Start your company's cloud transformation in Switzerland with an audit-proof Swiss digital storage and archiving software with full DMS functionality including file sharing, a PDF reader and an Outlook integration.

"We secure your critical documents - and bring them to life".

Comply with Swiss document retention law.

Are your accounting records, medical histories and AMLA-relevant file notes currently archived lawfully (CO, VAT Act, AMLO-FINMA, FMH) and stored in an audit-proof format (Business Records Ordinance)?

Reduce dependencies on external providers.

Regain control over your data by insourcing files from third parties such as legacy archive providers, fiduciaries, IT companies and bring them under central governance.

One repository - one single source of truth.

Give all stakeholders quick access to the same normalized information assets and eliminate duplicate, contradictory, or incorrect document versions.

Turn unstructured data into business intelligence.

Gain insights from raw data thanks to OCR. Have PDFs summarized and questions answered solely with company knowledge, not Internet knowledge.

Take company knowledge to your people.

Make it easy for your team to find and work with PDFs. Engage your archive on a daily basis and lower the risk of sanctions because files cannot be found after years.

Pay as you go (PAYG) with dynamic file storage.

Optimize your cloud storage costs when retrieval patterns change with smart tiering by automatically moving rarely used PDFs to the most cost-effective access tier.

What does digital archiving mean?

With a digital archiving software in the cloud, a Swiss company can store its important documents electronically without having to keep the originals. We believe that a high-performance, audit-proof document management system (DMS) is actually the prerequisite for any digitization project in Switzerland.

Yet because most of the staff in today's Swiss companies deal with documents, a good DMS or enterprise content management (ECM) in Switzerland must cover the needs of all stakeholders:

1. For management, it is important to maintain an overview of the archived documents and to distribute access rights in an intuitive manner
2. For the legal department, it is important that the PDFs comply with legal retention obligations and are admissible as evidence in court proceedings
3. For the bookkeeping and controlling department, on the other hand, it is critical to logically link the documents in the archive with any type of accounting software
4. For the external auditor, it is convenient if the records can be verified directly in the originating system without having to create a special data room first
5. For operational staff, meanwhile, it is important to be able to immediately reintegrate the archived documents into day-to-day business processes and access them in milliseconds
6. For the IT department, last but not least, it is important to pass the data to peripheral systems via APIs, to ensure that the documents are protected against cyberattacks, to make regular backups and to be in a position to easily migrate to another data center if necessary

What are the advantages of an indexed and audit-proof archive in the Swiss cloud?

• Comply with Swiss law: Observe record-keeping and document retention legislation in Switzerland (here) and make sure your archive is audit proof
• Digitize your accounting, controlling and audit process in one go: electronic bookkeeping (here) retrieves daily business records at the touch of a button and the dreaded VAT audit (here) can take place remotely
• Benefit from faster retrieval times (milliseconds) compared to archives on tape drives (here) or other on-premises storage devices and relieve your staff from the associated IT overhead
• Harvest supposedly "dark data": this is invisible data (here) that your company processes as part of its regular business activities but fails to see or understand
• Operationalize business data across your organization: engage customers, automate business processes, and foster collaboration by eliminating information silos
• Define and monitor precise access controls to individual documents, data rooms or entire markets and grant permission to external stakeholders such as accountants, auditors, supervisory bodies, regulators, shareholders or investors
• Use intelligent document processing (here) to turn raw data into business insights and marvel at unexpected correlations
• We put a wide spectrum of enterprise search tools at your fingertips, from verbatim search to semantic search up to the targeted prompting of large language models or LLMs (here) to summarize long PDFs or get the confidential answer to a sensitive question from thousands of documents

What types of documents must be archived in Switzerland?

