1 March 2026
Methodology About Contact
ZUG FINANCE
The Vanderbilt Terminal for Zug Financial Intelligence
INDEPENDENT INTELLIGENCE FOR CRYPTO VALLEY'S FINANCIAL ECOSYSTEM
SMI Index 11,842| USD/CHF 0.8921| EUR/CHF 0.9412| SNB Rate 1.00%| Swiss AUM CHF 7.8T| FINMA Licensed 2,800+| SMI Index 11,842| USD/CHF 0.8921| EUR/CHF 0.9412| SNB Rate 1.00%| Swiss AUM CHF 7.8T| FINMA Licensed 2,800+|
Analysis

FINMA's Crypto Banking Framework: How Switzerland Regulates Digital Asset Banks

Donovan Vanderbilt · 1 March 2026 · 8 min read

When Switzerland’s Financial Market Supervisory Authority granted banking licences to SEBA Bank and Sygnum Bank in August 2019, it made a statement about regulatory philosophy that reverberated far beyond the Bundesgasse in Bern. FINMA’s decision was not a capitulation to crypto lobbying nor a reckless experiment — it was the coherent application of an existing, principles-based supervisory framework to a new class of financial institution. That decision, and the body of guidance that has accumulated since, represents one of the most sophisticated attempts by any jurisdiction to regulate digital asset banking within an established legal architecture rather than beside it.

Understanding how FINMA regulates crypto banks requires first understanding how FINMA thinks about technology. The regulator’s foundational principle — stated explicitly in its guidance and demonstrated consistently in its supervisory practice — is technology neutrality. Financial regulation in Switzerland addresses the economic function and the risk of an activity, not the technological medium through which that activity is conducted. This is not a trivial philosophical position; it is the intellectual basis on which Switzerland has been able to extend established banking law to entirely novel institutional forms without requiring bespoke primary legislation for every new development.

The Banking Act as Foundation

Switzerland’s core instrument for regulating deposit-taking institutions is the Federal Banking Act (Bankengesetz), a statute whose origins predate the Second World War but whose application has proven flexible enough to accommodate institutions whose primary business involves the custody and transfer of cryptographic private keys. The Banking Act does not care what form an asset takes. It cares about three things: whether an institution is accepting public deposits, whether it is engaged in activities that create systemic risk, and whether it maintains adequate capital and organisational structures to protect its clients and counterparties.

A crypto bank operating under a Swiss banking licence is subject to the same core requirements as a traditional private bank: minimum capital of CHF 10 million (or higher depending on the risk profile of the business), liquidity requirements calibrated to the bank’s liability structure, governance obligations including an independent board of directors, an external auditor approved by FINMA, and a fully documented risk management framework. The FINMA Banking Ordinance elaborates these requirements in substantial technical detail, and the audit process — which for crypto banks is notably intensive in its review of custody infrastructure and cybersecurity controls — provides FINMA with ongoing assurance about operational compliance.

What distinguishes a crypto bank’s licence application is not a different legal test but a different set of technical questions that the applicant must answer satisfactorily. FINMA needs to understand how the institution manages private key custody, what happens to client assets in an insolvency, how the bank identifies and screens counterparties in a pseudonymous transaction environment, and how it values illiquid or volatile digital assets on its balance sheet. These are hard questions, and answering them credibly requires institutional depth and technical sophistication that the typical startup cannot demonstrate on its first attempt.

FINMA Licensing Categories for Digital Asset Businesses

Not every crypto business requires a banking licence, and FINMA has been clear about the boundary conditions. The regulator operates a graduated licensing framework in which the required licence type is determined by the activities conducted.

A business that accepts deposits from the public, lends against its balance sheet, or provides payment accounts requires a banking licence under the Banking Act. This is the highest threshold, and it captures institutions like SEBA Bank and Sygnum that offer full-spectrum banking services to crypto-native and institutional clients.

A securities firm licence under FINMA’s Financial Institutions Act is required for entities that trade financial instruments on a professional basis for clients’ accounts or deal as principal in securities markets. Crypto tokens that meet the legal definition of securities — broadly, tokens that embed participation rights or debt claims — fall within this category, and firms that offer trading, brokerage, or portfolio management in such instruments must be appropriately licensed.

