Switzerland's financial regulator published guidance on Wednesday warning that banks are not doing enough to combat digital fraud, citing a survey of 19 institutions that revealed widespread gaps in governance, detection systems, and anti-money laundering controls.
Singapore Summit: Meet the largest APAC brokers you know (and those you still don't!)
The Swiss Financial Market Supervisory Authority (FINMA) said it has observed a steady rise in digital fraud cases since the end of 2022, driven in part by advances in artificial intelligence, deepfake technology, and the broader shift to online banking and instant payments. The regulator's Guidance 02/2026, released Wednesday, lays out findings from a survey conducted at the end of 2025 across banks in various supervisory categories.
Among the results: 8 of the 19 institutions surveyed (42%) had no dedicated digital fraud policy, according to the guidance. Three lacked any steering committee to deal with digital fraud risks. Seven had no standard response plan for fraud incidents, and roughly a quarter had no processes for identifying emerging fraud trends, a practice known as "horizon scanning."
What FINMA's Guidance Means for Swiss-Licensed Brokers
The guidance applies to banks and persons under Article 1b of the Banking Act, a category that includes securities dealers. Switzerland requires retail FX and CFD brokers to hold banking licenses, which means firms like Swissquote and Dukascopy operate under FINMA's direct supervision and fall within the scope of these expectations.
- 50% of Swiss Financial Firms Use AI, FINMA Survey of 400 Institutions Shows
- Swiss Regulator Grants First License for Blockchain-Based Securities Trading
- FINMA Issues Guidance on Stablecoin Risks and Default Guarantees
FINMA did not disclose which institutions participated in the survey, and the guidance carries no enforcement action against any named entity. Both Swissquote and Dukascopy hold full Swiss banking licenses and are among the few FINMA-regulated firms that accept retail trading clients from across Europe. Swissquote reported CHF 723.3 million in net revenue for 2025 and added more than 100,000 accounts last year, while Dukascopy expanded its MT5 offering to more than 400 instruments earlier this year.
The broader point is that any FINMA-supervised institution offering digital onboarding and online trading is now on notice. The regulator's findings establish a baseline that auditors and compliance teams across the Swiss financial sector are likely to measure themselves against.
Fraud Defenses Under Pressure Across the Retail Trading Industry
The problem FINMA described is not unique to Switzerland. Digital fraud has become a growing challenge across the retail trading industry, and the regulatory response has been uneven.
Last year, Warsaw-listed broker XTB faced public fallout after a Polish client alleged hackers drained approximately $38,000 from his account through rapid-fire trades on low-liquidity instruments. The incident pushed XTB to mandate two-factor authentication and later introduce an emergency lock feature that lets clients freeze all account activity with a single tap. XTB said it would reimburse all clients who suffered losses from cyberattacks, though the company noted the affected accounts amounted to just 0.017% of its client base.
The FCA in the United Kingdom has been active on a related front, issuing repeated warnings about clone firms impersonating regulated brokers. In the EU, the rollout of instant payments regulation has raised its own set of fraud concerns. FINMA's survey adds hard data to a problem the industry has largely addressed through individual company responses rather than coordinated regulatory action.
Deepfakes and AI Complicate Online Onboarding
One of the more pointed sections of the FINMA guidance deals with the rising use of deepfakes and AI-generated documents to circumvent identity verification during online account opening, a process that nearly every retail broker relies on to acquire new clients.
Criminal organizations "are making full use of the new technological possibilities, and manipulated videos or forged identity documents are becoming increasingly difficult to detect," the guidance states. The regulator noted an increase in reports to Switzerland's Money Laundering Reporting Office (MROS) tied to accounts opened online, though FINMA acknowledged the survey data did not provide clear evidence that fraud was more common with online accounts than with those opened in person.
The growing role of AI in financial fraud has been flagged by regulators globally. The CFTC in the United States warned last year about criminals using AI-powered tools to create fake trading platforms and impersonate executives. A separate report found that 32% of investment scams now originate on social media, with AI-generated content playing an increasing role.
FINMA pointed to a specific pattern that should concern any firm with digital onboarding: individuals being tricked into opening legitimate bank accounts, completing all proper due diligence steps, and then handing over access to criminal third parties. Because the accounts are opened using valid documents, the fraud occurs after the onboarding process, making it harder for compliance teams to catch through standard KYC checks alone.
Anti-Money Laundering Gaps Vary Widely
The survey results on anti-money laundering controls were notably uneven. FINMA found that the rate of suspicious activity reports related to online fraud, identity theft, and money mules varied by a factor of up to 10 across the institutions surveyed. The proportion of internally flagged cases that led to formal MROS reports ranged from 12% to 78%, according to the guidance.
Transaction monitoring thresholds at most surveyed institutions were set at CHF 100,000 or CHF 200,000 for retail clients with low or normal risk profiles, levels that FINMA described as suggesting relatively basic systems. The regulator noted that most institutions relied on fixed limits rather than scenario-based monitoring, which makes it harder to identify digital fraud patterns that may involve smaller, faster transactions.
KYC information, FINMA found, was "generally rather limited" at the institutions surveyed, and most did not feed it into their transaction monitoring systems. The regulator said institutions' anti-money laundering regulations and processes "must be sufficiently effective to detect cases of digital fraud and money muling as quickly as possible."
For the retail FX and CFD sector, where fast deposit-withdrawal cycles and cross-border fund flows are standard, the AML gaps FINMA described are directly relevant. Switzerland's Banking Ombudsman reported that fraud was the most common cause of cases brought to its attention in 2024, according to its annual report cited in the guidance.
FINMA's concluding remarks carried an implicit warning. The regulator said that in the event of a "spate of fraud cases," institutions must review the effectiveness of their existing measures "promptly and, if necessary, supplemented by additional measures." That may include "temporary restrictions on the provision of certain services that lead to such instances of digital fraud," according to the guidance.