1. Obligation to archive accounting records for all Swiss companies

Every company registered in Switzerland or with a Swiss VAT number must retain the following business-relevant documents in a secure archive for a period of 10 years in an unalterable form in compliance with the CO (here) and Swiss Ordinance on Business Records (here):

• All accounting records, accounting cards, annual reports and audit reports (Art. 958f para. 1 CO)
• The share register and the register of beneficial owners as well as all documents on which an entry therein is based (Art. 686 para. 5 CO)
• All business records expected to have evidentiary value in, or influence on, potential legal proceedings (Art. 8 CC)

2. Record-keeping obligation for Swiss banks and FINMA-regulated financial institutions

Financial institutions in Switzerland subject to the Swiss Financial Market Supervisory Authority (FINMA) must retain for 10 years the following records as per Art. 74 para. 1 AMLO-FINMA (here):

1. All documents used to identify the contracting partner, controlling person, BO, as well as Forms A or K
2. A written note on the results of the application of the criteria for identifying business relationships with increased risks (customer risk scoring)
3. A written note or the documents containing the findings of the additional investigations into business relationships or transactions with increased risks
4. The documents underlying the executed transactions
5. A copy of suspicious activity reports (SAR) filed to the Money Laundering Reporting Office Switzerland (MROS)
6. A list of all business relationships subject to the Anti-Money Laundering Act

While ordinary Swiss companies can theoretically retain their accounting documents (with the exception of share registers and its equivalents) exclusively in foreign data centres, FINMA regulated Swiss financial institutions must store the above records and file notes "in a secure location in Switzerland that is accessible at all times" (Art. 74 para. 3 AMLO-FINMA). The following should also be noted: "If the server used is not located in Switzerland, the financial intermediary must have up-to-date physical or electronic copies of the relevant documents in Switzerland" (Art. 74 para. 4 AMLO-FINMA).

3. Obligation to keep medial records for doctors, healthcare professionals, ambulatory service providers and hospitals with a cantonal service mandate

The Swiss Medical Association FMH (here) stipulates in its Code of Professional Conduct, which is binding for all members, under Art. 12 entitled "Duty to make and keep records" (here) that "doctors must keep adequate records about the observations made and any measures taken in the exercise of their profession. They must be kept for at least 20 years following the last entry".

In addition, in Switzerland the relationship between doctor and patient is subject to the provisions of the simple mandate according to the FMH Guidelines: Legal Principles in Everyday Medical Practice (here): "As a service provider, the doctor is accountable to the patient at all times (Art. 400 para. 1 CO). He must keep a proper medical history. The obligation to keep records or documentation also ensues from the FMH Code of Professional Conduct and from cantonal healthcare laws" (p. 31).

In Switzerland, the medical record-keeping duty in the form of a patient record includes in particular:

• Documentation of the medical data and facts that are relevant to the medical treatment (BGE 141 III 363)
• Preparation of medical reports to ensure proper treatment, in particular in the case of treatment by several doctors or a transfer to another doctor
• Records to secure documentary evidence in the event of claims alleging medical malpractice made by patients
• Documents about the treatment: Diagnosis, X-rays, laboratory results, medical imagery, (electronic) prescriptions, eMedication plans, eMediplans (here), nursing reports, surgery reports, surgery videos, outpatient hospital reports, etc.
• Correspondence with other healthcare providers
• Documented (signed) patient briefing and informed patient consent with date and content of the briefing discussion (duty to provide information in accordance with Art. 10 FMH Code of Professional Conduct, BGE 133 III 121)

Medical records may be kept electronically if it can be established at any time who made which entries and when, and unauthorized persons do not have access. Unauthorized persons are all persons such as medical practice assistants (MPA), office staff etc. who are not involved in the treatment.

Backup copies of medical records must be made continuously or at least regularly and stored in a different location protected from unauthorized access (so-called offsite backups). The FMH generally recommends ensuring all data and all persons accessing it are located in Switzerland.

It is well established that incorrect or missing entries in medical records have a negative impact on legal proceedings and facilitate the patient's burden of proof.

What is the Swiss Electronic Patient Record (EPR)?

The electronic patient record (EPR) is a Swiss sharing platform for data and documents relating to physical health, to which data subjects can grant their doctors access (here). The Swiss patient record is basically nothing other than an audit-proof archive in the cloud that can be accessed from anywhere and to which both doctors and patients can upload files. That said, the electronic patient record does not release doctors from their duty to keep their own medical histories.

