Skip to content
HERO Desktop - DE Compliance & FINMA 10.04.2026

Compliance & FINMA

FINMA compliance is not a project. It is a permanent condition.

FINMA expects supervised institutions to have verifiable controls over access, systems and data. Not as a one-off snapshot, but as a continuously operated and documented architecture.

What FINMA expects in concrete terms and what this means in technical terms.

The relevant principles for IT security at FINMA-regulated institutions are FINMA Circular 2023/1 (Operational risks and resilience) and RS 2008/21 for banks. The new supervisory regime under FinIA and FinSA has applied to asset managers and trustees since 2020, which also sets out specific requirements for operational security.

The requirements can be summarized in four areas: Firstly, access and authorization controls, i.e. who is allowed to access which systems and data, verifiably and with minimal rights. Secondly, monitoring and logging, i.e. all security-relevant events are recorded, stored and can be analyzed. Thirdly, business continuity and incident management, which means defined processes for emergencies, tested and documented. Fourthly, supplier management, i.e. proof that external service providers also meet the requirements.

We translate these requirements into concrete technical architectures based on Microsoft 365 and Microsoft Azure that fulfill these points structurally, not just on paper.

Access controls & authorization management

Least privilege is not a recommendation. It is a requirement for FINMA-regulated institutions.

The principle of minimum authorization means that each user receives exactly the rights they need for their task, and no more. Privileged access such as admin rights are not assigned permanently, but are only activated via Privileged Identity Management (PIM) on request, for a limited time and with a complete audit trail.

The same applies to external service providers, including us at Dinotronic: access to your environment is exclusively via GDAP (Granular Delegated Admin Privileges), role-based, time-limited and logged. You can see who has accessed what and when at any time.

This structure is not an additional measure for the audit, but the normal mode of operation. What is operated in this way on a daily basis can also be verified on a daily basis.

managed-digital-workplace-01
Logging, monitoring & incident management

A security incident is not the problem. Not dealing with it in a documented way is.

FINMA expects security incidents to be recognized, reported and processed. This requires three things: complete logging of all security-relevant events, a defined incident response procedure and the ability to reconstruct exactly what happened afterwards.

Microsoft Sentinel takes over the central logging and correlation of events from all connected systems: Identities, end devices, cloud services, network. Anomalies are automatically detected and prioritized. Our security team evaluates these signals 24/7 and initiates the incident response process if necessary.

Every incident is documented in writing: Time, affected systems, impact, measures, conclusion. This documentation is stored in an audit-proof manner and is available for audits on request. Not compiled when the audit comes, but kept on an ongoing basis.

managed-digital-workplace-02
FINMA compliance does not end with our own IT. It includes all service providers.

Who opened, changed or passed on which file and when?

Supervised institutions are responsible for the security of their data, even if it is held by an external provider. FINMA Circular 2023/1 is explicit: outsourcing does not release institutions from their responsibility. The service provider must meet the requirements and the institution must be able to prove this.

As an ISO 27001-certified Microsoft Solutions Partner, we structurally fulfill these requirements. Our certification is not a one-off, but is confirmed annually by an independent audit. Microsoft Azure and Microsoft 365 operate under a joint responsibility model that clearly defines which security responsibilities lie with Microsoft and which with us.

On request, we can provide you with the necessary evidence for your own supplier management: ISO certificate, processing directory, subcontractor overview and other documents to complete your compliance documentation.

Illustrations-Content-Split 8
Assessment

Do you like contemporary collaboration? Let's find out.

Why Dinotronic

Our expertise

solutions-managed-digital-workplace-experience 30 years of experience IT is changing rapidly. We have kept up with all the developments to date and have important certifications. We are constantly educating ourselves so that our customers don't have to.  
solutions-managed-digital-workplace-performance-claim High performance standards Good is not good enough for us, safe is not safe enough for us. We go the extra mile for our customers so that they can work in an environment that suits them.  
solutions-managed-digital-workplace-night-active We are nocturnal Cyberattacks know no working hours. That's why we work in two time zones and are also active at night for our customers.  
SMES From SMEs for SMEs As a Swiss SME, we know the challenges, but also the importance of SMEs for the Swiss economy.  
solutions-managed-digital-workplace-inspire We want to inspire customers We support customer projects and future visions with state-of-the-art technologies.  
solutions-managed-digital-workplace-recommendations High recommendation rate 90% of our customers recommend us (without being asked).  

