Principal Legal Framework
The principal laws governing the banking sector in Mexico are:
Although banks are heavily regulated, the most relevant regulations concerning their operations are:
The principal authorities responsible for supervising banks in Mexico are:
The organisation and operation of a bank in Mexico requires authorisation from the Commission. Prior to granting the authorisation, the Commission must have a favourable opinion of the Central Bank of Mexico for the project. The granting of a bank authorisation is a discretionary authority of the Commission and such authorisations are non-transferable.
Foreign banks are not allowed to provide banking and credit services through locally established branches, but rather need to establish a subsidiary.
Types of Authorisations
Outside of development banks, which are owned by the Federal Government, the Banking Law provides for two types of bank authorisations: (i) banks (instituciones de banca múltiple); and (ii) affiliate banks (instituciones de banca múliple filiales). There are very minor differences between these two licenses with regard to their corporate organisation, activities and regulation. However, the quantity of information required from the owners of an affiliate bank in the process of authorisation is significantly reduced. Affiliate banks are owned and controlled by a bank established in a foreign country that has entered into a treaty with Mexico. This treaty must contain a provision allowing for the establishment of affiliate banks.
Activities and Services Covered
Article 46 of the Banking Law sets forth a comprehensive list of activities (including active and passive transactions and financial services) that banks are allowed to perform. Banks must include in their by-laws the list of activities that they intend to perform. The minimum equity capital requirement for each bank will depend on the activities included in their by-laws. Bank regulations establish three different predefined sets of permitted activities that banks can elect to include in their by-laws. These predefined sets can be summarised as follows:
Any other combination of permitted activities requires the bank to have the same minimum equity capital as that of the banks that elect to include all of the permitted activities in their by-laws.
The most significant restrictions for banks are basically (i) the prohibition of acting as underwriters in public offerings of securities; and (ii) the prohibition of issuing insurance policies.
The process of authorisation is carried out with the Commission and takes from 9-12 months. Operations usually commence within 18-24 months after the project has started. The authorisation process involves the stages listed and described below:
Thereafter, the bank has 90 days to approve the executed deed of its incorporation. Within 180 days following the approval of the deed of incorporation, the bank requests the Commission to authorise its commencement of operations. Such authorisation involves a visit of officers from the financial authorities to the bank to test its operations.
At this stage, the applicants must pay the Commission a fee of approximately USD36,500 for the issuance of the Bank authorisation and a fee of approximately USD100,000 for the authorisation to commence operations.
After receiving the authorisation to commence operations, the bank may start doing business with the public.
The acquisition and transfer of a bank in Mexico's shares is subject to the following rules and requirements:
Pursuant to the Banking Law, control over a bank is the ability to impose, directly or indirectly, decisions at the shareholders’ meeting. This includes the authority to exercise the voting rights of more than 50% of the shares and the authority to direct, administration, strategy and principal policies of the bank, whether through the ownership of securities or through any other legal means.
In addition, the acquisition of shares or the control of a Mexican bank could require authorisation from the Federal Economic Competition Commission for antitrust matters. Likewise, the acquirer should consider the reporting and investment thresholds of the Securities Market Law (Ley del Mercado de Valores) if the shares of the bank are traded in a Mexican stock exchange.
Banks are not restricted from having foreign investors in their equity capital. Notwithstanding, foreign governments are only allowed to participate, directly or indirectly, in the stated capital of banks in Mexico when:
Corporate Governance of a Bank
The board of directors is the principal corporate body in charge of the corporate governance of a bank in Mexico. The board of directors must be integrated by no fewer than five and no more than 15 statutory members from which at least 25% (rounded upwards) must be independent. Independent Board Members is a concept of corporate governance that requires certain board members not to have any professional, business, commercial or family relationship with other directors, the shareholders or other stakeholders of the bank. The number of officers of the bank that can form part of the board is limited to one third. For each statutory director an alternate director can be appointed, in the understanding that the alternates of independent directors also qualify as independent directors. The board of directors is required to have a meeting at least every quarter and whenever necessary.
The board of directors is required to have certain committees with advisory duties. The bank must have a minimum of an audit committee, a risk committee, a compensations committee (whose functions, subject to complying with certain requirements, may be performed by the risk committee), a communication and control committee (in charge of know-your-customer and anti-money laundering matters) and a related-party transactions committee.
These committees are auxiliary committees to the Board of Directors and require that one or more of its members be directors. In the case of an audit committee, all of its members must be directors and the majority of them, including the chairperson, must be independent.
