EU conflict minerals legislation

EU conflict minerals legislation will enter into force on 7 July 2017 and affect all EU importers of gold, tin, tungsten and tantalum (metals and ores).

The new EU conflict minerals regulation (“CMR”) was officially published on 9 May 2017 and will enter into force on 7 July 2017. The CMR introduces new compliance rules for EU importers of gold, tin, tungsten and tantalum, as well as their ores (“metals and minerals”), which stem from conflict-affected and high-risk areas, among others. The CMR is based on the OECD Due Diligence Guidance for responsible supply chains of minerals from conflict-affected and high-risk areas (“OECD Due Diligence Guidance”), including the annexes and supplements thereto. The USA have already introduced their version of a conflict minerals regulation in Section 1502 of the Dodd-Frank Act. This memorandum provides an overview of the key features of the CRM.

Summary

The EU Conflicts Minerals Regulation covers gold, tin, tungsten and tantalum, as well as their ores, which stem from conflict-affected or high-risk areas, among others. The CMR will affect all EU importers (or third parties acting on their behalf) of gold, tin, tungsten and tantalum, and those involved in the EU supply chain of the import of these metals and minerals. EU importers or third parties acting on their behalf must comply with the following key obligations: the creation of management and risk management systems, third party audits, disclosure obligations and ex-post checks. Non-EU importers must ensure that EU importers can fulfil their obligations by providing the required information and data for supply chain traceability. The CMR will enter into force on 7 July 2017. Its key obligations will however only come into effect on 1 January 2021.

Who is affected?

The obligations of the CMR will mainly affect EU importers of metals and minerals. An “EU Importer” is any natural or legal person declaring metals or minerals for release for free circulation, or any natural or legal person on whose behalf such declaration is made. Non-EU goods intended to be put on the EU market or intended for private use or consumption within the customs territory of the EU shall be placed under release for free circulation. Release for free circulation entails:

  1. the collection of any import duties due
  2. the collection, as appropriate, of other charges, as provided for under relevant and effective provisions relating to the collection of such charges
  3. the application of commercial policy measures and prohibitions and restrictions insofar as they do not have to be applied at an earlier stage
  4. the completion of other formalities established in respect of the import of goods.

Release for free circulation shall confer the customs status of EU goods on non-EU goods.

It is important to note, however, that EU importers sourcing metals and minerals not stemming from areas deemed to be “conflict-affected or high-risk” must maintain their responsibility to comply with the due diligence obligations of the CMR. In other words, all EU importer of metals and minerals must comply with the requirements of the CMR. Commodities traders who are not EU importers of metals and minerals are still affected by the CMR because they are part of the supply chain. These traders must ensure that EU importers can fulfil their traceability obligations and other duties under the CMR.

Which metals and minerals are affected?

The CMR impacts gold, tin, tungsten and tantalum and their ores (“metals and minerals”) if they exceed a certain threshold volume. EU authorities have outlined the affected metals and minerals in their “Combined Customs Nomenclature”. Please find below an indicative table of the affected CN codes and exempted volumes.

Affected minerals

Description EU CN code TARIC subdivision Exempted threshold volume (kg)
Tin ores and concentrates 2609 00 00 5,000
Tungsten ores and concentrates 2611 00 00 250,000
Tantalum or niobium ores and concentrates ex 2615 90 00 10 To be communicated
Gold ores and concentrates ex 2616 90 00 10 To be communicated
Gold, unwrought or in semi-manufactured form, or as a powder with a gold concentration lower than 99.5% that has not passed the refining stage ex 7108 100

