MEXICO Trends and Developments Contributed by: Lizette Neme, Lilia Alonso and Cecilia Rojas, Áurea Partners
AML/CFT intensification and cross-border risk Anti-money laundering and counter-terrorist financ - ing (AML/CFT) compliance has become the dominant supervisory priority across all verticals. In mid-2025, the CNBV imposed record-breaking fines totalling approximately MXN185 million (more than USD10 million) on three major institutions: • CiBanco; The sanctions were triggered by systemic failures in reporting international transfers, deficiencies in trans - action monitoring and broader AML controls. These actions followed international scrutiny and alerts issued by the Financial Crimes Enforcement Network (FinCEN), illustrating the increasing extraterritorial influence of US enforcement. The regulatory response went beyond monetary penalties. Authorities ordered temporary managerial interventions, oversaw asset transfers and, ultimately, orchestrated orderly dismantling processes. The epi - sode reinforced three key lessons for the market: • continuous compliance is as critical as initial authorisation; • cross-border exposure significantly heightens supervisory risk; and • governance failures can lead to existential conse - quences. • Intercam Banco; and • Vector Casa de Bolsa. For fintech companies, the practical implications include enhanced transaction monitoring, stricter sanctions screening and more granular cross-border risk controls. Unregulated entities classified as engag - ing in “vulnerable activities” under the AML Law face similar obligations regarding KYC, reporting thresh - olds and record-keeping. Payment rails, interchange reform and market concentration A central policy discussion during 2025 involved pro - posals to cap interchange fees – the fees paid by acquiring banks to issuing banks in card transactions.
The Fintech Law provides for three categories of data: • open data (public product information); • aggregated data (statistical); and • transactional data (individual user data, subject to consent). However, full implementation has stalled due to the absence of complete secondary regulation. As of early 2026, only open data obligations are fully operational. Rules governing transactional data shar - ing and payment initiation services remain pending, despite some efforts by the National Banking Com - mission (CNBV) and the Central Bank (Banxico). Competitive implications If fully implemented, Open Finance could significant - ly alter market dynamics. It will represent increased competition through account aggregation services, enhanced credit assessment using multi-institutional data, embedded finance expansion, API-based inno - vation ecosystems and greater consumer control over financial data. Fintech companies are prepared technologically for API integration, but regulatory uncertainty has delayed full-scale deployment strategies. Data privacy and security concerns Open Finance raises significant data protection chal - lenges. Financial institutions must reconcile: • consent management frameworks; • financial secrecy obligations; • data portability rights; Given Mexico’s strict data protection regime under the Federal Law on the Protection of Personal Data Held by Private Parties, implementation will require careful technical standardisation and supervisory co- ordination. In 2026, Open Finance remains one of the most impor - tant yet incomplete structural reforms in Mexico’s fin - tech ecosystem. • cybersecurity standards; and • third-party access controls.
559 CHAMBERS.COM
Powered by FlippingBook