The board of directors, at the audit committee’s proposal, is responsible for establishing the objectives and guidelines of the internal control system. The CEO is responsible for implementing the internal control system throughout the organisation. Once implemented, the audit committee is responsible for submitting for the board’s approval the organisational chart, the code of conduct, the appointment of the external auditors and evaluation reports of the internal control system.
The internal audit department, independent of the CEO, is responsible for reviewing both periodically and systematically the internal control system while reporting findings and implemented actions to the audit committee.
A bank's financial information and its control systems are reviewed annually by external auditors and comisarios. The latter are persons appointed by the shareholders’ meeting in charge of overseeing the performance of the board of directors in connection with the internal control system.
Directors of a bank in Mexico can only be appointed by the shareholders’ meeting. Pursuant to the Banking Law, all directors need to have technical capabilities, honorability, satisfactory business and credit history and ample financial, legal or administrative knowledge. Most directors of banks in Mexico must be local residents.
No person can act as director for two banks, or financial group holding companies that own banks, at the same time. The director must inform the shareholders meeting if he or she is the director of another financial entity.
Officers of a bank, including the CEO and all officers within the two hierarchy levels below the CEO, must be residents of Mexico with evidence of at least five years of previous professional experience in positions of high decision-making.
During the authorisation process of a new bank or during a change of control processes, the proposed directors, CEO and senior officers of the bank must submit for the consideration of the Commission predefined forms and letters as well as supporting documentation showing:
Likewise, each director and officer will need to sign a letter addressed to the Commission, with representations as to their honorability and creditworthiness, authorising the Commission to verify all information provided with the corresponding national or foreign authorities.
The Commission has the right to request additional information as it deems convenient, and may approve or reject the proposed appointment at its discretion.
In the ordinary course of business, any appointments of directors or officers must be communicated to the Commission within five business days. In this case, it is the bank that must verify and ensure the proposed director or officer's compliance with all of the requirements established by law.
The Commission can request the removal of any officer or director that does not comply with the applicable requirements. This can be either at the time of the appointment or at any time thereafter, and can ban them from occupying any positions in the financial sector.
The bank must always open and update, at least annually, a file for each director and officer, containing all the information and documentation meeting the applicable requirements.
Banks must permanently implement, maintain and monitor a remuneration system consistent with effective risk management. The purpose of a bank in Mexico's remuneration system is to ensure that the ordinary and extraordinary remuneration of its employees, administrative departments, control and business areas and other employees takes into consideration the actual and potential risks related to the individual activities of such employees.
The remuneration system must consider all remuneration, whether in cash or otherwise. It forms part of the internal control system, and is ultimately overseen by the board of directors, which is advised on these matters by the remuneration committee, chaired by an independent director.
Unusual remunerations that are determined by individual performance or that of a particular department must not consider exclusively the results of the financial year in which the transactions occurred but also the risks and results seen during a reasonably longer period of time. To this extent, performance reviews must be consistent with and based on results adjusted by present and future risks, liquidity, capital costs and other considerably appropriate variables.
The remuneration system must be flexible enough so as to allow the bank to reduce or suspend the payment of extraordinary remunerations whenever the bank faces losses or the risk impacts are greater than expected.
A bank's remuneration system must be updated every year and must be made available to the public via its webpages. The information included must portray a thorough description of the remuneration system, including qualitative and quantitative information and a mention to the actual remuneration amount paid during the relevant fiscal year, indicating if such remuneration were (i) fixed or variable; (ii) paid or deferred; and (iii) in cash, stock, other equity instruments or otherwise.
Anti-money Laundering and Counter-Terrorist Financing Framework
The anti-money laundering and counter-terrorist financing (AML/CTF) framework applicable to Mexico is founded on a risk-based approach. Mexican banks must assess their AML/CTF risks yearly, taking into consideration the following elements:
Identification and Follow-Up of Counterparties
Another AML/CFT requirement for banks in Mexico is the conduction of due diligence and know-your-customer exercises. The scope and degree of the due diligence and know-your-customer requirements depends on whether they are conducted on:
There are simplified due diligence measures available and exemptions to it according to the client’s risk of AML/CTF. There are banking account levels, which begin with reduced due diligence requirements, subject to less transactional levels. The permitted transactional level of accounts increases along with the increase in the depth of due diligence requirements. This regulation aims to bolster financial inclusion in the country.
Before COVID-19, banks did not have the widespread ability to start a client relationship remotely. However, the Commission has recently enacted rules that allow banks to remotely execute operations and agreements as long as they verify certain biometric information of the customer’s IDs, vis-à-vis the information in official records held by authorities like the National Electoral Institute (which issues the most commonly accepted photo identification in the country).
