VQF SRO Membership for Swiss Crypto Businesses: The Alternative to a Full FINMA Licence

Switzerland’s financial regulatory architecture is tiered. At the top sits the full FINMA banking licence — the most demanding authorisation in the Swiss financial system, requiring minimum capital of CHF 10 million, comprehensive prudential supervision, and access to the Swiss National Bank’s payment infrastructure. Below that is the FINMA securities dealer licence — still demanding, still directly supervised by FINMA, but attainable by a well-capitalised digital asset firm that does not take deposits. Further below is a regulatory layer that the majority of Swiss crypto businesses actually occupy: self-regulatory organisation membership.

SRO membership is Switzerland’s pragmatic solution to the challenge of supervising thousands of smaller financial intermediaries whose activities trigger anti-money laundering obligations but do not rise to the level of banking or securities dealing. For the Swiss crypto sector, this layer is where most of the industry lives — and the primary SRO within it is VQF.

What is VQF?

VQF — Verein zur Qualitätssicherung von Finanzdienstleistungen, translated as the Association for Quality Assurance in Financial Services — is Switzerland’s largest and most prominent FINMA-recognised self-regulatory organisation. Established in 1999, VQF was one of the first SROs recognised by FINMA under the Anti-Money Laundering Act (AMLA) framework, and it has grown to be the primary regulatory home for Swiss crypto businesses that require AML supervision but do not hold a direct FINMA licence.

VQF is a private-law association (Verein) under Swiss civil law. Its membership is drawn from the full range of financial intermediaries subject to AMLA: portfolio managers, investment advisors, insurance intermediaries, money exchange businesses, and — with increasing prominence since 2017 — crypto businesses including exchanges, brokers, OTC desks, and wallet service providers.

FINMA grants VQF its recognition as an SRO, meaning that FINMA supervises VQF itself while VQF supervises its members. This two-tier structure allows FINMA to exercise regulatory oversight over large numbers of financial intermediaries through a franchise arrangement — FINMA sets the standards, VQF applies them, and VQF members bear the cost of compliance through membership fees and audit obligations.

The Legal Basis: AMLA and the SRO Framework

The Anti-Money Laundering Act (Geldwäschereigesetz, GwG) is the statutory foundation for Switzerland’s AML/CFT regime. AMLA defines the categories of “financial intermediary” subject to Swiss AML obligations and requires every such intermediary to be either supervised directly by FINMA or affiliated with a FINMA-recognised SRO.

The relevant definition for crypto businesses is the AMLA’s treatment of virtual currency exchange and payment operations. Since FINMA’s landmark 2018 guidance on initial coin offerings and digital assets, businesses that exchange virtual currencies (crypto-to-fiat or crypto-to-crypto) or accept and transmit virtual currency payments on behalf of clients are classified as financial intermediaries subject to AMLA. Once classified as a financial intermediary, the business must affiliate with a FINMA-recognised SRO — or apply for direct FINMA supervision.

The vast majority of Swiss crypto businesses choose SRO membership rather than direct FINMA supervision, because the cost and administrative burden of direct supervision is calibrated for larger, more complex institutions. SRO membership provides compliant regulatory standing for businesses whose activities do not require — and whose scale does not justify — a direct FINMA licence.

Who Needs VQF SRO Membership

The threshold for SRO membership is lower than many crypto founders expect. Under AMLA, financial intermediary status — and therefore the SRO membership obligation — is triggered by:

Virtual currency exchange services: Any business that exchanges fiat currency for cryptocurrency (or vice versa), or exchanges one cryptocurrency for another, as a professional activity is a financial intermediary. This covers crypto brokers, exchange operators, and even Bitcoin ATM operators.

Payment transmission in virtual assets: Businesses that accept virtual assets from clients and transmit them to third parties — including certain DeFi gateway services, payment processors accepting crypto, and multi-signature custody arrangements where the service provider has independent control over asset movement — are financial intermediaries.

Transaction threshold relevance: The CHF 5,000 transaction threshold under AMLA is relevant for due diligence obligations (enhanced due diligence is required above this threshold), but the SRO membership obligation applies at the business level regardless of individual transaction sizes. A crypto business that regularly processes transactions in virtual assets — even small ones — needs SRO membership if it qualifies as a financial intermediary.

Ancillary crypto services: Some adjacent services — providing non-custodial software, running blockchain validators with no client fund handling, or providing analytics services — do not trigger financial intermediary status. The test is whether the business handles, controls, or transmits client funds or financial instruments. Pure software providers and infrastructure-only businesses generally fall outside AMLA’s scope, though each situation requires specific legal analysis.

