How can Swiss banks govern Microsoft 365 Copilot data access step by step under FINMA Guidance 08/2024?

Direct answer: Govern it with a data-boundary-first sequence — classify data with Microsoft Purview sensitivity labels, enforce Purview DLP on Copilot prompts, pin processing to Azure Switzerland...

Why Copilot governance starts with data boundaries, not the license

The hard part is not the license — it is the control model. Microsoft 365 Copilot uses the Microsoft Graph to reach any file, email, or chat the user can already open, so it amplifies existing access. A Swiss private bank must decide whether AI-assisted drafting can be permitted while preserving confidentiality and supervision, as one Swiss private-banking analysis frames it.

FINMA Guidance 08/2024 does not ban AI. It requires demonstrable governance and risk management, and it recommends that institutions contact FINMA early when planning AI in critical processes. The steps below turn that expectation into an implementable checklist.

The same discipline Swiss firms apply to AI process automation under FINMA and the nFADP applies here: classify first, restrict second, monitor always.

Phase 1 — Establish the data and residency boundary

Start here because Copilot cannot be governed after the fact — the boundary must exist before the first prompt. This phase sets classification, residency, and access hygiene, the three controls FINMA maps to data quality and governance.

  1. Inventory and classify data with Microsoft Purview sensitivity labels. Define a 4-tier scheme (Public, Internal, Confidential, Restricted). Restricted covers client identifying data and cross-border banking secrecy scope under the nFADP.
  2. Set Azure Switzerland North / Switzerland West as the data residency boundary. Confirm in-country Microsoft 365 processing and document it; residency is a recurring FINMA outsourcing question addressed in the Microsoft FINMA compliance checklist.
  3. Run a SharePoint and OneDrive access review before enabling Copilot. Remediate overshared sites and “Everyone except external” links, because Copilot surfaces whatever the user can already reach.
  4. Apply container-level labels to Teams, SharePoint sites, and Dataverse tables. Sensitivity labels on Dataverse rows and Power Platform environments keep AI Builder and Copilot Studio agents inside the same boundary.

Phase 2 — Control what Copilot can read, generate, and retain

This phase enforces the boundary at runtime. The direct control is Microsoft Purview DLP for Copilot, which can exclude labeled content from being processed or summarized, plus retention and audit to satisfy FINMA’s documentation expectation.

  1. Enforce Microsoft Purview DLP policies scoped to Microsoft 365 Copilot. Block Restricted-labeled content from Copilot prompts and responses; DLP for Copilot evaluates labels at query time.
  2. Configure retention and eDiscovery for Copilot interactions. Prompts and responses are stored and discoverable; set retention to your records policy (commonly 10 years for Swiss banking records).
  3. Restrict Copilot Studio and AI Builder agents to approved data sources. Use Data Loss Prevention policies in the Power Platform admin center to separate business and non-business connectors in each environment.
  4. Enable audit logging and route Copilot activity to your SIEM. Purview Audit captures Copilot events; feed them to monitoring so compliance can evidence oversight to FINMA.

Phase 3 — Prove governance is working

FINMA rewards institutions that show their work. This phase converts controls into evidence: testing, human oversight, and a documented model inventory.

  1. Test for oversharing and prompt-injection before go-live. Run red-team prompts against Restricted data and record that DLP blocked them; keep the test log as documentation.
  2. Publish an AI inventory and human-in-the-loop policy. List each Copilot and agent use case, its data scope, and the named accountable owner, aligned with the four FINMA principles below.

The data shows Copilot inherits permissions verbatim. In Muze’s experience, 60–80% of the total effort is the pre-enablement access cleanup, not the technical DLP configuration.

According to PwC’s analysis of Guidance 08/2024, 2024, FINMA’s principles are complemented by the EU AI Act’s risk logic — so Swiss banks should design controls that satisfy both. This is the same evidence-led posture salmon exporters use when they automate multi-regulator reporting for bodies like Mattilsynet and SEPA: the regulator wants proof, not promises.

“Copilot does not create a new access problem — it exposes the one you already had. In every Swiss engagement we start by fixing SharePoint permissions and pinning residency to Switzerland North. The DLP policy is the easy part; the data hygiene is the deliverable.” — Marco Chávez, Founder of Muze AI Consulting.

