Banking Regulation 2025 Comparisons

The main laws and regulations applicable to Mexican banks are as follows.

Laws

• Ley de Instituciones de Crédito (the “Banking Law”): This is the primary law applicable to Mexican banks and foreign branches of banks (filiales) in Mexico. It outlines the requirements for the establishment, operation, and supervision of banks in Mexico. It also includes, among others, provisions on allowed and forbidden transactions, as well as corporate governance, risk management, and consumer protection provisions applicable to banks.
• Ley del Banco de México (the “Banco de México Law”): This law governs the operation, supervision and regulatory activities of Banco de México (the Central Bank of Mexico). It defines the central bank’s roles and responsibilities, including monetary policy, financial stability, and the regulation of payment systems. Additionally, this law provides that Banco de México might issue regulations regarding the deposit, lending and services transactions of banks.
• Ley para Regular las Agrupaciones Financieras (the “Financial Groups Law”): This law provides for the establishment of financial groups in Mexico. Financial groups are formed by a financial holding company and its subsidiaries, which are regulated financial companies. Financial groups are regulated and supervised by different authorities in Mexico, depending on the entities that comprise them.
• Ley de Protección y Defensa al Usuario de Servicios Financieros (the “Financial Services Users Protection Law”): This law focuses on the protection of financial service users. It establishes the rights of consumers and the obligations of financial institutions, including transparency and fair treatment.

Regulations

• Disposiciones de Carácter General Aplicables a las Instituciones de Crédito or Circular Única de Bancos (the CUB or the “Banking Regulations”): This regulation is issued by the Comisión Nacional Bancaria y de Valores (the “National Banking and Securities Commission” or the CNBV) and it conglomerates most of the regulatory requirements applicable to banks in Mexico, including, among others, capital and liquidity requirements, corporate governance and duties of the senior management, and financial reporting.
• Circular 3/2012, issued by Banco de México, regulates transactions between banks and other financial institutions, including credit transactions, deposits and other services/banking operations, as well as provisions related to the use of diverse interest rates.
• Circular 4/2012, issued by Banco de México, regulates the operational aspects and obligations related to derivatives transactions entered into between financial institutions in Mexico.
• Reglas a las que Deberán Sujetarse las Instituciones de Crédito; Casas de Bolsa; Sociedades de Inversión, Sociedades de Inversión Especializadas de Fondos Para el Retiro y la Financiera Rural en sus Operaciones de Reporto (the “Reporto Regulations”), issued by Banco de México, regulate repurchase agreement (“repo”) transactions entered into between financial institutions in Mexico.
• Circular 14/2007, issued by Banco de México, sets forth the requirements with which the interest rates that banks use in small to medium loans need to comply.
• Reglas para el Establecimiento de Filiales de Instituciones Financieras del Exterior (the “Rules for the Incorporation of Affiliates of Foreign Financial Entities”) set forth the rules that govern the conditions and procedures for foreign financial institutions to establish subsidiaries in Mexico, ensuring compliance with local regulations and promoting healthy competition in the financial market.

Authorities

Regarding the supervision authorities of banks, the Ministry of Finance bears the primary supervisory responsibility and is supported by an autonomous agency functionally attached to it, the CNBV, that regulates, among others, banks, broker-dealers and investment funds. Banco de México, in addition to managing its normal central bank operations, also regulates deposit, lending and funding transactions of banks, as well as the foreign exchange and derivatives markets in Mexico.

Two other decentralised public agencies involved with operations of Mexican banks are the Instituto para la Protección al Ahorro Bancario or IPAB, which is in charge of the banking deposit system and of managing a formal deposit insurance system, and the Comisión Nacional para la Protección y Defensa de los Usuarios de Servicios Financiero (the “National Commission for the Defense of Financial Service Users”, or CONDUSEF).

Bank Authorisation Regime in Mexico

Obtaining a banking licence in Mexico is a very complex regulatory processes, governed primarily by the Banking Law and applicable provisions of the CUB. Below is a summary of the key aspects of the authorisation regime.

Authorisation Requirement and Activities Covered

To establish and operate a bank in Mexico, an entity must obtain authorisation from the CNBV, with a favourable opinion from Banco de México. Mexican banks may engage in all activities permitted under the Banking Law or opt to perform only specific transactions. Adjustments to these activities require prior CNBV approval.

Foreign banks cannot establish branches in Mexico for general banking activities, and representative offices are restricted from conducting active banking transactions.