The electronic patient dossier is ideal for storing the dated and signed living will (here) for quick access in medical emergency situations without having to go through the insurance card (Art. 370-373 ZGB).

The Swiss Ordinance on the Electronic Patient Record (here) stipulates the following retention obligations for the EPR:

• The medical data collected by healthcare professionals in the electronic patient record must be destroyed after 20 years (Art. 10 para. 1)
• The data repositories must be located in Switzerland and be subject to Swiss law (Art. 12 para. 5)
• Logging of access: All accesses must be logged and the data in the access log must be accessible for 10 years without being able to be deleted

What is an accounting record under Swiss law?

According to Art. 957a para. 3 CO, accounting records (documentary evidence) are "all written documents on paper or in electronic or comparable form necessary to understand and reconstruct a business transaction or facts on which an accounting entry is based".

The following accounting records must be archived in Switzerland::

• Contracts
• Invoices
• Shipping documents such as waybills and bills of lading
• Payroll accounting (salary payments, social insurance, pension agreements)
• Business correspondence (only if relevant for accounting purposes)

In Switzerland, it is not required to retain in an audit-proof manner public deeds and entries in public registers such as extracts from the Swiss commercial registry and inscriptions in the land registry (Art. 9 CC).

What is the legal retention period in Switzerland?

Swiss accounting records subject to statutory archiving must be retained for 10 years in an audit-proof format (Art. 958f OR para. 1). After expiry of the statutory archiving period of ten years, Swiss companies - including banks - can permanently delete the respective documents and in principle all claims expire (Art. 127 CO).

An interesting case about the time limits for the retention and handover of bank documents heard by the Swiss Banking Ombudsman can be found under this link (here).

How long must patient records be kept in Switzerland?

Since January 1, 2023, the statutory minimum retention period for patient files (treatment records and medical histories) has been 20 years in many Swiss cantons. This is because of the new Swiss tort law, which now provides for a prescription period of 20 years for claims arising from medical malpractice:

"Claims for damages or satisfaction arising from personal injury or death of a person in breach of contract shall prescribe after 3 years from the day on which the injured party became aware of the damage, but in any case after 20 years from the day on which the harmful conduct occurred or ceased" (Art. 128a CO as amended).

In practical terms, this means that under civil law, medical practitioners can now be held liable for 20 years for gross misconduct. If the patient history is no longer available or is incomplete, there is no possibility of defense or exoneration in the event of liability claims.

Simultaneously, it is required under Swiss data protection law (here), that documents no longer needed for evidentiary purposes be deleted.

When does the statutory archiving obligation begin in Switzerland?

In Switzerland, the mandatory archiving period typically begins at the end of an observation period (e.g. the tax year) or the last legal transaction (e.g. after liquidation of a company, termination of a mandate contract, end of the medical treatment contract, following treatment or surgery).

Depending on the document type, the activation of archiving is triggered by one of the following actions ("event-based retention triggers"):

• Annual report, audit report and accounting records: the retention period begins at the expiry of the financial year (Art. 958f para. 1 CO)
• Documents underlying an entry in the share register (AG), register of capital contributions (GmbH) or register of members (cooperative): the retention period is 10 years following the deletion of the owner or usufructuary (AG), company member (GmbH) or cooperative member (Art. 686 para. 5 CO, Art. 697l para. 3 CO, Art. 790 para. 1 CO, Art. 837 para. 2 CO)
• Ledgers and other documents of a dissolved partnership: the retention period of 10 years starts on the date of the partnership’s deletion from the commercial register (Art. 590 para. 1 CO)
• The share register, accounting records, register of beneficial owners and all underlying documents: the retention period is 10 years following the deletion of the company (Art. 747 para. 1 CO)
• Records required under the Swiss Anti-Money Laundering Act (AMLA): the retention period begins with the termination of the business relationship or the completion of the transaction (Art. 7 para. 3 AMLA)
• Medical history: the retention obligation of 20 years begins with the last entry (e.g., Art. 26 para. 2 Health Act of the Canton of Berne)

Where and how must Swiss accounting records be stored?

