Swiss pension outcomes are falling – could “matching” be part of the answer?

Low, even negative, interest rates and uncertain growth prospects is becoming a “new normal” in Switzerland. The impact on pension fund finances is well documented – pressure on funding levels, tough to find the right investment opportunities and focus on cost transparency. This environment also poses challenges for insured members, and as a result their employers. Expected retirement outcomes have fallen. What does this mean for employees and employers? 

10 years ago an insured person would expect higher returns on any money they invest for retirement than they would today. The mandatory interest credit for Swiss pension plans according to BVG/LPP was 2.50% in 2007 compared to 1.00% today.  Ten-year Swiss government bonds yields have fallen from 2.6% to -0.1% in the same period. This not only affects expected returns on the assets set aside but also the cost of providing an income for life after retirement. Life expectancies for retiring pensioners have increased by about 1 year for females and 2 years for males in that time which also needs to be funded.

All of these factors have had a major impact on retirement outcomes. Based on our calculations, in 2007 a 40 year-old could invest CHF 7’100 and expect a pension of a CHF 1’000 a year for that investment. Today a 40 year-old would expect to have to invest CHF 14’700 – more than doubling of the cost of retirement over 10 years. In that time, inflation expectations have also fallen, but overall the cost of retirement has increased.

What can pension funds do?

Pension funds aim according to our experience to maintain the level of retirement benefits they provide while financing the promises already made. But pension funds are in a “zero-sum” game – without extra funding, members will ultimately receive lower benefits on average when results are not what was expected. Robust analysis and forecasting of what employees can expect to receive, combined with clear communication may be the best what they can do. Other measures are down to employees and employers as recipients and sponsors of retirement benefits.

What does this mean for individuals and employers?

Find higher returns? In conventional collective Swiss plans, employees share in the overall returns of the fund as they are credited to them. This limits opportunities to take more risks, with an expectation of higher returns. For higher earnings, it is possible to have individual strategies through a “1e” pension plan. These plans can be used to seek higher returns, but this may not be suitable for all.

Later retirements? Without saving more, employees have to retire later for the same outcome.  In some ways this is only reasonable: If life expectancies increase without changing retirement ages, the proportion of life we spend in retirement rises. Employers may have to prepare for the ageing effect on their business – not only their workforce recruitment and retention, but possibly their business strategy and target markets.

Employers pay more? One answer may be employers paying more. But employers face economic challenges themselves, with increasing competition and pressure for results. For most companies, raising costs or investing cash may not be palatable.

Employees pay more? Creating more awareness of the individual options available for the employees is one option. Additional voluntary employee contributions are typically deductible for tax purposes. Some employees don’t have confidence in their pension plan and are not keen to lock away money until retirement.

How can companies create further incentives for employees to pay more? A look abroad could help.

Could “matching” be part of the solution?

In the US as well as the UK, contribution “matching” is widely used in pension plan design. Employer contributions are adjusted to “match” those of employees. When an employee contributes a percentage of their salary into the plan, the employer contributes an amount directly linked to what the employee pays. This could be 1:1 – i.e. if the employee pays 2% of pay, employer pays the same. Or some ratio like 2:1 or 1:2.

The big advantages of matching are two-fold: it encourages employees to pay more; and it focuses employer spending where it is most valued by its employees. One of our clients challenged the common Swiss plan option of employers paying the same for all employees, whereas employees can choose their level: “Why can employees choose to pay less, but I cannot follow when they do?” A reasonable question that matching helps to address.

The challenge is that legislation in Switzerland currently restricts the ability to apply matching within the regular plan. The law requires the employer contribution rate to a pension plan to be the same for all employees in the same situation (e.g. age, grade etc). “Matching” can be done through the buy-in system. So with the right plan design, matching can be incorporated within the Swiss plan.

This won’t for every situation as the use of buy-ins is subject to certain caps and restrictions which may become a barrier. Plan administration may be more complex. But in challenging times for pension outcomes, new solutions may be needed.

