Database for assessing fitness and propriety requirements

Top management members at supervised institutions are subject to proper business conduct requirements under financial market law. FINMA collects the requisite data to assess compliance with these requirements.

FINMA Ordinance on Data Processing

As well as ensuring top management’s compliance with financial market legislation, proper business conduct requirements are intended to preserve the general public’s trust in supervised institutions and the financial sector’s reputation. Proper business conduct extends to all character-related and professional factors which enable an office holder to manage a supervised institution correctly.

Database to monitor proper business conduct

FINMA’s supervisory activities yield information about individuals whose proper business conduct in accordance with the requirements of financial market law needs to be reviewed should the person assume a position subject to these requirements.

FINMA manages a database to assess compliance with proper business conduct requirements in accordance with financial market law. To this end FINMA enters data in the database required in the event of a future assessment of compliance with proper business conduct. It manages the database to ensure that only individuals who meet the proper business conduct requirements are involved in the strategic or executive management of authorised institutions or hold qualified participations in them.

The database contains information necessary to assess compliance with the proper business conduct requirements:

information for identification: surname, first name, date of birth, gender, place of origin, nationality, mother tongue, address, email address, telephone number, OASI number;
education and professional information: qualifications, further training, expertise, employer with UID and workplace;
information concerning an individual’s financial situation, assets and insurance;
extracts from commercial, debt enforcement, bankruptcy and criminal registers;
reports, assessments and other documents issued by auditors and third parties appointed by FINMA;
reports and decisions by supervisory, self-regulatory and professional organisations;
criminal charges and criminal complaints launched by authorities;
court decisions, decrees and other official documents;
information about measures imposed under employment law, administrative law and criminal law;
reports on internal audits and investigations of supervised institutions;
a written admission of misconduct to an authority or a voluntary declaration;
documentation relating to a person if it shows that despite there being indications that a supervisory breach has occurred, no FINMA proceedings can be launched against this person because they have absconded;
written undertaking not to operate in an area supervised by FINMA either temporarily or permanently.

FINMA’s database is based on Article 23 para. 1 and 2 let. d FINMASA and the FINMA Ordinance on Data Processing.

Informing those concerned about database entries

FINMA informs the person concerned in writing about initial database entries. Article 20 of the Data Protection Act (FADP) expressly remains reserved. FINMA may in particular restrict, defer or waive notification of the person concerned in accordance with the prerequisites pursuant to Article 20 para. 3 FADP.

Compliance with proper business conduct requirements

FINMA reviews a person’s business conduct (fitness and propriety) if they are about to assume a specific role subject to the proper business conduct requirements. FINMA therefore recommends that a person informed about a database entry should contact FINMA in advance if they intend to assume a position subject to these requirements, or if they are applying for such a position and are not sure whether it is subject to these requirements.

A person’s fitness and propriety have to be assessed within the context of the specific requirements and corporate function of a position at a given company as they could be suitable for one role but not for another. Requirements differ, for example, depending on whether the candidate is a member of the executive board or of the board of directors, a CEO, a company director or chair of the board of directors. The scope and nature of the future business activity and the size and complexity of the company in question must also be taken into account.

If a person’s fitness and propriety are assessed, it may be done by means of enforcement proceedings. FINMA may instruct the supervised institution to remove the person from the position in question.