Swiss Regulator Signals Urgency as Digital Fraud Pressures Mount on Banks

Key Takeaways

• Digital Fraud Is Climbing: The Swiss Financial Market Supervisory Authority FINMA says fraud cases have been increasing since 2022 as digital banking continues to expand.
• Banks Hit on Two Fronts: Customers are being defrauded, while bank accounts are also being used to launder illicit proceeds.
• Survey Finds Gaps: A review of 19 banks points to weaknesses in operational risk management and anti-money laundering controls.
• Stronger Frameworks Expected: FINMA is urging firms to implement comprehensive, enterprise-wide risk management for digital fraud.
• Focus on Vulnerable Moments: Online onboarding and unauthorized account access remain key pressure points.

Deep Dive

In new guidance published this week, the Swiss Financial Market Supervisory Authority FINMA makes it clear that digital fraud is no longer a peripheral issue. It has been steadily rising since 2022, fueled in part by the surge in digital banking that took hold during the pandemic and never really slowed down.

What’s changed is the scale and the shape of the risk. Fraud is no longer just about individual victims. Banks are increasingly caught in the middle, dealing not only with customer losses but also with their own infrastructure being used to move illicit funds.

To get a clearer picture, FINMA surveyed 19 banks at the end of 2025, spanning different sizes and supervisory categories. The findings, now distilled into its guidance, don’t point to a single failure but rather a pattern.

Some institutions are still catching up when it comes to embedding digital fraud into their operational risk frameworks. Others face challenges linking fraud prevention efforts with anti-money laundering controls, even as the two risks become more intertwined.

It’s not that banks are ignoring the issue. It’s that the pace of change (new technologies, new attack methods, new customer behaviors) has made it harder to keep controls aligned with reality.

The Pressure Is on to Treat Fraud as a Core Risk

FINMA’s message is about sharpening expectations. Digital fraud, it suggests, needs to be treated as a core risk that cuts across the entire organization, not something handled in isolated teams or reactive workflows.

That means building risk management frameworks that don’t just exist on paper but actively identify and track threats across all business activities. It also means paying closer attention to the points where fraud is most likely to slip through, particularly when customers are onboarded digitally or when attackers gain unauthorized access to accounts.

These are the moments where convenience and risk collide, and where gaps tend to be most visible.

From Awareness to Action

The guidance ultimately reads as a nudge and perhaps a warning. The risks are well understood, but consistency in how they are managed is still lacking.

For compliance, risk, and security teams, the takeaway is straightforward. As banks continue to push deeper into digital services, fraud risk is becoming more embedded, more complex, and harder to separate from broader financial crime exposure.

The expectation now is not just awareness but coordination, bringing together operational risk, fraud prevention, and anti-money laundering into something that resembles a unified defense rather than a collection of moving parts.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.