On March 9, FINMA opened the consultation on the total revision of the Data Ordinance-FINMA (Communication). The hearing will last until May 10, 2022:
The aim of the total revision is to implement the revDSG in its data ordinance. The basis is Art. 23 FINMASA, which has been revised in the course of the revDSG:
1 FINMA may process or arrange for the processing of personal data, including personal data requiring special protection, within the scope of supervision under this Act and the financial market acts.
2 It may do so in particular for the purpose of:
a. the examination of the supervised persons;
b. supervision;
c. the conduct of a proceeding;
d. the assessment of the guarantee of irreproachable business activity;
e. the assessment of the conduct of a person in an activity for a supervised person or in the financial market; or
f. national and international administrative and legal assistance.
3 For data processing for the purpose referred to in paragraph 2 letter e, it shall be authorized to carry out profiling, including high-risk profiling, in accordance with the Data Protection Act of 25 September 2020.
4 It shall regulate the details.
A (not particularly meaningful) comparison of the current and the revised version is find here.