Event recap — Unique x Walder Wyss, June 9, 2026
At the Unique × Walder Wyss event (June 9th, 2026), leaders from Swiss banking, wealth management, and compliance worked through a single question: how to deploy agentic AI when every high-value use case touches client-identifying data (CID).
Three key take-aways emerged:
1. Regulation isn't the blocker — risk appetite is. Swiss banks are permitted to use CID with European-inferenced LLMs from the legal, compliance, and IT security view; hesitation is now strategic, not legal.
2. The market wants the option of sovereign AI. ~50% prefer Switzerland-exclusive processing, but sovereignty is increasingly judged by control (keys, access, auditability) rather than geography.
3. Recent US export controls sharpen the case. Dependence on one provider is a strategic vulnerability — pointing to a multi-LLM strategy now and a Swiss sovereign model over time.
From legal advice to AI leadership: What Switzerland needs to do to protect its USP in financial services
In the span of a few years, the industry has moved from the "autocomplete" era through chatbots into the agent era, where frontier models reliably complete tasks that take humans hours. The latest generation of models (e.g. GPT 5.5, Fable 5) brings more autonomy, stronger reasoning, longer memory, and better reliability - and they're available in the US and EU first.
Swiss institutions face a structural lag: the most capable models aren't yet deployable where Swiss banks need them to run, some models are deployed but only with a big time lag after US and EU deployments first. And that is why right now, many of them watch what Agentic can do from the sidelines, pondering about solutions – and fearing to be left behind.
The vision: The agentic bank differentiates through human relationships, yet the competitiveness lies in AI leverage
The agentic bank, as Unique sees it, is built around the bank's true USP: its clients and relationships. A single agentic AI layer orchestrates specialized agents across the institution — spanning the important but lengthy processes of KYC and onboarding, relationship management, investment research, and operational use cases — all drawing on shared context, skills, and memory, and all connected to core systems through one integration layer built on the Model Context Protocol (MCP).
The outcome the industry is working toward rests on six value pillars:
-
Personalized client service at scale
-
End-to-end outcome automation
-
Orchestrated intelligence across agents
-
Seamless data integration
-
Operational excellence
-
Perpetual compliance through real-time regulatory alignmen
That is why Walder Wyss and Unique AI brought together leaders from Swiss banking, wealth management, and compliance to discuss how financial institutions deploy AI at scale when every high-value use case touches client-sensitive data.
What happens with Agentic AI in financial services today
Five forces dominated the discussion of the evening, and together they explain both the opportunity and the hesitation in the room.
- Client-identifying data (CID) sits at the core of the highest-value, highest-ROI use cases for Swiss banking — the processes where agentic AI could make the biggest difference are exactly the ones touching the most sensitive data.
- Unlocking CID for AI hinges on a clear conversation about where LLMs host and process data, and what is actually feasible under Swiss regulation.
- On that question the room agreed: from a legal, compliance, regulatory, and IT-security perspective, CID can be used with LLMs running on European inferencing.
- Yet skepticism persists — many institutions still assess EU inferencing as too risky, which keeps access to the newest, highest-performing models (mostly US- and EU-hosted) locked out. This is the Swiss inference gap.
- One alternative drew real interest: a Swiss sovereign AI model. Around half of participants were supportive, and Unique is now exploring the operational and capital requirements in the coming weeks.
“Data protection is not holding us back” – so what is?
A client summarized post-event: It is not data protection regulation that is holding us back. Instead, we know that particularly local Swiss banking and private banking face a specific set of challenges when AI meets client-sensitive data (CID). The hurdles raised in the room will sound familiar to anyone running an AI program inside a bank: data governance and leak prevention, LLM selection ("which models are compliant for CID data?"), data storage and training policies, audit trails, liability for AI errors, access controls that uphold Chinese walls, and a cybersecurity landscape where deepfakes and engineered fraud are now table stakes.
Unique AI meets Swiss legal requirements — bank secrecy (Art. 47 BankG), data protection (FADP), and the SBVg Cloud Guidelines 2025 — through layered contractual, technical, and operational controls: contractual confidentiality undertakings backed by the cloud-provider FSI amendments, enforced data residency and customer-managed keys, and strict LLM and sub-processor governance with DPO/CISO sign-off, abuse monitoring off, content filtering on, and training opt-out enforced.
One of the central arguments of the session: where data goes in transit, is, in fact, negotiable, compared to where it lies and who has access. That is a fundamental decision which was taken completely independent of AI and usually much earlier, when choosing a cloud provider.
Ideally this would be with customer managed keys, where the operator cannot access or decrypt, no standing access, and a risk assessment on how likely it is that foreign administrations would access it.