Regarding know-your-customer requirements, banks must regularly assess whether their clients have their identifications and documents updated and their transactional behaviour in order to determine the risk they entail to the financial institution.
Banks must keep internal structures, policies, controls, and procedures against financial crime including the following lines of defense:
Banks must have AML/CFT manuals and training in place, which are regularly shared with the Commission.
Reporting to Authorities
Banks are required to make the following periodic filings of AML/CFT reports:
All these reports have specific thresholds, deadlines and conditions when being filed for the Commission.
Dollar – Peso Exchange
Due to the risk of illicit activities between Mexico and the United States, Mexican authorities have implemented restrictions so that Mexican banks are usually restricted to receiving US dollars in cash, except when there is an economic rationale provided in the regulation ie, receiving funds from legal entities with branches near the border.
The Bank Savings Protection Law (Ley de Protección al Ahorro Bancario) provides for the creation, organisation and functions of the Bank Savings Protection Institute. Said Institute is in charge of managing the savings protection fund.
Bank liabilities that are guaranteed by the Bank Savings Protection Institute are mainly on demand and term deposits, savings accounts and revolving deposits associated to debit accounts, but only up to the amount of 400,000 inflation adjusted units (known as “UDIs”), per person — or legal entity — per bank (approximately, USD132,000).
The deposit insurance to be provided by the Bank Savings Protection Institute to a bank’s depositors will be paid upon determination of the resolution of a bank. Upon payment, the Bank Savings Protection Institute acquires the claim of the depositor against the relevant bank. Any amount not paid by the Bank Savings Protection Institute can be claimed directly by the depositor from the relevant bank.
Obligations of banks in favour of financial entities, companies within the same financial group as the bank, shareholders, board members, CEO and the officers within the immediately following hierarchy level, general managers and attorneys-in-fact of the bank are not insured by the Institute. In addition, liabilities documented in negotiable instruments, bearer notes, transactions performed outside the applicable legal, regulatory and administrative framework, bank liabilities that are not within standard banking customs and practice and any operation related to illegal acts or transactions are not covered by the deposit insurance.
The deposit insurance is exclusive to bank liabilities and, therefore, does not cover financial products such as mutual funds, insurance products and other liabilities of other financial entities, even if the bank acts as distributor of such products.
Banks have the obligation to pay to the Bank Savings Protection Institute ordinary and extraordinary contributions as determined from time to time by the governing board of the Bank Savings Protection Institute. All banks must make monthly ordinary contributions to the Bank Savings Protection Institute in an amount equal to 0.004 of the bank’s deposits and certain other liabilities. Calculating the standard contribution amount is done by subtracting the following from the total account of each bank’s liabilities:
The Bank Savings Protection Institute may also impose extraordinary contributions on banks, which may not exceed in any one year 0.003 of the deposits of the banks. Extraordinary contributions may be imposed by the Bank Savings Protection Institute when given the then prevailing conditions of the Mexican banking system, said institute does not have sufficient resources to satisfy its obligations. Extraordinary contributions may be imposed by the Bank Savings Protection Institute when, given the then prevailing conditions of the Mexican banking system, said institute does not have sufficient resources to satisfy its obligations. Both ordinary and extraordinary contributions, in the aggregate, shall not exceed 0.008 of the liabilities of a bank on any one year.
Bank Secrecy Framework
Banks in Mexico are subject to very strict secrecy rules concerning their customers. Pursuant to the Banking Law, banks in Mexico may not provide any news or information of the deposits, bank operations or services including trusts, to the depositor, debtor, account holder, beneficiary, settlor or principal, their respective legal representatives, or to the persons that have been legally authorised to withdraw from the relevant account or to be involved in the corresponding transaction or service.
This secrecy obligation is not related to the reporting obligations of banks with the Commission, the Central Bank, the Bank Savings Protection Institute and the regulators of Mexican banks.
Likewise, the secrecy obligation of Banks will not be considered breached when information is provided to judicial authorities pursuant to court-issued orders in judicial procedures in which the account holder, settler, beneficiary, trustee or agent is either a plaintiff or a defendant. Furthermore, banks will be exempted from their secrecy obligations and are consequently required to provide information requested by any of the following authorities, typically through the Commission:
Information and documents provided by banks to the authorities in connection with the bank secrecy exemptions described above may only be used in the proceedings and for the purposes indicated in the relevant request. The persons that acquired knowledge of such information and documents are required to keep them strictly confidential, even if they cease to be public servants. Any breach of this obligation will subject the relevant person to the applicable administrative, civil or criminal responsibilities as provided by law.
