coreIntelligence

    Trust & Compliance

    Built to help Swiss wealth managers and private banks meet FINMA's expectations for AI

    coreIntelligence builds the AI agents; FINMA's expectations apply to your institution. Here is how our product supports the governance, risk management and transparency your institution needs.

    Aligned with FINMA Guidance 08/2024

    FINMA Guidance 08/2024, “Governance and Risk Management when using Artificial Intelligence” (published 18 December 2024), sets out FINMA's expectations for supervised institutions using AI. It is principles-based interpretive guidance, not law - technology-neutral, risk-based and proportionate, so controls scale with the materiality of each use case.

    Those expectations apply to the supervised institution, not to the vendor. coreIntelligence's role is to make it straightforward for your institution to meet them - through the controls, documentation and transparency described below. We do not claim the product is “FINMA-approved” or “FINMA-certified”; FINMA does not certify vendor products.

    FINMA's seven focus areas

    How coreIntelligence helps your institution address each of FINMA's focus areas for AI governance and risk management.

    Governance

    Clear ownership and human-in-the-loop controls. Write actions require explicit user confirmation, so accountability for every AI-assisted decision stays with your team.

    Risk identification & classification

    Each agent is a scoped, inventoriable application your institution can risk-classify by materiality - with clearly defined use cases rather than open-ended automation.

    Data quality

    Read-only access to your source systems via OpenWealth MCP, with data lineage so every input can be traced to its origin system - no copies, no silent transformations.

    Testing & ongoing monitoring

    Support for validation before go-live and ongoing monitoring after, including breach alerts and performance review, so your institution can evidence continuous oversight.

    Documentation

    Model and system documentation, configuration records and change logs are made available to support correct use and your institution's own record-keeping.

    Explainability

    Every answer is grounded against your source data with citations, and every query, response and action is logged - so outputs can be explained to clients, auditors and FINMA.

    Independent verification

    We support review by a function independent of the builders: access to model and system documentation, audit logs and testing artefacts for your validation and third-party audits.

    For your vendor due diligence

    FINMA expects institutions to manage vendor-supplied AI through specific controls. coreIntelligence is the third party - here is what we provide to support your assessment.

    Contractual responsibility

    Our agreements allocate responsibility for data protection and confidentiality, and set out the basis on which AI output is delivered and used.

    Monitoring & testing rights

    Your institution can monitor and test the service on an ongoing basis, with access to logs and documentation needed to do so.

    Formal acknowledgment

    We acknowledge our responsibilities regarding output accuracy, data protection and confidentiality as your AI service provider.

    Provider competence

    A Swiss team of AI engineers specialised in wealth management - relevant skills and experience to deliver and support the service.

    Managing the risks FINMA names

    How the product helps your institution address the risk categories highlighted in the guidance.

    Model risk

    Outputs grounded against your data with citations; scoped use cases keep models within validated boundaries.

    Data risk

    Swiss data residency, encryption in transit and at rest, and read-only source access protect data security and integrity.

    IT & cyber risk

    Role-based access control, MFA, and regular security audits across infrastructure, application and operations.

    Third-party dependency

    Deployed in your environment or Swiss-hosted infrastructure; no confidential data is sent to external model providers.

    Legal & reputational

    Audit trails and explainable, citable outputs help you address client queries, scrutiny and regulatory review.

    Swiss data residency & banking secrecy

    Customer data stays in Switzerland or within your own environment. AI models run on Swiss infrastructure; no confidential data is sent to external model providers. The platform is designed to maintain the confidentiality obligations applicable to Swiss financial intermediaries, and is aligned with Swiss FADP/DSG and GDPR.

    Privacy PolicyTerms of Service

    Adjacent frameworks

    • FinSA / FIDLEG: suitability and appropriateness obligations apply in full - the institution remains responsible for advice quality.
    • FADP / DSG: Swiss data-protection law applies directly to AI data processing; we handle data accordingly.
    • EU AI Act (Reg. 2024/1689): relevant where AI outputs are used in the EU; we can support institutions operating cross-border.
    • Operational resilience: relevant where the agent supports a function your institution classifies as critical (FINMA Circular 2023/1; Guidance 05/2025).

    Frequently asked questions

    FINMA may refine its AI expectations over time. This page reflects our understanding of FINMA Guidance 08/2024 and related frameworks and is provided for information only - it is not legal advice. Institutions should verify the current position with FINMA and their own advisers.

    Talk to us about your FINMA assessment

    We're happy to walk your compliance and risk teams through our controls, documentation and deployment options.

    Request a demo