Regulatory developments in the fight against money laundering – action required by financial institutions

Classification¹

¹_{This is a greatly simplified overview intended to provide a quick introduction to the subject. Each institution should assess the relevance and the specific need for action on a case-by-case basis.}

Revision of the AMLA

As part of the revision of the AMLA, regulatory requirements will be further tightened and specifically adapted to international standards and new risk areas. The new provisions will come into force on 1 October 2026.

• Sanctions risk area
  Sanctions have been a key issue for the financial market for years, as national and international requirements demand comprehensive due diligence processes and breaches entail significant legal, financial and reputational risks. FINMA also places a clear focus on compliance with applicable sanctions regulations in its Risk Monitor. Accordingly, the AMLA now expressly stipulates that financial institutions must take appropriate organisational measures to prevent breaches of sanctions legislation (Embargo Act). The specific form these measures should take is set out below at the level of the AMLO-FINMA.
  
  
• Risk area: Advisers
  Advisors will now also be subject to the Anti-Money Laundering Act (AMLA). They must join a self-regulatory organisation (SRO) if they are professionally involved in financial transactions, real estate or the establishment or management of (non-operational) legal entities. The same applies to companies acting as domicile providers (e.g. providing c/o addresses). Financial institutions that also provide such advisory services must now maintain AML files for these activities as well. 

Partial revision of the AMLO-FINMA

The planned partial revision of the AMLO-FINMA is of particular importance to financial institutions, as it clarifies the specific implementation of due diligence obligations to prevent money laundering and terrorist financing. The draft was still under consultation as of 9 June 2026 and aims in particular to establish requirements for the prevention of sanctions violations as well as for the transparency of ownership and control structures. 

• Sanctions Compliance
  The AMLO-FINMA now explicitly enshrines the obligation to prevent sanctions violations. This clarifies a requirement that was previously only implicitly expected and supplements it with a specific provision on organisational measures. Financial institutions must appropriately identify, monitor and limit their sanctions risks, particularly within the framework of the ICS and risk management. Specifically, requirements include a risk-based analysis (which can be integrated into the AMLA risk analysis), clearly documented internal guidelines and a structured screening of business relationships. Contracting parties, beneficial owners, controlling shareholders and authorised persons must be checked against sanctions lists even before the business relationship is established. In addition, the entire customer base must be reviewed promptly whenever there is a change to the lists. All checks must be documented in a traceable manner.
  
  
• Traceability of ownership and control structures 
  Financial institutions, particularly in business relationships involving domiciliary companies or (complex) structures, must be able to trace the ownership and control structures of the contracting party. This involves, on the one hand, a complete and reproducible presentation of the shareholding structure up to the highest level. On the other hand, an understanding of the economic reasons for establishing such structures, as well as the relationships between the companies involved, is required. FINMA already requires this in its supervisory practice. The new provision in the AMLO-FINMA now codifies these requirements at the ordinance level and is thus intended to strengthen legal certainty.

AML risk analysis

In FINMA Guidance 04/2026, FINMA sets out in detail its expectations regarding the AML risk analysis and emphasises its role as a key control instrument for risk management. The focus is on a clearly defined risk tolerance, including explicit exclusions of certain countries, client segments or products, as well as a consistent and methodologically sound risk assessment (in particular the separation of inherent, control and residual risk). FINMA takes a critical view of, among other things, overly generous exemption processes, risk indicators that are insufficiently meaningful, and the sometimes incorrect classification of heightened risks (e.g. PEPs or complex structures). Overall, the regulator requires risk analyses that are more evidence-based, granular in nature and closely linked to business strategy, resources and governance.

Introduction of the transparency register

The new Federal Act on the Transparency of Legal Entities and the Identification of Beneficial Owners (TJPG) introduces a central register for beneficial owners. The register covers not only financial institutions but all legal entities under Swiss private law and, under certain conditions, foreign legal entities with links to Switzerland (e.g. branches). 

• Reporting obligation, access and differences
  The Act requires legal entities to report their beneficial owners to the Federal Transparency Register. The information recorded is made available to competent authorities (in particular law enforcement agencies, MROS and tax authorities) and other authorised parties, but not to the public. On the one hand, financial institutions – like all other legal entities – must report the beneficial owners of their own institution. On the other hand, however, they will in future also be able to access the data of other legal entities online, insofar as this is necessary to fulfil their due diligence obligations under the AMLA. A general obligation to consult the register is not, however, envisaged. It remains to be seen to what extent supervisory practice will in future effectively require such consultation.

  If the financial intermediary consults the register and identifies discrepancies between the information in the transparency register and its own documentation, it must first request the legal entity concerned to correct the information within a reasonable period. If the discrepancy persists, it must be reported to the register, whereupon a corresponding note will be added. This note may be deleted following correction at the request of the legal entity.

• Definition, deadlines and implementation
  A beneficial owner within the meaning of the the register is any natural person who ultimately controls a company by holding, directly or indirectly, alone or in concert with third parties, at least 25% of the capital or voting rights, or who otherwise controls the company. This applies to both operational companies and domiciliary companies (in contrast to the AMLA, under which there is no threshold for beneficial owners in the case of domiciliary companies). Alternatively, the highest executive body must be reported as the beneficial owner. 

  The Act and the associated ordinance will come into force on 1 October 2026. Legal entities that have already fully registered their beneficial owners in the Commercial Register (as shareholders or members of governing bodies) must submit the report within two years of the entry into force. Otherwise, the following registration deadlines apply after entry into force:

  • Public limited companies subject to statutory audit: 3 months
  • Other companies (e.g. limited liability companies) subject to statutory audit: 4 months
  • Public limited companies not subject to statutory audit: 5 months
  • Other companies not subject to a limited audit and other legal entities: 6 months

Initially, reporting to the transparency register will take place exclusively via the “EasyGov” platform. Registration is already possible. However, the actual reporting can only take place once the Act has come into force and the relevant functionality has been launched. 

Conclusion 

The upcoming regulatory changes will lead to a further tightening of requirements in the area of anti-money laundering. For financial institutions, this will result in the following key areas of action in particular:

• Expansion and clear documentation of sanctions compliance processes.
• Review and targeted further development of the existing (AMLA) risk analysis and internal guidelines (sanctions risks and supplementary FINMA Supervisory Circular 04/2026)
• Ensuring full traceability of ownership and control structures.
• Preparing for the transparency register, in particular by registering with EasyGov at an early stage, observing the statutory reporting deadlines and considering the future use of the transparency register in the context of new account openings and the periodic updating of business relationships.
• Analysing the institution’s full range of services with regard to the conduct of business activities that could now be classified as relevant under the Anti-Money Laundering Act (e.g. advisory services in the area of financial transactions, real estate, etc.). Where necessary, extending the AML framework to cover the identified services.

To minimise implementation risks and meet regulatory expectations, an early and structured examination of the new requirements is advisable. 

Your added value with Grant Thornton

Grant Thornton assists companies in understanding regulatory changes and supports them in their practical implementation. We are also available as a point of contact for the conceptual and technological aspects of implementation.