Switzerland deliberately chose not to enact an AI Act, and is not building one. Here is exactly what that means, what binds your organisation today, and how our framework covers it.
revFADP & Council of Europe AI Convention
In Switzerland, AI governance for a private organisation runs almost entirely through data protection. The revised FADP governs any AI system that processes personal data, covering automated individual decision-making, profiling, transparency and information duties, and data protection impact assessments for high-risk processing. The Council of Europe AI Convention sets the direction of travel, and organisations serving EU clients fall within the EU AI Act regardless of Swiss law. Our framework assesses this real, binding surface today, and is built to absorb the federal AI bill expected at the end of 2026 the moment it lands.
AI making decisions that produce legal or similarly significant effects on individuals. Covers the revFADP information duty, the data subject's right to be heard, and meaningful human review.
High-risk processing and profiling driven by AI. Covers when a data protection impact assessment is required under the revFADP, and how risks to data subjects are documented and mitigated.
AI pipelines that route personal data outside Switzerland. Covers adequacy, contractual safeguards, and transparency where processing spans the EU, the Gulf, or other jurisdictions.
Our complete Swiss category maps the revFADP obligations that bite when AI processes personal data, plus the Council of Europe Convention principles and EU AI Act exposure for Swiss organisations serving the European market.
Request Full MappingBook a 30-minute discovery call. We will identify what the revFADP and the EU AI Act actually require of your AI use, and outline the fastest path to readiness.
Book Discovery Audit