Why certified digital archiving is essential
Swiss fiduciary firms manage thousands of documents across dozens of mandates: invoices, financial statements, VAT returns, contracts, payslips, correspondence with authorities. Traditional paper archiving — binders, folders, fireproof cabinets — is costly, slow to search and vulnerable to physical damage. Certified digitalisation allows you to eliminate paper while maintaining the full evidentiary value of documents, provided the process meets the requirements of the Code of Obligations (CO), the Ordinance on the keeping and retention of business books (Olc) and the new Federal Act on Data Protection (nFADP).
Unlike a simple scan, certified digital archiving requires a documented and repeatable process: minimum resolution, permitted formats, cryptographic integrity hashes, access logs, standardised folder structure and retention policies aligned with statutory deadlines. For a fiduciary firm, this means defining clear rules applicable to all mandates and verifiable in the event of an audit or tax inspection.
This guide covers the entire digital archiving workflow for fiduciary firms: from legal requirements to scanning standards, from naming conventions to archive structure, from retention periods to audit access, through to the conditions for securely destroying paper originals. The goal is to provide an operational manual that the compliance officer or fiduciary principal can implement immediately.
Regulatory framework: CO, Olc, nFADP, FADPO and LTVA
Certified digital archiving in Switzerland rests on five regulatory pillars. Every fiduciary firm must understand them to ensure its document management system is compliant:
Code of Obligations (CO art. 957–963)
The CO establishes the obligation to keep and retain accounting books and supporting documents for at least 10 years from the close of the financial year. Art. 958f para. 1 expressly permits electronic retention, provided documents remain legible and verifiable for the entire retention period. Art. 957a requires integrity, completeness and traceability: every entry must be traceable to the original supporting document.
Ordinance Olc (GeBüV)
The Olc specifies technical requirements for electronic retention: documents must be stored on non-modifiable media (WORM) or protected by mechanisms that guarantee immutability (cryptographic hashes, access logs). Digitalisation quality must be sufficient to faithfully reproduce the original. The digitalisation process must be documented in an internal regulation (SOP).
New Federal Act on Data Protection (nFADP)
The nFADP, in force since 1 September 2023, imposes stringent requirements for the processing of personal data contained in archived documents: client, supplier and employee data. The fiduciary firm must ensure data minimisation, informed consent, right of access and deletion, and adopt adequate technical measures (encryption, access control, logging).
Data Protection Ordinance (FADPO)
The FADPO details the technical and organisational measures required by the nFADP: data protection impact assessments (DPIA) for high-risk processing, records of processing activities, breach notification to the FDPIC within 72 hours. For the digital archive, this means implementing audit trails, granular access control and incident response procedures.
VAT Act (LTVA art. 70)
The FTA accepts digital supporting documents for input tax deduction, provided they are legible, complete and retained in compliance with the Olc. For fiduciary firms managing client VAT accounting, this means every digitised invoice must maintain its evidentiary value for the entire 10-year retention period.
Compliant scanning standards
Scanning is the first critical step: a poorly digitised document loses its evidentiary value. The Olc does not prescribe exact technical parameters, but established practice and FOBL recommendations define clear minimum requirements:
Requirements for compliant scanning
- Minimum resolution of 300 DPI for standard text documents (invoices, bank statements, contracts). For documents with fine graphic detail (floor plans, technical drawings) 600 DPI is recommended
- Archival format PDF/A (ISO 19005) for long-term retention. PDF/A ensures the document remains readable regardless of the software used to open it. Permitted alternatives: uncompressed TIFF for high-resolution images
- Colour scanning for documents where colour is relevant (stamps, ink signatures, logos on invoices). For purely textual documents, greyscale is sufficient but colour is still recommended to avoid disputes
- Completeness verification: every page of the original document must be scanned, including front and back if printed on both sides. Multi-page documents must be archived as a single PDF file, not as separate pages
- Post-scan quality control: visual verification that the digitised document is readable, complete and free of artefacts. The system should automatically generate a cryptographic hash (SHA-256) at the time of archiving to certify file integrity
File naming conventions
A consistent naming convention is essential for the retrievability and verifiability of archived documents. The file name structure must allow immediate identification of the mandate, document type, date and content:
| Document type | Convention | Example |
|---|---|---|
| Received invoice | YYYY-MM-DD_RI_supplier_amount | 2026-03-15_RI_SwissCom_1250.00.pdf |
| Issued invoice | YYYY-MM-DD_II_number_client | 2026-03-20_II_2026-047_Rossi-SA.pdf |
| Bank statement | YYYY-MM_BS_bank_account | 2026-03_BS_UBS_CH93-0076-2011-6238-5295-7.pdf |
| VAT return | YYYY-QN_VAT_quarter | 2026-Q1_VAT_Q1-January-March.pdf |
| Contract | YYYY-MM-DD_CTR_counterparty_subject | 2026-01-10_CTR_Bianchi-Sagl_lease.pdf |
Digital archive structure
The archive structure must be hierarchical, consistent across all mandates and easily navigable by both internal staff and auditors. The following four-level structure is recommended for fiduciary firms:
Level 1 — Client / Mandate
The root folder is the mandate: each client has its own main folder identified by mandate code and company name (e.g. M-2024-001_Rossi-SA). This allows complete data isolation for each client, also facilitating deletion operations in the event of a right-to-be-forgotten request (nFADP).