Why a risk assessment with focus on data value chain could help banks to use Agentic AI via Swiss inference
David Vasella and Thomas Müller from Walder Wyss complemented the practitioner's perspective with the legal architecture that makes AI deployment in Swiss financial services workable — and the regulatory developments every institution should have on its radar.
A recurring source of uncertainty in AI procurement is who owes what to whom. Walder Wyss mapped the contractual chain clearly:
-
The financial institution carries confidentiality, cross-border transfer, risk management, and client information duties.
-
These obligations flow down to the platform provider through data processing agreements (DPA), secrecy undertakings, and cross-border safeguards.
-
From there it goes to the model provider via sub-DPAs, secrecy terms, and onward-transfer and data-residency provisions.
At each layer, limited use and confidentiality must be contractually locked in. The institution remains accountable throughout, but a properly structured chain makes that accountability manageable.
SBVg Cloud Guidelines 2025: risk-based, not zero-risk
The Swiss Bankers Association's 2025 Cloud Guidelines are legally non-binding, but they have become the practical interpretation aid for institutions procuring cloud services — covering governance and risk management, processing of bank client data, dealings with authorities, and audit.
The most consequential principle is the risk-based approach: technical and organizational measures don't have to prevent every theoretically conceivable scenario. They must address the scenarios that are foreseeable and avoidable through due diligence under normal circumstances. If an unforeseeable scenario materializes despite correctly implemented measures, that does not in principle constitute improper conduct by the institution or the decision-maker. For practitioners, this reframing matters: the legal standard is diligence, not perfection.
(F)LARA: assessing lawful access risk pragmatically
Where data is processed determines which foreign authorities could, in theory, access it — the core concern behind Swiss secrecy restrictions. Walder Wyss presented the Lawful Access Risk Assessment as the structured way to deal with this, with a candid trade-off between two approaches:
- A fully-fledged assessment works through country-specific laws in detail, with per-jurisdiction analysis and quantified net-risk across scenarios, conditions, and likelihood. It is state of the art but time-consuming and expensive.
- A light-weight assessment is a sensible alternative, accepting standard access risks across countries as a baseline, and focusing on increased or unexpected local specialties. It is faster and less expensive and, for many constellations, acceptable.
The deployment choice directly shapes the assessment. Global deployments offer the newest frontier models but the broadest access surface; EU data-zone deployments narrow exposure to EU-boundary countries but lag the frontier by months; a Switzerland-only regional deployment minimizes the access surface — at the cost of the thinnest and oldest model selection. The same trade-off Unique framed as the Swiss inference gap, seen through a legal lens.
FINMA's December 2024 guidance on governance and risk management when using AI sets clear expectations, layered on top of existing outsourcing and operational-risk requirements. The governance expectations run through the entire lifecycle. Institutions must define roles and accountability down to individual persons, maintain an AI strategy and policy, and build AI literacy. When buying, that means classifying the use case, conducting vendor due diligence covering documentation, explainability, audit and access rights, and training data — and validating high-risk use cases, possibly with independent review. When using, it means monitoring for drift, degradation, and input-data quality, treating model updates as change events that trigger reassessment and reclassification, and keeping the inventory, documentation, and a named human owner current.
What the room thinks: In between local hosting and global Agentic progress
We closed the Unique AI session with a live poll on sovereign AI made in Switzerland. Around 50 participants responded, and the results reveal a market that is interested but not yet convinced.
Three takeaways stand out:
Geography matters, but less than the headlines suggest. Almost 50% in the room would strongly prefer Switzerland-exclusive processing and storage. This aligns with the session's core argument: practitioners increasingly evaluate sovereignty through control — keys, access, auditability — rather than borders alone. Strict data residency is a hard requirement for some institutions and use cases, but it is not the universal demand it is often portrayed to be.
The appetite is real, but the price tag gives pause. Roughly one in three participants considers a CHF 200 million joint commitment feasible. That's a meaningful base of believers for an undertaking of this scale- But it also signals that the business case for a Swiss sovereign frontier model still needs to be made more concrete before the broader market moves.
Strategic budgets exist, while the urge to decide is rising. A quarter of participants could envision a CHF 1 million annual usage commitment within one to two years. Extrapolated across the Swiss financial center, that's a viable early-adopter cohort, potentially enough to anchor a sovereign AI initiative in the future.
.png?width=2137&height=1158&name=image%20(8).png)
Taken together, the poll paints a picture of pragmatic openness: the Swiss market wants the option of sovereign AI, but adoption will be earned through demonstrated control, compliance, and ROI.