The four FINMA Guidance 08/2024 principles mapped to Microsoft controls

FINMA’s Guidance is organized around four supervisory themes. Each maps to a concrete Microsoft 365 and Power Platform control.

FINMA 08/2024 themeMicrosoft / Power Platform controlEvidence produced
Governance & accountabilityNamed AI owner + Purview AI inventoryDocumented use-case register
Data quality & confidentialitySensitivity labels + DLP for CopilotClassification report, DLP hit log
Testing & robustnessPre-go-live red-team prompt testsOversharing/injection test log
Documentation & transparencyPurview Audit + retention + eDiscoveryImmutable interaction records

Did you do this? — verification checklist

Use this table before you enable Copilot for the first production user group.

StepDoneNote
Purview sensitivity labels (4 tiers) deployedRestricted = client data
Data residency pinned to Switzerland NorthDocument for FINMA outsourcing
SharePoint/OneDrive access review completedRemove broad-share links
Dataverse & Power Platform environment labelsCover AI Builder / Copilot Studio
DLP for Copilot blocking Restricted contentTest with sample prompts
Copilot retention & eDiscovery configuredMatch records policy
Power Platform connector DLP policies setBusiness vs. non-business split
Audit logging routed to SIEMEvidence of oversight
Oversharing / prompt-injection test log keptPre-go-live
AI inventory + human-in-the-loop policy publishedNamed owners

Frequently asked questions

Does FINMA Guidance 08/2024 prohibit Swiss banks from using Microsoft 365 Copilot?

No. FINMA Guidance 08/2024 does not prohibit AI; it requires governance, data quality, testing, and documentation. FINMA recommends institutions contact it early when using AI in critical processes (FINMA, 2025). Copilot is permissible when data access, DLP, and audit controls are demonstrably in place.

Where is Microsoft 365 Copilot data processed for a Swiss bank, and can it stay in Switzerland?

Microsoft offers Azure Switzerland North and Switzerland West regions with in-country Microsoft 365 data residency for tenant content. Grounding data from the Microsoft Graph remains within your service boundary. Document residency because it is a standard FINMA outsourcing question in the Microsoft compliance checklist.

How do I stop Microsoft 365 Copilot from exposing confidential client files?

Apply Microsoft Purview sensitivity labels and scope a Purview DLP policy that excludes Restricted-labeled content from Copilot prompts and responses. Then remediate SharePoint oversharing, since Copilot can only surface what the user already has permission to open.

What is the difference between sensitivity labels and DLP for Copilot governance?

Sensitivity labels classify and persist protection on files and Dataverse rows; DLP for Copilot enforces rules at query time, blocking labeled content from being processed. You need both — classification without enforcement, or enforcement without classification, leaves gaps FINMA testing will find.

How long does a governed Copilot rollout take for a Swiss financial institution?

Plan 8–12 weeks. The technical DLP and residency configuration is fast; the dominant effort — typically 60–80% — is the pre-enablement SharePoint and OneDrive access cleanup and the classification of legacy content.

Do Copilot Studio and AI Builder agents fall under the same FINMA controls?

Yes. Any Power Platform AI use case handling supervised data is in scope. Use Power Platform environment sensitivity labels and connector-level DLP policies so custom agents built on Dataverse and AI Builder stay inside the same residency and classification boundary as Microsoft 365 Copilot.

// REFERENCES

  1. Financial Market Supervisory Authority (FINMA) Switzerland
  2. 2024 release wave 2 plans for Microsoft Dynamics 365 and ...
  3. Microsoft 365 E7 and Copilot: What Swiss Private Banks Should Consider — Mavai Schweiz
  4. FINMA survey: artificial intelligence gaining traction at ...
  5. What FINMA's Guidance 08/2024 means for your institution - PwC
  6. FINMA Guidance 08/2024 Governance and Risk Management when ...

// REFERENCE GUIDE

How do Swiss companies automate processes with AI under FINMA guidance and the nFADP? (2026 guide)

// KEEP READING

Related articles

Does your operation have a process like this?

Free 5-minute diagnostic · we identify your 3 highest-ROI automatable processes.

Get my FREE diagnostic →