Financial Advisory & KYC Forms
Client onboarding, risk profiling, source-of-wealth documentation, AML questionnaires — built for independent advisors, wealth managers, and fiduciaries who cannot hand client financial data to a form vendor that can read it. Zero-knowledge encryption, Swiss hosting, aligned with FINMA and nFADP expectations.
Financial advisory runs on two types of information that clients want handled with absolute care: their wealth and the story of how they came to hold it. A KYC file — identity documents, source of wealth, PEP status, risk-tolerance answers, asset declarations — is one of the most concentrated pieces of personal data an adult will ever share with a professional. Yet many advisors still collect it through general-purpose online forms whose provider can read every field before the document ever reaches the compliance team.
Schweizerform is built on the opposite premise. Every submission — a KYC questionnaire, a risk-profile form, a source-of-wealth declaration, an uploaded bank statement — is encrypted in the client's browser before it reaches our servers. We physically cannot read it. For Swiss independent asset managers, trust companies, family offices, and EU-regulated advisors, that property — combined with Swiss hosting and nFADP-aligned architecture — turns online client intake from a weak link into a defensible control.
Who this page is for
Independent asset managers (IAMs/FINIA), trust companies and fiduciaries, wealth and investment advisors, family offices, mortgage and insurance brokers, and compliance officers at any firm subject to AML/CFT obligations — in Switzerland, in the EU, or serving clients across both.
Why Most Form Tools Fail Financial Advisory
Most online form tools — Google Forms, Typeform, JotForm, Cognito Forms in its default mode — operate on a conventional SaaS model: the client's browser sends plain-text data over HTTPS, and the provider's server stores it. That server can read everything. So can the provider's staff, their integration partners, anyone who compromises their infrastructure, and any authority that serves a lawful order on the provider.
For most forms — event RSVPs, feedback surveys — that model is fine. For a financial advisor collecting KYC, it creates a very specific and avoidable problem: the client's full financial profile is sitting in plain text on a third-party server, typically outside Switzerland.
- A new wealth-management client discloses an eight-figure net worth and the family assets behind it; the provider's database contains a readable statement before you have opened the file
- A PEP (politically exposed person) discloses connections, relatives, and associates; those names are exposed in the provider's systems and their analytics
- A source-of-wealth questionnaire explains the sale of a private business; the narrative — including counter-parties and amounts — lives on the provider's infrastructure
- A document-upload field accepts a copy of a passport, a tax return, or a bank statement; the file is scanned by the provider's antivirus, backed up, and often processed in US-hosted cloud storage
- A data-access request or subpoena targets the provider; it reaches your client's financial life without the client ever being notified
Regulators increasingly expect confidentiality-by-design
FINMA guidance on operational risk and outsourcing, the Swiss nFADP (Art. 8 security, Art. 9 processor obligations), and the EU GDPR/EBA guidelines on outsourcing all push firms toward demonstrably controlled data handling — including for data captured through online channels. A third-party form vendor that can read raw client financial data is harder to defend in an inspection or audit than one that cannot.
How Schweizerform Preserves Client Confidentiality
Schweizerform is a zero-knowledge end-to-end encrypted form platform. The encryption happens in the client's browser, before any data leaves their device. Only holders of the form's Access Code can decrypt submissions. We — the provider — cannot.
You generate a form and an Access Code
When you create a KYC or onboarding form, Schweizerform generates a key pair and an Access Code. The public key lives in the form; the Access Code is held only by the advisor and compliance. Our servers never see it.
The client submits from any device
When a prospect fills the form, their browser encrypts every field — name, net worth, source-of-wealth narrative, uploaded documents — with strong symmetric encryption, then wraps the symmetric key to the form's public key. Our servers receive encrypted blobs they cannot decrypt.
You decrypt in-browser at the firm
When the advisor or compliance officer opens the submission, their browser fetches the encrypted blob, unwraps the symmetric key using the Access Code, and decrypts locally. The plain text never touches our servers.
