Crypto & Blockchain Regulation & Licensing in Switzerland

Switzerland has established itself as one of the world';s most structured and business-friendly jurisdictions for crypto and blockchain ventures. The Swiss Financial Market Supervisory Authority (FINMA) applies a technology-neutral, activity-based regulatory approach: what matters is the economic function of a token or service, not the technology behind it. For international entrepreneurs and institutional investors, this creates both a clear licensing roadmap and a set of hard compliance obligations that cannot be bypassed. This article covers the full regulatory architecture - from FINMA licensing categories and the DLT Act to AML obligations, practical licensing scenarios, and the most common mistakes made by foreign operators entering the Swiss market.

Switzerland does not have a single "crypto law." Instead, the existing financial market legislation - the Banking Act (Bankengesetz, BankG), the Financial Institutions Act (Finanzinstitutsgesetz, FINIG), the Financial Services Act (Finanzdienstleistungsgesetz, FIDLEG), the Anti-Money Laundering Act (Geldwäschereigesetz, GwG), and the Federal Act on Financial Market Infrastructures (Finanzmarktinfrastrukturgesetz, FinfraG) - has been extended and adapted to cover digital assets and blockchain-based services.

The core principle is that FINMA looks at what a business actually does, not what it calls itself. A platform that holds client funds in crypto is treated as a bank or securities firm. A token that represents a claim against an issuer is treated as a security. A stablecoin that functions as a payment instrument triggers banking or e-money rules. This activity-based lens means that the licensing obligation attaches at the moment the economic substance of a regulated activity is present, regardless of whether the operator uses the word "crypto" or "blockchain" in its marketing.

FINMA published its ICO Guidelines in 2018 and has since issued multiple guidance documents refining its token taxonomy. The taxonomy distinguishes three primary token types: payment tokens (cryptocurrencies used as a means of payment), utility tokens (tokens granting access to a platform or service), and asset tokens (tokens representing assets, equity, or debt claims). Hybrid tokens - which combine features of two or more categories - are assessed on a case-by-case basis and typically attract the most stringent regulatory treatment.

In practice, it is important to consider that FINMA';s classification of a token can shift over the lifecycle of a project. A utility token issued during a development phase may be reclassified as a security token once the underlying platform is operational and the token begins trading on secondary markets. Many international founders underappreciate this dynamic reclassification risk and structure their token issuance without building in a compliance review trigger at the point of secondary market activation.

The Swiss regulatory framework offers several distinct licensing pathways, each calibrated to a different business model. Choosing the wrong pathway - or failing to identify that a license is required at all - is the single most common and costly mistake made by foreign operators.

FinTech license (Art. 1b BankG). Introduced in 2019, the FinTech license is designed for businesses that accept public deposits up to CHF 100 million but do not on-lend or invest those funds. For crypto businesses, this is the most accessible entry point. The FinTech license does not require a full banking license, but it does impose capital requirements (minimum equity of CHF 300,000 or 3% of accepted funds, whichever is higher), organisational requirements, and full AML compliance. The application process typically takes between four and eight months from submission of a complete dossier.

Banking license (Art. 3 BankG). A full banking license is required when a business accepts deposits from more than 20 clients or publicly solicits deposits without the CHF 100 million cap. For crypto custodians holding client assets at scale, or for stablecoin issuers whose instruments qualify as deposits, the banking license is the relevant threshold. Minimum capital requirements start at CHF 10 million, and the organisational, governance, and audit requirements are substantially more demanding. Processing times range from twelve to twenty-four months.

Securities firm license (Art. 41 FINIG). Businesses that trade in securities on a professional basis for their own account or on behalf of clients, or that operate as market makers in asset tokens, require a securities firm license. This category is particularly relevant for crypto asset managers, proprietary trading desks, and platforms that facilitate secondary market trading in tokenised securities. The minimum capital requirement depends on the specific sub-category of securities firm.

Collective investment scheme authorisation. Crypto funds - whether investing in digital assets directly or through derivatives - fall under the Collective Investment Schemes Act (Kollektivanlagengesetz, KAG) if they pool investor capital. The fund manager requires authorisation from FINMA, and the fund itself may require approval depending on whether it is offered to qualified or retail investors.

DLT trading facility license (Art. 73a FinfraG). This is the most significant innovation introduced by the DLT Act (Federal Act on the Adaptation of Federal Law to Developments in Distributed Ledger Technology), which entered into force in stages from 2021. The DLT trading facility is a new category of financial market infrastructure specifically designed for multilateral trading of DLT-based securities. It allows a single entity to combine functions that are otherwise separated under traditional financial market law - trading, clearing, and settlement - within one licensed structure. This makes it highly attractive for tokenised securities exchanges and digital asset marketplaces.

