AI & Compliance in Switzerland: What You Need to Know

Avatar photoBy /

Introduction

On 12 February 2025 the Federal Department of the Environment, Transport, Energy and Communications (“DETEC”) and the Federal Department of Foreign Affairs (“FDFA”) presented a report concerning an overview of possible regulatory approaches to AI[1].

Switzerland intends to ratify the Council of Europe Convention on Artificial Intelligence (AI)[2] and to make the necessary amendments to Swiss law[3].

The Federal Council has decided to focus on the following parameters:

  • the AI Convention of the Council of Europe will be incorporated into Swiss law;
  • where legislative changes are needed, they should be as sector-specific as possible; and

non-legally binding measures will be developed to help implement the Convention. Measures may include self-disclosure agreements or industry solutions.

Applicability of the AI Act to Switzerland

The Regulation (UE) 2024/1689 (“AI Act”) extends beyond EU borders and applies to third-country entities, including those in Switzerland, if they place AI systems on the EU market or if their AI-generated outputs are utilized within the EU. This extraterritorial scope necessitates compliance from Swiss businesses seeking access to the EU market.

Additionally, Switzerland’s Mutual Recognition Agreement (“MRA”) with the EU, covering approximately two-thirds of trade in industrial products, may require amendments to accommodate the AI Act’s regulatory requirements. From 2027 onwards, Swiss products containing AI components might require dual certification unless the MRA is updated accordingly. Specifically, if a product contains AI components (e.g. motor vehicles, telecommunications, terminal or medical equipment etc.) an additional conformity assessment must be carried out by a conformity assessment body in the EU in accordance with the requirements of the AI Act, in addition to the existing conformity assessment by third parties that currently applies to the Swiss market and the EU internal market. Therefore, economic Swiss operators would have to adapt its product regulations and the MRA would also have to be expanded in terms of product-related AI legislation.

Medical Devices and Regulated Sectors

The medical devices sector is particularly affected, as it is already subject to stringent regulations both in Switzerland and the EU. Under the AI Act, many AI-integrated medical devices are classified as “high-risk,” subjecting them to strict transparency, risk assessment, and compliance obligations. Other key sectors impacted include financial services, industrial automation, and telecommunications, all of which must adhere to heightened regulatory scrutiny.

Compliance Costs for 2025

The European Commission estimates that compliance costs related to the AI Act will range between EUR 100 million and EUR 500 million by 2025, representing approximately 4-5% of total investments in high-risk AI systems. For Swiss entities, these costs will vary depending on their degree of exposure to the EU market and the future status of the MRA with the EU.

Withdrawal of the AI Liability Directive

Initially, the European Commission proposed an AI Liability Directive to complement the AI Act and provide a clearer legal framework for liability arising from AI-related damages. However, the proposal was recently withdrawn. Consequently, the existing EU legal framework continues to govern AI-related liability through general product liability and civil law principles. In this regard, as also confirmed by the FINMA Guidance 08/2024 on AI within the financial sector, one of the main challenges will be the “allocation of responsibilities due to the autonomous and difficult-to-explain actions of these systems and scattered responsibilities for AI applications at supervised institutions[4].

Potential Regulatory Approaches

For Switzerland, three primary regulatory approaches are under consideration, including:

  1. a sectoral approach: continuing with sector-specific regulations without adopting a general AI framework.
  2. The ratification of the Council of Europe’s AI Convention: implementing minimum or comprehensive transparency and risk assessment requirements.
  3. The alignment with the AI Act: developing a national regulatory framework based on the EU’s risk-based classification model to facilitate market access and enhance consumer protection.

The Financial Sector: FINMA Guidance on AI

On the 18th of December 2024, the Swiss Financial Market Supervisory Authority (“FINMA”) has issued Guidance 08/2024 on governance and risk management for AI applications in the financial sector. While Swiss financial market laws remain technology-neutral, FINMA expects supervised institutions to address AI-related risks proactively. Key areas of compliance include:

  • Governance and Risk Management: FINMA expects that institutions will establish a clear governance framework to ensure accountability for AI-driven processes. This includes defining responsibilities, setting up centralized inventories for AI applications, and integrating AI risk management into existing frameworks. In this regard, it is noteworthy that FINMA stated that an additional element of complexity is the development of AI in a decentralized manner, which could make it challenging when it comes to implementing standards and assigning responsibilities to address the relevant risks.
  • Inventory and Risk Classification: institutions should maintain a comprehensive inventory of AI applications and classify them based on materiality and associated risks, particularly regarding financial stability, compliance, and reputational factors.
  • Data Quality Controls: AI models depend on high-quality data. Controls on data quality should be implemented to prevent biases, ensure data integrity, and mitigate risks related to outdated or manipulated datasets.
  • Testing and Ongoing Monitoring: continuous validation of AI models is essential to detect performance issues, biases, and inaccuracies. Tests include but are not limited to backtesting, out-of-sample testing, sensitivity analyses or stress testing, and adversarial testing.
  • Documentation and Explainability: transparent documentation outlining AI decision-making processes should be encouraged. In this context, explainability means an understanding of the drivers of the application or the behavior under different conditions to assess the plausibility and robustness of the result.
  • Independent Review: institutions should implement independent oversight mechanisms to verify AI models’ robustness, compliance, and ethical considerations. External reviews may be required for high-risk applications.

Preparation for Operators

Regardless of the regulatory approach adopted, two key obligations are expected to apply to Swiss AI operators:

  1. algorithmic transparency: operators should ensure that AI systems are interpretable and documented, with clear traceability of algorithmic decision-making processes.
  2. risk assessment: AI systems should undergo comprehensive risk assessment and mitigation procedures.

To prepare for these obligations, Swiss AI operators could consider to:

  • implement auditing and documentation procedures for AI systems;
  • adjust compliance strategies in accordance with evolving EU regulatory frameworks;
  • monitor developments concerning the MRA with the EU to assess potential certification impacts; and
  • strengthen transparency and risk management protocols to mitigate regulatory risks and enhance consumer trust.

Conclusion

The AI Act is already impacting Switzerland and with the withdrawal of the AI Liability Directive, uncertainty remains regarding the future legal framework for AI liability, making it crucial for Swiss entities to closely monitor ongoing regulatory developments.

Lexify offers specialized assistance to Swiss businesses seeking to comply with the AI Act and broader EU regulatory requirements while ensuring adherence to Swiss legal constraints.

[1] Available here at the following address: https://www.bakom.admin.ch/bakom/en/homepage/digital-switzerland-and-internet/strategie-digitale-schweiz/ai.html.

[2] See the European Convention on Artificial Intelligence and the signatories countries available here: https://www.coe.int/en/web/artificial-intelligence/the-framework-convention-on-artificial-intelligence.

[3] See the Federal Office of Communication (OFCOM), AI regulation: Federal Council to ratify Council of Europe Convention, February 12, 2025.

[4] FINMA, Guidance 08/2024 Governance and risk management when using Artificial Intelligence, December 18, 2024.

Connect with Us

Thank you for taking the time to read our article. We hope you found it informative and engaging. If you have any questions, feedback, or would like to explore our services further, we’re here to assist you.

Contact Information

For inquiries about our legal assistance, please contact us:

  • Phone: +41 774613847

Follow Us

Stay updated and connected with us on social media for the latest news, insights, and updates:

LinkedIn: Lexify

Latest News

Scroll to Top