Affected metals

Description CN code TARIC subdivision Threshold volume (kg)
Tungsten oxides and hydroxides 2825 90 40 100,000
Tin oxides and hydroxides ex 2825 90 85 10 To be communicated
Tin chlorides 2827 39 10 10,000
Tungstates 2841 80 00 100,000
Tantalates ex 2841 90 85 30 To be communicated
Carbides of tungsten 2849 90 30 10,000
Carbides of tantalum ex 2849 90 50 10 To be communicated
Gold, unwrought or in semi-manufactured form, or as a powder with a gold concentration of 99.5% or higher that has passed the refining stage ex 7108 100
Ferrotungsten and ferro-silico-tungsten 7202 80 00 25,000
Tin, unwrought 8001 100,000
Tin bars, rods, profiles and wires 8003 00 00 1,400
Tin, other articles 8007 00 2,100
Tungsten, powders 8101 10 00 2,500
Tungsten, unwrought, including bars and rods obtained by simple sintering 8101 94 00 500
Tungsten wire 8101 96 00 250
Tungsten bars and rods, other than those obtained by simple sintering, profiles, plates, sheets, strips and foil, and other 8101 99 350
Tantalum, unwrought including bars and rods, obtained by simple sintering; powders 8103 20 00 2,500
Tantalum bars and rods, other than those obtained by simple sintering, profiles, wire, plates, sheets, strips and foil, and other

 Which jurisdictions are concerned?

The CMR will affect all metals and minerals coming from areas in a state of armed conflict or fragile post conflict, as well as those areas witnessing weak or non-existent governance and security (such as failed states) and widespread and systematic violations of international law, including human rights abuses. It will be left to the discretion of the respective EU importer whether areas should be deemed “conflict-affected” or “high-risk”. An indicative, non-exhaustive, regularly updated list of conflict-affected and high-risk areas will be provided. This list will however not provide absolute clarity on the countries that are considered “conflict-affected” or “high-risk”. The authorities will prepare non-binding guidelines in the form of a handbook for economic operators, explaining how best to apply the criteria for the identification of conflict-affected and high-risk areas.

What are the obligations under the EU conflict minerals regulation?

EU importers of metals and minerals must comply with the supply chain due diligence obligations set out in the CMR, and keep documentation demonstrating their compliance with these obligations, including the results of independent third-party audits. The key obligations are the implementation of:

  1. Management system: A supply-chain policy for metals and minerals stemming from conflict-affected and high-risk areas must be created, adopted and overseen by senior management, and communicated to suppliers. A grievance mechanism as an early-warning risk-awareness system must also be implemented. A chain-of-custody or supply-chain traceability system must be developed that provides the following (and its respective documentation):
      • description of the metal or mineral, including its trade name and type
      • name and address of the supplier to the EU importer
      • name and address of the smelters and refiners in the supply chain of the EU importer
      • in the case of metals – records of the third-party audit reports of smelters and refiners, if available, or evidence of conformity with a supply chain due diligence scheme recognised by the European Commission
      • in the case of minerals only – the country of origin of the minerals and if available, the quantities and dates of extraction, expressed in volume or weight
      • in the case of metals or minerals originating from conflict-affected and high-risk areas – additional information in accordance with the specific recommendations for upstream economic operators, as outlined in the OECD Due Diligence Guidance.

     

  2. Risk management obligations: Identify and assess the risks of adverse impacts in the mineral supply chain on the basis of information provided on the standards of their supply chain policy. Implement a strategy to respond to identified risks, one that prevents or mitigates adverse impacts by:
    • reporting findings of the supply chain risk assessment to senior management
    • adopting risk management measures consistent with the OECD Due Diligence Guidance
    • implementing a risk management plan and tracking its performance
    • undertaking additional fact and risk assessments for risks requiring mitigation, or after a change of circumstances.

     

  3. Third party audit obligations: EU importers of metals or minerals shall have audits performed by an independent third party (‘third-party audit’). EU importers of metals shall be exempt from the obligation to carry out third-party audits provided they provide substantive evidence, including third-party audit reports, which demonstrate that all smelters and refiners in their supply chain comply with the CMR or that they source exclusively from smelters and refiners found on the “Globally-Responsible Smelters and Refiners” list (see below, “Acknowledged refiners and smelters”).
     