Client confidentiality is protected by architecture, not policy
Because we never see plain-text submissions, we cannot be compelled to hand them over, expose them in a breach, or process them for analytics. Confidentiality is enforced by cryptography, not by trust in the vendor.
Concrete Financial-Advisory Use Cases
New-client KYC and onboarding
The flagship use case. A dedicated onboarding form collects identity documents, address verification, profession, declared net worth, investment objectives, and AML-required data. Each field is encrypted before submission. Compliance opens the file inside the firm's own browser and produces an internal record. The raw intake never exists in plain text outside the client's device and yours.
Source-of-wealth and source-of-funds declarations
AML obligations require a plausible explanation of how the client accumulated the assets under management, documented in narrative and evidence. These files are particularly sensitive: they describe business sales, inheritances, property transactions, and often identify third parties. Zero-knowledge encryption ensures those stories remain strictly between the client and the firm.
Risk profiling and suitability questionnaires
MiFID II, the Swiss FinSA (FIDLEG), and domestic suitability rules require written evidence of the client's knowledge, experience, objectives, and risk tolerance. An encrypted form is a cleaner control than email: structured, time-stamped, tied to a specific client, and unreadable to anyone without the Access Code.
PEP screening and sensitive-connection disclosures
Where clients are politically exposed persons or have relationships with PEPs, the declaration identifies government officials, family members, and close associates. The disclosure is both regulatory-required and politically sensitive; encrypted submission prevents the list from being indexed, cached, or exposed via the form vendor.
Periodic KYC refresh and life-event updates
AML rules require periodic re-documentation of the client relationship — and immediate updates on major life events (marriage, inheritance, new mandate). A zero-knowledge update form allows the existing client to re-submit without email back-and-forth, while preserving the same confidentiality posture as the original onboarding.
Mortgage and insurance broker intake
Mortgage and insurance intermediaries collect income, assets, liabilities, medical data (for life or disability cover), and supporting documents. The same architecture applies: the raw financial and health profile sits only on the broker's workstation after decryption, not on the form vendor's servers.
What Clients, Regulators, and Subpoenas See
| View | Generic provider | Schweizerform |
|---|---|---|
| Client filling the form | Plain-text form, stored on vendor cloud | Plain-text form, encrypted in-browser before submission |
| Provider staff / support agent | Can read KYC content and documents | Cannot decrypt; sees encrypted blobs only |
| Subpoena served on the provider | Plain-text client files can be produced | Encrypted ciphertext only; useless without the Access Code |
| Provider breach | Readable financial profiles and documents exposed | Ciphertext exposed; content remains unreadable |
Regulatory Context: FINMA, AML, FinSA, GDPR
Swiss financial intermediaries are subject to a layered regime: the Anti-Money Laundering Act (AMLA/GwG) and its implementing ordinances, FINMA circulars on operational risk and outsourcing, the Financial Services Act (FinSA/FIDLEG) for advisory and suitability obligations, the Financial Institutions Act (FinIA/FINIG) for licensed asset managers, and the nFADP for personal data. EU-regulated advisors face MiFID II, local AML transpositions (AMLD), the GDPR, and EBA outsourcing guidelines.
Across these frameworks, one theme recurs: the firm remains responsible for the data it collects, including through third-party channels. A form vendor with read access to client files enlarges the firm's outsourcing footprint and its Schrems II / cross-border transfer exposure. A zero-knowledge form vendor does not — the vendor never holds the data in a readable form, and so is a narrower processor in practice.
Encryption is one control among several
Schweizerform gives you a strong technical confidentiality layer for the intake channel. Your AML programme still needs risk assessment, PEP screening, transaction monitoring, record-keeping, and reporting procedures. The encrypted form makes the intake side defensible; the compliance framework around it does the rest.