In addition, the Banking Law expressly allows the Ministry of Finance and Public Credit, the Commission, the Bank Savings Protection Institute, the Central Bank, and the National Commission for the Protection and Defense of the Users of Financial Services, within their respective scope of authority, to provide to foreign financial authorities any and all information acquired by said Mexican authorities in the performance of their functions. This is provided that the relevant Mexican authority and the relevant foreign financial authority have entered into reciprocity agreements.
Employees and officers of banks responsible for breaches to the secrecy rules and the relevant bank will be required, in the case of any undue disclosure of bank secrets, to pay for the damages and lost profits caused by such breach.
In addition, non-compliance by a bank with the bank secrecy provisions set out in the Banking Law is considered a gross default and can be sanctioned with fines imposed by the Commission, ranging from approximately USD130,000 to approximately USD435,000.
Capitalisation of Banks in Mexico
The Banking Law requires banks in Mexico to maintain a regulatory capital, expressed as an index (the capital adequacy ratio or “ICAP”), that shall in no case be less than the sum of the capital requirements associated with (i) market, credit, operational and other risks incurred by banks in their operation; and (ii) their ratio of assets to liabilities.
The Commission, along with other financial authorities in Mexico, has implemented regulation in order to strengthen the composition of the net capital of banks in a manner consistent with the guidelines set forth in the Capital Agreement issued by the Basel Banking Supervisions Committee (Basel III Agreement).
Banks in Mexico are required to maintain a minimum capitalisation index, or ICAP, of 8%. The regulatory capital is comprised of Tier 1 and Tier 2 capital. The Common Equity Tier 1 capital must be at least 6%, while the Additional Tier 1 capital ratio must be of 4.5%. In addition, banks must maintain a capital conservation buffer of 2.5% of Additional Tier 1 Capital.
Based on their ICAP, their Common Equity Tier 1 and Additional Tier 1 capital ratios, the Commission will classify banks into different categories. Such classification may trigger minimum corrective measures and additional special measures that banks must observe in order to improve their capitalisation. Such corrective measures can include restrictions to the payment of dividends and other distributions to the shareholders of the bank, as well as in extraordinary remuneration for the employees and directors of the bank. In addition, corrective measures may include a requirement to file a capital conservation plan or a capital restructure plan for banks that are classified within Category III or lower.
Banks of Local Systemic Relevance
If the Commission determines that a potential noncompliance of the obligations of a particular bank could pose a risk for the stability of the Mexican financial system, payment system or for the economy of the country, said bank will be classified as being of Local Systemic Relevance (Instituciones de Banca Múltiple de Importancia Sistémica Local). Local Systemic Relevance Banks will be classified within different degrees of systematic relevance and will be required to add to their capital conservation buffer an additional percentage of the aggregated risk-weighted assets based on the assigned degree of systematic relevance. This additional percentage will range from 0.60% to 2.25%.
Banks are required to establish risk management mechanisms that allow them to perform their activities with risk levels consistent with their regulatory capital, liquid assets and operational capabilities under normal, adverse and extreme conditions. For said purposes, risk management processes implemented by banks must maintain, both systematically and prospectively, the risk level of their principal transactions within their solvency, liquidity and financial feasibility limits, and their accordance with their desired risk profile. Banks must reestablish the risk level whenever a deviation occurs.
Banks classify their risks into the following three categories:
Banks are required to maintain a capitalisation structure that allows them to cover potential losses derived from all of the risks to which they are or may be exposed under different scenarios, including those in which adverse economic conditions prevail. For these purposes, banks are required to conduct annual stress tests to assess whether they have the necessary capital, and to design and maintain a contingency plan (similar to living wills in other jurisdictions) that must be approved by the Commission.
The board of directors of the bank is responsible for approving the desired risk profile, the risk management framework, the risk exposure levels and the risk tolerance levels, as well as contingency plans (including the contingency financing plan). The board of directors is also responsible of overseeing that the bank has sufficient capital to cover all of its risk exposure.
The CEO is responsible for ensuring that the business units and the risk management department of the bank remain independent from each other at all times, and for coordinating the risk management programs and duties.
The board of directors must create a risk committee that shall oversee that all transactions performed by the bank are made within the desired risk profile, the integral risk management framework and the risk exposure limits approved by the board.
Banks are required to calculate their Liquidity Coverage Ratio measured in accordance with the Basel III Agreement. The liquidity obligations of banks in Mexico are outlined by the Bank Liquidity Regulation Committee and implemented by the Commission and the Central Bank. The Commission is also responsible for overseeing compliance with the liquidity requirements applicable to Banks.