Level 2 — Financial year
Within each mandate, a subfolder per financial year (e.g. 2025, 2026). This simplifies retention deadline management: when the 10-year period expires, the entire annual folder can be reviewed and, if appropriate, archived or deleted.
Level 3 — Document category
Within each year, folders by category: 01_Invoices-received, 02_Invoices-issued, 03_Bank-statements, 04_VAT, 05_Payroll, 06_Contracts, 07_Correspondence, 08_Financial-statements. Sequential numbering ensures consistent ordering in any file manager.
Level 4 — Individual document
The individual file, named according to the defined naming convention. Each document is a PDF/A file with a cryptographic hash recorded in the archiving log. For documents with attachments (e.g. invoice + delivery note), a single folder containing the related files.
Retention policy
Retention periods are established by the CO and vary by document type. The fiduciary firm must implement an automated reminder system that flags when a document has exceeded its mandatory retention period:
| Document type | Retention period | Start date |
|---|---|---|
| Balance sheet and income statement | 10 years | From the close of the financial year to which they relate |
| Issued and received invoices | 10 years | From the close of the financial year in which they were recorded |
| Bank statements | 10 years | From the close of the financial year to which they relate |
| VAT documentation | 10 years | From the end of the corresponding tax period (quarter/half-year) |
| Contracts and legal documents | 10 years from expiry | From the date of termination of the contractual relationship |
| Payroll and social security documents | 10 years | From the close of the financial year in which salary was paid |
Audit and review access
In the event of an accounting audit, FTA tax inspection or FDPIC review, the fiduciary firm must be able to provide rapid, structured access to archived documents. The digital archiving system must ensure:
Full-text and metadata search
The auditor must be able to search for a document by date, amount, supplier, invoice number or keyword. OCR applied during scanning makes PDFs searchable. Structured metadata (date, type, mandate, amount) enable fast cross-filtering.
Export in standard formats
The archive must support bulk export in PDF, CSV and XML. The FTA may request direct access to data in structured electronic format (eCH-0217 for VAT). The system must generate complete export packages with index and verification hash.
Granular access control
Each user has a profile with specific permissions: the associate sees only assigned mandates, the principal has full access, the auditor has temporary read-only access. Authorisations are documented and modifiable only by the administrator.
Complete audit trail
Every operation on the archive is tracked: who uploaded a document, who viewed it, who exported it, when and from which device. The log is immutable and retained for the same duration as the documents to which it refers.
Backup and disaster recovery
The archive must be replicated across at least two geographically separated data centres (ideally in Switzerland for nFADP compliance). Recovery time objective (RTO) must be under 4 hours. Periodic restore tests are mandatory to ensure actual data recoverability.
Destruction of paper originals
Art. 958f CO and the Olc permit the destruction of the paper original after compliant digitalisation. However, this operation is irreversible and must only be carried out when all conditions are met:
Conditions for secure destruction
- The digital copy has been visually verified and is complete, readable and faithful to the original in every aspect (text, signatures, stamps, attachments)
- The cryptographic hash (SHA-256) was generated and recorded in the archiving log at the time of digitalisation, certifying file integrity
- The digitalisation process is documented in the fiduciary firm's internal regulation (SOP) and the document falls within the categories authorised for destruction
- Destruction is carried out using secure methods (cross-cut shredder DIN 66399 level P-4 or higher for documents containing personal data) and the destruction log is archived with date, responsible person and document identifier
Warning: some documents CANNOT be destroyed even after digitalisation. Authenticated deeds, documents requiring a legally mandated handwritten signature, original debt instruments, wills and notarial acts must be retained in original form. When in doubt, always keep the paper original.
Practical implementation tips
- Define an internal archiving regulation (SOP) before starting digitalisation: it must cover responsibilities, scanning parameters, naming, folder structure, validation workflow and backup procedures. Have the document approved by the fiduciary principal
- Use scanners with automatic document feeders (ADF) for high volumes and ensure the scanning software automatically generates PDF/A with integrated OCR — saving time and reducing errors compared to manual page-by-page scanning
- Implement a dual control process: the associate scans and uploads, the mandate manager validates within 48 hours. Documents not validated by the deadline trigger an automatic alert
- For existing mandates with large paper archives, plan retroactive digitalisation by priority: first the documents from the last 2 years (most likely subject to audit), then the remainder up to the retention deadline
- Configure the system to automatically generate a monthly compliance report: documents archived, hashes verified, anomalies detected, documents nearing expiry. This report is your primary tool for demonstrating compliance during an audit
- Test disaster recovery at least once a year: simulate the loss of the primary server and verify that the restore from the backup archive is complete, consistent and meets the expected recovery time (RTO < 4 hours)
- Use AccountEX to centralise certified digital archiving across all mandates: scanning with integrated OCR, automatic cryptographic hashing, multi-mandate structure, granular access control and complete audit trail — all compliant with CO, Olc and nFADP
Simplify your Swiss accounting
AccountEX handles VAT, QR-invoices and bookings with AI. Start for free.
Start Free