Recent events only sharpen this case. Last Friday, the US Department of Commerce issued an export-control directive citing national security, suspending all access to Fable 5 and Mythos 5 for any foreign national overnight. For Swiss institutions, this is a live demonstration of the risk that runs through this entire discussion: dependence on a single provider or a single model is a strategic vulnerability, not just a procurement detail. Two conclusions follow. First, resilience demands a multi-LLM strategy — the ability to combine and switch between models so that no single vendor or jurisdiction can switch off a bank's AI capability. Second, and more fundamentally, true sovereignty cannot be rented from abroad: an adequate sovereign AI strategy for the Swiss financial center will, in the end, require Switzerland to build and operate its own sovereign AI model.
The Use of AI in the Financial Sector: Opportunities, Compliance & a Swiss Perspective
Event recap — Unique x Walder Wyss, June 9, 2026
At the Unique × Walder Wyss event (June 9th, 2026), leaders from Swiss banking, wealth management, and compliance worked through a single question: how to deploy agentic AI when every high-value use case touches client-identifying data (CID).
Three key take-aways emerged:
1. Regulation isn't the blocker — risk appetite is. Swiss banks are permitted to use CID with European-inferenced LLMs from the legal, compliance, and IT security view; hesitation is now strategic, not legal.
2. The market wants the option of sovereign AI. ~50% prefer Switzerland-exclusive processing, but sovereignty is increasingly judged by control (keys, access, auditability) rather than geography.
3. Recent US export controls sharpen the case. Dependence on one provider is a strategic vulnerability — pointing to a multi-LLM strategy now and a Swiss sovereign model over time.
From legal advice to AI leadership: What Switzerland needs to do to protect its USP in financial services
In the span of a few years, the industry has moved from the "autocomplete" era through chatbots into the agent era, where frontier models reliably complete tasks that take humans hours. The latest generation of models (e.g. GPT 5.5, Fable 5) brings more autonomy, stronger reasoning, longer memory, and better reliability - and they're available in the US and EU first.
Swiss institutions face a structural lag: the most capable models aren't yet deployable where Swiss banks need them to run, some models are deployed but only with a big time lag after US and EU deployments first. And that is why right now, many of them watch what Agentic can do from the sidelines, pondering about solutions – and fearing to be left behind.
The vision: The agentic bank differentiates through human relationships, yet the competitiveness lies in AI leverage
The agentic bank, as Unique sees it, is built around the bank's true USP: its clients and relationships. A single agentic AI layer orchestrates specialized agents across the institution — spanning the important but lengthy processes of KYC and onboarding, relationship management, investment research, and operational use cases — all drawing on shared context, skills, and memory, and all connected to core systems through one integration layer built on the Model Context Protocol (MCP).
The outcome the industry is working toward rests on six value pillars:
Personalized client service at scale
End-to-end outcome automation
Orchestrated intelligence across agents
Seamless data integration
Operational excellence
Perpetual compliance through real-time regulatory alignmen
That is why Walder Wyss and Unique AI brought together leaders from Swiss banking, wealth management, and compliance to discuss how financial institutions deploy AI at scale when every high-value use case touches client-sensitive data.
What happens with Agentic AI in financial services today
Five forces dominated the discussion of the evening, and together they explain both the opportunity and the hesitation in the room.
“Data protection is not holding us back” – so what is?
A client summarized post-event: It is not data protection regulation that is holding us back. Instead, we know that particularly local Swiss banking and private banking face a specific set of challenges when AI meets client-sensitive data (CID). The hurdles raised in the room will sound familiar to anyone running an AI program inside a bank: data governance and leak prevention, LLM selection ("which models are compliant for CID data?"), data storage and training policies, audit trails, liability for AI errors, access controls that uphold Chinese walls, and a cybersecurity landscape where deepfakes and engineered fraud are now table stakes.
Unique AI meets Swiss legal requirements — bank secrecy (Art. 47 BankG), data protection (FADP), and the SBVg Cloud Guidelines 2025 — through layered contractual, technical, and operational controls: contractual confidentiality undertakings backed by the cloud-provider FSI amendments, enforced data residency and customer-managed keys, and strict LLM and sub-processor governance with DPO/CISO sign-off, abuse monitoring off, content filtering on, and training opt-out enforced.
One of the central arguments of the session: where data goes in transit, is, in fact, negotiable, compared to where it lies and who has access. That is a fundamental decision which was taken completely independent of AI and usually much earlier, when choosing a cloud provider.
Ideally this would be with customer managed keys, where the operator cannot access or decrypt, no standing access, and a risk assessment on how likely it is that foreign administrations would access it.
Why a risk assessment with focus on data value chain could help banks to use Agentic AI via Swiss inference
David Vasella and Thomas Müller from Walder Wyss complemented the practitioner's perspective with the legal architecture that makes AI deployment in Swiss financial services workable — and the regulatory developments every institution should have on its radar.