VQF vs. Other Swiss SROs

VQF is the dominant SRO for Swiss crypto businesses, but it is not the only option. Other FINMA-recognised SROs include:

PolyReg: A Zurich-based SRO that was among the first to actively recruit crypto business members. PolyReg has developed particular expertise in virtual asset service provider (VASP) compliance. It competes with VQF for crypto business membership and is a credible alternative for businesses that prefer PolyReg’s specific compliance framework or fee structure.

ARIF (Association Romande des Intermédiaires Financiers): ARIF is the primary French-speaking SRO, based in Geneva. It serves financial intermediaries in the Romandy region and provides bilingual (French/German) compliance oversight. For French-speaking Swiss crypto businesses or those with Geneva-based operations, ARIF is a natural option.

asso: A smaller SRO serving primarily portfolio managers and financial advisors in French-speaking Switzerland.

Directly supervised by FINMA: Businesses that hold a FINMA banking, securities dealer, fund management, or fintech licence are directly supervised by FINMA rather than by an SRO. SRO membership is not required — or possible — for FINMA-licensed institutions.

The choice among VQF, PolyReg, and ARIF is largely a matter of the member’s geographic location, preferred compliance framework, and relationship preferences. VQF’s larger membership base provides the advantage of more developed guidance materials and case law from compliance decisions, but all three are credible choices for a well-run Swiss crypto business.

The VQF Membership Application Process

Obtaining VQF membership is a structured process that typically takes three to six months from initial application to admission:

Step 1 — Pre-Application Assessment: VQF expects applicants to conduct a self-assessment of their business model against AMLA financial intermediary categories. VQF’s secretariat provides preliminary guidance to applicants about whether their activities trigger membership requirements and which VQF membership category applies.

Step 2 — Application Submission: The formal application requires submission of:

• Business description and organisational structure
• Description of all products and services with AML relevance
• Draft or finalised internal AML/CFT compliance manual (Reglement)
• Identification of the person responsible for AML compliance (typically the compliance officer or a member of senior management)
• Evidence of adequate organisational infrastructure (staff, systems, procedures)
• Personal documentation for significant owners and key managers (criminal record certificates, curriculum vitae, details of prior regulatory encounters)
• Details of the business’s KYC/CDD process for client onboarding
• Financial information demonstrating operational viability

Step 3 — Compliance Manual Review: VQF reviews the applicant’s compliance manual against its model regulations for AMLA compliance. VQF provides substantive feedback and requires revisions to bring the manual to the required standard. This is typically the longest step — the compliance manual must be customised to the business’s specific activities and risk profile, not simply a generic template.

Step 4 — Admission Decision: VQF’s board of directors reviews the complete application and makes the admission decision. Conditional admission (requiring completion of outstanding compliance items within a defined period) is common. Full admission follows once all conditions are met.

Step 5 — Introductory Audit: Within the first year of membership, VQF typically requires a compliance audit of the newly admitted member, verifying that the actual business operations match the compliance manual and that client onboarding, transaction monitoring, and reporting procedures are functioning as documented.

Ongoing Obligations for VQF Members

SRO membership is not a one-time administrative exercise. VQF members have ongoing compliance obligations that require continuous operational attention:

Client Due Diligence (CDD): Members must apply know-your-customer (KYC) procedures to all clients. For crypto businesses, this means identity verification of individual and corporate clients, beneficial ownership determination for corporate clients, and ongoing monitoring of client relationships. Enhanced due diligence is required for clients above the CHF 5,000 transaction threshold and for politically exposed persons (PEPs).

Transaction Monitoring: Members must monitor client transactions for suspicious patterns indicative of money laundering or terrorist financing. For crypto businesses, FINMA and VQF provide specific guidance on crypto-relevant typologies: unusual transaction patterns on the blockchain, use of mixing services, structuring (breaking large transactions into smaller ones to avoid thresholds), and rapid conversion between assets.

Suspicious Activity Reporting (SAR): When a VQF member identifies a transaction or client relationship that it suspects is connected to money laundering or terrorist financing, it is legally obligated to file a suspicious activity report with the Money Laundering Reporting Office Switzerland (MROS). The obligation to file is strict: members cannot continue servicing a suspicious client relationship without reporting, and a member that fails to report faces regulatory and criminal consequences.

Travel Rule Compliance: Switzerland implemented the FATF Travel Rule for virtual assets, requiring crypto businesses to collect and transmit beneficiary information for virtual asset transfers above CHF 1,000. VQF members are required to comply with Travel Rule obligations and to implement technical solutions enabling information exchange with counterpart VASPs.

