A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# In case you have found a technical vulnerability in our system or someone

# is impersonating the Swiss Financial Market Supervisory FINMA, 

# we kindly ask you to send us this information via one of the following channels:





# our cyber security unit:

Contact: mailto:ict.security@finma.ch



# our contact page:

Website: https://www.finma.ch/de/kontakt/

Contact: mailto:questions@finma.ch





Expires: 2025-12-31 T23:59:59.000Z



Preferred-Languages: en, de, fr, it