Types of institution regulated by law
Virtual asset transactions
Authorisation to operate as FTI
COFEMER analysis

FECC analysis


On March 23 2017 the Ministry of Finance and Public Credit (SHCP) distributed the first draft of the Financial Technology Bill to several members of the banking and financial industry.

On September 19 2017 the ministry circulated a substantially amended draft of the bill, which has been renamed the Financial Technology Institutions (FTIs) Law.

The law is based on the principles of:

  • developing financial inclusion and innovation;
  • fostering economic competition;
  • ensuring consumer protection;
  • preserving financial stability; and
  • preventing unlawful transactions.

The law aims to regulate the financial services provided by FTIs – including those which are bound to specific regulations and offered or rendered through innovative means – as well as the organisation of such institutions and their operations.

Some financial institutions devised strategies to innovate their practices in anticipation of the law coming into force. For example, in March 2017 BBVA Bancomer President Francisco González announced a new $1,500 million investment in Mexico, which will focus on the development of software and digital technology over the next four to five years. Further, Luis Robles Miaja, outgoing president of the Banks of Mexico Association, observed that several banks are testing biometric control systems in order to verify the identity of clients that apply to open bank accounts or withdraw large sums of money.

Types of institution regulated by law

The law recognises two types of FTI:

  • crowdfunding institutions, which connect people so that investors can fund investment seekers through mobile applications, interfaces, websites or any other means of electronic or digital communication; and
  • electronic payment institutions, which offer issuance, management, accounting and transfer of electronic payment services. Under the law, the funds recorded in an electronic transaction accounting ledger and kept by an electronic payment institution are considered electronic payment funds.

Notably, the original version of the bill also regulated virtual asset management institutions. However, due predominantly to comments from the Central Bank (Banxico) regarding the complexity of regulating virtual assets or cryptocurrencies (eg, bitcoin), this type of FTI was excluded from the law's scope.

Individuals interested in performing the activities attributed to crowdfunding or electronic payment institutions in Mexico must apply to the National Banking and Securities Commission (CNBV) for authorisation to operate as a FTI. The CNBV will grant such authorisation discretionally, subject to approval from the FTI committee.

Companies that wish to operate as FTIs must be incorporated in Mexico.

Further, the law establishes the possibility of operating on a temporary basis under an innovative model designed for institutions that provide financial services through different technological tools or means to those available in the market.

Virtual asset transactions

Under the law, 'virtual assets' are account units which:

  • are electronically recorded and used by the public as a payment method for all types of legal transaction; and
  • can be transferred only through electronic means.

Banxico will determine, through general provisions, the virtual assets that FTIs can use. Notwithstanding the foregoing, in order to carry out transactions using such virtual assets, institutions must obtain prior authorisation from Banxico. However, the issuance of regulations authorising virtual asset transactions may be some way off, as regulators around the globe are still analysing and understanding the rise of cryptocurrencies and it will be difficult to move forward without first understanding how the more developed markets are reacting.


The law establishes the SHCP, the CNBV and Banxico as the main authorities in the financial technology field. With the agreement of the FTI committee, the CNBV (with respect to crowdfunding institutions) and Banxico (with respect to electronic payment institutions) will establish, through general provisions, the limits of funds that the respective FTIs may maintain on behalf of clients or which clients may have access to through said FTIs.

The law also designates the following bodies as supervisory commissions, which must operate within the scope of their powers:

  • the CNBV;
  • the National Commission for the Protection and Defence of Users of Financial Services;
  • the National Commission of the Savings System for Retirement; and
  • the National Insurance and Bonding Commission.

The law grants powers to each of the aforementioned authorities (although predominantly to the CNBV), for the purposes of auditing, requesting information and suspending or revoking authorisations previously granted to FTIs that infringe on the minimum operation requirements provided for by the law, among other things.

The law also provides for the formation of the FTI committee, which will comprise six proprietary members. The SHCP, the CNBV and Banxico will each designate two of the six members.