Contact

Richard Köppel
Pensionskassen-Experte SKPE, People and Organisation
Tel. +41 58 792 11 72
richard.koeppel@ch.pwc.com
Adrian Jones
Director, People and Organisation
Tel. +41 58 792 40 13
adrian.jones@ch.pwc.com

Switzerland publishes recommendations for new corporate tax proposal 17

After rejection by popular vote of the Swiss corporate tax reform III (CTR III) package in February 2017, a Swiss governmental working group comprised of federal and cantonal members (the steering body) has been working on a revised package (tax proposal 17).

The steering body on June 1, 2017, published its recommended contents for tax proposal 17. The Federal Council now will consider the draft proposal and is expected to publish a final proposal for consultation by end of June 2017. Thereafter, parlamentary discussions are expected to start in spring 2018 and entry into force is expected to take effect January 1, 2020.

Continue to read in detail in our current newsletter.

If you have questions, please contact your usual PwC contact person or one of PwC Switzerland´s experts named below.

Contacts

Andreas Staubli
Partner
Leader TLS Schweiz
Tel. +41 58 792 44 72
Send E-mail
Armin Marti
Partner
Leader CT Schweiz
Tel. +41 58 792 43 43
Send E-mail
Benjamin Koch
Partner
Leader TP and VCT
+41 58 792 43 34
Send E-mail
Daniel Gremaud
Partner
Tax & Legal
+41 58 792 81 23
Send E-mail
Claude-Alain Barke
Partner
Tax & Legal
+41 58 792 83 17
Send E-mail
Remo Küttel
Partner
Tax & Legal
+41 58 792 68 69
Send E-mail
Laurenz Schneider
Director
Tax & Legal
+41 58 792 59 38
Send E-mail

PwC’s CIO Roundtable 2017 – Master Data and other challenges

Thursday, 22.06.2017
18:00 – 19:00 hours
PwC Zurich
Birchstrasse 160, 8050 Zurich

About the event

Effective master data management is a key factor to success. Most companies are going through substantial transformation projects – either to become more effective or to open new business fields. What do have all these transformation projects in common? The difficulty of handling master data effectively and efficiently – knowing that master data is representing one of the basic pillars in companies’ information landscape. The way you build the governance, processes, tools and skills around this data is crucial and can speed up your transformation projects, or kill them instantly.

Do you want to find out more about challenges, issues and best practices ideas? Come and join us when we dive into the most relevant implications of master data management.

Registration Link

Contact Us

Alexej Freund
Senior Manager – Advisory Consulting
PwC Switzerland
Tel. +41 58 792 2754
alexej.freund@ch.pwc.com

Rejhan Fazlic
Manager – CIO Advisory
PwC Switzerland
Tel. +41 58 792 1148
rejhan.fazlic@ch.pwc.com

The countdown is on: one year to get ready for the EU General Data Protection Regulation GDPR

On 25 May 2016 the EU General Data Protection Regulation (GDPR) entered into force. After the elapse of the 2-year transposition period, it will become directly applicable on 25 May 2018.

The new EU data protection legislation introduces substantial changes for companies dealing with personal data: As a selection, the new requirements on transparency, on proportionality as well as on documentation when processing personal data are among the key changes. These are significant challenges for companies. In addition, the new legislation substantially improves the rights of the concerned individuals – the data subjects. Thanks to the GDPR, they now have clear-cut rights with regard to companies processing their data. Inter alia the key rights include the right on information, on rectification and deletion of personal data, on restriction of processing, on portability as well as the right to object processing. As data controllers, companies have to be able to comply with all these rights.

Besides new duties and compliance obligations for companies, data protection authorities are given new competences and enforcement instruments. Standing out are the new sanctions of up to the amount of EUR 20m or 4% of the international annual turnover of the concerned company, whichever is higher.

Recommendation

Swiss companies that (e.g. because they do business in the EU) are subject to the GDPR now have one year to make the necessary adaptions to comply with the GDPR. The new requirements are to be analyzed, gaps to be identified and mitigation actions to be planned and implemented. It is important to be prepared.

Contacts:

Susanne Hofmann
Legal Compliance Leader
+41 58 792 17 12
Email

Michael Adrian Meyer
Legal Services – Senior Manager
+41 58 792 51 31
Email

Reto Häni
Partner and Leader Cybersecurity
+41 58 792 75 12
Email

Idir Laurent Khiar
Legal Services – Assistant Manager
+41 58 792 17 51
Email

The Future of Wealth Management

PwC’s 4th FS-Talk

Wealth managers are challenged by shifting client segments and disruptive technologies PwC experts discuss the key success factors for wealth managers today. Private client re-segmentation makes value-added services more important. Demands on relationship managers are increasing. Operations are under pressure to deliver higher efficiency. Listen in for pointers of where the challenges are and which technologies provide opportunities to gain a competitive edge.

