Fintech Law.
9 de octubre de 2018

Publication of secondary provisions on prevention of money laundering and terrorist financing for Financial Technology Institutions.

Mexico City, September 28, 2018

Dear customers and friends:

As you know, on March 9, 2018, the Law to Regulate Financial Technology Institutions (“Fintech Law”) was published in the Official Gazette of the Federation (“DOF”).

In this regard, on Monday, September 10, the secondary provisions related to article 58 of the Fintech Law were published, related to the prevention and detection of resources of illicit origin, as well as the General provisions applicable to Financial Technology Institutions , which establish the regulatory framework applicable to the organization and operation of Financial Technology Institutions, be Collective Financing Institutions or Electronic Payment Funds Institutions (collectively, “ITFs”).

Fintech Law

In general terms, the Fintech Law establishes the necessary requirements and obligations that the ITFs must meet to establish and operate as such.

1.      Financial Technology Institutions.

The ITFs regulated under the Fintech Law are: (i) Collective Financing Institutions (crowdfundings) and (ii) Electronic Payment Funds Institutions

In general terms, Collective Financing Institutions are those that carry out activities aimed at putting people in general in contact with the purpose of granting financing (debt, capital and co-ownership or royalties) between them through computer applications , interfaces, internet pages or any other means of electronic or digital communication.

The Electronic Payment Funds Institutions are those that provide services consisting of the issuance, administration, redemption and transmission of electronic payment funds through computer applications, interfaces, websites or any other means of electronic or digital communication.

Considering the above, we could conclude that the purpose of the Fintech Law is to regulate the financing and payment operations carried out through technological means, seeking to protect investors and prevent money laundering and terrorist financing.

2.      Authorization to operate as ITF

Companies wishing to operate as ITF must obtain authorization from the National Banking and Securities Commission (“CNBV”), prior agreement of the Interinstitutional Committee, which is made up of two representatives of the Ministry of Finance and Public Credit, Banco de México and the CNBV, for which purpose they must submit the respective application and accompany certain documentation (draft bylaws, business plan, customer identification policies, policies to prevent conflicts of interest, risk disclosure policies and responsibilities, among others) .

In terms of the Fintech Law, companies that already carry out the activities reserved for ITFs must obtain their registration within a period not exceeding 12 months from the date on which the general provisions are published. Consequently, the aforementioned companies have until September 10, 2019 to obtain their authorization.

Considering that obtaining authorization from the Interinstitutional Committee could be an extensive procedure, we recommend that the procedure be initiated in a timely manner.

Once the authorization has been received by the Interinstitutional Committee, the ITFs must prove before the CNBV, at least 30 days before the beginning of their operations, that: (i) they are duly constituted, providing their data in the Public Registry of Commerce; (ii) have the required minimum capital, as appropriate; (iii) the directors and executives comply with the requirements established in the Fintech Law; and (iv) they have the technological infrastructure, procedures, policies and other requirements established by law.

Secondary Provisions.

1.      General provisions applicable to ITFs

As mentioned earlier, on September 10, the “General Provisions applicable to Financial Technology Institutions” were published in the DOF.

These provisions establish additional requirements to obtain authorization from the CNBV to operate and organize as an ITF, among which the presentation of the following information / documentation stands out:

  • Curriculum and protest letter from the sole administrator or members of the board of directors;
  • Characteristics that the business plan and the feasibility study must contain;
  • Certification by the CNBV of the compliance officer.

–Depending on the risk classification of customers), (iii) the minimum capital they must have to establish and operate will range from 500,000 to 700,000 UDIS [2] (depending on the operations they intend to carry out), as well as (iv) the criteria that ITFs must take into account to keep their accounting, the rules for the valuation of their values ​​and virtual assets, preparation of financial statements and disclosure of financial information, among other obligations that ITFs must meet .

[1]          To date, approximately between $ 18,345.44 and $ 61,151.47.

[2]          To date, approximately between $ 3,057,573.50 and $ 4,280,602.90.

In general terms, the minimum capital for ITFs will be 500,000 UDIS
–To date, approximately $ 3,057,573.50– when: (i) they do not carry out operations with virtual assets, (ii) they do not carry out operations in foreign currency or (iii) they do not act as a clearing house in media networks (in the case of institutions of electronic payment funds). If these operations are carried out, their minimum capital will be greater: 700,000 UDIS
–To date, approximately $ 4,280,602.90.

2.    Provisions related to the prevention of money laundering and terrorist financing

As we mentioned earlier, on September 10 the “General Provisions referred to in Article 58 of the Law to Regulate Financial Technology Institutions” were published, which relate to the prevention of money laundering and financing terrorism.

–Communication Committee and Control Committee– which must be registered, (vi) have an automated system to check data and monitor customer operations, among others.

3.     Secondary Provisions Pending

According to the Fintech Law, there are still some secondary provisions that must be published within the following six months (the Fintech Law established a period of 12 months from March 9, 2018).

These provisions are mainly related to the following topics: (i) use of electronic means, (ii) provision of third-party services, (iii) information security and operational continuity, (iv) self-correction programs and (v) agreement of CNBV and Banxico to share information.

For this purpose, we suggest being aware of the respective publications in order to be in compliance with the obligations established in the applicable regulations in force.

It is worth mentioning that carrying out activities reserved for ITFs without having the applicable authorizations could result in the imposition of fines or even the commission of crimes.

Hoping that the above information will be useful to you, in Kavanagh Gorozpe we have a team specialized in the subject available to resolve any question or comment related to the Fintech Law and the general provisions that regulate it, as well as any other matter related to the operation and operation of the ITFs.


With the special collaboration of Paul Kavanagh, Federico Gallego and Guillermo Alarcón.

The information contained herein is issued exclusively for the benefit of its recipient. The review, distribution or other use of the information contained therein is prohibited to any person other than the recipient. This constitutes a preliminary analysis for informational purposes only and in no way is intended to represent a legal opinion or the position of the issuer with respect to the object thereof. The considerations contained herein or reached may not coincide with the eventual opinion or criteria of the authorities, jurisdictional bodies or other relevant third parties in the matter.