Application Process and Requirements

The application process involves filing an application in triplicate, along with its exhibits, to the CNBV. The documentation must be submitted in Spanish, translated by a certified translator. The timeline for obtaining approval ranges from six to nine months following submission of a complete application. Key steps include:

1. Filing and deposit guarantee:

• A deposit equivalent to 10% of the minimum required capital must be made with Banco del Bienestar in favour of the Tesorería de la Federación (the “Mexican Treasury”). This deposit ensures the seriousness of the application and is refundable upon the successful incorporation and operation of the bank. However, it may be forfeited if the terms of authorisation are breached, such as failure to incorporate within three months or commence operations within six months of authorisation.

2. Minimum capital requirements:

• The required capital depends on the bank’s activities. Banks conducting all permitted activities must hold a minimum of 90 million Unidades de Inversión (UDIs or indexed units), approximately USD36 million. For banks engaging in limited activities, the minimum capital may range between 36 and 54 million UDIs (approximately USD14.4–21.7 million).

3. Incorporation requirements:

• The bank must be incorporated in Mexico as a sociedad anónima (corporation with limited liability) with an indefinite duration, a Mexican domicile, and at least two shareholders.

4. Operational readiness:

• The application must include manuals and systems for approval, covering critical areas such as internal operations, anti-money laundering, risk management, credit approvals, ethics, compliance, accounting, and systems.

5. Officers and directors:

• The names and résumés of directors and officers must be submitted to the CNBV for approval, ensuring they meet the required qualifications.

Approval Process

The process involves two key stages:

1. Favourable opinion (preliminary authorisation):

• Once the application is filed and reviewed, the CNBV may issue a favourable opinion. This preliminary authorisation allows the entity to incorporate as a legal entity and complete required procedures with authorities and third parties but does not permit banking activities.

2. Final authorisation and operational approval:

• The final authorisation is issued only after all operational aspects are approved, including the testing and inspection of systems and procedures. The bank must have established links to local and international payment systems. Without operational readiness, the CNBV will not grant final approval.

Restrictions and Ancillary Activities

Licensed banks in Mexico are limited to the scope of activities specified in their authorisation. Any changes require CNBV approval. Ancillary activities, such as providing payment services or offering financial advice, are subject to separate approvals under applicable regulations.

Costs and Engagement With Regulators

The cost of obtaining a banking licence includes the deposit with Banco del Bienestar and operational expenses associated with meeting CNBV’s rigorous requirements. Entities seeking authorisation must maintain active engagement with the CNBV throughout the process to address any regulatory queries or adjustments.

In Mexico, banks are subject to strict regulatory oversight regarding ownership and changes in control, with specific obligations for shareholders to inform or seek authorisation from the CNBV. The requirements vary based on the level of direct or indirect participation in a bank’s capital.

Regulations Governing Changes in Control

1. General obligations during authorisation

During the authorisation process to establish a bank, potential shareholders must provide the CNBV with detailed information about their identity and financial resources.

2. Shareholding disclosure obligations

Once the bank is operational, shareholders – not the bank itself – are responsible for notifying or obtaining approval from the CNBV regarding any acquisitions or transfers of shares, in accordance with the applicable thresholds.

• 2% to less than 5% ownership – shareholders acquiring or transferring ordinary shares representing 2% or more but less than 5% of the bank’s paid-in capital must notify the CNBV within three business days.
• 5% or more ownership – for direct or indirect acquisitions of 5% or more of the bank’s ordinary paid-in capital, or granting guarantees over such shares, prior authorisation from the CNBV is required. This process includes consultation with Banco de México.
• 20% or more ownership or control – any individual or group intending to acquire 20% or more of the bank’s shares, or seeking to gain control over the bank, must obtain prior authorisation from the CNBV as stipulated in Article 17 of the Banking Law.

Regulatory Filings and Obligations

Pursuant to Articles 336 and 337 of the General Provisions Applicable to Credit Institutions (CUB), shareholders subject to the thresholds above must submit specific documentation, including identification and financial statements, as part of their notification or authorisation request to the CNBV.

Banks are required to ensure compliance with these obligations by refraining from registering non-compliant share transfers in their shareholder registry. Additionally, banks must notify the CNBV of such unauthorised transfers within five business days of becoming aware of them.

Consequences of Non-Compliance

If shareholders fail to notify or obtain the required authorisations, the equity and corporate rights associated with their shares will be suspended until the CNBV’s authorisation is granted, and all requirements under the Banking Law are fulfilled.