A common mistake is assuming that operating a crypto exchange automatically requires a DLT trading facility license. In practice, many crypto exchanges in Switzerland operate under a combination of a FinTech license and SRO (Self-Regulatory Organisation) membership for AML purposes, without requiring a full trading facility license, provided they do not admit securities within the meaning of FinfraG to trading.

To receive a checklist for selecting the correct FINMA licensing pathway for your crypto or blockchain business in Switzerland, send a request to info@vlolawfirm.com

The DLT Act represents the most comprehensive legislative reform of Swiss financial market law in the context of digital assets. It amended nine existing federal statutes and introduced two entirely new legal concepts: DLT securities (Registerwertrechte) and the DLT trading facility.

DLT securities (Art. 973d et seq. of the Swiss Code of Obligations, OR). A DLT security is a right that is registered in a securities ledger (Wertrechtebuch) and can only be exercised and transferred through that ledger. The legal effect is that the ledger entry itself constitutes the security - there is no separate paper certificate or book-entry at a central depository. This allows tokenised bonds, shares, and other instruments to exist natively on a blockchain with full legal enforceability under Swiss law. The issuer must maintain a securities ledger that meets specific technical and organisational requirements, including integrity, availability, and access controls.

Transfer of DLT securities. Under Art. 973e OR, a DLT security is transferred by recording the transfer in the securities ledger. The transferee acquires good title provided the transfer is made in accordance with the ledger rules and the transferee acts in good faith. This creates a legal framework for atomic settlement - simultaneous exchange of asset and payment - without reliance on a central counterparty.

Segregation of crypto assets in insolvency (Art. 242a of the Federal Act on Debt Enforcement and Bankruptcy, SchKG). One of the most practically significant reforms introduced by the DLT Act is the explicit right of clients to segregate crypto assets held by a custodian in the event of the custodian';s insolvency. Prior to this reform, crypto assets held by a custodian on behalf of clients risked being treated as part of the custodian';s general estate in bankruptcy. Under the amended SchKG, crypto assets held for clients are segregated from the custodian';s estate and returned to clients, provided the custodian has maintained adequate records and the assets are individually identifiable. This reform substantially reduces counterparty risk for institutional clients using Swiss crypto custodians.

Practical implications of the DLT Act for issuers. An issuer wishing to create a DLT security must draft a securities ledger agreement that complies with Art. 973d OR, establish the technical infrastructure for the ledger, and ensure that the ledger is accessible to all parties entitled to exercise rights under the security. The issuer does not need to be a bank or securities firm merely by virtue of issuing a DLT security, but the distribution and trading of that security will trigger the relevant licensing obligations depending on the investor base and the nature of the instrument.

A non-obvious risk is that issuers who tokenise existing securities - converting a traditional bond into a DLT security - must comply with both the new DLT securities rules and the existing prospectus requirements under FIDLEG if the securities are offered to the public. The two regimes operate in parallel and neither displaces the other.

Switzerland';s Anti-Money Laundering Act (GwG) applies to all financial intermediaries, and FINMA has confirmed that crypto businesses conducting regulated activities qualify as financial intermediaries subject to the full GwG regime. Compliance with the GwG is not optional and is not deferred until a license is granted - it applies from the moment a business begins conducting regulated activities.

SRO membership as an alternative to direct FINMA supervision. Businesses that are not subject to prudential supervision by FINMA (for example, because they hold a FinTech license or operate below certain thresholds) must affiliate with a FINMA-recognised Self-Regulatory Organisation (SRO). The SRO supervises the business';s AML compliance on FINMA';s behalf. Several SROs in Switzerland have developed specific rules and expertise for crypto businesses. SRO membership involves an application process, ongoing membership fees, and periodic audits.

Core GwG obligations for crypto businesses. Under Art. 3 GwG, a financial intermediary must verify the identity of its clients before entering into a business relationship. Under Art. 4 GwG, it must identify the beneficial owner of assets. Under Art. 6 GwG, it must conduct enhanced due diligence in higher-risk situations, including transactions with politically exposed persons (PEPs) and cross-border transactions above certain thresholds. Under Art. 9 GwG, it must file a suspicious activity report (SAR) with the Money Laundering Reporting Office Switzerland (MROS) if it has reasonable grounds to suspect that assets are connected to money laundering or terrorist financing.

Travel Rule compliance. Switzerland has implemented the Financial Action Task Force (FATF) Travel Rule through amendments to the GwG and the associated ordinances. Under the Travel Rule, virtual asset service providers (VASPs) must collect and transmit originator and beneficiary information for crypto transfers above CHF 1,000. This applies to transfers between VASPs and, in certain circumstances, to transfers to unhosted wallets. The technical implementation of the Travel Rule is a significant operational challenge for crypto businesses, and FINMA has been active in supervising compliance.