  4. Disclosure obligations: EU importers of metals and minerals shall provide reports of any third-party audits to the competent authorities, and provide their immediate downstream purchasers all information gained and maintained pursuant to their supply chain due diligence with regard to business confidentiality and other competitive concerns. Each year, they shall report as thoroughly as possible on their supply chain due diligence policies and practices for responsible sourcing, including on the Internet.
     
  5. Ex-post checks: The competent authorities will carry out appropriate ex-post checks in order to ensure that EU importers of metals and minerals comply with the established obligations. This includes the examination of the EU importer’s implementation of supply chain due diligence obligations, the examination of documentation and records demonstrating proper compliance and the verification of audit obligations. Ex-post checks will include on-the-spot inspections, such as those done on the premises of the EU importer.
     

What are the applicable exemptions?

There are multiple applicable exemptions, such as:

  1. Recycled metals: Where an EU importer can reasonably conclude that metals are derived only from recycled or scrap sources, and when it has, with due regard for business confidentiality and other competitive concerns, publicly disclosed its conclusion and described in reasonable detail the supply chain due diligence measures it exercised in reaching that conclusion.
  2. Stocks of affected minerals: When stocks were created in their current form on a verifiable date prior to 1 February 2013.
  3. Recognised due diligence schemes of industry associations and groups: Industry associations and groups may request recognition of their due diligence schemes from the European Commission.
  4. Acknowledged refiners and smelters: A list will be provided that contains the names and addresses of globally-responsible smelters and refiners.

When will the EU conflict minerals regulation and its obligations take effect?

The CMR will take effect on 9 July 2017. Its key provisions will however only enter into force on 1 January 2021. These key provisions are:

  • Compliance with supply chain obligations
  • Management systems obligations
  • Risk management obligations
  • Third-party audit obligations
  • Disclosure obligations
  • Ex-post checks on EU importers

What will be the impact?

The experience obtained from the enforcement of the conflict minerals regulations under Dodd-Frank has shown that it will take a considerable amount of time to plan, structure and implement the requirements set forth in the OECD Due Diligence Guidance. These requirements will affect corporate governance, risk management, supply chain and trading activities.

Please contact our experts on this topic for a free consultation.

Contacts

Martin Liebi
Director – Head of Commodities Trading Regulation
Tel: +41 58 792 2886
martin.liebi@ch.pwc.com

Guenther Dobrauz
Partner Tax and Legals
Tel: +41 58 792 1497
guenther.dobrauz@ch.pwc.com

MIFID2: Are you ready for the new era in record-keeping?

With the MIFID2 regulatory regime beginning on 3 January 2018, EU-based financial firms will not only face a new era of heightened record-keeping involving many more records than was previously required, but also the negative effects of new oversight, monitoring, e-discovery and forensics processes for the firm’s clients and regulators. MIFID2 recordkeeping will not just be about expanded content archival – it will deal with its implementation in a way that will help firms best execute processes in a strategic and efficient manner.

The task faced by management teams to ensure their firms are compliant with MIFID2 record-keeping may be daunting given the complexities of the directive and its regulations. We feel this task is best completed by way of an overall approach to record-keeping operations, culminating in the decision to create a firm-level “programme” that is designed to handle all the new requirements posed by MIFID2 – as opposed to ad-hoc, tactically focused processes, which ensure minimal compliance with great risk and little preparation for the processes of oversight, monitoring, e-discovery and forensics. With a strategic programme, firms will have the means to ensure record-keeping compliance and be prepared to effectively deal with the negative effects of MIFID2.

Ultimately, a robust and strategic recordkeeping programme should encompass a process of integrating content archiving into the management of line-of-business applications from the very first day of MIFID2. This process should put operational archiving best practices into place to ensure that records are archived in such a way that their state and inventory are always known – thus making oversight, searching and retrieval easier in the future.

