under the Precious Metals Control Act.

Conclusion

The proposed revision of the FINMA Circular on video and online identification reflects FINMA’s cautious approach to technological innovation. While new instruments are acknowledged, they are accompanied by additional safeguards intended to mitigate risks such as money laundering and fraud.

The integration of the future Swiss e-ID in the KYC onboarding process is a constructive element of the revision. However, it remains to be assessed whether the additionally required address verification, which may entail a disruption of media continuity, is in fact necessary and appropriate. Similarly, the address verification to be newly imposed on QES-based onboarding risks undermining the very simplification that recent legislative developments sought to achieve to help to promote the use of the QES. Geolocation, as an option offered by FINMA, may provide a solution, but the practicality of this feature, which goes beyond international practice, remains to be demonstrated.

For financial institutions, FinTechs and other supervised entities, the consultation is therefore of considerable importance. The revised Circular will shape onboarding strategies for years to come. Further market and regulatory developments also underscore the relevance of the rules governing online onboarding, for instance with regard to crypto asset services (cf. the crypto regulation proposed by the Federal Council in October 2025 including a special AML regime for issuers of stablecoins). Institutions should analyse the proposal carefully and prepare their internal processes, staff training and implementation plans accordingly.

Contact 

Our Swiss team stands ready to support financial institutions and FinTechs in navigating the consultation, revising onboarding processes, and ensuring compliance with the updated FINMA Circular.