Under Swiss criminal law, a violation of relevant local rules on outsourcing primarily leads to criminal liability for the violation of the secrecy obligation (Article 47 of the Banking Act, Article 69 of the Act on Financial Institutions and Article 35 of the Revised Federal Act on Data Protection). Additionally, a violation of the rules on outsourcing may lead to administrative measures with a punitive character. In certain circumstances — and not only in case of a breach of outsourcing rules but generally in the course of outsourcing — the following additional consequences under criminal law could be relevant:

• Article 271 of the Swiss Criminal Code. If the cloud service provider is required to disclose data (e.g., as a result of a legal obligation imposed by a foreign government), such disclosure, if it occurs outside of an official Swiss legal or administrative assistance procedure, might incur sanctions under this article.
• Article 273 of the Swiss Criminal Code. This article makes it an offense for a person to disclose a manufacturing or trade secret to a foreign official agency, a foreign organization, a foreign private enterprise or the agents of the same. 

Noncompliance with financial markets regulations may also lead to administrative measures being taken by the Swiss Financial Market Supervisory Authority against relevant supervised entities and their officers and executives. Additionally, violation or noncompliance could lead to civil law claims due to an infringement of personality rights. It might also trigger claims under contract law should the noncompliance/violation also breach any contractual agreement.