Watch the latest video of our FS-Talk:

Get in contact with the speakers:

Dieter Wirth
Partner / Financial Service Leader
+41 58 792 4488
dieter.wirth@ch.pwc.com

Marcel Tschanz
Partner Advisory
+41 58 792 2087
marcel.tschanz@ch.pwc.com

Marcel Widrig
Partner / Private Wealth Leader
+41 58 792 4450
marcel.widrig@ch.pwc.com

EUDTG Newsletter March – April 2017

EU direct tax law is a fast developing area. This presents taxpayers, in particular groups and multinational corporations that have an EU or European Economic Area (EEA) presence, with various challenges.

The following topics are covered in this issue of EU Tax News:

CJEU Cases

  • Belgium: CJEU judgment on interpretation of the subject-to-tax requirement of the Parent-Subsidiary Directive: Wereldhave
  • Belgium: AG Opinion on interest deduction limitation in light of the Parent-Subsidiary Directive: Argenta
  • Germany: CJEU referral on the German CFC rules: X

National Developments

  • Belgium: Supreme Court does not allow withholding tax refunds for dividends received by investment companies before 12 June 2003
  • Belgium: CJEU referral by the Commission of Belgium over the discriminatory tax treatment of foreign real estate income
  • Finland: Supreme Administrative Court confirms tax treatment of dividend income from third countries to be in line with Articles 63 and 65 TFEU
  • Italy: Amendments to the NID and Patent Box Regime
  • Norway: Government’s response to ESA’s decision on the compatibility of the Norwegian interest limitation rules with the freedom of establishment
  • Poland: Supreme Administrative Court judgment on the settlement of foreign branch losses
  • Spain: Supreme Court judgment on State aid recovery procedure
  • United Kingdom: England and Wales High Court judgment regarding repayment of stamp duty reserve tax: Jazztel plc v The Commissioners for HMRC
  • United Kingdom: The Great Repeal Bill White Paper

EU Developments

  • EU: European Parliament clears way for formal adoption of ATAD II by the ECOFIN Council
  • EU: Update on EU proposal for public country-by-country reporting
  • EU: Council adopts conclusions on EU relations with the Swiss Confederation
  • EU: Informal ECOFIN Council held in Malta in early April

Fiscal State aid

  • Greece: CJEU judgment on State aid implemented by Greece: Ellinikos Chrysos AE
  • Italy: CJEU judgment on Italian bankruptcy procedure: Marco Identi

Read the full newsletter here.

This EU Tax Newsletter is prepared by members of PwC’s international EU Direct Tax Group (EUDTG).

Further information about our service offerings in EU taxes: www.pwc.com/eudtg

PwC-Immospektive Q2/17

Interpretation of the FPRE real estate meta analysis Q2/17

Swiss economy regains it’s confidence. While revenues in the construction industry remain above average the market for rental apartments is seeing bad omens for the first time. The forecasted economic growth is optimistic and likely to bring a pick-up in demand for office space.

More information

Contact

Kurt Ritz
Partner, Real Estate Advisory
+41 58 792 14 49
kurt.ritz@ch.pwc.com

Marie Seiler
Director, Real Estate Advisory
+41 58 792 56 69
marie.seiler@ch.pwc.com

Samuel Berner
Real Estate Advisory
+41 58 792 17 39
samuel.berner@ch.pwc.com

SWIFT Customer Security Programme – mandatory specifications to protect your local SWIFT infrastructures

The growing number of cyber-attacks, including those on the local infrastructures of SWIFT participants, has prompted SWIFT to create a security programme for its participants in order to fight together against cyber threats.

SWIFT published its Customer Security Programme in April 2017. It defines specific requirements to be met by all connected participants. The programme aims to improve the exchange of information within the SWIFT community, to ensure a high level of security for the local SWIFT infrastructure of participants, and to put in place an assurance framework to counter the ever growing number of cyber threats and strengthen the ability of SWIFT participants to combat cyber-attacks.