A recurring source of uncertainty in AI procurement is who owes what to whom. Walder Wyss mapped the contractual chain clearly:
The financial institution carries confidentiality, cross-border transfer, risk management, and client information duties.
These obligations flow down to the platform provider through data processing agreements (DPA), secrecy undertakings, and cross-border safeguards.
From there it goes to the model provider via sub-DPAs, secrecy terms, and onward-transfer and data-residency provisions.
At each layer, limited use and confidentiality must be contractually locked in. The institution remains accountable throughout, but a properly structured chain makes that accountability manageable.
SBVg Cloud Guidelines 2025: risk-based, not zero-risk
The Swiss Bankers Association's 2025 Cloud Guidelines are legally non-binding, but they have become the practical interpretation aid for institutions procuring cloud services — covering governance and risk management, processing of bank client data, dealings with authorities, and audit.
The most consequential principle is the risk-based approach: technical and organizational measures don't have to prevent every theoretically conceivable scenario. They must address the scenarios that are foreseeable and avoidable through due diligence under normal circumstances. If an unforeseeable scenario materializes despite correctly implemented measures, that does not in principle constitute improper conduct by the institution or the decision-maker. For practitioners, this reframing matters: the legal standard is diligence, not perfection.
(F)LARA: assessing lawful access risk pragmatically
Where data is processed determines which foreign authorities could, in theory, access it — the core concern behind Swiss secrecy restrictions. Walder Wyss presented the Lawful Access Risk Assessment as the structured way to deal with this, with a candid trade-off between two approaches:
The deployment choice directly shapes the assessment. Global deployments offer the newest frontier models but the broadest access surface; EU data-zone deployments narrow exposure to EU-boundary countries but lag the frontier by months; a Switzerland-only regional deployment minimizes the access surface — at the cost of the thinnest and oldest model selection. The same trade-off Unique framed as the Swiss inference gap, seen through a legal lens.
FINMA Guidance 08/2024: governance from purchase to production
FINMA's December 2024 guidance on governance and risk management when using AI sets clear expectations, layered on top of existing outsourcing and operational-risk requirements. The governance expectations run through the entire lifecycle. Institutions must define roles and accountability down to individual persons, maintain an AI strategy and policy, and build AI literacy. When buying, that means classifying the use case, conducting vendor due diligence covering documentation, explainability, audit and access rights, and training data — and validating high-risk use cases, possibly with independent review. When using, it means monitoring for drift, degradation, and input-data quality, treating model updates as change events that trigger reassessment and reclassification, and keeping the inventory, documentation, and a named human owner current.
What the room thinks: In between local hosting and global Agentic progress
We closed the Unique AI session with a live poll on sovereign AI made in Switzerland. Around 50 participants responded, and the results reveal a market that is interested but not yet convinced.
Three takeaways stand out:
Geography matters, but less than the headlines suggest. Almost 50% in the room would strongly prefer Switzerland-exclusive processing and storage. This aligns with the session's core argument: practitioners increasingly evaluate sovereignty through control — keys, access, auditability — rather than borders alone. Strict data residency is a hard requirement for some institutions and use cases, but it is not the universal demand it is often portrayed to be.
The appetite is real, but the price tag gives pause. Roughly one in three participants considers a CHF 200 million joint commitment feasible. That's a meaningful base of believers for an undertaking of this scale- But it also signals that the business case for a Swiss sovereign frontier model still needs to be made more concrete before the broader market moves.
Strategic budgets exist, while the urge to decide is rising. A quarter of participants could envision a CHF 1 million annual usage commitment within one to two years. Extrapolated across the Swiss financial center, that's a viable early-adopter cohort, potentially enough to anchor a sovereign AI initiative in the future.
Taken together, the poll paints a picture of pragmatic openness: the Swiss market wants the option of sovereign AI, but adoption will be earned through demonstrated control, compliance, and ROI.
Recent events only sharpen this case. Last Friday, the US Department of Commerce issued an export-control directive citing national security, suspending all access to Fable 5 and Mythos 5 for any foreign national overnight. For Swiss institutions, this is a live demonstration of the risk that runs through this entire discussion: dependence on a single provider or a single model is a strategic vulnerability, not just a procurement detail. Two conclusions follow. First, resilience demands a multi-LLM strategy — the ability to combine and switch between models so that no single vendor or jurisdiction can switch off a bank's AI capability. Second, and more fundamentally, true sovereignty cannot be rented from abroad: an adequate sovereign AI strategy for the Swiss financial center will, in the end, require Switzerland to build and operate its own sovereign AI model.