Unhosted wallet transactions. FINMA';s guidance on unhosted wallets requires VASPs to take additional steps to verify the ownership of unhosted wallets when clients transfer assets to or from such wallets above the CHF 1,000 threshold. Acceptable verification methods include cryptographic proof of wallet control (signing a message with the private key) or documentary evidence. A common mistake is treating unhosted wallet verification as a purely technical exercise - in practice, it requires a documented policy, staff training, and integration with the VASP';s broader KYC/AML framework.

Consequences of GwG non-compliance. FINMA has the authority to impose a range of enforcement measures, including ordering a business to cease unlicensed activities, appointing an investigative auditor at the business';s expense, imposing fines, and referring matters to criminal authorities. In serious cases, FINMA can publish enforcement actions - a measure that carries significant reputational consequences in the Swiss financial market.

To receive a checklist for GwG and Travel Rule compliance for crypto businesses in Switzerland, send a request to info@vlolawfirm.com

Understanding the regulatory framework in the abstract is necessary but not sufficient. The following three scenarios illustrate how the framework applies to concrete business models that international operators frequently bring to Switzerland.

Scenario 1: A tokenised real estate fund targeting European family offices. A fund manager wishes to tokenise interests in a Swiss real estate portfolio and offer them to European family offices as DLT securities. The interests represent equity claims against a Swiss special purpose vehicle (SPV). The regulatory analysis involves multiple layers. The SPV';s shares, once tokenised as DLT securities under Art. 973d OR, are securities within the meaning of FIDLEG. The fund manager requires authorisation under KAG if it pools investor capital and exercises discretionary management. The distribution of the tokens to family offices requires compliance with FIDLEG';s prospectus rules (or an applicable exemption, such as the qualified investor exemption under Art. 36 FIDLEG) and the client classification rules. The DLT trading facility license is not required unless the manager also wishes to operate a secondary market for the tokens. Legal and compliance costs for structuring this transaction typically start from the low tens of thousands of CHF, with ongoing compliance costs depending on the fund';s complexity.

Scenario 2: A crypto exchange offering spot trading in Bitcoin and Ethereum to retail clients. A foreign operator wishes to establish a Swiss entity to operate a retail crypto exchange. Bitcoin and Ethereum are payment tokens and do not qualify as securities under Swiss law. The exchange does not hold client fiat currency overnight - it processes payments and converts them to crypto immediately. In this scenario, the exchange is likely to require a FinTech license if it holds client crypto assets, and must affiliate with an SRO for AML purposes. The exchange must implement full KYC/AML procedures, Travel Rule compliance, and a robust sanctions screening programme. A non-obvious risk is that adding even a single asset token or tokenised security to the trading list triggers securities firm licensing obligations for the entire platform, not just for that specific instrument.

Scenario 3: A stablecoin issuer pegging a token to the Swiss franc. A fintech company wishes to issue a CHF-pegged stablecoin for use in cross-border B2B payments. FINMA';s analysis of stablecoins focuses on the nature of the claim held by token holders. If token holders have a direct claim against the issuer for redemption at par, the stablecoin is likely to be classified as a deposit, triggering banking license requirements. If the stablecoin is structured as a collective investment scheme - with token holders holding a pro-rata interest in a pool of CHF assets - KAG authorisation is required. The issuer must also comply with the GwG as a financial intermediary. The banking license route involves minimum capital of CHF 10 million and a processing timeline of twelve to twenty-four months. Many stablecoin issuers underappreciate the capital intensity of this pathway and exhaust their runway before receiving regulatory approval.

Unlicensed activity risk. Operating a regulated crypto business in Switzerland without the required license or SRO affiliation constitutes a criminal offence under Art. 44 FINMASA (Financial Market Supervision Act, Finanzmarktaufsichtsgesetz). FINMA actively monitors the market and has issued public warnings against unlicensed operators. The risk of inaction is concrete: FINMA can issue a cease-and-desist order within days of identifying an unlicensed operator, and the reputational damage of a public FINMA enforcement action is typically irreversible in the Swiss market.

Regulatory perimeter analysis before market entry. The first step for any foreign operator considering Switzerland is a regulatory perimeter analysis - a formal legal assessment of whether the proposed business model triggers licensing obligations and, if so, which ones. This analysis should be conducted before any Swiss entity is incorporated, any Swiss clients are onboarded, or any Swiss marketing is conducted. A common mistake is incorporating a Swiss entity and beginning operations on the assumption that the Swiss "crypto valley" reputation means a permissive regulatory environment. Switzerland is business-friendly in the sense of having clear rules and a predictable regulator - it is not permissive in the sense of allowing unregulated activity.