Features Relevant to Advisory and KYC
- Zero-knowledge end-to-end encryption on every submission — no provider read access to KYC content
- Encrypted document uploads for ID, passports, tax returns, bank statements, and trust deeds
- Multi-language forms (EN / DE / FR / IT) out of the box — essential for Swiss cross-cantonal and cross-border client bases
- Per-form Access Codes that can be scoped to specific teams (advisor, compliance, internal audit)
- Swiss hosting with nFADP-aligned data-processing posture — response payloads do not leave Switzerland
- Audit log of access events (who opened a submission, when) without exposing submission content
- Structured data export after decryption, for feeding into your CRM or core system inside the firm
- Free tier suitable for piloting a single onboarding form before firm-wide rollout
Common Objections
"We already use a secure client portal."
Full-featured client portals are excellent for ongoing relationships, but they are heavy for first-touch intake. A zero-knowledge form sits at the entry point: the prospect fills a link before any portal credentials exist. It complements, rather than replaces, the portal used for day-to-day document exchange.
"If we lose the Access Code, we lose the files."
Correct, and it is a deliberate property of zero-knowledge architecture. The recommended practice is documented key custody — sealed envelopes held by two partners, split custody between advisory and compliance, or a hardware security module — so that no single custodian can lose or unilaterally unlock client files.
"We need to feed onboarding data into our CRM."
Integrations exist, but they happen after decryption, on the advisor's workstation or a firm-controlled server. The encrypted submission is decrypted in-browser and then exported into the CRM. An integration on our server side is by definition impossible — we do not have the keys.
"Our clients expect to send documents by email."
Email still dominates habit, but it is increasingly hard to defend for KYC: unencrypted in transit across mail relays, retained indefinitely on personal devices, searchable by anyone with later access to the account. A short branded intake form is often more credible to a sophisticated client than an ad-hoc email, and it is demonstrably safer.
Rolling Out a Schweizerform Intake Channel
Decide which forms to start with
Typical first form: new-client onboarding and source-of-wealth declaration combined. Add a short risk-profile questionnaire once the intake form is live.
Agree key custody
Decide who holds the Access Code (e.g. one partner and the compliance officer), document the custody procedure, and test recovery from the escrow copy before the first real client submits.
Translate the form into the relevant languages
For Swiss firms, that usually means DE / FR / IT / EN at minimum. The same form renders in every language and remains end-to-end encrypted across all of them.
Replace the email-attachment flow with a single link
Instead of asking prospects to email scans of identity documents, send them the encrypted form link as part of the welcome sequence. One clean intake, signed off by compliance before any advisory action.
Review and retain
After decryption, store the file under your existing record-keeping policy (10 years under AMLA, longer if your internal policy is stricter). The encrypted submission on Schweizerform is a working channel, not the long-term archive.
The Bottom Line
Financial advisory is built on trust. A client who shares their net worth, family relationships, and source of wealth with an advisor expects those details to stay inside the advisory relationship — not to be replicated in readable form on a US-hosted cloud server belonging to a marketing-forms company.
Schweizerform offers a direct answer: zero-knowledge end-to-end encryption on every form, Swiss hosting, and a posture aligned with FINMA operational-risk expectations and nFADP requirements. No paid upgrade for security. No US-cloud dependency for response data. No third-party-readable copy of the client's financial life on a server you do not control.
Start with a single new-client onboarding form on the free tier. Swiss hosting, zero-knowledge encryption, and full EN / DE / FR / IT support — no credit card required.
Disclaimer: This page is general information and marketing content, not legal, regulatory, or financial-compliance advice. References to the Swiss AMLA/GwG, FINMA circulars, FinSA/FIDLEG, FinIA/FINIG, the nFADP, the EU GDPR, MiFID II, EBA outsourcing guidelines, and related frameworks are summarised at a conceptual level and are subject to jurisdictional interpretation and future regulatory change. Responsibility for AML, suitability, outsourcing, and data-protection compliance remains with the licensed firm. Consult qualified Swiss or EU financial-regulatory counsel and a data-protection specialist before making compliance or purchasing decisions.