90% of our customers recommend us to others. Will you be one of them?

“The collaboration is very personal, and we always have a competent point of contact. We are kept informed about new trends, enabling us to operate a modern and secure platform for our XfleX SaaS business software.”
Reto B. Camenzind
Reto B. CamenzindCEO, XfleX Software AG
‘Working with Dinotronic is reliable, open and genuinely collaborative – a team that thinks ahead, goes the extra mile and helps us to be better positioned.’
Marco Ancora
Marco AncoraCEO, Swiss Marketing Association
‘Dinotronic understands the needs of SMEs not only technically, but also culturally. The collaboration is characterised by trust, clarity and a genuine understanding of our requirements – exactly what we were looking for.’
Stefan Gübeli
Stefan GübeliCEO, SCHENK Systeme AG
‘As a newly founded company, it was essential to have a reliable IT infrastructure with clearly calculable costs. With Dinotronic as our partner, we could rely from the outset that we were professionally set up and could use the latest tools. We particularly appreciate the friendly manner, availability and solution-oriented approach.’
Ramon Scussel
Ramon ScusselCEO, PMT Management AG
‘Dinotronic impressed us right from the start with a culture and language that suited us and a professional offering that was well tailored to our needs.’
Beatrice Roth
Beatrice RothManaging Director at Verein Werkstätte Drahtzug
‘What we appreciate most about our long-standing collaboration with Dinotronic is the comprehensive package we receive, which includes advice, professionalism, knowledge and humanity.’
Marco Mori
Marco MoriCFO, Deputy Managing Director, SSM Schärer Schweiter Mettler AG
“The cooperation with Dinotronic is characterized by careful treatment of us as a customer and the provision of services tailored to our individual needs by very competent and friendly employees.”
Nicole Kaspar
Nicole KasparManaging Director at Finest Payroll AG

“The cooperation with Dinotronic was excellent from the first contact to the end of the project and I can wholeheartedly recommend the product to any company of any size.”

Cornelia Boss
Cornelia BossBusiness owner and CEO, B managed GmbH
“Dinotronic impresses with its reliability. An IT partner that understands our needs, delivers exactly what we need and is always there for us.”
Jan Vogt
Jan VogtChairman of the Board of Directors and Partner at Treuhandzentrum Zürich
“The IT infrastructure is the backbone of our company. Dinotronic supports us with expert IT consulting and ensures that all business processes run smoothly. We can react flexibly to changes and work in a secure, mobile and productive manner. We benefit from sustainable IT solutions tailored to our needs and appreciate the comprehensive and high-quality support.” 
Jim Steiner
Jim SteinerManaging Director at BSW SECURITY AG
“The collaboration with Dinotronic is trusting, fast and unagitated, i.e. without any major frictional losses.”
Dr. iur. Stephan Eschmann
Dr. iur. Stephan EschmannSenior Partner at Dr. Eschmann Attorneys at Law
“Thanks to the switch to Dinotronic's Digital Workplace, we were able to completely overhaul our outdated IT infrastructure and are now more efficient and secure than ever before.”
Julia Rautenstrauch
Julia RautenstrauchManaging Director at eular
“We have very good, open, transparent and goal-oriented communication, which means that challenges can be solved quickly and easily together. Dinotronic AG is an important and very reliable partner for us and, as a reseller of the Dinotronic product range, we have the ideal addition to our entire range of services.”
Reto Käser
Reto KäserManaging Director at limeQ AG
“Thanks to Dinotronic's solution based on Microsoft SharePoint and the Enterprise Mobility Suite, we are now able to streamline our processes by around 30% and can protect our sensitive data from unwanted access to the greatest possible extent.”
Andreas Balazs
Andreas BalazsPresident of Swiss Marketing
“Switching to the cloud with our own IT has paid off for us. Instead of investing huge sums in new, in-house components, which subsequently also have to be administered, we are now heading into a promising future in a lean and flexible way. Whatever else may come: We are more than equipped in terms of IT technology.”
Black silhouette of a person on a light backroung
Brigitte FivianManaging Director at BAZ Service

90% of our customers recommend us to others. Will you be one of them?