In Switzerland, archivable accounting records must be retained "on paper, electronically or in a comparable manner, provided that correspondence with the underlying business transactions and circumstances is guaranteed thereby and provided they can be made readable again at any time" (Art. 958f para. 3 CO).

The Business Records Ordinance (here) is the implementing provision under Swiss Contract Law specifying the principles by which records in Switzerland must be retained in an audit-proof manner.

An audit-proof Swiss archive in the cloud has the following features:

• Authenticity and integrity: Swiss accounting documents must be recorded and stored in such a way that they cannot be altered undetectably (Art. 3 GeBüV). In other words, all records in a compliant Swiss archive must be immutable.
• Documentation: The technology used to store Swiss accounting records must be documented in a comprehensible manner. This documentation must be updated when necessary and is subject to the same statutory retention requirements as the accounting records themselves (Art. 4 GeBüV).
• Availability: Swiss accounting documents must be stored in such a way that they can be inspected and checked by an authorized person within a reasonable time until the legal retention period expires (Art. 6 GeBüV);
• Security and logging: All data in an audit-proof Swiss archive must be systematically indexed and protected against unauthorized access. Access permissions and retrieval histories and must be logged. These logbooks are subject to the same statutory retention rules as the underlying documents themselves (Art. 8 GeBüV).

Which file formats are compliant for archiving?

In Switzerland, the following file types (here) are permitted for the long-term preservation of digital records:

• Plain text (.txt)
• Comma separated values (.csv)
• Extensible markup language XML (.xml)
• PDF/A (.pdfa)
• Tag image file format (.tiff)
• Joint Photographic Experts Group - JPEG2000 (.jp2)
• Moving Pictures Experts Group MPEG-4 (.mpg)
• FFV1 (video coding), INTERLIS (geodata)
• Waveform Audio File Format - Wave (.wav)

What is the meaning of PDF/A?

PDF/A means Portable Document Format (A stands for archival). In contrast to the Tag Image File Format (TIFF), PDF/A enjoys a high level of acceptance across industries. It is practically the prescribed file format for archiving - in the EU and overseas. For example, the US Supreme Court requires documents submitted electronically must be in the PDF/A format.

To quote the ISO 19005 Standard (Document management), "PDF/A [...] provides a mechanism for representing electronic documents in a manner that preserves their visual appearance over time, independent of the tools and systems used for creating, storing or rendering the files" (here).

In essence, the PDF/A format differs from its PDF original in that it prohibits functions that are unsuitable for long-term archiving (such as audio and video content, executable files, password protection, encryption, links to external content, etc.). Ultimately, the files in an audit-proof Swiss cloud archive must be self-sufficient with all key document features such as content, fonts and color embedded.

360core uses high-throughput PDF to PDF/A-2b conformance convertors in its archiving engine to convert PDF to PDF/A-2b. We perform regular PDF/A validation tests (here) throughout the lifecycle of our archive assets.

Archiving of E-mails

E-mail archiving is defined as the systematic retention of e-mails and attachments in a single repository in line with an organization's records management program, for example to create a subset of messages associated with a particular topic, preserve messages of former employees, enable audit trails, full-text indexing, enhanced retrieval capabilities or the application of legal holds.

Email archiving software simplifies legal discovery and compliance with freedom of information laws (here) or GDPR requests and eliminates the need to search multiple networks and local drives.

Archiving of websites

In 2017 the US Financial Industry Regulatory Authority (FINRA) released a notice (here) stating all the business doing digital communications are required to keep a record. This includes website data, social media posts, and messages.

How much does a Swiss digital archive cost?

