What is Suisse Secrets? Everything You Need to Know About the Swiss Banking Leak

Suisse Secrets
Investigation

Suisse Secrets is an international investigation into one of the world’s wealthiest and most important banks.

Banner: James O’Brien/OCCRP

February 20, 2022

1. What is Suisse Secrets?

Suisse Secrets is an international investigation into one of the world’s wealthiest and most important banks.

More than 163 journalists from 48 media outlets in 39 countries across the world spent months analyzing bank account information leaked from Credit Suisse, Switzerland’s second-largest lender. The leak included more than 18,000 accounts that held in excess of US$100 billion at their peaks. It is the only known leak of a major Swiss bank’s client data to journalists.

Switzerland is a well-known destination for money from all over the world, in part because of its banking secrecy laws. There is nothing inherently wrong with having a Swiss bank account. But banks are supposed to avoid clients who earned money illegally or were involved in crimes — and reporters identified dozens of corrupt government officials, criminals, and alleged human rights abusers among Credit Suisse account holders.

Despite their notoriety — which, in some cases, would have been obvious from a quick Google search — Credit Suisse maintained relationships with some of these clients for years, though it is possible that some accounts were ordered frozen by law enforcement.

The Suisse Secrets project investigates these account holders, whose exploitation of Swiss banking secrecy is a prime example of how the international financial industry enables theft and corruption. Given Credit Suisse’s numerous pledges to reform its due diligence practices over the years, the project highlights the need for increased accountability in this sector.

Suisse Secrets Partners

The Suisse Secrets data was obtained by the German newspaper Süddeutsche Zeitung, which coordinated the project along with OCCRP. Expand this box to see the full list of partners.

  • Africa Uncensored (Kenya)
  • Alqatiba.com (Tunisia)
  • Armando.info (Venezuela)
  • Center for Investigative Reporting (Bosnia and Herzegovina)
  • Confluence Media (India)
  • Depeches du Mali (Mali)
  • Diario Rombe (Equatorial Guinea)
  • Efecto Cocuyo (Venezuela)
  • L’Evénement (Niger)
  • Expresso (Portugal)
  • Fact Focus (Pakistan)
  • The Guardian (United Kingdom)
  • Hetq (Armenia)
  • Impact.sn (Senegal)
  • Infobae (Argentina)
  • Infolibre (Spain)
  • Interferencia de Radioemisoras UCR (Costa Rica)
  • Investico (Netherlands)
  • Investigative Reporting Lab (North Macedonia)
  • IrpiMedia (Italy)
  • Kloop (Kyrgyzstan)
  • KRIK (Serbia)
  • La Nación (Argentina)
  • The Namibian (Namibia)
  • Miami Herald
  • Le Monde (France)
  • The New York Times (United States)
  • The News (Pakistan)
  • NewsHawks (Zimbabwe)
  • Norddeutscher Rundfunk (Germany)
  • OCCRP (Global)
  • Piaui (Brazil)
  • Prachatai (Thailand)
  • Premium Times (Nigeria)
  • Profil (Austria)
  • Reporter.lu (Luxembourg)
  • Shomrim (Israel)
  • Slidstvo.info (Ukraine)
  • Le Soir (Belgium)
  • La Stampa (Italy)
  • Süddeutsche Zeitung (Germany)
  • Sveriges Television (Sweden)
  • Trece Costa Rica Noticias (Costa Rica)
  • Turkmen News (Turkmenistan)
  • Twala.info (Algeria)
  • Verdade (Mozambique)
  • Vlast (Kazakhstan)
  • Westdeutscher Rundfunk (Germany)

2. Where did the data come from? What’s known about it?

The Suisse Secrets data was provided to the German newspaper Süddeutsche Zeitung by an anonymous source more than a year ago. Nothing is known about the source’s identity.

The source, however, did provide a statement explaining his or her motivations. It reads, in part:

“I believe that Swiss banking secrecy laws are immoral. The pretext of protecting financial privacy is merely a fig leaf covering the shameful role of Swiss banks as collaborators of tax evaders. … This situation enables corruption and starves developing countries of much-needed tax revenue.”