SWIFT Customer Security Programme

The programme calls upon all SWIFT participants to implement a control and assurance framework. The control framework consists of a set of 16 mandatory and 11 advisory security controls. The controls are based on existing SWIFT security guidelines, and are in line with good practice standards such as NIST, ISO/IEC 27002 and PCI-DSS. The mandatory controls establish a security baseline for the entire SWIFT community. SWIFT also recommends implementing the advisory controls to provide optimal protection for local SWIFT infrastructures.

Demands placed on SWIFT participants

The SWIFT Customer Security Programme will come into force on 1 January 2018. As well as applying to financial service providers, it is also valid for all companies that participate in the SWIFT network. Before the introduction of the programme, each SWIFT participant must conduct a self-assessment and notify SWIFT of its status regarding compliance with the controls (by the end of 2017). From 2018, all participants must confirm their compliance with controls on an annual basis. This confirmation can be provided via a self-assessment (self-attestation), internal audit (self-inspection) or external audit (third-party inspection). Participants are free to choose the type of confirmation they wish to submit. SWIFT will however also carry out regular spot checks of confirmations via internal or external audits for quality assurance purposes.

SWIFT participants must consider the following points in particular:

  • Should only the mandatory controls be implemented, or also the advisory ones?
  • How should the assurance framework be structured? Is self-assessment sufficient, or should an internal or external audit be conducted on a regular basis?
  • Should the status regarding compliance with controls be made public to other SWIFT participants?
  • How can it be ensured that controls continue to be adhered to in the future?

The support we offer you

SWIFT Readiness Assessment

We can help make sure you comply with the SWIFT requirements by 1 January 2018 by assessing your current status and highlighting any gaps.

SWIFT control support

We can provide support for the implementation of controls by means of a post-implementation review.

SWIFT compliance confirmation

We can assist you with your annual confirmation of compliance with SWIFT requirements.

Please feel free to contact our experts if you are interested in the topic.

More information

Contacts

Jens Probst
Director, Systems & Process
Assurance
+41 58 792 29 59
jens.probst@ch.pwc.com

Claudia Hösli
Senior Manager, Specialist Cyber Security
+41 58 792 14 85
claudia.hoesli@ch.pwc.com

Marco Schurtenberger
Senior Manager, Specialist Cyber Security
+41 58 792 22 33
marco.schurtenberger@ch.pwc.com

The ransomware that made the world cry

The last few days of the cybersecurity community have been heated up by a vast-scale ransomware attack rippling across the world. On Friday 12 May came the first announcements of victims infected with a ransomware dubbed WannaCry (also known as WCry or Wanna Decryptor). It soon became clear that the scale of this wave was bigger than usual. According to the last estimates, the malware infected more than 250,000 systems in as many as one hundred countries. The list of victims is long and includes notorious names across all sectors. In some cases, the malware had unfortunate consequences. For instance, a few hospitals in the United Kingdom had to cancel their scheduled surgeries and some students in China lost their graduation thesis.

What we know

The malware encrypts and adds the extension “.WCRY” to all files that match a list of 176 specific extensions including documents, database and backup files. The victim is requested to pay between USD 300 and 600 in Bitcoins to get its files back. So far, there is no evidence that a payment will effectively provide the key for decrypting the files. In their message, the authors threaten to delete the file forever if their request is not met within eight days. The international ambitions of this campaign are made clear by the fact that the ransom message is translated in 28 languages.

Once the initial host has been infected, the ransomware dropper makes use of the MS17-010 vulnerability of the Server Message Block (SMB) protocol to spread laterally through the network. The exploit using this vulnerability has been made public by the group Shadow Broker on 14 April 2017 in a leak of hacking tools allegedly crafted by a state actor. Microsoft had released a patch a month before.

Switzerland has not been spared. The Swiss GovCERT declared that until Sunday evening there were roughly 200 potential victims. The number of victims could steeply increase, as there are more than 5,000 systems directly connected to the Internet over a SMB protocol.

