Compliance

Supporting FINMA-regulated customers in Switzerland

Security and compliance are top priorities for financial services institutions. At Google Cloud, we are driven to support our customers’ compliance efforts as they take advantage of our cloud services around the world. Core to our effort is obtaining third-party validation of our security and privacy practices and controls through regional and global certifications and standards. 

Today, we are pleased to announce that Google has obtained an ISAE (International Standard on Assurance Engagements) 3000 Type 1 Report for Google Cloud Platform (GCP), which addresses important regulatory requirements for financial services institutions in Switzerland. The ISAE 3000 Report, obtained after undergoing a rigorous third party audit, is routinely requested by our Swiss financial services customers to demonstrate that a service provider’s control framework specifically meets FINMA (the Swiss Financial Market Supervisory Authority) regulatory requirements. While cloud service providers are not regulated by FINMA, Google Cloud has obtained this report to help support our customers' compliance efforts. 

Following the launch of our Zurich GCP region (europe-west6) a few months ago, this effort further demonstrates Google’s commitment to the Swiss market. We are passionate about driving innovation and digital transformation in Switzerland, and the assurances that the ISAE 3000 Report provides can help financial services companies doing business in Switzerland take advantage of GCP compute, analytics, machine learning, security and other advanced features.

While the ISAE 3000 Type 1 Report is most relevant for our Swiss customers, we are committed to helping organizations around the world with their compliance journey. For example, we also recently received TISAX (Trusted Information Security Assessment Exchange) certification, a cybersecurity framework developed in Germany for the automotive industry that has since become an important automotive industry standard in Europe. 

For more information on the report and our ongoing compliance efforts, visit our compliance page.