“I want to emphasize the fact that the responsibility for this state of affairs does not lie with Swiss banks but rather with the Swiss legal system. Banks are simply being good capitalists by maximizing profits within the legal framework they operate in. Simply put, Swiss legislators are responsible for enabling financial crimes and — by virtue of their direct democracy — the Swiss people have the power to do something about it.”

“I am aware that having an offshore Swiss bank account does not necessarily imply tax evasion or any other financial crime. I am sure that some of the accounts ... have a legitimate reason for existing or that they have been declared to tax authorities in compliance with the relevant legislation. However, it is likely that a significant number of these accounts were opened with the sole purpose of hiding their holder’s wealth.”

The full statement has been published by Süddeutsche Zeitung in English and German.

3. What’s in the leaked data?

The leaked data includes information about more than 18,000 Credit Suisse accounts and 30,000 account holders. (Some clients hold multiple accounts, while many accounts are controlled by multiple clients.)

The information about each account includes the account number, the name of the holder or holders, the opening and closing dates, and the maximum amount ever present in the account. There is no indication of whether they are checking, savings, or investment accounts.

Credit Suisse has multiple subsidiaries, and has also acquired several banks over the years. There’s no indication in the data whether some of these accounts were opened at one of those other banks before being moved to Credit Suisse, or whether they belong to a subsidiary. All accounts are referred to in this investigation as “Credit Suisse” accounts.

Some of the account holders are people, while others are legal entities such as companies. They are domiciled in more than 120 jurisdictions and represent over 160 nationalities.

The total amount of money held in the accounts at their maximum was more than US$100 billion. The average account held about 7.5 million Swiss francs at its largest point, but there were some outliers: Over a dozen accounts held more than 1 billion Swiss francs. These figures do not give any indication of the total amount of money moved through the accounts over the years, which is unknown but is likely to be much higher.

The data in the leak does not extend through the present day, though many of the accounts remained open well into the 2010s. The years with the most account openings were 2007 and 2008. The year of peak account closings was 2014, coinciding with the introduction of new regulations in Switzerland to automatically exchange tax information on clients with foreign residency. The average account was open for about 11 years.

4. Why are clients from some countries not represented in the data?

Though the leaked Credit Suisse data includes information about customers from more than 120 jurisdictions, some of the world’s biggest countries — including the United States, Russia, China, and Brazil — are not heavily represented.

While the reasons for this are not entirely clear, journalists observed that many clients that did appear in the data live in countries that did not sign on to use the Common Reporting Standard (CRS) — a global anti-tax evasion initiative that requires countries to automatically exchange basic banking information with tax authorities — or only agreed to signed on in the last few years.

Countries that featured heavily in the data, such as Egypt, Ukraine, and Venezuela, have not yet committed to exchange banking information under the CRS.

One outlier is the United States, which also has not signed on to the CRS and yet was not heavily represented in the leak. However, the United States has agreed to numerous bilateral tax treaties, including one with Switzerland, which gives tax authorities mutual access to banking information of customers suspected of tax evasion and other financial crimes.

5. How was the veracity of the data checked? What do we know and not know?

Journalists spent months interviewing knowledgeable insiders and checking the data against other sources, including company records, official gazettes, court files, and criminal investigations.

In dozens of cases, the account numbers in the data matched those found in external documents. The dates of birth of over 150 account-holders in the leak also matched those found in public records.

Reporters found additional corroboration of several Suisse Secrets bank accounts in two other leaks of banking data that had been obtained years earlier.

Accounts belonging to the sons of a high-level Azerbaijani official and one of their business partners appeared in data from the Troika and Azerbaijani Laundromats, two large money-laundering systems previously uncovered by OCCRP. Transaction records show that shell companies associated with the laundromats sent millions of dollars to the Credit Suisse accounts over a period of several years. (Learn more about the Talibov family’s Swiss bank accounts.)

Reporters also reached out to the clients whose information was leaked. In several cases, they confirmed the existence of the accounts listed in the data.