Our audit-proof document management system (DMS) and file sharing platform in Switzerland ("360 Documents") can be deployed online through a SaaS licence (here). The solution's pricing model is based on 360core's cloud tiers and depends on the number of users and the expected file storage space:

• 5 users and 100 GB document storage: CHF 300 per month
• 15 users with 200 GB document storage: CHF 600 per month
• 40 users with 500 GB document storage: CHF 1,200 per month
• 100 and more users with 1 TB and more document storage: upon request

360 Documents: Main product features

• Compliance with the MoReq2010 specification and the Design Criteria for Electronic Records Management Software Applications of the US Department of Defense (DoD 5015.2-STD) to guarantee interoperability between records systems
• Swiss legal compliance (CO and GeBüV): customization of retention schedules depending on business needs
• Full-text enterprise search with advanced filtering: keyword and semantic search in English, German, French, and Italian
• Business intelligence (BI) capabilities: question and summarize PDFs similar to Adobe's AI Assistant
• Outlook connector: archives e-mails and attachments directly from Microsoft Outlook
• Granular access permissions on file, folder and record class level
• File sharing platform: give internal and external access with password protection and link time limit configuration
• Support for a wide range of file types: Bioinformatics, CAD, ECAD, geodata, medical imaging, personal information management, websites
• OCR and business data extraction: industry-leading stack with confidence scores above 90%
• Automatic indexing ("360 Autoindexing") for over 100 data points: custom metadata templates
• Automatic document classification ("360 Recognizer"): detects e-mails, letters, contracts, invoices, passports, technical drawings, text messages, boarding passes, tickets, diagrams etc. thanks to computer vision (CV) and machine learning (ML) capabilities pretrained on Swiss business correspondence
• Automated redaction ("360 Autoredact") removes sensitive information (IBANs, account numbers, credit card numbers) from documents before release
• Dynamic PDF viewer with annotations overlay (comment, highlight, redact, etc.)
• PDF/A converter and validator

360 Documents: Security features

• Two-factor authentication (2FA) for Google and Microsoft Authenticator (supporting Greek, Cyrillic, Chinese and Japanese characters): internal and external users
• Passwordless authentication: passkeys under FIDO standards (here)
• Advanced encryption: data is encrypted both at rest, as well as in transit and in use to guarantee additional protection from cloud operator access (here)
• Data storage: Enterprise content is exclusively operated and stored in ISO 27001 certified data centres in Switzerland (replication over 2 availability zones) with no further transfer abroad
• 3-2-1-Backup: Daily backup in the cloud and weekly backup offline on tape (here)

360 Documents: Integrations

• Microsoft Outlook (integration into familiar user interface)
• 360pay (settle bills directly from invoices)

360 Documents: Architecture

Our multi-tenancy SaaS application guarantees complete tenant isolation on the file and object data storage level. Our storage classes are designed for 99.999999999% of data durability.

Our cloud tiers help satisfy compliance requirements for virtually every regulatory agency in the world.

Data in: Scanner, Outlook, upload

OCR technology: text recognition

Indexation along your folder structure

Full-text search with results highlighting

Further reading

360core archiving Add-in on Microsoft AppSource (here)

BDO (2021) Elektronische Buchführung und -belege aus mehrwertsteuerlicher Sicht (here)

Daniel Burgwinkel (2023) Ausblick auf die Trends in 2024 in der cloudbasierten Archivierung (here)

Alan Calder, Steve Watkins (2019) IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002 (here)

Federal Data Protection and Information Commissioner (2024) Patient records - inspection, storage and deletion of patient data (here)

James Densmore (2021) Data Pipelines Pocket Reference. Moving and Processing Data for Analytics (here)

DLM Forum Foundation (2011) Modular Requirements for Records Systems - Volume 1: Core Services & Plug-in Modules (here)

Evren Eryurek, Uri Gilad, Valliappa Lakshmanan, Anita Kibunguchy-Grant, Jessi Ashdown (2021) Data Governance: The Definitive Guide (here)

EXPERTsuisse (2014) Schweizer Handbuch der Wirtschaftsprüfung, Band "Buchführung und Rechnungslegung" (here)

FINMA (2023) Anti-Money Laundering Ordinance-FINMA (here)

FINRA (2017) Regulatory Notice 17-18. Social Media and Digital Communications. Guidance on Social Networking Websites and Business Communications (here)