Ongoing Requirements

Shareholders must maintain transparency in their ownership structure and ensure timely compliance with all reporting and approval requirements. Banks are obligated to monitor share transfers and report irregularities to the CNBV, fostering continued regulatory oversight and compliance.

Mexican banks are subject to various corporate governance and regulatory requirements under the Banking Law and the CUB. These requirements aim to ensure sound management, operational efficiency, and compliance with legal and ethical standards.

Statutory and Regulatory Requirements

1. Board of directors

• Banks must have a board comprising a minimum of five and a maximum of 15 directors.
• A majority of directors must be Mexican residents, though not necessarily Mexican nationals.
• At least 25% of board members must qualify as independent directors.

2. Organisational structure

While Mexican law does not mandate specific positions or bodies, the CNBV expects certain roles to appear in a bank’s organisational chart. These positions, which support operational and compliance obligations, typically include:

• Chief Executive Officer (CEO) – appointed by the board of directors, the CEO oversees operations and establishes administrative units.
• Chief Financial Officer (CFO), Chief Legal Officer, and Human Resources Manager – key roles supporting financial, legal, and personnel management.
• Credit Manager – presides over the Credit Committee and ensures compliance with credit origination protocols.
• Head of Credit Control Area – oversees independent credit control functions to guarantee proper credit origination processes.
• Chief Accountant and Financial Comptroller – signs financial statements and fulfils accounting obligations.
• Head of the Integrated Risk Management Unit (UAIR) – appointed by the Risk Committee, responsible for managing the bank’s risk exposure.
• Internal Auditor and Director of Internal Control – ensure independent and effective internal audits and controls.
• Anti-Money Laundering Compliance Officer – manages and enforces regulatory mechanisms to prevent money laundering.
• SPEI Compliance Officer – required for participation in the Mexican Payments System (SPEI).
• Chief Information Security Officer (CISO) – responds to information security requirements set by authorities.
• Derivatives Brokers – banks trading financial derivatives must have at least two trained brokers.

Qualifications for Key Positions

Persons appointed to key roles must meet strict qualifications, including the following.

• Be a resident of Mexico.
• At least five years of experience in high-level decision-making in financial or administrative matters.
• Integrity, creditworthiness, and compliance with credit obligations.
• No involvement in inspection or oversight functions, pending litigation against the bank, or bankruptcy proceedings.
• Awareness of rights and obligations tied to the role.

Diversity and Voluntary Codes

While there are no formal diversity quotas in Mexican banking regulation, the inclusion of independent directors fosters a balance of perspectives on the board. Many banks voluntarily implement diversity and inclusion initiatives to align with global corporate governance trends.

Binding Rules of Conduct

Bank employees are not subject to a formal Bankers’ Oath; however, internal codes of ethics and conduct, often required as part of corporate governance practices, ensure that employees adhere to the highest professional and ethical standards.

Refer to 4.1 Corporate Governance Requirements.

In Mexico, banks are required to implement, maintain, and continuously review a “Remuneration System” that encompasses all forms of compensation, whether monetary or otherwise. These requirements, established under the CUB, aim to align remuneration practices with prudent risk management and long-term stability.

Individuals Subject to the Remuneration Requirements

The Remuneration System applies to all individuals whose roles significantly impact the bank’s risk profile, including members of the board of directors, senior management, and employees in administrative, control, and business units. The system must account for the risks inherent to the activities performed by each role.

Relevant Remuneration Principles

Banks must design their Remuneration Systems based on the following principles.

1. Responsibilities and governance:

• Define the roles of corporate bodies, such as the Remuneration Committee, responsible for implementing remuneration schemes.
• The board of directors must approve the Remuneration System and oversee its proper functioning, ensuring that the Remuneration Committee exercises independent judgment.

2. Policies and risk alignment:

• Establish policies and procedures governing ordinary and extraordinary remuneration in line with reasonable risk-taking.
• Consider risks faced by the bank, including liquidity, solvency, stability, and reputational risks, while making compensation decisions.
• Tailor remuneration schemes to each job profile, with adjustments for the specific risks associated with their activities.

3. Performance and extraordinary remuneration:

• Performance evaluations for extraordinary remuneration must account for results observed over a reasonable period, not solely the financial year, to ensure alignment with long-term risk outcomes.
• Methods to mitigate risk include adjusting remuneration through risk-related factors, deferring payments, extending evaluation periods, and reducing short-term incentives.

4. Flexibility in risk scenarios:

• The system must allow for reductions or suspensions of extraordinary remuneration in cases of losses or materialised risks exceeding expectations.

