PANAMA Law and Practice Contributed by: Kharla Aizpurua Olmos, Roberto Vidal, Miguel Arias and Eduardo Oteiza, Morgan & Morgan
diligence measures to prevent the improper use of their services and platforms, in accordance with the provisions of the Banking Law, Law 23 of 2015, Agree - ment 10 of 2015, and other applicable regulations”. Although cryptocurrencies, digital assets and virtual currencies are not regulated in Panama, there are platforms where these assets are traded or stored. Operators of these platforms are advised to imple - ment compliance measures, such as due diligence and KYC procedures based on local regulations, to prevent the misuse of their services before allowing any person to use their platforms. 10.12 NFTs Non-fungible tokens (NFTs) and NFT platforms are not regulated in Panama, and we have no knowledge of any opinions issued by any regulator with respect to NFTs. 10.13 Stablecoins Stablecoins are not regulated in Panama. However, there are several legislative initiatives aimed at regulating stablecoins and cryptocurrencies in general, although these efforts remain at a very early stage, as further explained in other sections of this article. There is no local specific regulation on open banking. The banking business continues to be regulated and supervised by the SBP. 11.2 Concerns Raised by Open Banking The Data Protection Regulation regulates the pro - tection of natural persons’ personal data, as well as its handling, storage and treatment. The Data Pro - tection Regulation applies to the processing of data that originates from or is stored in Panama and data processing carried out within the framework of a com - mercial activity on the internet, or any other means 11. Open Banking 11.1 Regulation of Open Banking
of electronic or digital communication in accordance with the Electronic Commerce Law, to guarantee data protection in activities aimed at the Panamanian mar - ket. The Data Protection Regulation includes obliga - tions for banks and technology providers relating to data privacy and data security. Furthermore, the SBP issued Agreement 1 of 2022, which established spe - cial regulations in relation to personal data handled by banks. Therefore, the general rule is to obtain the customer/ client’s consent and have the appropriate privacy poli - cies and security protocols in place. Both the Banking Law and the Securities Law con - tain dispositions that prohibit and sanction fraudulent activity. The legislation does not provide a specific list of the elements of fraud; however, in a general sense, fraud requires a person to have the intent to deceive for personal gain or to cause harm to oth - ers by making false statements, material omissions or misrepresentations. Panama’s Criminal Code also contains dispositions relating to fraud and other finan - cial crimes. 12.2 Areas of Regulatory Focus Regulators supervise their regulated entities to pre - vent and detect fraudulent or illicit activity. They focus on investment fraud, accounting fraud, payment fraud and other activities. 12.3 Responsibility for Losses A fintech service provider may be liable for losses sustained by a customer if those losses result from fraudulent activities conducted by the provider. Addi - tionally, depending on the specific terms of the con - tract between the fintech service provider and the customer, the provider may also be accountable for losses arising from gross negligence. The extent of this liability will depend on the damages that can be substantiated. 12. Fraud 12.1 Elements of Fraud
605 CHAMBERS.COM
Powered by FlippingBook