Swiss sanctions and crypto assets services: When can providers refuse instructions?
In two decisions of 28 April 2026 (4A_535/2025 and 4A_537/2025), the Swiss Federal Supreme Court addressed the application of Switzerland's sanctions asset freeze regime to crypto assets held with a Swiss provider of crypto asset brokerage and custody services. The Court confirmed that, where concrete indications give rise to the suspicion that crypto assets may be owned or directly or indirectly controlled by a sanctioned person, the service provider may validly refuse to execute client instructions to release or transfer those assets.
The decisions clarify the interaction between the service provider’s public-law obligations under the Swiss sanctions framework and its contractual duties towards the client. They also raise practical questions specific to the custody of digital assets, in particular where access to the assets depends on wallets, private keys or custody infrastructure.
Publié: 1 juillet 2026
Deputy Managing Partner, Head of FinTech
Partner, Co-Head of Private Clients
Associate
| Publié: 1 juillet 2026 | ||
| Auteurs |
Fedor Poskriakov |
Deputy Managing Partner, Head of FinTech |
|
Alexander Greter |
Partner, Co-Head of Private Clients |
|
|
Marina Voloshinovskaya |
Associate |
|
| Expertise |
Banking and Finance |
1
Background
Swiss sanctions against Russia, set out in the Ordinance on measures in connection with the situation in Ukraine (“UKRO”) and largely aligned with the European Union’s sanctions framework, include an asset freeze regime applying to funds and economic resources owned or directly or indirectly controlled by listed persons.
Article 15 UKRO provides that assets and economic resources owned or controlled directly or indirectly by persons, enterprises and entities listed in Annex 8, by persons acting on their behalf or at their direction, or by enterprises and entities owned or controlled by such persons, shall be frozen. It also prohibits making assets or economic resources available to them, directly or indirectly. Article 16(1) UKRO requires any person or institution holding or managing funds, or having knowledge of funds or economic resources, to report to the Swiss state secretariat for economic affairs (“SECO”) where there is reason to believe that those assets fall within the scope of the freeze. Breaches of UKRO may be sanctioned under Article 9 of the federal act on the implementation of international sanctions (“Embargo Act”).
The standard under Article 16 UKRO does not require proof. It is sufficient that concrete indications give rise to the suspicion that the assets fall within the scope of the asset freeze. This approach has been addressed in prior Swiss case law. [1] The two decisions discussed here confirm its application in the context of crypto assets held with a Swiss provider of crypto asset brokerage and custody services, and clarify that a provider acting on that basis does not breach its contractual obligations towards the client. [2]
[1] Cf. for example Federal Administrative Court Case B-3925/2023, dated 29 July 2024, which illustrates this approach in the context of assets transferred to a non-listed family member shortly before a Swiss listing.
[2] In a parallel development, the Federal Supreme Court held in 4A_305/2025 (13 March 2026) that Swiss sanctions against Russia constitute overriding mandatory law, barring enforcement of an arbitral award that would have indirectly benefited a sanctioned entity regardless of the governing law of the underlying claim. Cf. our Insight available here.
2
The decisions and the Court's reasoning
The two cases arose from a similar institutional setting. The claimant companies had entered into broker and custody agreements with the same Swiss provider of crypto asset brokerage and custody services. They held portfolios of crypto assets with that provider and were connected, through different ownership structures, to the same sanctioned Russian oligarch. In neither case was the claimant entity itself sanctioned.
The claimants sought the release of specified cryptocurrency positions. Their requests included transfer to designated wallets and, in the alternative, transfer to an offline ledger, delivery of the private keys or sale of the positions against CHF. The provider refused to comply, relying on statutory grounds linked to the UKRO asset freeze regime.
The Federal Supreme Court focused on the threshold at which a provider holding or administering assets must act. The asset freeze under Article 15 UKRO applies by operation of law where the statutory conditions are fulfilled. In this context, according to the Court, a provider cannot wait for certainty, or for a formal SECO order, before refusing a release instruction. The operative standard is supplied by Article 16 UKRO: it is sufficient that concrete indications give rise to the assumption that the assets fall within the asset freeze.
The Court thus linked reporting and maintaining the freeze: if a provider must report assets to SECO because it is to be assumed that they fall under Article 15 UKRO, it must also keep those assets frozen. Otherwise, the provider could report assets potentially subject to the asset freeze while allowing them to be withdrawn before SECO can assess the matter.
The Federal Supreme Court did not decide the indirect-control issue on the merits or develop a detailed test for indirect control. Rather, it proceeded on the basis that the lower court had identified concrete indications of possible indirect control and focused on the legal consequences of those indications for the provider.
The contractual analysis was framed through Article 397 of the Swiss Code of Obligations (“CO”). The Court confirmed that a service provider must in principle follow client instructions, but this obligation is not unlimited. Instructions that would require the service provider to violate mandatory law, or that would otherwise unlawfully impair its legal position, need not be followed. Since complying with the transfer instructions would have exposed the provider to a breach of UKRO and therefore to potential liability under the Embargo Act, the refusal was lawful. No breach of Article 397 CO arose.
3
Implications for crypto asset service providers
The decisions confirm that a provider holding or administering crypto assets must make its own assessment of sanctions exposure. The absence of a formal listing of the immediate client is not sufficient if concrete indications suggest that the assets may be owned or directly or indirectly controlled by a listed person.