Virtual asset service providers (VASPs) — a category introduced into Swiss law through the 2021 Anti-Money Laundering Act amendments — must register with a FINMA-recognised self-regulatory organisation and comply with enhanced AML/KYC requirements modelled closely on the FATF Recommendation 16 travel rule. VASP registration is not a FINMA licence but a mandatory affiliation with a supervised self-regulatory body such as VQF or PolyReg. This captures exchange operators, custody providers, and token swap facilities that do not otherwise qualify as banks or securities firms.

Custody: The SegWit-Aware Rules

The custody of digital assets presents regulatory challenges that have no direct analogue in traditional banking. When a bank holds securities on behalf of a client, the legal relationship is well-established: the bank is a bailee, the securities are held in a segregated depot account, and the client’s legal title is clear. When a bank holds Bitcoin on behalf of a client, the situation is technically different. Ownership of cryptocurrency is, at the protocol level, established by possession of the corresponding private key. A bank that commingles client private keys with its own operational keys — or that holds assets in a wallet structure that cannot be cleanly attributed to individual clients — creates both a legal ambiguity and an insolvency risk.

FINMA addressed this directly in its 2019 guidance on the handling of crypto assets in the context of the Banking Act and the Federal Intermediated Securities Act. The regulator confirmed that crypto assets held in custody for clients must be held in a segregated manner and must not appear on the bank’s balance sheet as the bank’s own assets. This has significant implications for wallet architecture: custodian banks must be able to demonstrate that client assets can be identified and returned to their owners without going through insolvency proceedings.

The practical consequence is that Swiss-licensed crypto banks have invested heavily in multi-signature wallet infrastructure, hardware security module integration, and air-gapped key generation processes. The term “SegWit-aware” is sometimes used informally to describe custody architectures that are designed with the segregation requirements in mind — systems in which the cryptographic and legal ownership of each asset can be traced to a specific client at any point in time.

AML/KYC in a Pseudonymous Environment

Swiss banks are subject to some of the world’s most demanding AML/KYC requirements under the Federal Anti-Money Laundering Act and FINMA’s associated circular on due diligence obligations. For crypto banks, these obligations intersect with the technical realities of blockchain transactions in ways that require both technological capability and regulatory judgement.

The travel rule — the requirement that identifying information about the originator and beneficiary accompany a wire transfer — has been extended to virtual asset transfers under Swiss law, consistent with FATF guidance. This means that when a Swiss crypto bank sends a token transfer to another obliged entity, it must transmit verified originator and beneficiary data alongside the on-chain transaction. Technically, this is achieved through off-chain messaging protocols, most commonly through the OpenVASP standard developed in Switzerland or the TRISA protocol maintained by the global VASP community.

Enhanced due diligence is required for transactions involving self-hosted wallets — addresses that are not associated with a known, regulated financial institution. Swiss crypto banks have developed transaction monitoring systems that combine blockchain analytics tools (Chainalysis, Elliptic, TRM Labs) with human review processes for flagged transactions. FINMA expects banks to maintain documented risk-based policies for self-hosted wallet interactions rather than blanket prohibitions.

SEBA and Sygnum: The Licensed Crypto Bank Model in Practice

SEBA Bank AG, headquartered in Zug, and Sygnum Bank AG, headquartered in Zurich, have served since 2019 as the primary demonstration cases for the Swiss crypto banking model. Both hold full banking licences from FINMA, both offer custody and trading services for digital assets alongside more traditional banking products, and both have served as reference points for regulators in other jurisdictions seeking to understand how institutional-grade crypto banking can be structured.

SEBA’s model has emphasised institutional services — providing banking infrastructure for asset managers, family offices, and fintech companies that need regulated on-ramps to digital asset markets. Sygnum has developed a strong position in tokenisation — the issuance and administration of security tokens representing claims on real-world assets — and has obtained a securities firm licence in addition to its banking licence, enabling it to act as principal in regulated securities markets.

Both banks have expanded internationally, with Sygnum establishing a significant presence in Singapore through a separate MAS-regulated entity, and SEBA having pursued licensing in Abu Dhabi and Hong Kong. This internationalisation reflects both the global nature of their institutional client base and the commercial logic of building regulatory relationships in multiple jurisdictions as the digital asset market matures.

Switzerland vs MiCA: A Different Regulatory Topology

The European Union’s Markets in Crypto-Assets Regulation (MiCA), which entered full effect in late 2024, represents a comprehensive legislative framework for crypto-asset service providers across the EU’s 27 member states. Switzerland, as a non-EU jurisdiction, is not subject to MiCA, and the differences between the two regulatory approaches are instructive.

