For a century, Switzerland embodied trust through banking secrecy. Today, it is no longer silence that protects value, but "proof".

In the age of global data and extraterritorial cloud, the new wealth is no longer in vaults, but on servers — and the question is no longer “where is my data?”, but “under what law does it obey?”.

A change of era

Since the entry into force of the DORA (Digital Operational Resilience Act) regulation, European financial institutions must demonstrate that they control their digital chain, including when their systems rely on international cloud providers. However, most of these providers, mainly American, are subject to the CLOUD Act, which allows Washington to demand the handover of data, even if stored in Europe.

This contradiction places institutions in an unsolvable dilemma: complying with DORA, the GDPR, and national laws while continuing to use global infrastructures.

Until now, the only solution has been to localize the data, a technically complex, economically burdensome, and legally incomplete model. Because moving data does not move the law: even when hosted locally, it often remains subject to foreign jurisdictions through the operators or tools it uses.

The Swiss idea: no longer moving data, but sovereignty.

This is where the approach developed by JaaS39 comes in, a Swiss technological and legal initiative that reverses the logic by bringing sovereignty to where the data is, rather than moving the data to European or even Swiss datacenters .

In practical terms, JaaS39 installs a fiduciary capsule, a certified software component, within the client's digital environment (public, private, or hybrid cloud). This capsule creates a zone of Swiss jurisdiction at the very heart of the foreign infrastructure. All sensitive operations (encryption, signature, auditing) are executed under Swiss fiduciary custody, that is, within a neutral legal framework governed by Swiss law.

The data itself doesn't change by a single byte:

From law to code: sovereignty as a service

This mechanism, called Jurisdiction-as-a-Service (JaaS) , transforms a legal principle—sovereignty—into digital infrastructure. Where hyperscalers promise compliance, Switzerland can now certify it. Each deployed module becomes a digital “micro-consulate” of Swiss neutrality: an autonomous and traceable enclave of law, continuously auditable by regulators.

This approach is now aligned with the latest European standards:

• DORA RTS 2024 on operational resilience,

• EUCS Sovereign Cloud 2025 level 3 (“Enhanced”),

• and FINMA 23/1 on the technological continuity of critical infrastructures.

A structural advantage for regulated institutions

For banks, insurers, fintechs or healthcare providers, the benefit is immediate:

• no data migration,

• Verifiable conformity

• divided governance costs,

• Automated continuous auditing.

For states and regulators, this approach offers an unprecedented lever: the possibility of verifying sovereignty without encroaching on confidentiality. Every transaction, every signature, every access is recorded under Swiss control, but without Switzerland seeing the data itself.

This is the principle of zero-knowledge compliance: governing without monitoring.

And what about Switzerland?

By exporting this architecture, the Swiss Confederation is not selling a technology, but a method. It becomes the source of reproducible neutrality, a model that other jurisdictions can certify locally while maintaining Swiss traceability. This is a new form of digital diplomacy, where trust is no longer negotiated through treaties, but through verifiable algorithms.

The market to conquer

The European market for verifiable sovereignty is estimated at 3.5 billion Swiss francs by 2028, boosted by DORA, NIS2, and future directives on artificial intelligence. Hyperscalers themselves acknowledge that their "localized" model is no longer sufficient.

Programmable neutrality

In a world where every power wants to repatriate its data, Switzerland can become what the international system has lost: a universal trusted third party.

Swiss neutrality, once institutional, is becoming programmable. Thanks to cryptographic proofs and fiduciary governance, Switzerland can protect the world's data without possessing it, just as it once protected assets and secrets.

Digital sovereignty as a new asset

Bank secrecy is dead, that's true, but it is reborn in another form: that of an auditable digital sovereignty, stronger, more legitimate, and more useful to the global economy.

Institutions, regulators, technology partners: Switzerland isn't waiting for Europe to come to it. It's bringing compliance, neutrality, and trust to where the data is.