Switzerland’s financial regulator has tightened expectations for how banks and financial institutions safeguard crypto-based assets, publishing new custody guidance aimed at strengthening client protection and limiting operational risk.
The Swiss Financial Market Supervisory Authority released Guidance 01/2026 on January 12, 2026, laying out detailed requirements for institutions that hold or administer crypto assets on behalf of clients.
Segregation Comes First
At the core of the guidance is a strict segregation requirement. Client crypto assets must be held separately from an institution’s own balance sheet, ensuring they remain protected in the event of insolvency. When assets are properly segregated and kept off balance sheet, FINMA says capital requirements generally do not apply.
However, the regulator left room for intervention. In cases where elevated risks are identified, FINMA may impose caps on the amount of crypto assets an institution is allowed to custody.
Tighter Oversight of Third-Party Custodians
Institutions that rely on third-party custodians, including foreign providers, face heightened scrutiny. FINMA requires that these custodians operate under equivalent prudential supervision and offer comparable bankruptcy protection.
Responsibility does not shift with outsourcing. Swiss institutions remain fully accountable for the selection, ongoing monitoring, and risk management of any third-party custodian they engage.
Due Diligence and Operational Controls
The guidance places strong emphasis on operational resilience. Institutions must demonstrate that custodians have robust technical infrastructure, proven expertise, and secure processes capable of mitigating cyber risks, private key loss, and system failures.
FINMA also expects comprehensive business continuity plans tailored to distributed ledger technology, recognizing that disruptions in crypto custody can have immediate and irreversible consequences.
Client Disclosure and Consent
Where custody arrangements fall short of full legal equivalence—such as in jurisdictions without comparable bankruptcy protections—institutions must clearly disclose the risks to clients. Written client consent is required before such arrangements can be used.
FINMA underlined that transparency is non-negotiable, particularly given the speculative and volatile nature of crypto assets.
A Clear Signal to the Market
The guidance reinforces Switzerland’s approach to crypto regulation: innovation is permitted, but only within a framework that prioritizes investor protection and institutional accountability.
By formalizing expectations around segregation, custody oversight, and client disclosure, FINMA is signaling that crypto custody is now firmly treated as a core financial risk function, not an experimental add-on.