The Bank Liquidity Regulation Committee is responsible for dictating the guidelines for the establishment of the liquidity requirements of banks. Such guidelines have the purpose of ensuring that banks will be able to meet their payment obligations in different terms and under different scenarios, including under economically adverse conditions. This committee is integrated by high-level officers of the Ministry of Finance, the Central Bank and the National Banking and Securities Commission.
Banks must have a financial contingency plan, as part of their risk management system, that clearly sets out the strategies and policies to be observed and the procedures to follow in case of unexpected liquidity events or trouble liquidating assets. This financial contingency plan must be submitted annually to the Commission, which can subsequently order that changes and amendments are made to it.
In case a bank is not compliant with its liquidity obligations or determines that it will not comply with them in the future, it shall immediately notify the Commission thereof. In this case, the Commission may require the relevant bank to:
Furthermore, the Commission can impose additional measures on banks that have a Liquidity Coverage Ratio of less than 90%.
Banks in Mexico must have certain minimum levels of capital. Capital requirements concern both the minimum equity capital and the regulatory capital a bank must have. Capitalisation is an important indicator of a bank’s financial health, a reduction of which, depending on its level, could (i) trigger “early warnings”; (ii) entitle the bank to apply for a conditioned operation regime; or (iii) subject the bank to a resolution process.
Once a bank’s capitalisation index falls below ten percent, said bank will be subject to minimal corrective measures or special additional corrective measures imposed by the Commission, depending on its actual level of capitalisation. Minimal corrective measures include notifying the board of directors; submitting a recapitalisation program to the Commission; suspending payment of dividends, interests of hybrid instruments and bonuses; and refraining from making capital investments.
Special additional corrective measures include hiring external auditors; refraining from increasing compensation and entering into certain types of transactions; substituting officers, directors and auditors; carrying out transactions to reduce exposure to risk; and amending deposit-taking policies.
A bank with capitalisation below 8% (but higher than 4.5%) may apply to continue as an ongoing business under a conditioned operation regime. To have access to the conditioned operation regime, the bank shall (i) file an application with the Commission; (ii) cause at least 75% percent of its shares to be placed in a trust; and (iii) prepare and submit a recapitalisation plan.
The trust referred to in (ii) above shall allow the Bank Savings Protection Institute to exercise economic and corporate rights of those shares if (i) the Commission rejects the recapitalisation plan; (ii) the Commission determines that the bank has not complied with the approved recapitalisation plan; (iii) the bank’s ICAP falls to or below 4.5% percent; or (iv) the bank does not comply with one minimum corrective measure, or fails to comply with its payment obligations.
The trust will be terminated once the bank reaches and maintains in three consecutive months the minimum required ICAP. The bank must otherwise undergo a resolution process.
The resolution of a bank consists of the actions or procedures implemented by the financial authorities on a bank that is facing solvency or liquidity issues that affect its financial viability. These actions or procedures ensure a proper liquidation (or in certain exceptional cases its restoration) for the protection of depositors, the financial system stability and the proper functioning of the payment systems.
Generally, a bank resolution process will conclude with the administrative or judicial liquidation of the bank. In exceptional cases, the bank will be rehabilitated. As a general rule, once the Commission has revoked the bank’s authorisation, the Bank Savings Protection Institute will determine whether the liquidation of the bank shall be judicial or extrajudicial. Notwithstanding, if the Bank Stability Committee determines that a potential default in the bank’s obligation could trigger negative or adverse effects in other banks or financial institutions, comprising their stability or solvency and as a consequence the stability or solvency of the financial system or the proper functioning of payment systems, the resolution method can be either:
In the case of supportive equity contributions, the Bank Savings Protection Institute will initiate the selling of a bank's shares — including those of its shareholders —following the rules set out in the Banking Law. If the Bank Savings Protection Institute provides a loan to the relevant bank, all of the shares issued by the bank will secure the loan until the shareholders of the bank subscribe and pay a capital increase to pay for said loan. If the shareholders do not make this contribution, the Bank Savings Protection Institute will automatically acquire the shares and will sell them thereafter in accordance with the rules set out in the Banking Law.
Liquidation of the Bank
The Bank Savings Protection Institute will act as the liquidator of the bank and will generally be responsible for terminating and concluding all pending businesses of the bank. This includes the settling of accounts and the disposition of rights and assets, with a goal to obtain the best price or conditions in connection therewith under strict transparency rules.
In doing the above, the Bank Savings Protection Institute can elect to proceed with the transfer of all or some the assets and liabilities of the bank to another existing bank or to a bank created for such purposes by the Bank Savings Protection Institute, or any other transaction that the Bank Savings Protection Institutes considers as the best option to protect the interests of depositors.