Read the whole article

Contacts PwC:

Guenther Dobrauz
Partner|Leader PwC Legal Services Switzerland
Tel. +41 58 792 1497
guenther.dobrauz@ch.pwc.com

Michael Taschner
Senior Manager|Legal FS Regulatory and Compliance Service
Tel. +41 58 792 1087
michael.taschner@ch.pwc.com

Philipp Rosenauer
Manager|Legal FS Regulatory and Compliance Services
Tel. +41 58 792 1856
philipp.rosenauer@ch.pwc.com

Orkan Sahin
Senior |Legal FS Regulatory and Compliance Services
Tel. +41 58 792 1994
orkan.sahin@ch.pwc.com

Contacts KSF Technologies:

Michael Imfeld
Managing Partner, Business Development
michael.imfeld@ksftech.com

Allen Frasier
Director of Compliance
allen.frasier@ksftech.com

SWIFT Customer Security Programme – mandatory specifications to protect your local SWIFT infrastructures

The growing number of cyber-attacks, including those on the local infrastructures of SWIFT participants, has prompted SWIFT to create a security programme for its participants in order to fight together against cyber threats.

SWIFT published its Customer Security Programme in April 2017. It defines specific requirements to be met by all connected participants. The programme aims to improve the exchange of information within the SWIFT community, to ensure a high level of security for the local SWIFT infrastructure of participants, and to put in place an assurance framework to counter the ever growing number of cyber threats and strengthen the ability of SWIFT participants to combat cyber-attacks.

SWIFT Customer Security Programme

The programme calls upon all SWIFT participants to implement a control and assurance framework. The control framework consists of a set of 16 mandatory and 11 advisory security controls. The controls are based on existing SWIFT security guidelines, and are in line with good practice standards such as NIST, ISO/IEC 27002 and PCI-DSS. The mandatory controls establish a security baseline for the entire SWIFT community. SWIFT also recommends implementing the advisory controls to provide optimal protection for local SWIFT infrastructures.

Demands placed on SWIFT participants

The SWIFT Customer Security Programme will come into force on 1 January 2018. As well as applying to financial service providers, it is also valid for all companies that participate in the SWIFT network. Before the introduction of the programme, each SWIFT participant must conduct a self-assessment and notify SWIFT of its status regarding compliance with the controls (by the end of 2017). From 2018, all participants must confirm their compliance with controls on an annual basis. This confirmation can be provided via a self-assessment (self-attestation), internal audit (self-inspection) or external audit (third-party inspection). Participants are free to choose the type of confirmation they wish to submit. SWIFT will however also carry out regular spot checks of confirmations via internal or external audits for quality assurance purposes.

SWIFT participants must consider the following points in particular:

  • Should only the mandatory controls be implemented, or also the advisory ones?
  • How should the assurance framework be structured? Is self-assessment sufficient, or should an internal or external audit be conducted on a regular basis?
  • Should the status regarding compliance with controls be made public to other SWIFT participants?
  • How can it be ensured that controls continue to be adhered to in the future?

The support we offer you

SWIFT Readiness Assessment

We can help make sure you comply with the SWIFT requirements by 1 January 2018 by assessing your current status and highlighting any gaps.

SWIFT control support

We can provide support for the implementation of controls by means of a post-implementation review.

SWIFT compliance confirmation

We can assist you with your annual confirmation of compliance with SWIFT requirements.

Please feel free to contact our experts if you are interested in the topic.