Citing client privacy, Credit Suisse neither confirmed nor denied the veracity of the leaked data.

One significant limitation of the data is that journalists were unable to determine whether the accounts they examined had been frozen at any point. When contacted by reporters, some clients said that their accounts had been frozen, but no clear pattern emerged in the data from these cases that could be applied to others.

6. How did journalists select whose information to publish? What about privacy concerns?

It is not a crime to open a Swiss bank account, and all journalists working on this project operated from that position. In responsible journalism, there is no justification for publishing private banking data without a compelling public interest.

That’s why the Suisse Secrets project used the leaked data — which will never be released in raw form — only as a starting point.

Journalists spent months confirming the veracity of the leak and investigating Credit Suisse’s clients. We pursued stories only when there was reason to suspect that clients were exploiting the Swiss banking system to nefarious ends. Conservative editorial judgment was used, and hundreds of accounts that raised questions were not ultimately reported on.

Those cases that merited publication involved clients known to have been high-risk: politically connected people or those accused or convicted of serious crimes. OCCRP’s interactive feature also follows this framework, showing dozens of Credit Suisse accounts belonging to prominent figures, alongside the scandals, criminal investigations, or high-profile political events they were involved in.

One example is Rodoljub Radulović, a high-ranking member of one of Eastern Europe’s largest cocaine-smuggling cartels, led by the notorious Serbian drug lord Darko Sarić. Radulović was able to open a Credit Suisse account despite a long history of involvement in financial scandals in the United States. He then used it to launder over 3 million euros’ worth of drug money, Serbian prosecutors say.

Another is Eduard Seidel, a former top executive in Nigeria for German telecommunications giant Siemens, whose accounts contained tens of millions of Swiss francs. Two of them remained open for almost a decade after allegations of his involvement in a major bribery scandal in Nigeria first broke.

Then there’s Muller Conrad ‘Billy’ Rautenbach, a mining magnate who has openly boasted of his willingness to bribe his way to the top, and was sanctioned by the U.S. and EU. He opened high-value accounts at Credit Suisse even after the U.N. warned he was allegedly overseeing corrupt mining deals in the Democratic Republic of Congo.

The larger story that unites these cases is that of a major financial institution that allowed clients to stash away laundered or stolen assets. Nearly all of the stories rely on publicly available information, meaning that Credit Suisse’s due diligence department would have had access to it as well.

“Everyone should have some access to the banking system,” said Graham Barrow, a financial crime specialist. “What you should not be able to do is use the banking system to introduce corruptly acquired wealth and legitimize it.”

In the end, the goal of investigative journalism is to identify and expose systemic failures. Over the last 20 years, Credit Suisse has been embroiled in more than a dozen major scandals involving corruption, tax evasion, money laundering, or other crimes on the part of its clients. The bank has paid multiple fines and reached multiple settlements with authorities, periodically promising to strengthen its compliance practices. But the scandals have continued.

7. What is a bank’s responsibility regarding its clients?

Journalists spoke to multiple financial experts, regulators, and banking insiders about what precautions Credit Suisse should have taken to prevent suspicious clients from being taken on.

Ross Delton, a U.S.-based anti-money-laundering expert and lawyer, said that high-risk and politically influential people aren’t prohibited from opening bank accounts, but must be subject to enhanced scrutiny. The origin of their wealth needs to be examined, and a senior manager must approve their onboarding, he said.

As for people convicted of corruption, “that’s a different level entirely,” he said. “There, the question should be whether to take the client on at all.” The same is the case for people who are convicted of drug dealing charges, appear on sanctions lists, or have outstanding Interpol notices.

“Although banks don’t like to say no, they are supposed to say no,” Delton said. “The probability of opening the bank to money laundering [in such cases] is so high that the account should not be open to begin with.”

Other specialists explained why institutions like Credit Suisse might be inclined to disregard these norms.

“Banks may make the calculation that they’ll earn more money from having that business than it will cost them in reputation,” said Graham Barrow, a financial crime specialist.