The service provider’s refusal is not merely a contractual choice. Where the Article 16 UKRO threshold is met, refusal to execute the client's instruction is the consequence of the provider's obligation to preserve the effect of the asset freeze. A provider that must report assets to SECO because they may fall under Article 15 UKRO cannot simultaneously release them before SECO has had the opportunity to assess the matter. SECO's interpretive guidance (“SECO FAQ”) confirms that, before releasing assets frozen on a precautionary basis, the provider must consult SECO and set out the reasons that would justify the release (cf. section 1.9 SECO FAQ).
The decisions also raise a practical question specific to crypto custody. Their facts involved a provider that was able to block transfer instructions effectively. The reasoning therefore fits most naturally with a custodial model, where the provider holds or controls the relevant private keys, signing process or withdrawal infrastructure.
In such a model, the provider is practically able to implement the asset freeze by refusing to execute transfer instructions. It may also have the visibility necessary to identify assets potentially subject to Article 15 UKRO and to satisfy its reporting obligation under Article 16 UKRO.
Separately, SECO's interpretive guidance draws a distinction between the asset freeze under Article 15 UKRO and the prohibition on providing crypto asset services under Article 20 UKRO. Under the latter provision, mere blocking of crypto wallets and accounts is not sufficient: the wallets and accounts must be closed entirely, and remaining balances must either be returned to the client or converted into fiat currency or non-sanctioned assets, subject to the deposit restrictions under Article 20(1) UKRO (cf. section 2.9.27 SECO FAQ). Providers should therefore assess separately, for each client relationship, whether Article 15 and/or Article 20 UKRO is engaged, as the required response differs. Of note, the prohibition to accept crypto assets under Article 20 UKRO is not discussed in these decisions.
The position may be more complex in non-custodial or hybrid models. Where the client retains control of private keys, or where assets are held through decentralised infrastructure, the provider’s ability to prevent movement of the assets may be limited. The extent of any reporting obligation would also depend on the provider’s knowledge of the relevant assets and of their possible connection to a listed person.
The decisions do not address those configurations. They leave open the practical question of how a provider should comply where its legal obligations depend on information or technical control that its custody architecture does not fully provide. Providers operating such models should assess whether, and how, their technical and contractual arrangements allow them to give effect to sanctions obligations.
4
Key Takeaways
- The knowledge theresholds under Articles 15-16 UKRO for freezing and reporting assets under the control of a sanctioned person does not require certainty. Concrete indications giving rise to the suspicion that assets fall under Articles 15-16 UKRO are sufficient. For consistency reasons, the reporting obligation and the asset freeze are functionally linked and share the same threshold.
- A service provider controlling, managing or administering crypto assets for a client (irrespective of the level of control it has) may refuse client instructions to transfer or release assets where executing the instruction would be inconsistent with the UKRO asset freeze regime. A refusal based on reasonable suspicions of control over the assets by a sanctioned person does not create contractual liability under Article 397 CO.
- The Federal Supreme Court did not decide the indirect-control issue on the merits or develop a detailed test for indirect control. Existing Swiss case law and SECO published practice provide sufficient elements and generally conclude that indirect control is assessed by reference to substance rather than mere formal ownership alone.
- For crypto asset service providers, the practical ability to give effect to the asset freeze depends on the custody model. Custodial providers that control wallets, private keys, signing processes and/or withdrawal infrastructure must freeze assets where the Article 15 UKRO threshold is met. There is more uncertainty in non-custodial or hybrid models, particularly where the provider has limited visibility over, or limited ability to prevent, movements of the relevant assets.
Please do not hesitate to contact us in case of any questions.
You may reach out to your usual contact at our firm or direct any sanction-specific queries to our dedicated task force at sanctions@lenzstaehelin.com.
You will find a summary of some of the recent work conducted by our sanctions task force – including advice on sanctions compliance, assistance with the review and implementation of internal policies and procedures, support with monitoring regulatory developments and guidance across sectors such as trading, shipping, industrial and luxury goods, as well as our involvement in internal audits and reviews aimed at helping clients assess and strengthen their sanctions compliance frameworks – in a two-page document available here.
Legal Note: The information contained in this Smart Insight newsletter is of general nature and does not constitute legal advice.
Contactez-nous
-
-
-
-
Valérie Menoud
Associée, Responsable du groupe ESG, Co-responsable du groupe Enquêtes internes, Genève -
-
-
-
| CONTACTS |
Shelby R. du Pasquier |
Associé, Responsable du groupe Droit bancaire et financier, Genève shelby.dupasquier@lenzstaehelin.com Tél: +41 58 450 70 00 |
|
Fedor Poskriakov |
Deputy Managing Partner, Head of FinTech, Genève fedor.poskriakov@lenzstaehelin.com Tél: +41 58 450 70 00 |
|
|
Philipp Fischer |
Associé, Genève philipp.fischer@lenzstaehelin.com Tél: +41 58 450 70 00 |
|
|
Valérie Menoud |
Associée, Responsable du groupe ESG, Co-responsable du groupe Enquêtes internes, Genève valerie.menoud@lenzstaehelin.com Tél: +41 58 450 70 00 |
|
|
Hikmat Maleh |
Associé, Co-responsable du groupe Investigations, Genève hikmat.maleh@lenzstaehelin.com Tél: +41 58 450 70 00 |
|
|
Harold Frey |
Associé, Responsable du groupe Judiciaire et Arbitrage, Zurich harold.frey@lenzstaehelin.com Tél: +41 58 450 80 00 |
|
|
Alexander Greter |
Partner, Co-Head of Private Clients, Zurich alexander.greter@lenzstaehelin.com Tél: +41 58 450 80 00 |
|
|
Astrid Waser |
Associée, Responsable du groupe ESG, Zurich astrid.waser@lenzstaehelin.com Tél: +41 58 450 80 00 |