More information

Contacts

Jens Probst
Director, Systems & Process
Assurance
+41 58 792 29 59
jens.probst@ch.pwc.com

Claudia Hösli
Senior Manager, Specialist Cyber Security
+41 58 792 14 85
claudia.hoesli@ch.pwc.com

Marco Schurtenberger
Senior Manager, Specialist Cyber Security
+41 58 792 22 33
marco.schurtenberger@ch.pwc.com

Switzerland: New social security treaty between Switzerland and China

A social security treaty between Switzerland and the People’s Republic of China (China) will enter into force on 19 June 2017. The maximum posting period is 72 months. For the duration of the posting employees (regardless their nationality) are exempt from the compulsory insurance obligations of the country of occupation which are covered in the social security treaty. As from 19 June 2017 it will be possible to obtain a Certificate of Coverage.

 

Click here for more details

 

Contact

Véronique Schaller
+41 58 792 5036
veronique.schaller-wiesli@ch.pwc.com

Natalia Graf
+41 58 792 4324
natalia.graf@ch.pwc.com

 

Webinar: How US tax reform impacts Switzerland

Wednesday, 3 May 2017, 4–5pm CET

US tax reform is one of the key topics in the US under the Trump administration. Various proposals are being discussed and prepared − notably measures with the common goal of making the US corporate tax system more competitive. Given the potential magnitude of the proposed changes and the short timeframe within which legal changes are usually implemented in the US, it’s time to consider what US tax reform could mean for Switzerland and Swiss-based companies that do business in the US.

This webinar addresses questions such as:

  • How is the US tax system unique?
  • What’s involved in the process of transforming tax reform into US law?
  • What are the options for tax reform, and how do they compare and contrast (Camp plan, Trump proposal, Republican blueprint)?
  • What are the consequences for Swiss companies doing business in the US (e.g. interest deducibility, treatment of intangibles, state taxes and border adjustment tax)?
  • What impact will US tax reform have on the Swiss tax reform?

To register for the online event, please click on the link below.

WEBEX LINK

Once you have registered, you will receive the WebEx access details. The WebEx will be recorded and you will receive a link to the recording via e-mail after the event using the same details. There will be time for questions and answers with your speakers during the WebEx. Questions can also be sent in advance of the WebeX session to the following email address: rolf.j.roellin@us.pwc.com.

We do hope that you will join us online!

If you have questions, please contact your usual PwC contact person or one of our US tax experts named below.

Matina M. Walt
Partner
Swiss Tax Desk
PwC New York / Switzerland
martina.m.walt@us.pwc.com

Bernard Moens
Principal
PwC US
bernard.e.moens@us.pwc.com

 

Event series − VAT in ERP systems: how does it challenge IT, the Tax Administration and tax experts?

Register Online to our upcoming series of events on VAT in ERP systems: how does it challenge IT, the Tax Administration and tax experts?

ERP systems are often not equipped to handle the complex requirements of VAT correctly, flexibly and efficiently without extra work or manual intervention.

The legal requirements are constantly changing, and on the basis of the OECD guidelines many countries are exchanging data or demanding evermore detailed information from taxpayers. Organisations are well on the way to transparency.

At these events we’ll be discussing the views of our clients, looking at the different needs of the IT and tax functions, and finally sharing some insights from the Tax Administration.

The aim of the events is to talk about experiences and needs, learn from each other, and build ‘best practice’ together. If required this dialogue can be continued afterwards within our “ITX ERP Support Community”. In the beginning, the questions and the coordination of the same language in the cooperation of the tax and IT department are at the company’s disposal. Our discussions will revolve around the issues that organisations face and creating a common language enabling the tax and IT functions to work together.

Have we piqued your interest? We look forward to welcoming you to one of our discussions.

