Switzerland has moved decisively to extend its digital services regulatory regime. Effective in 2025, updated obligations under Swiss technology legislation introduce new requirements for companies providing digital services to Swiss users – whether those companies are domiciled in Switzerland or operating cross-border. International technology businesses that have treated Switzerland as a lighter-touch jurisdiction compared to the EU are now facing a material shift in compliance obligations.
Switzerland's updated digital services rules impose transparency, algorithmic accountability, and software liability obligations on technology companies that offer digital services to Swiss users above defined thresholds. Companies must assess their exposure against Swiss corporate legislation and the Schweizerisches Obligationenrecht (Swiss Code of Obligations) and complete their initial compliance reviews before the deadlines set out in the implementing provisions. Businesses that fail to act risk regulatory enforcement, civil liability, and loss of market access.
This alert identifies which business categories are affected, explains the threshold criteria, and sets out five immediate actions international technology companies should take now.
What changed – the regulatory development and effective date
Switzerland is not an EU member state, but its technology legislation has historically tracked European developments closely. The 2025 update to Switzerland's digital services rules formalises obligations that were previously addressed only informally or through sector-specific guidance. The changes draw on AI Act compliance principles established at the EU level and translate them into a Swiss-specific regime.
The core development is the codification of algorithmic accountability obligations. Companies that deploy automated decision-making systems affecting Swiss users must now document how those systems function, what data they rely on, and how their outputs can be challenged. This moves Switzerland from a principles-based approach to a rules-based one.
Alongside algorithmic accountability, the updated rules address software liability. Suppliers of digital products and services can no longer disclaim liability for defects in automated outputs that cause measurable harm to Swiss users or Swiss-registered entities. The Swiss Code of Obligations provides the underlying liability architecture. Courts – including the Bundesgericht (Swiss Federal Supreme Court) – are expected to interpret this expansively in early cases.
The effective date for the primary obligations is 1 January 2025, with implementing provisions for smaller entities phased in during the first half of 2025. Companies that have not yet initiated a compliance programme are already operating outside the prescribed timeline.
Technology licensing arrangements are also affected. Licence agreements that previously excluded Swiss regulatory requirements will need to be reviewed and, in many cases, renegotiated to allocate liability correctly between licensors and licensees under the new rules.
Who is affected – threshold criteria and business categories
The new obligations apply to a broad range of technology businesses. The primary categories are:
- Providers of online platforms, marketplaces, and intermediation services with regular Swiss user activity
- Companies deploying AI-driven recommendation, content moderation, or automated decision-making systems targeting Swiss users
- Software-as-a-service (SaaS) providers with Swiss-domiciled commercial customers – whether the provider is registered in Switzerland or abroad
- Technology companies that hold a registration in the Handelsregister Schweiz (Swiss Commercial Register) as an Aktiengesellschaft (AG) or Gesellschaft mit beschränkter Haftung (GmbH CH)
- Foreign entities with no Swiss legal presence but whose digital services are directed at the Swiss market
The threshold criteria are defined by reference to user volume, revenue generated from Swiss users, and the nature of the automated processes deployed. Businesses above the defined user volume threshold face the full set of obligations. Smaller operators face a reduced but still meaningful set of transparency and documentation requirements.
Critically, the rules apply regardless of where the company is incorporated. A technology company registered in the EU, the UK, or the US that directs digital services at Switzerland is caught. The jurisdictional reach mirrors the EU's approach to digital services regulation and removes any argument that offshore incorporation provides a compliance shield.
For detailed advice on how these requirements interact with your Swiss corporate structure and technology licensing arrangements, contact our team at AI and technology law services in Switzerland.
To receive an expert assessment of your Swiss digital services compliance exposure, contact us at info@ferrazwhitmore.com.
What to do now – immediate actions and timeline
Technology companies with Swiss market exposure should treat compliance as urgent. The following five actions address the most immediate risks.
1. Map your Swiss user base and service scope. Identify every digital service, platform, or automated system that reaches Swiss users. Confirm whether your activity crosses the applicable thresholds. This mapping exercise is the foundation of every subsequent compliance step.
2. Audit algorithmic accountability documentation. Review whether your automated decision-making systems have documented logic, data inputs, and challenge mechanisms. Where documentation is absent or inadequate, prepare a remediation plan. Regulators will request this documentation early in any enforcement inquiry.
3. Review software liability exposure under the Swiss Code of Obligations. Assess your existing contracts with Swiss customers and partners. Identify clauses that disclaim liability for automated outputs. Those clauses are now legally vulnerable. Engage counsel to restructure liability allocation before disputes arise.
4. Review technology licensing agreements. Any technology licence that involves a Swiss counterparty or covers Swiss territory should be reviewed for compatibility with the new rules. Licences granted to or by AG and GmbH CH entities are particularly exposed where they involve algorithmic tools or AI-driven features.
5. Establish a Swiss regulatory contact point. The updated rules require affected businesses above certain thresholds to designate a contact point for Swiss regulatory authorities. If your company does not yet have this in place, appoint one immediately. Failure to maintain a contact point is an independently sanctionable breach.
Companies with parallel exposure in EU markets should also consider how Swiss obligations interact with their existing EU AI Act compliance programmes. The two regimes overlap substantially but diverge on enforcement mechanisms and liability remedies. For intellectual property dimensions of digital services deployments – including software ownership, licensing, and IP indemnities – see our analysis of intellectual property law in Switzerland.
Practitioners advising on cross-border digital services note that Switzerland's approach differs from the EU's in one critical respect: enforcement is channelled primarily through civil litigation before Swiss courts rather than through a single administrative regulator. This means the Bundesgericht and cantonal courts will shape the practical meaning of these obligations through case law over the coming years. Early compliance reduces exposure not only to regulatory action but also to third-party claims by Swiss users and business customers.
For a preliminary review of your Swiss digital services compliance position, reach out to info@ferrazwhitmore.com.
For companies also operating digital services in Portugal and monitoring parallel regulatory developments across European markets, our alert on digital services regulation in Portugal sets out the comparable obligations in that jurisdiction.
About Ferraz & Whitmore
Ferraz & Whitmore is an international law firm based in Lisbon, advising technology companies, investors, and multinational businesses across 46 jurisdictions on AI and technology law, digital services regulation, and intellectual property strategy. Our team combines Portuguese civil law expertise with English common law tradition to deliver results-oriented counsel on digital services compliance, algorithmic accountability, software liability, and technology licensing matters in Switzerland and across Europe. As a law firm in Switzerland and across European markets, we work with in-house legal teams and C-suite executives who need precise, cross-border regulatory guidance. The firm's AI and technology law practice includes practitioners with experience advising on compliance programmes before Swiss courts and EU regulatory bodies. To discuss your Swiss digital services obligations, contact us at info@ferrazwhitmore.com.
Disclaimer: This publication is provided for informational purposes only and does not constitute legal advice. The information herein should not be relied upon as a substitute for professional legal counsel tailored to your specific circumstances. Ferraz & Whitmore assumes no liability for actions taken or not taken based on the contents of this material. For advice regarding your particular situation, please contact info@ferrazwhitmore.com.