5. Continuous review and disclosure:

• Banks must ensure continuous review of their remuneration policies by the Remuneration Committee and the Comprehensive Risk Management unit.
• They must disclose remuneration policies, the composition and functions of the Remuneration Committee, and risk analyses through their websites and annual reports.

Supervisory Approach

The CNBV oversees compliance with remuneration requirements by monitoring disclosures and conducting periodic reviews. Banks must maintain sufficient documentation to demonstrate compliance, ensuring that the Remuneration System aligns with the regulatory framework and supports long-term financial stability.

Mexico’s banking sector is subject to robust anti-money laundering (AML) and counter-terrorist financing (CTF) regulations under the Banking Law and the Reglas a las Que se Refiere el Artículo 115 de la Ley de Instituciones de Crédito (the “Anti-Money Laundering Rules” or the “AML Rules”).

As a member of the Financial Action Task Force (FATF) and the Financial Action Task Force of Latin America (GAFILAT), Mexico adheres to international standards and best practices. Mexican authorities actively co-operate with international counterparts to combat cross-border money laundering and terrorist financing activities.

Key Obligations for Banks

1. Customer identification – verify the identity of customers using reliable, independent source documents, data, or information.

2. Know-Your-Customer (KYC) – collect and maintain detailed information about the customer’s identity, business activities, and the purpose of the account.

3. Enhanced due diligence (EDD) – apply additional scrutiny to high-risk customers, such as politically exposed persons (PEPs) and those from high-risk jurisdictions.

4. Record keeping – banks are required to maintain records of all transactions and customer information for at least ten years. This includes account opening documents, transaction histories, and correspondence.

5. Reporting obligations:

• Suspicious Activity Reports – banks must promptly report suspicious transactions or activities to the Financial Intelligence Unit (the UIF).
• Threshold reporting – transactions exceeding specified monetary thresholds, such as high-value cash transactions, must also be reported to the UIF.

6. Internal controls and compliance programmes – banks must establish and maintain an effective AML/CTF compliance programme, which includes:

• Policies and procedures – develop written policies and procedures to detect and prevent money laundering and terrorist financing.
• Training programmes – provide regular training for employees on AML/CTF regulations, identifying red flags, and reporting procedures.
• Independent audit – conduct periodic independent audits to assess the effectiveness of the AML/CTF programme and ensure regulatory compliance.
• Risk assessment – regularly evaluate potential money laundering and terrorist financing risks, considering customer profiles, products, services, and geographic locations.

Mexico’s depositor protection regime is governed by the Ley de Protección al Ahorro (the “Savings Protection Law” or the “IPAB Law”) which established the Instituto para la Protección al Ahorro Bancario (the IPAB). The IPAB operates as a decentralised federal agency with its own legal personality, assets, and liabilities. Its mission is to safeguard bank savings and manage financial reorganisation programmes for distressed banks.

Administration of the Scheme

The IPAB is overseen by a board of governors composed of seven members: three appointed by the Federal Government and four independent governors approved by the Senate upon the President’s proposal. An Executive Secretary leads the agency’s operations.

Coverage and Limits

The IPAB guarantees the payment of certain deposits and loans made to Mexican banks, up to a maximum of 400,000 UDIs (approximately USD135,000) per individual or corporate depositor across all accounts and loans with the bank. Payments are made within 90 days of the bank being declared in liquidation, suspension of payments, or bankruptcy.

Depositors must submit documentation, such as agreements or account statements, to claim payments. However, certain obligations are excluded from IPAB’s coverage, including the following.

• Debts owed to Mexican or foreign financial institutions.
• Obligations to entities within the same financial group as the bank.
• Liabilities documented in negotiable instruments or bearer securities (unless held by the original owner).
• Deposits or obligations in favour of shareholders, directors, senior management, or other specified individuals.
• Transactions conducted in violation of laws or good banking practices, or related to money laundering.

Subrogation and Additional Remedies

When the IPAB makes a payment, it is subrogated into the rights of the depositor or creditor in the relevant insolvency proceedings. Depositors and creditors may seek recovery of amounts exceeding the guaranteed limit through other legal means.

Financial Support for Banks

In exceptional circumstances, the IPAB may provide financial support to distressed banks at its own initiative or at the request of the CNBV. Support measures include the following.

• Subscription of shares or subordinated debentures.
• Assumption of liabilities.
• Loans or acquisition of loan portfolios or other assets.