“The collaboration is very personal, and we always have a competent point of contact. We are kept informed about new trends, enabling us to operate a modern and secure platform for our XfleX SaaS business software.”
Reto B. Camenzind
Reto B. CamenzindCEO, XfleX Software AG
‘Working with Dinotronic is reliable, open and genuinely collaborative – a team that thinks ahead, goes the extra mile and helps us to be better positioned.’
Marco Ancora
Marco AncoraCEO, Swiss Marketing Association
‘Dinotronic understands the needs of SMEs not only technically, but also culturally. The collaboration is characterised by trust, clarity and a genuine understanding of our requirements – exactly what we were looking for.’
Stefan Gübeli
Stefan GübeliCEO, SCHENK Systeme AG
‘As a newly founded company, it was essential to have a reliable IT infrastructure with clearly calculable costs. With Dinotronic as our partner, we could rely from the outset that we were professionally set up and could use the latest tools. We particularly appreciate the friendly manner, availability and solution-oriented approach.’
Ramon Scussel
Ramon ScusselCEO, PMT Management AG
‘Dinotronic impressed us right from the start with a culture and language that suited us and a professional offering that was well tailored to our needs.’
Beatrice Roth
Beatrice RothManaging Director at Verein Werkstätte Drahtzug
‘What we appreciate most about our long-standing collaboration with Dinotronic is the comprehensive package we receive, which includes advice, professionalism, knowledge and humanity.’
Marco Mori
Marco MoriCFO, Deputy Managing Director, SSM Schärer Schweiter Mettler AG
“The cooperation with Dinotronic is characterized by careful treatment of us as a customer and the provision of services tailored to our individual needs by very competent and friendly employees.”
Nicole Kaspar
Nicole KasparManaging Director at Finest Payroll AG

“The cooperation with Dinotronic was excellent from the first contact to the end of the project and I can wholeheartedly recommend the product to any company of any size.”

Cornelia Boss
Cornelia BossBusiness owner and CEO, B managed GmbH
“Dinotronic impresses with its reliability. An IT partner that understands our needs, delivers exactly what we need and is always there for us.”
Jan Vogt
Jan VogtChairman of the Board of Directors and Partner at Treuhandzentrum Zürich
“The IT infrastructure is the backbone of our company. Dinotronic supports us with expert IT consulting and ensures that all business processes run smoothly. We can react flexibly to changes and work in a secure, mobile and productive manner. We benefit from sustainable IT solutions tailored to our needs and appreciate the comprehensive and high-quality support.” 
Jim Steiner
Jim SteinerManaging Director at BSW SECURITY AG
“The collaboration with Dinotronic is trusting, fast and unagitated, i.e. without any major frictional losses.”
Dr. iur. Stephan Eschmann
Dr. iur. Stephan EschmannSenior Partner at Dr. Eschmann Attorneys at Law
“Thanks to the switch to Dinotronic's Digital Workplace, we were able to completely overhaul our outdated IT infrastructure and are now more efficient and secure than ever before.”
Julia Rautenstrauch
Julia RautenstrauchManaging Director at eular
“We have very good, open, transparent and goal-oriented communication, which means that challenges can be solved quickly and easily together. Dinotronic AG is an important and very reliable partner for us and, as a reseller of the Dinotronic product range, we have the ideal addition to our entire range of services.”
Reto Käser
Reto KäserManaging Director at limeQ AG
“Thanks to Dinotronic's solution based on Microsoft SharePoint and the Enterprise Mobility Suite, we are now able to streamline our processes by around 30% and can protect our sensitive data from unwanted access to the greatest possible extent.”
Andreas Balazs
Andreas BalazsPresident of Swiss Marketing
“Switching to the cloud with our own IT has paid off for us. Instead of investing huge sums in new, in-house components, which subsequently also have to be administered, we are now heading into a promising future in a lean and flexible way. Whatever else may come: We are more than equipped in terms of IT technology.”
Black silhouette of a person on a light backroung
Brigitte FivianManaging Director at BAZ Service

Typical challenges faced by our customers

Help, things aren't running smoothly in IT? We only know that from hearsay.
TOO FEW RESOURCES IT is in a constant state of change. Good people are in demand. If there is a shortage of staff, it is a good idea to outsource the complex management of Microsoft 365 to someone who specializes in it.
I SEE SOMETHING YOU DON'T SEE Known problems are that employees or external parties can't log in to SharePoint or that someone can no longer share anything via OneDrive. It's all a question of attitude, we say.
HELP, I HAVE DELETED THE PROJECT Don't panic. These accidents are a thing of the past if everything has been set up correctly in the background.
BUT I HAVE BEEN WORKING ON VERSION_1-Z You can remove version salads from your daily menu in future. With us, you can see exactly who made what last.