When making any of the foregoing decisions, the Bank Savings Protection Institute will ensure that the cost of any such decision is less than the total estimated cost of paying the deposit insurance over all insured deposits of the bank.
In all instances, the Bank Savings Protection Institute will ensure that all insured deposits are covered in the terms required by law to all depositors.
All actions of the authorities in the process of the resolution and liquidation of banks in Mexico are considered to be of public order and social interest. Claims against such actions do not subsequently carry the possibility of suspension. In case a claim against such actions prevails, the claimant will only be entitled to the payment of damages and losses.
As explained above, the required minimum equity capital of banks in Mexico varies depending on the activities that each bank elects to include as part of its corporate purpose.
Permitted activities of banks are set out in Article 46 of the Banking Law (the Permitted Activities). Pursuant to said article, banks are authorised to:
(i) take cash deposits:
(ii) take loans and credits;
(iii) issue bank notes and debentures;
(iv) issue subordinated obligations;
(v) make deposits to foreign banks and financial institutions;
(vi) enter into discount transactions and grant loans and credits;
(vii) issue credit cards based on revolving facilities;
(viii) assume obligations on behalf of third parties based on loans granted through acceptances, endorsements or guarantees of negotiable instruments as well as through letters of credit;
(ix) perform transactions with securities;
(x) promote the organisation and transformation of all types of entities or companies, and to subscribe and hold equity participations in them subject to the provisions of the Banking Law;
(xi) perform all transactions on its own behalf with any commercial documents;
(xii) perform transactions with gold, silver and foreign currencies, including any repurchase (reporto) transactions concerning foreign currencies;
(xiii) facilitate safety-deposit boxes;
(xiv) issue pre-funded letters of credit;
(xv) act as trustee;
(xvi) receive any deposits whether for administration, custody or guaranty on behalf of third parties of any negotiable instruments and shares and generally of all commercial documents;
(xvii) act as common representative of the holders of negotiable instruments;
(xviii) perform treasury and cashier services in respect of negotiable instruments on behalf of the issuers thereof;
(xix) perform the accounting and bookkeeping for any companies or entities;
(xx) act as executor in inheritance procedures;
(xxi) act as receiver and liquidator of businesses, premises, bankruptcy and inheritance estates;
(xxii) perform appraisals;
(xxiii) acquire the necessary real estate assets and equipment for the accomplishment of their purpose and to manage such assets as deemed convenient;
(xxiv) enter into financial leasing transactions and to acquire the assets related to such transactions;
(xxv) enter into derivative transactions in accordance with the rules issued by the Central Bank for such purposes;
(xxvi) perform factoring activities;
(xxvii) issue any payment means determined by the Central Bank;
(xxviii) participate in the selling of insurance, subject to the applicable insurance laws; and
(xxix) engage in other similar or related activities authorised by the financial authorities.
In connection with the Permitted Activities, the Banking Law and the related provisions consider the following options:
Notwithstanding the differentiation of banks with respect to their minimum paid-in equity capital and the requirements regarding their permitted activities, all banks in Mexico irrespective of their size, footprint, or business model are subject to exactly the same set of financial, internal control, compliance, and reporting regulations. An exception to this is the very specific set of measures imposed on systemically important banks, as described above). The current regulatory framework of banks does not establish differentiations of the regulatory framework, based on the Permitted Activities, that each bank decides to consider in its corporate purpose, and much less on their size, business model, specialisation or otherwise.
Based on the foregoing, medium and smaller banks — and banks specialising in a particular product or business — have been requesting for some time the creation of a differentiated regulatory regime that recognises their specialised business model, market, and geographical presence. This would allow them to assume regulatory costs inline with their size and systemic relevance, allowing them more resources to invest in their product.
Despite the fact that this discussion has been taking place for numerous years, many key players in the financial market have been vocal about the issue and it is likely we will see an effort from both banks and the financial authorities (notably, the Commission) to achieve a differentiated regulatory framework among banks.
A differentiated regulatory framework will certainly have a significant impact on the banking sector and, while it certainly presents a major challenge for authorities, it could detonate the expansion and growth of small, medium and specialised banks.
The Mexican financial authorities have continued working towards creating an improved regulatory framework that addresses financial inclusion. This is one of the most urgent matters to address in Mexico, where a very low number of persons have access to formal financial services.
