The criminal liability chain and verification of the BO’s identity

The offence consists in performing one of the management acts referred to in the provision, whilst failing to verify the BO’s identity with the vigilance required by the circumstances. Although the concept of the “BO” is not defined in the Criminal Code, case law considers it to be the person who effectively controls the assets, namely the person to whom they belong from an economic point of view. The duty of diligence in verifying the identity of the BO is assessed in light of the principle of proportionality, depending on the circumstances and applicable professional rules. For financial intermediaries, this primarily involves applying the Agreement on the Swiss banks’ code of conduct with regard to the exercise of due diligence (CDB), the AMLA[1], and the institution’s internal guidelines.

Thus, within financial intermediaries, no one is immune: relationship managers, the first line of defence (1LoD), as well as compliance staff responsible for ensuring adherence to this obligation, must be aware that a failure to verify the identity of the BO is not merely a regulatory breach but may give rise to personal criminal liability.

Moreover, the criminal risk does not lapse over time; on the contrary, it may persist throughout the business relationship and even beyond. The Swiss Supreme Court has held[2] that a lack of vigilance in financial transactions constitutes a continuing offence, meaning that it persists until the BO is correctly identified. If the BO is never properly identified during the entire business relationship, the offence continues until the relationship ends. The limitation period for criminal prosecution only begins to run after one of these two events occurs: either the identification of the BO or the end of the business relationship.

Finally, it should be noted that Article 305ter paragraph 1 CC targets natural persons and, unlike Article 305bis CC, its violation cannot give rise to primary criminal liability of the financial intermediary, as the provision is not included in the exhaustive list of offences in Article 102 paragraph 2 CC. However, the financial intermediary is not entirely shielded, as he may be held liable under the subsidiary liability regime provided for in Article 102 paragraph 1 CC. This provision allows for the criminal liability of a company to be engaged where, due to organisational deficiencies, a crime or offence cannot be attributed to a specific natural person. By way of illustration, a Geneva-based bank was convicted in May 2025 on the basis of Article 102 paragraph 1 CC in conjunction with Article 305ter paragraph 1 CC for incorrectly identifying the BO in several of its business relationships. As part of negotiations with the prosecuting authority, the bank was fined CHF 1 million and ordered to forfeit net profits exceeding CHF 12 million derived from the disputed banking relationships.

Beyond a mere regulatory breach, the failure to verify the identity of the BO thus exposes both financial intermediaries and their employees to a concrete and lasting criminal risk – a risk that calls for constant vigilance.