FMH / Schweizerische Akademie der Medizinischen Wissenschaften - SAMW (2020) Rechtliche Grundlagen im medizinischen Alltag. Ein Leitfaden für die Praxis (here)

FMH (2023) IT-Grundschutz für Praxisärztinnen und Praxisärzte 11 Empfehlungen (here)

FMH (2023) Leitfaden für die Aufbewahrung und Archivierung (here)

FMH (2023) Standesordnung der FMH (here)

FMCH (2019) Richtlinien der FMCH für die Patienten-Aufklärung (here)

ISO 15489-1:2016 (2021) Information and documentation. Records management. Part 1: Concepts and principles (here)

ISO 19005-1:2005 (2020) ISO 19005-1:2005. Document management. Electronic document file format for long-term preservation (here)

ISO/IEC 27001:2022 (2022) Information security, cybersecurity and privacy protection. Information security management systems. Requirements (here)

Madhusudhan Konda (2023) Elasticsearch in Action, Second Edition (here)

James Lappin (2024) The science of recordkeeping systems - a realist perspective (here)

Netzwoche (2023) Cloudbasierte, revisionssichere ­Archivierung auf dem Vormarsch (here)

Dieter Pfaff, Ruud Flemming (2019) Schweizer Leitfaden zum Internen Kontrollsystem (IKS) (here)

Dieter Pfaff, Stephan Glanz, Thomas Stenz, Florian Zihler (2019) Rechnungslegung nach Obligationenrecht, veb.ch Praxiskommentar mit Berücksichtigung steuerrechtlicher Vorschriften (here)

PwC Switzerland (2021) Electronic invoicing (e-invoicing). A guide for organisations and institutions (here)

PwC Switzerland (2021) Confidence in your business procedures and information Information governance. Electronic archiving (here)

Thomas Rautenstrauch (2023) Aufbewahrungsfristen: Compliance-Anforderungen an die Geschäftsunterlagen (here)

William Saffady (2021) Records and Information Management. Fundamentals of Professional Practice (here)

Schweizerisches Bundesarchiv (2020) Standards für die Archivierung digitaler Unterlagen. Archivtaugliche Dateiformate (here)

Swiss Banking Ombudsman (Case number 2017/26) Time limits for retaining and providing bank documents (here)

Swiss Ordinance on Business Records (2013) (here)

Swiss Ordinance on Value Added Tax (2018) (here)

Swiss Ordinance on the Electronic Patient Record (2023) (here)

SRF News (2023) Digitales Gesundheitswesen - Das elektronische Patientendossier: Was Sie wissen müssen (hier)

Topsoft (2019) Compliance: GeBüV als Härtetest für die rechtskonforme Aufbewahrung digitaler Dokumente und Akten (here)

Sikander von Bhicknapahari (2021) L’obligation légale de conservation (here)

United States Department of Defense (2002) Design Criteria Standard for Electronic Records Management Software Applications (here)

Reto Zbinden (2023) Rechtliche Anforderungen an die Archivierung (here)

Thesauri

1. English

Brian Sheffield (2022) The Oxford Thesaurus - An A-Z Dictionary Of Synonyms (here)

Collins English Thesaurus (2019) (here)

Merriam-Webster's Collegiate Thesaurus, Second Edition (2018) (here)

2. German

Duden (2019) Das Synonymwörterbuch. 7., neu bearbeitete und erweiterte Auflage (here)

3. French

Emile Genouvrier, Claude Désirat, Tristan Hordé (2020) Dictionnaire Larousse des synonymes (here)

Le Robert (2022) Dictionnaire des synonymes, nuances et contraires (here)

4. Italian

Garzanti (2009) Dizionario dei sinonimi e contrari (here)

Michele Giocondi (2016) Grande dizionario Hoepli sinonimi e contrari della lingua italiana (here)

Maurizio Trifone (2013) Il Devoto-Oli dei sinonimi e contrari. Con analoghi, generici, inversi e gradazioni semantiche (here)

Exchange rates

Swiss Federal Office for Customs and Border Security FOCBS (2024) Daily exchange rates (here)