The efforts of the authorities in this respect have been and will continue to be focused on establishing adequate consumer protection mechanisms and financial education, while also providing for robust technology mechanisms to facilitate remote access and operations. Subsequently, the Mexican government has established a Financial Inclusion National Policy (Política Nacional de Inclusión Financiera). One of the Policy's objectives is to ensure that by 2024, 77% of Mexicans are the users of at least one formal financial product from an authorised financial entity. In order to achieve this goal, the Mexican government recognises the need for the private, social and public sectors of its society to work together.
It is likely that regulators will act to ensure that the principles of the policy are implemented and that banks, as well as other financial entities, can develop new channels and products to increase the number of persons that have access to and use financial services and products.
Improvement of Existing Regulations
Along with the expansion of internet-based financial services and platforms, fintech entities and internet-based banking services, regulators will face the need for the improvement of the current financial services regulatory framework. This is not only regarding electronic access and information security, but also personal data protection, AML/CFT, especially with regard to know-your-client and identification procedures and tools, and financial services user protections.
The Mexican financial authorities continue to work on addressing the impact of COVID-19. To this extent, both the Commission and the Central Bank have been implementing and have publicly indicated that they will continue to implement measures to promote the stability of the financial system, ensure that borrowers of banks and other financial intermediaries are afforded with the best possible conditions to allow for the payment of their loans, and establish countercyclical measures in the economic downturn seen during 2020.
Some of the foregoing measures implemented by the financial authorities are:
It is expected that in the short-term additional programs, borrowers who need to can access a restructuring program, and banks will be able to benefit from temporary exceptions to the regulatory framework to accommodate the restructuring or refinancing needs of its clients and customers.
Trends and Developments in the Banking Regulatory Environment Associated with COVID-19
The regulatory environment of financial institutions has been principally focused on addressing the impact of COVID-19 in the Mexican banking sector. As the principal regulators of banks, the National Banking and Securities Commission (Comisión Nacional Bancaria y de Valores, the “Commission”) and the Central Bank (Banco de México) have been very active in addressing the needs of both the banks and their customers and clients. Through the enactment of regulation, both the Commission and the Central Bank, within their particular scope of authority, have issued resolutions aiming to protect the interests of borrowers and depositors of banks; establishing reasonable actions to minimise the impact of safe distancing on Mexico's economy; and reinvigorating credit granting activities as a countermeasure to the reduced economic activity observed as a consequence of the pandemic.
The Commission has enacted different rules applicable to banks with the purpose of either:
Some of the most relevant regulatory actions of the Commission are described below.
Special Accounting Standards
The Commission has issued special temporary accounting standards that allow banks (among other financial entities) to implement programmes with the purpose of deferring, either totally or partially, payments of interest and capital for up to six months.
For this purpose, restructured or renewed loans will not be considered past-due loans. As a result, they will not require the creation of additional credit reserves and consequently will not affect the bank's statements or their capitalisation index.
Furthermore, all balances can cease to accrue interest as long as the relevant loan is classified as current as of 28 February 2020 and does not qualify as a related-party transaction.
Banks can defer the creation of reserves associated to actions that result in better payment conditions for their clients. Said actions would include, among others, remissions and discounts.
The Commission has announced a programme available for banks that implement Institutional Restructuring Programmes in order to offer better credit conditions to their clients. This programme allows banks to report restructured loans, that comply with certain characteristics determined by the Commission, to credit scoring entities with a soft code rather than a hard code. The difference between these codes is that a soft code indicates that the payment problems of the borrower were associated to an emergency situation beyond their control, whereas a hard code would indicate that the restructuring of the loan was associated to the borrower's individual problems.
These measures are available for loans that are restructured pursuant to institutional restructuring programmes implemented by the bank that meet a list of conditions set forth by the Commission.
These benefits are available for disbursed balances as of 15 April 2020, from loans granted on or prior to 31 March 2020 that as of such date were considered current, are not related-party transactions and payments which were affected by the COVID-19 pandemic by 31 January 2021 at the latest. Consequently, these regulatory measures will not be applicable for disbursements made after 15 April 2020.
Also within the scope of actions in response to the COVID-19 pandemic, the Commission has enacted extraordinary measures concerning know-your-customer requirements in connection with anti-money laundering and counter-financing of terrorism AML/CFT applicable to banks. These measures allow legal entities to open bank accounts and enter into contracts with banks without physical documentation. Prior to these measures, only individuals could enter into agreements with banks without delivering physical documentation.
Even though know-your-customer requirements have been changed to include remote transactions, the legal representative of the entity that is entering into the agreement with the bank needs to be fully identified in accordance with the applicable know-your-client rules and the policies of the bank.
For these purposes, rather than holding physical know-your-customer interviews with the client, banks may hold video calls that need to be recorded and conducted by bots or other artificial intelligence mechanisms.