The dates are planned as follows:

Zurich

  • Wednesday, 31 May 2017, 4.30 pm registration / welcome drink
  • 5.00 pm start, 6.00 pm end, followed by an apéro and individual discussions and questions
  • PricewaterhouseCoopers AG, Birchstrasse 160, 8050 Zurich

Berne

  • Tuesday, 6 June 2017, 4.30 pm registration / welcome drink
  • 5.00 pm start, 6.00 pm end, followed by an apéro and individual discussions and questions
  • PricewaterhouseCoopers AG, Bahnhofplatz 10, 3001 Berne

Geneva

  • Thursday, 15 June 2017, 4.30 pm registration / welcome drink
  • 5.00 pm start, 6.00 pm end, followed by an apéro and individual discussions and questions
  • PricewaterhouseCoopers AG, Avenue Giuseppe-Motta 50, 1211 Geneva
  • This event takes place in English. To discuss your questions, local PwC colleagues will be at your disposal

Basel

  • Thursday, 22 June 2017, 4.30 pm registration / welcome drink
  • 5.00 pm start, 6.00 pm end, followed by an apéro and individual discussions and questions
  • PricewaterhouseCoopers AG, St.Jakobs-Strasse 25, 4002 Basel

The detailed programme has been published on our website www.pwc.ch/vat-erp. We are looking forward to your registration.

If you have any questions, please get in touch with your usual PwC contact person or one of the experts below

Your contacts

Ilona Paakkala
Director
ITX Technology Leader
Tel. +41 58 792 42 58
paakkala.ilona@ch.pwc.com

Sandra Wirz
Senior Manager
ITX ERP Support Responsible
Tel. +41 58 792 25 32
sandra.wirz@ch.pwc.com

Adapt your SAP authorisation concept to S/4HANA

S/4HANA is SAP’s next-generation business suite that is built on SAP’s proprietary operational database system and in-memory computing platform called SAP HANA. S/4HANA is intended to be easier to use and administer while helping to solve more complex problems and handle vastly larger amounts of data than ist predecessors. S/4HANA is available in on-premises, cloud and hybrid deployment models.

With the release of S/4HANA SAP consolidates the integration and harmonisation of functionalities and processes and further reduces barriers between SAP modules facilitating system integration. New technologies, such as Fiori, enhance the user interface for both desktop and mobile devices. The in-memory HANA database lets you collect, store, and process high volumes of operational and transactional data in real time.

Implementation of S/4HANA will affect your current environment, and not just technologywise because processes are also subject to change. Both – the new technology and the change in processes – will result in new requirements for your current authorisation concept. Whereas parts of your existing authorisation concept can be easily transformed and implemented 1:1 in the SAP S/4 HANA system, other parts need to be changed and adapted to meet the new requirements.

PwC has a proven track record in Switzerland and globally in implementing and transforming SAP authorisation models in the SAP S/4HANA environment. Our GRC Technology Team in Switzerland led and executed the authorisation implementation part of the ninth S4/HANA implementation worldwide from the authorisation concept, to implementation and operation. Our experts have the required skill-set, tools, techniques and experience to discuss your challenges with you, and to actively support you throughout the whole project.

Download the PDF by clicking the image below:

Please contact our team for more details:

Dominik Götz
Senior Manager
dominik.goetz@ch.pwc.com
+41 58 792 28 93

Erik Trouillet
Manager
erik.trouillet@ch.pwc.com
+41 58 792 23 64

The IDD implementation taking a clearer shape: latest EIOPA publications

The Insurance Distribution Directive was published in the Official Journal of the European Union in February 2016.

It will be transposed into law of the EU Member states by 23 February 2018.
The IDD applies to a wide group of insurance and reinsurance distributors and introduces a set of extended and new requirements around the oversight, governance and distribution of insurance products.
Affected firms will need to be compliant with the requirements from that date.

Read the Flyer

Please do not hesitate to contact us.

Philip Kirkpatrick
Insurance Risk and Regulatory Leader
+41 58 792 23 61
philip.d.kirkpatrick@ch.pwc.com

Nadejda Groubnik
Insurance Regulatory &
Compliance Services
+41 58 792 24 52
nadejda.groubnik@ch.pwc.com

Robert Borja
Insurance Risk Assurance Leader
+41 58 792 29 56
robert.borja@ch.pwc.com

Zurich Treasury Conference 2017

The 18th edition of our annual  Zurich Treasury Conference.