Annual Reporting: VQF members submit annual compliance reports to VQF covering their AML/CFT activities during the year — numbers of SARs filed, transaction monitoring alerts investigated, and any material compliance incidents.

Periodic Audit: VQF commissions periodic external audits of member businesses, typically conducted by FINMA-recognised audit firms. The audit reviews the member’s AML compliance framework against AMLA requirements and VQF regulations. Audit findings require remediation, and persistent compliance deficiencies can result in sanctions including membership suspension.

AML Training: VQF requires member businesses to demonstrate that their staff involved in client relationship management and transaction monitoring receive regular AML/CFT training. VQF itself provides training materials and periodically organises member education programmes.

Costs of VQF Membership

VQF membership involves several cost components:

Annual membership fee: Typically CHF 3,000–15,000 per year, calibrated to the size and business volume of the member. Smaller crypto businesses with limited client bases pay toward the lower end; businesses with significant client numbers and transaction volumes pay more.

Admission fee: A one-time application and admission fee, typically CHF 1,000–2,000.

Compliance audit costs: External audit fees are borne by the member. For a small crypto business, a periodic VQF-commissioned audit might cost CHF 5,000–15,000 depending on scope.

Compliance infrastructure: The internal cost of maintaining a compliance function — staffing a compliance officer or retaining a compliance service provider, implementing transaction monitoring software, and maintaining KYC documentation systems — is typically the largest ongoing cost. For a small crypto business, outsourced compliance support ranges from CHF 20,000–60,000 per year depending on business complexity.

The total annual cost of VQF membership and compliance for a small Swiss crypto business — membership fee, audit, and compliance function — is typically in the range of CHF 40,000–80,000 per year. This is significantly less than the cost of a direct FINMA securities dealer licence, which requires minimum capital of CHF 1.5 million and ongoing direct supervisory costs.

What VQF SRO Membership Does NOT Cover

VQF SRO membership is powerful but limited. Understanding its limits is as important as understanding what it provides:

It does not grant securities trading permissions: VQF members may not trade securities (including investment tokens classified as securities) on a professional basis for clients. The moment a crypto business begins executing securities transactions at professional scale, a FINMA securities dealer licence becomes mandatory regardless of VQF membership.

It does not permit deposit-taking: VQF members may not accept public deposits in the manner of a bank. Taking client fiat deposits on a significant scale requires a banking licence or fintech licence.

It does not provide deposit protection: Client funds held with a VQF-supervised crypto business are not covered by the Swiss depositor protection scheme (esisuisse), which applies only to FINMA-licensed banks.

It does not provide the same counterparty credibility as a FINMA licence: Swiss institutional clients — family offices, asset managers, banks — typically have counterparty standards that require direct FINMA licensing. A VQF-supervised crypto business may find that institutional clients require it to upgrade to a securities dealer licence before they will transact.

It covers AML/CFT only: VQF membership addresses Switzerland’s anti-money laundering compliance obligations. It does not govern consumer protection, investment advice standards (which fall under FinSA), or prudential requirements.

How SRO Membership Interacts with FINMA Registration

Many crypto businesses operate under both VQF SRO membership and additional FINMA-level authorisation simultaneously. The interaction works as follows:

A crypto business that obtains a FINMA securities dealer licence exits the SRO regime — it is directly supervised by FINMA and no longer needs SRO membership. Bitcoin Suisse, for example, was a VQF member in its early years before graduating to a direct FINMA securities dealer licence.

However, a crypto business may also hold VQF membership in parallel with a FINMA fintech licence or a restricted FINMA authorisation that does not supersede the SRO’s AML supervision function. The key principle is that every financial intermediary must be supervised at all times — either directly by FINMA or through an SRO. There is no gap period and no business that operates in a regulatory vacuum.

For crypto businesses plotting a regulatory growth path in Switzerland, VQF SRO membership is the appropriate starting point — establishing compliant regulatory standing quickly and cost-effectively while the business builds toward the scale that justifies a direct FINMA application. The Swiss regulatory ladder is designed for this progression: SRO membership is a legitimate, durable compliance framework, not merely a waiting room for a FINMA licence.

Related Coverage

• FINMA Securities Dealer Licence: Requirements and Digital Asset Applications
• Bitcoin Suisse: Zug’s Pioneer Crypto Broker and Switzerland’s First Digital Asset Firm
• Switzerland’s Digital Asset Exchange Landscape: FINMA Licensing and Market Structure
• Institutional OTC Trading in Switzerland: Desks, Settlement, and Prime Brokerage

Donovan Vanderbilt is the founder of The Vanderbilt Portfolio AG, Zurich. ZUG TRADING does not provide investment advice. This article is for informational purposes only.