In an effort to strengthen banks' ability to enter into transactions remotely, hereby preventing identity thefts, a set of rules regarding the use of biometric data by banks was implemented recently by the Commission.
Said rules allow banks to maintain databases with biometric information of its clients as a means to verify their identity when entering into agreements or performing bank transactions. Banks are entitled to cross-check the biometric data of their customers with governmental authorities, such as the National Voting Institute.
In order to use biometric data as a valid form of identification from its clients, banks must verify the information with the corresponding governmental authority.
Banks have a nine-month period, commencing as of 13 October 2020, in which to file an application to the Commission for authorisation to remotely open bank accounts without transactional restrictions and consumer loans.
Suspension of Terms
The Commission also implemented a suspension of terms for the attention of administrative procedures during most part of this year and has since the commencement of COVID-19, implemented a system — permitting the electronic filing of reports, applications and responses — that was non-existent prior to the current sanitary emergency.
The Central Bank
The Central Bank has also been active in establishing temporary measures aiming to minimise the negative effects of COVID-19, as described below.
Availability of Funds for Credit Granting Activities
In order to enhance credit granting channels in the context of COVID-19, the Central Bank has enacted a set of rules with the purpose of allowing banks (both multiple banking institutions and state-owned or development banks) to obtain financing from the Central Bank. The purpose of this financing is expanding their credit granting activities and boosting the availability of loans for individuals and micro, small and medium enterprises.
Funds received by banks under this temporary programme may only be used for the direct or indirect (through other non-bank intermediaries) of (i) new credit facilities in the form of loans, leases or factoring transactions with micro, small, and medium enterprises; (ii) increases of the foregoing forms of financing by means of restructurings or refinancing, with a particular focus on the smaller companies; or (iii) payroll, personal, automobile or mortgage loans for individuals.
Under this set of rules, banks are entitled to obtain such financing by making withdrawals from their mandatory monetary regulation deposit. This is maintained by each bank in accordance with the Central Bank. Once the available balance in the monetary regulation deposit of each bank is depleted, the bank will be able to enter into repurchase transactions over eligible securities in order to attain additional funds subject to the liquidity conditions of the relevant bank.
This temporary programme will remain effective until, at least, 28 February 2021.
Flexibility for Minimum Payments under Credit Cards
Also in the context of COVID-19, the Central Bank has issued a set of temporary exceptions to the rules that require banks to collect minimum payment amounts in connection with credit card revolving lines. Pursuant to these temporary exceptions, banks — when agreed with their respective clients — may refrain from charging the minimum payment amount under revolving loans associated to credit cards during the months of April to September 2020.
An additional exception, applicable from October 2020 to January 2021, is that of revolving loans covered by bank-implemented programmes to improve the possibility of payment of said loans, and in which the bank and the relevant client have agreed to refrain from making such payment for the above referenced period.
Commencing on February 2021, the obligation of banks to charge and collect minimum payments will be reinstated.
Electronic Issuance of Securities
The Central Bank has sanctioned a set of rules that allow for the electronic issuance of securities, left with depository institutions in Mexico.
While electronic messages and signatures have been legally recognised in Mexico for at least a decade, there was no formal rule enabling the electronic issuance of securities for their deposit with depository institutions.
The rules implemented by the Central Bank resolve this lack of implementing regulation and give both the deposit of physical securities and electronic securities the same legal effects.
Suspension of Terms
In light of the effects of COVID-19, the Central Bank (Banco de México) has suspended the legal terms relating to its inspection visits, in connection with sanctioning administrative procedures, as well as the legal term of responding to information requirements on a progressive calendar ending in February 2021.
General Market Trends
Fintech and electronic banking
Since 2018, the Mexican market has seen a very aggressive expansion of financial technology companies, both in number and in size. The fintech sector is growing rapidly and competing significantly with more traditional financial entities, such as banks. In response, we are seeing banks in Mexico making considerable investments in their electronic platforms, with some applying for licenses to establish purely electronic banks.
Regulators have been constantly passing reforms to improve legal framework in order to keep up with the technology value proposals offered by financial technology entities and banks. However, there is still a long way to go to achieve a legal framework that welcomes technological proposals in banking and other financial activities and promotes financial inclusion while ensuring appropriate levels of control and supervision by the authorities and protection to financial services users so as to maintain the stability of financial and payment systems. Furthermore, compliance with and implementation of international AML/CT standards in this environment is also a complex challenge from a regulatory perspective.
To this extent, it is our expectation that aside from the COVID-19-related regulations, we will be seeing significant developments from the perspectives of financial technology and AML/CT.