We are pleased to send you the invitation for our annual Zurich Treasury Conference on the 4th of April 2017 at the Swissôtel. We are delighted to provide you with the full programme and an excellent line-up of speakers.

We have covered many themes over the years, and our 2017 programme will again live up to this diversity of topics. We will open the afternoon with the impact of banking regulation on corporations and cover two corporate case studies on treasury integration and transformation. Following our PwC Global Treasury Survey highlighting this as a key topic, we will have a presentation on liquidity forecasting, and we will also cover the challenges of the low interest rate environment. Finally we will have a corporate treasurers panel to discuss challenges of midsized treasuries. Of course the event is also an important moment to connect amongst peers, for which there will be ample time provided.

PwC’s Treasury Solutions Group looks forward to welcoming you at the 18th edition of this event.

Date:
Tuesday, 4 April 2017, 13:00 to 18:00, followed by an apéro

Venue:
Swissôtel, Schulstrasse 44, 8050 Zurich

Participation fee:

The price will be CHF 350 per participant (VAT, documentation and refreshments included).

Register by clicking here

Swiss-US Privacy Shield: New Framework for the Transfer of Data to the USA

The so-called Swiss-US Privacy Shield replaces the Safe Harbor Agreement between Switzerland and the USA. The agreement establishes a new regulatory framework for the transmission of personal data from Switzerland to certified companies domiciled in the US. The same standards will apply for Swiss transfers of personal data to the USA as for data transfers from the EU.

Swiss data protection legislation stipulates specific requirements for the transfer of personal data abroad. They protect the personality and the rights of the data subjects concerned. However, the US is not deemed to provide an adequate level of data protection in terms of Swiss law. Swiss companies therefore have to take specific measures to safeguard personal data when it is transferred to the US.

Until recently, Swiss companies could rely on the Swiss-US Safe Harbor Agreement. After the Court of Justice of the European Union declared the EU-US Safe Harbor Agreement invalid, the Swiss Federal Data Protection and Information Commissioner (FDPIC) put the Swiss-EU Safe Harbor Agreement into question.

In August 2016, the EU and USA put into place a successor agreement, the EU-US Privacy Shield. Switzerland also entered into negotiations with the USA, which resulted in the Swiss-US Privacy Shield.

Enhancing the Application of Data Protection Principles, New Tasks for the FDPIC
The agreement is expected to substantially improve the position of those concerned by personal data transfers. The application of data protection principles by participant companies should be enhanced, as should the management and supervision of the framework by the US authorities. Cooperation between the US Department of Commerce (DOC) and the Federal Data Protection and Information Commissioner (FDPIC) should be intensified. The persons concerned are being given specific instruments to enable them to find out about data processing directly from certified US companies or the competent authorities, and to ensure that any required corrections or deletions are made. For example, the FDPIC will act as a point of contact for persons in Switzerland in the event of any problems in connection with the transfer of data.

Same Conditions as in the EU for the Transmission of Personal Data to the US
The new regulatory framework corresponds to the solution adopted by the USA and the EU and implemented within the European Economic Area (EEA) – the EU-US Privacy Shield. The similarity is highly significant, as it guarantees the same framework conditions for persons and businesses in Switzerland and the EU/EEA area in relation to transatlantic data flows. The same standards therefore apply for Swiss personal data transfers to the USA as for data transfers from the EU. This increases legal certainty in commercial transactions and reduces additional costs for the economy.

Need for Action for Companies
US companies can start the certification process with the DOC three months after the finalization of the agreement. Interested US companies are advised to obtain a Privacy Shield Certificate from the DOC. Swiss companies should make sure that their US partners possess such a certificate. These conditions are essential for Swiss companies to submit personal data to the US without requiring additional contractual guarantees. Furthermore, companies should review their current contractual basis for data transfers to the US and adapt it to the Swiss-US Privacy Shield where required.