Another question pertinent to a bank of Credit Suisse’s size is what degree of responsibility it should assume when taking on clients through mergers. For example, in March 2013, the bank took on $13 billion in assets belonging to high-net-worth customers of Morgan Staneley’s Private Wealth Management division.

Monika Roth, a Swiss lawyer and jurist specializing in financial market legislation and white collar crime, said that there’s no official deadline in terms of when the bank must conduct checks on new clients coming from a merger. But the bank is still responsible for the risk of bringing them on, she said.

“The more exotic the place, the more susceptible to corruption, the more vulnerable the country of origin or residence of the client, the higher the assets brought in, the faster you have to have done it,” she said.

“Usually before the merger is approved, there should be extensive due diligence, including on money laundering risks,” said Maira Martini of Transparency International. “It is not justifiable to say that they were not aware [of money laundering risks] because the clients came from the other bank.”

8. What do experts say needs to change?

Many financial experts consulted on Credit Suisse and the questionable clients identified by reporters suggested that the problem went beyond the bank’s own due diligence failures, pointing to weak regulations throughout the Swiss banking industry.

Hervé Falciani, a French-Italian systems engineer credited with exposing more than 130,000 suspected tax evaders who were primarily clients at HSBC’s Swiss banking division, was blunt: “The system is the problem.”

The only way to expose its wrongdoing is to find ways to penetrate the veil of secrecy that protects it, he said.

“Do you see one week without a scandal, a tax scandal, or a money laundering scandal where Switzerland is not mentioned?” asked Sebastian Geux, a Swiss historian who has studied his country’s banking sector for nearly four decades.

The basic problem, specialists said, is insufficient regulatory enforcement.

James Henry, an economist and adviser to the Tax Justice Network, explained that the “basic penalty of choice” for banks operating in Switzerland is paying a fine. But “this is just a rounding error” that they pass off to their customers, or something they treat as “a cost of doing business.”

When Credit Suisse was fined 2.6 billion by the U.S. Department of Justice over what it described as “a conspiracy to aid U.S. tax evaders” in 2014, the fine itself was tax deductible, Henry pointed out. Nobody went to jail, and nobody lost any licenses. “Some CEOs have to go to jail,” he said. “They have to do actual jail time for this to hit home.”

Swiss law also makes journalistic reporting on financial crime difficult.

Article 47 of the Swiss Banking Law puts journalists in the country at risk of being prosecuted for merely possessing, much less publishing, private banking data. For that reason, Tamedia, a Swiss newspaper that was approached as a partner, chose not to participate in the Suisse Secrets investigation.

“This law is a massive restriction of press freedom in Switzerland,” said Arthur Rutishause, the newspaper’s chief editor. “It only serves to censor and intimidate the media. The law can protect criminals and their assets. Journalists who try to expose them risk criminal proceedings.”

9. What is Credit Suisse’s point of view? How has the bank responded?

In response to a detailed list of questions sent by Suisse Secrets journalists, Credit Suisse provided the following statement:

“Credit Suisse strongly rejects the allegations and inferences about the bank’s purported business practices. The matters presented are predominantly historical, in some cases dating back as far as the 1970s, and the accounts of these matters are based on partial, selective information taken out of context, resulting in tendentious interpretations of the bank's business conduct. While Credit Suisse cannot comment on potential client relationships, we can confirm that actions have been taken in line with applicable policies and regulatory requirements at the relevant times, and that related issues have already been addressed.”

“As a leading global financial institution, Credit Suisse is deeply aware of its responsibility to clients, and the financial system as a whole to ensure that the highest standards of conduct are upheld. These media allegations appear to be a concerted effort to discredit the bank and the Swiss financial marketplace, which has undergone significant changes over the last several years. In line with financial reforms across the sector and in Switzerland, Credit Suisse has taken a series of significant additional measures over the last decade, including considerable further investments in combating financial crime. Across the bank, Credit Suisse continues to strengthen its compliance and control framework, and as we have made clear, our strategy puts risk management at the very core of our business.”