MiCA creates a purpose-built licensing category — the crypto-asset service provider (CASP) — that sits alongside but distinct from existing banking and investment firm frameworks. Swiss regulation, by contrast, integrates crypto businesses into the existing banking, securities, and AML supervisory architecture through the principle of technology neutrality. Swiss crypto banks hold the same licence category as traditional banks; they are simply banks that happen to custody digital assets.

The Swiss approach produces tighter integration with banking regulation, stronger depositor protection (since client assets at licensed crypto banks benefit from the same deposit insurance and insolvency protections as deposits at traditional banks, subject to the specific custody segregation rules), and arguably more intensive supervisory scrutiny. The MiCA approach produces greater harmonisation across the EU single market and a licensing passport mechanism that allows a CASP licensed in one member state to operate across the EU.

The DLT Act and Its Interaction with Banking Supervision

Switzerland’s Distributed Ledger Technology Act, which came into force in 2021, introduced several amendments to existing commercial and financial law to accommodate blockchain-based transactions. Most significant for banking supervision was the introduction of the DLT securities concept — a new legal category allowing uncertificated securities to be represented on a blockchain register, with legal title established by inscription in the register rather than by possession of a paper certificate.

For crypto banks, the DLT Act matters because it clarifies the legal ownership structure of tokenised securities held in custody. A bank custodying DLT securities for clients can now point to a clear legal framework that establishes the client’s title without reliance on analogies to traditional securities law. This reduces legal uncertainty in insolvency scenarios and creates a cleaner foundation for custody agreements and client disclosures.

Outlook for Further Licensing

FINMA has continued to receive and process licence applications from digital asset businesses, and the pipeline of applicants suggests that the Swiss crypto banking sector will expand modestly in the years ahead. The regulatory pathway is clear, the compliance costs are substantial but manageable for well-capitalised applicants, and the reputational benefit of a Swiss banking licence continues to be valued by institutional clients.

The more interesting question for the medium term is how the Swiss crypto banking framework will evolve in response to technological developments — particularly in decentralised finance. FINMA has signalled willingness to engage with DeFi-adjacent business models through its existing principles-based framework, but the supervision of non-custodial protocols presents genuine conceptual challenges that the current licensing architecture does not fully address. How the regulator responds to those challenges will determine whether Switzerland’s position as a global reference jurisdiction for digital asset regulation is sustained into the next decade.

Conclusion

Switzerland’s approach to crypto banking regulation demonstrates what thoughtful, principles-based financial supervision looks like when applied to technological novelty. By insisting on technology neutrality, demanding institutional-grade custody and compliance infrastructure, and embedding crypto banks within the same legal framework as traditional institutions, FINMA has produced a regulatory environment that is simultaneously demanding and enabling. The result — a small but growing cohort of genuinely licensed, institutionally credible crypto banks — is a model that regulators from Tokyo to Toronto have studied closely.

Donovan Vanderbilt is a contributing editor at ZUG FINANCE, a publication of The Vanderbilt Portfolio AG, Zurich. The information presented is for educational purposes and does not constitute investment advice.

FINMAcrypto bankingdigital assetsregulationSEBASygnumDLT Actlicensing
READ THE NETWORK PERSPECTIVE
Zug Blockchain — Crypto Valley Intelligence → Blockchain ecosystem intelligence
About the Author
Donovan Vanderbilt
Founder of The Vanderbilt Portfolio AG, Zurich. Institutional analyst covering Swiss private banking, FINMA regulation, wealth management, fintech innovation, and Crypto Valley's financial services ecosystem.
In This Article
Market Indicators
SMI Index 11,842
USD/CHF 0.8921
EUR/CHF 0.9412
SNB Rate 1.00%
Swiss AUM CHF 7.8T
FINMA Licensed 2,800+
Related Intelligence
Network Intelligence
Zug Blockchain
Crypto Valley blockchain intelligence
Zug Economy
Canton Zug economic intelligence
Zug Business
Swiss company formation & operations
Zug Web3
Decentralised protocol intelligence
Zug DAO
Decentralised governance intelligence
Zug DLT
Swiss DLT law & regulation
Zug Commodities
Swiss commodity trading intelligence
Zug Trading
Digital asset trading & exchanges
Zug Oil
Swiss energy trading intelligence
Zug Estates
Swiss real estate intelligence