What is still unclear

Despite the overwhelming information, some points still remain unclear. First, it is not yet known how the dropper is initially delivered to the victims. According to one hypothesis a spear phishing e-mail should have spread the malicious attachment. However, no such e-mails have surfaced yet. In its alert, the US-CERT claimed that hackers gained access to the victims’ network either through Remote Desktop Protocol or through the exploitation of the critical Windows SMB vulnerability mentioned above. Second, the identity of the authors is wrapped in mystery. Given the financial nature of the attack, the dominant hypothesis states that the attack has been launched by a criminal group. However, it should not be forgotten that in the past even state actors were involved in spectacular heists. Fresh discoveries suggest that the malware might be linked to Lazarus, a state actor group believed to be involved in the infamous SWIFT attack against the Bangladesh Central Bank of February 2016. So far, the authors have neither spent nor transferred the Bitcoins they obtained. At this stage, it is difficult to make further assertions on the attribution of the attack.

Main takeaways

As previously mentioned, the exploit used in this attack was leaked in April this year. By that time, the vendor had already released a patch to correct the flaws. Unfortunately, many users ignored this threat and were not much eager to install the patch. This episode should serve as a reminder that threat actors will reuse leaked tools and that without a proper prophylaxis an incident is just around the corner.

As reported by the media, a young IT-security researcher could temporarily curb the attack by registering a “kill-switch” domain that told the ransomware to stop spreading itself. Unfortunately, new versions of the malware without this feature have already been spotted in the wild. Furthermore, the threat intelligence community generously shared a lot of indicators and advices helping organisations to identify, prevent and dwarf the impact of infections. These common efforts have to be praised and should continue in the future.

Recommendations

If not done yet, apply the MS17-010 patches immediately. As short-term actions, your IT team should consider to:

  • disable all external SMB access (blocking ports 137, 139 and 445 to/from the internet);
  • disable the use of the SMBv1 network file sharing protocol;
  • ensure two-factor authentication is in place for all necessary external accesses to systems (e.g. VPN and RDP);
  • update the antivirus signatures;
  • rapidly isolate the infected system from your corporate network to curb the spreading of the infection;
  • backup the encrypted files in case a decryption tool become available, if you have already fallen victim to the ransomware.

On a more long-term approach, consider to plan and exercise a business continuity programme, adopt and test an incident response strategy, a consistent patch and vulnerability management, as well as a regular backup policy and security awareness raising trainings.

PwC can provide you with the necessary assistance and counsel to address these issues and improve your overall security posture. PwC strongly believes in a holistic approach to cyber security by offering a wide variety of services covering all the phases of the cyber lifecycle: from strategy and policy development to its implementation and review.

Why is the latest attack different and what is its relevance for boards? Read more.

In case of questions, please contact us at
cyberinvestigation@ch.pwc.com

 

PwC Deal Talk – Doing Deals in France from a Swiss Investor’s Perspective

Edition 3/2017

With nearly 600 kilometers of common border, France and Switzerland have historically maintained close trading ties. In 2015, Swiss exports to France amounted to USD 14.4 bn mainly consisting of pharmaceutical and chemicals products and watchmaking items. With cumulative invested capital of EUR 42.4 bn at the end of 2015, Switzerland is amongst the biggest foreign investors in France.

France recently emerged as one of the most active European countries in terms of venture capital investments, paving the way for further foreign capital inflow. In the meantime, the French economy is slowly recovering from the 2008 global financial crisis and has shown a GDP growth reaching 1.1% in 2016. This recovery was also visible in M&A activity, which increased in terms of value and number of deals, particularly in the past three years.

Nonetheless, the French market is distinct from the rest of Europe and investors need to be aware of some unique features applicable to transactions. With first-hand experience and local teams on the ground, PwC can help you to avoid common pitfalls when doing deals in France.

Read Attachment

Contact Us

Sascha Beer
Partner
Corporate Finance / M&A
Tel. +41 58 792 1539
sascha.beer@ch.pwc.com

Nico Psarras
Partner
Head of Transaction Services
Tel. +41 58 792 1572
nico.psarras@ch.pwc.com

Maxime Dubouloz
Head of M&A Western Switzerland
Tel. +41 58 792 9058
maxime.dubouloz@ch.pwc.com

Mathieu Gravier
Senior Manager, Transaction Services
Tel. +41 58 792 9300
gravier.mathieu@ch.pwc.com