Credit Suisse also provided additional responses on several topics. Following what the bank described as a “preliminary review” of “a large volume of accounts” about which reporters asked questions, the bank noted that “more than 90 percent” are now “closed or in the process of closure.”

“Of the remaining active accounts,” a Credit Suisse representative wrote, “we are comfortable that appropriate due diligence, reviews, and other control related steps were taken, including pending account closures.”

The representative wrote that Credit Suisse has a “strict zero tolerance policy towards tax evasion,” “only wishes to deal with clients who are tax compliant,” and “has implemented numerous client tax compliance programs spanning multiple jurisdictions.”

Turning to prevention of money laundering, the representative wrote that Credit Suisse has “stringent control mechanisms in place” and “conducts name screening in line with industry standards … both at onboarding as well as in relation to existing accounts.”

“Where we identify any relationships which could have been used for [money laundering] or other illicit activity, we take prompt and decisive action,” the representative wrote.

Credit Suisse also listed a number of risk management initiatives that “have already been completed or are underway” as part of a “full-scale risk review across the entire bank” that took place in 2021. These include:

  • “Fundamental risk review, examining how risks are being assessed, managed and controlled across the Group.”

  • “Clear definition of roles, responsibilities and accountabilities across all divisions, as Credit Suisse continues to implement remediation efforts that were initiated earlier in the year.”

  • “Development of tools and processes to improve business accountability and ownership as the first line of defense for risk and controls.”

  • “Revision of compensation process and structure, incorporating risk-sensitive performance and non-financial objectives into the enhanced performance scorecards.”

  • “Fostering a culture that reinforces the importance of personal accountability and responsibility.”

Citing Swiss banking secrecy legislation, the bank did not provide any answers about specific clients identified by reporters as problematic.

“We will continue to analyze the matters and take additional steps if necessary,” the Credit Suisse representative added.

10. What is OCCRP’s response to Credit Suisse’s criticisms?

Ultimately, Western banks like Credit Suisse handle most of the world’s criminal and corrupt money. Therefore, they bear the most responsibility for identifying and restricting it. Credit Suisse acknowledges that it is required to follow strict procedures that help the bank understand who its customers are and verify that their sources of income are legitimate. When the bank fails to perform this due diligence, crime and corruption becomes easier, more lucrative, and more successful — and we will report it.

We do so because financial secrecy is more than an academic abstraction: Opaque money means opaque power. When corrupt money can flow unhindered into the financial system, we get more crime, more extremism, and more undercutting of democratic norms. Dark money is now viewed by many countries as a significant national security issue.

The Swiss system, which values secrecy over accountability, is especially prone to misuse. Swiss banks have a long history of taking on bad clients, from the Nazis to some of the modern world’s worst autocratic dictators. They have pledged multiple times — and have indeed acted — to eliminate many bad people from their list of clients. Those actions are commendable. But they are held accountable only by a regulatory system that is restricted by secrecy laws and a government that prioritizes secrecy. The data leak on which the Suisse Secrets project is based represents a rare opportunity for journalists to independently hold this system accountable.

We believe the dozens of examples we have cited raise serious questions about Credit Suisse’s effectiveness and commitment to meeting its responsibilities. Without providing any corroborating information, Credit Suisse has claimed it has resolved “90 percent” of the cases we brought up. Even if we accept that, there are still a number of seriously corrupt or criminal characters who have Swiss accounts — and those are just the cases reporters asked about. There could be many more.

Credit Suisse has also said that the cases we are writing about are “historical.” But that is irrelevant. Our data shows the bank continued to keep clients for many years who were publicly known to be under indictment, accused of serious crimes, or have family members in positions of power in autocratic regimes. In some cases, account holders who appear in the data have confirmed to us that their accounts are still open.

Even many Credit Suisse employees reached by reporters said that there are special rules within the bank for the wealthiest clients regardless of their criminality, and that it has failed to do enough to weed out illicit funds.

One person believed this strongly enough to take action: The leaker of the data.

Fact-checking was provided by the OCCRP Fact-Checking Desk. Research on this story was provided by OCCRP ID. Data expertise was provided by OCCRP's data team.