FINMA';s no-action letter process. FINMA offers an informal guidance process through which operators can submit a description of their proposed business model and receive FINMA';s preliminary view on the applicable regulatory requirements. This process - sometimes referred to as a "no-action letter" or regulatory enquiry - does not constitute a binding ruling, but it provides valuable early-stage clarity and demonstrates good faith engagement with the regulator. The process typically takes between four and twelve weeks depending on the complexity of the enquiry.

Substance requirements. Swiss regulatory licenses require genuine substance in Switzerland. FINMA expects that key management functions, risk management, and compliance oversight are performed in Switzerland, not merely nominally located there. A Swiss holding company with all operations conducted abroad will not satisfy FINMA';s substance requirements. This means that obtaining a Swiss crypto license involves real operational costs - Swiss-based staff, Swiss-qualified compliance officers, and Swiss-domiciled directors with relevant expertise.

Banking secrecy and data protection. Switzerland';s banking secrecy rules (Art. 47 BankG) and the Federal Act on Data Protection (Datenschutzgesetz, DSG) impose obligations on crypto businesses that handle client data. The revised DSG, which aligns Swiss data protection law more closely with the EU';s GDPR, requires crypto businesses to implement data protection by design, maintain records of processing activities, and notify FINMA and affected clients in the event of a data breach. International operators accustomed to GDPR compliance will find the Swiss regime broadly comparable but with some Swiss-specific procedural differences.

Cost of non-specialist mistakes. The cost of engaging non-specialist advisors who lack specific Swiss financial market law expertise can be substantial. Incorrect structuring of a token issuance that results in a reclassification by FINMA may require a full restructuring of the token, a buyback offer to existing holders, and potential enforcement proceedings - costs that can easily reach the mid-to-high six figures in CHF. Engaging Swiss-qualified legal counsel with specific FINMA licensing experience at the outset is a material risk mitigation measure, not a discretionary expense.

What is the most significant practical risk for a foreign crypto business entering Switzerland without prior regulatory advice?

The most significant risk is conducting regulated activities without the required FINMA license or SRO affiliation. This triggers criminal liability under FINMASA and exposes the business to a public cease-and-desist order. The damage is not limited to fines - a public FINMA enforcement action effectively bars the operator from the Swiss market and damages its reputation in other European jurisdictions. Foreign operators frequently underestimate this risk because they conflate Switzerland';s reputation as a crypto-friendly jurisdiction with an absence of regulatory requirements. The two are not the same: Switzerland is structured and predictable, not unregulated.

How long does it take to obtain a FinTech license in Switzerland, and what does it cost?

A complete FinTech license application typically takes between four and eight months from submission to approval, assuming FINMA does not request significant additional information. The timeline extends if the application dossier is incomplete or if the business model raises novel regulatory questions. Legal and advisory costs for preparing the application dossier typically start from the low tens of thousands of CHF. Ongoing compliance costs - including SRO membership, annual audits, and compliance staffing - add further operational expense. The minimum equity requirement is CHF 300,000 or 3% of accepted funds, whichever is higher, and this capital must be available at the time of application.

When should a crypto business choose a DLT trading facility license over a securities firm license?

The DLT trading facility license is the appropriate choice when the business model involves operating a multilateral trading platform for DLT-based securities and the operator also wishes to perform clearing and settlement functions within the same entity. The securities firm license is more appropriate for businesses that trade in tokenised securities on a bilateral basis, act as market makers, or manage client portfolios in digital assets without operating a multilateral venue. The DLT trading facility is a more complex and capital-intensive license, but it offers a structural advantage for operators building integrated digital asset market infrastructure. Businesses that are uncertain which pathway applies should conduct a regulatory perimeter analysis before committing to either structure.

Switzerland';s crypto and blockchain regulatory framework is sophisticated, activity-based, and enforced by a regulator with a clear track record. The DLT Act has created genuinely new legal tools - DLT securities, the DLT trading facility, and improved insolvency protections for crypto asset holders - that make Switzerland one of the most legally advanced jurisdictions for digital asset businesses. The licensing pathways are clear, but the compliance obligations are real and the consequences of non-compliance are serious. Foreign operators who approach Switzerland with a structured regulatory strategy, adequate capital, and genuine local substance will find a predictable and well-functioning environment. Those who enter without specialist advice risk enforcement actions that are difficult to reverse.

To receive a checklist for structuring a compliant crypto or blockchain business in Switzerland, including licensing pathway selection and AML obligations, send a request to info@vlolawfirm.com

Our law firm VLO Law Firms has experience supporting clients in Switzerland on crypto and blockchain regulatory matters. We can assist with regulatory perimeter analysis, FINMA license applications, DLT securities structuring, SRO affiliation, and GwG compliance frameworks. We can help build a strategy tailored to your specific business model and investor base. To receive a consultation, contact: info@vlolawfirm.com