The committee and the CNBV will be responsible for, among other things, discretionally granting the necessary authorisation in accordance with the law to ensure that FTIs operate correctly within Mexico.

Authorisation to operate as FTIs

FTIs need a permit to operate within Mexico, which will be discretionally granted by the FTI committee and the CNBV.

To obtain authorisation, FTIs must prove to the CNBV that, among other things:

  • the operations that they wish to carry out are expressly provided for in their bylaws;
  • they have the appropriate governing bodies and corporate structure to carry out their operations; and
  • they have the necessary infrastructure and internal controls – such as offices and operating, accounting and security systems – as well as the respective manuals.

In cases where the CNBV, with the previous agreement of the FTI committee, authorises a company, it must publish the authorisation in the Official Federal Gazette and specify the type of FTI that it has authorised and the activities that such FTI can perform in accordance with the law.

FTIs that are authorised to perform an operation provided for in the law and wish to change their line of business or perform an additional activity must request a new authorisation from the CNBV and submit the corresponding information.

COFEMER analysis

On October 2 2017 the SHCP received a report on the bill from the Federal Commission for Regulatory Improvement (COFEMER).

COFEMER's report analysed the proposed law's cost benefits. Although the Federal Commission of Economic Competition (FECC) had not sent COFEMER its opinion on the bill, as requested, COFEMER considered that:

  • the regulatory actions contained in the bill are duly justified,
  • the bill meets the objectives for regulatory improvement; and
  • the bill will stimulate market efficiency.

FECC analysis

On October 19 2017 the FECC issued a report on the bill, which proposed as follows:

  • The timeframes in which authorities must resolve requests (90 or 180 days) are too broad and should be reduced.
  • The authorities' discretional power to authorise the implementation of innovative models should be removed. Instead, a set of legal requirements should be developed, which – once met – should result in authorisation being granted for the respective operation.
  • The two-year authorisation limit to operate an innovative model should be removed, as should the authorities' discretion to determine the time limit corresponding to such authorisation.
  • It should be expressly established that clients' data may be transmitted to an FTI or financial entity only where the client has authorised such transfer and the data's confidentiality is guaranteed.
  • As the owners of transactional data are also the users, financial entities, currency transmission service providers, credit risk companies and clearing houses must abstain from charging FTIs higher fees than the cost of the sole operation of making the information available. Such considerations should be determined by the Supervising Commission or Banxico.
  • As the bill indicates that financial entities, currency transmission service providers, credit risk companies, clearing houses and FTIs must cease providing parties access to their clients' information when there is a vulnerability putting the information at risk, the word 'vulnerability' should be defined.
  • A provision obliging credit institutions to grant FTIs banking services and access to account data that clients have with their banks should be introduced, given that FTIs are necessary for the provision and development of corresponding products.
  • FTIs should not be limited to using specific technologies and infrastructure.
  • The activities of crowdfunding institutions and electronic payment institutions should not be limited. Instead, the prescribed list should state that other activities determined by the authorities through general provisions are also allowed.
  • Tariff regulation should not be stricter than that for other financial entities.
  • The bill should not establish requirements and procedures that may grant advantages to the entities with which FTIs may compete.
  • The law should explicitly state that the actions of groups or associations (formed by various FTIs to implement and develop the conduct that their members must comply with) are subject to the limitations imposed by other laws, especially the Federal Economic Competition Law. Further, the actions should be overseen in such a way that does not constitute a contact point that facilitates the exchange of information and the coordination of strategies.

Notwithstanding the suggested provisions, the FECC stated that, in general, the bill could promote free competition, as it provides legal certainty to innovative companies in the financial sector.

The Senate approved the bill on December 6 2017.

For further information on this topic please contact Federico de Noriega Olea, Luis Dávalos or René Arce Lozano at Hogan Lovells BSTL by telephone (+52 55 5091 0000) or email ([email protected], [email protected] or [email protected]). The Hogan Lovells website can be accessed at