Such assistance is contingent on a cost-benefit analysis confirming that supporting the bank is less expensive than paying the guaranteed obligations. The bank must agree to a financial reorganisation programme, with its voting shares pledged as collateral. If obligations are not met, the IPAB becomes the owner of the pledged shares and assumes control of the bank’s management.

Funding of the Scheme

Mexican banks finance the deposit guarantee scheme through ordinary and extraordinary contributions.

• Ordinary contributions – at least 0.004% of the bank’s annual funding operations.
• Extraordinary contributions – capped at 0.003% of the bank’s annual funding operations.
• Combined contributions cannot exceed 0.008% of a bank’s funding operations in a single year.

Conclusion

The IPAB plays a vital role in safeguarding depositor funds and maintaining stability in Mexico’s banking system. By guaranteeing deposits and managing distressed banks, it ensures confidence and continuity within the financial sector.

Mexico’s banking regulatory framework is aligned with international standards, including Basel III, as implemented by the CNBV through the CUB, and the Banking Law. Below is a summary of key requirements and regulatory framework.

Basel III Standards and Implementation

Mexico fully adopted Basel III standards through amendments to the Banking Law and the CUB, implemented by the CNBV in co-ordination with Banco de México. These reforms:

• updated the definition of net capital, comprising capital contributors, retained earnings, and reserves; and
• mandated minimum capital adequacy ratios for banks, requiring:
1. Total Capital Ratio: 10.5%, including a Capital Conservation Buffer;
2. Tier 1 Capital Ratio: 8.5%, inclusive of the buffer; and
3. Fundamental Capital Ratio: 7%, inclusive of the buffer.

The CNBV may impose additional capital requirements or buffers, such as countercyclical buffers, to mitigate risks during economic downturns. While Mexico’s adoption aligns closely with Basel III, the rules allow flexibility, granting the CNBV discretionary power to adapt requirements to local market conditions.

Risk Management Rules

Mexican banks must implement comprehensive risk management frameworks encompassing credit, liquidity, market, operational, and technological risks. Key requirements include the following.

• Establishing Risk Committees and Risk Management Units.
• Defining and monitoring exposure limits.
• Conducting regular stress tests and submitting risk assessments to the CNBV.
• Adopting sound methodologies for measuring and mitigating risks.

Failure to comply with these standards can lead to CNBV intervention, including imposing corrective measures or limitations on specific activities.

Risk exposures are monitored regularly, and banks must submit risk reports to the CNBV, including data on large exposures, related-party lending, and sectoral concentrations.

Capital Requirements and Buffers

Mexican banks’ capitalisation requirements follow Basel III principles but are tailored for local conditions.

• Minimum paid-in capital: 90 million UDIs (approximately USD36 million).
• Legal reserves: Banks must allocate 10% of net income annually to reserves until they equal 100% of paid-in capital.
• Capital composition: Aggregate net capital is divided into Core Equity Tier 1 (eg, paid-in capital, retained earnings, and reserves), Additional Tier 1 (eg, perpetual preferred shares and subordinated debt), and Tier 2 capital (eg, long-term subordinated debt with phased inclusion based on maturity).
• Corrective measures: Non-compliance with capital ratios results in restrictions, such as dividend suspensions, bonus limits, or debt term adjustments.

This framework ensures banks maintain robust loss-absorbing capacity while aligning with international standards.

Liquidity Requirements

The amendments to the Banking Law also reinforced liquidity measures. Banks must comply with the Liquidity Coverage Ratio (LCR) and maintain adequate liquidity buffers to meet short-term obligations. If a bank’s liquidity falls below mandated thresholds:

• the CNBV may require a restoration plan, suspend certain operations, or impose operational restrictions.

Additionally, Banco de México supervises compliance with liquidity ratios to ensure resilience during market shocks.

Systemically Important Banks

Systemically important banks (SIBs) are subject to heightened regulations due to their potential impact on the financial system. Requirements include the following.

• Additional capital buffers – SIBs must maintain higher capital ratios. The supplementary capital is being phased in between 2022 and 2025.
• Exposure limits – the CNBV imposes caps on exposures to interconnected counterparties to prevent excessive concentration risk.
• Enhanced supervision – SIBs undergo more frequent and detailed regulatory reviews.

Conclusion

Mexico’s banking regulation aligns with international standards, ensuring robust capital adequacy, liquidity, and risk management frameworks. These measures enhance financial stability while allowing regulatory flexibility to address local market conditions. For systemically important institutions, stricter requirements ensure their resilience, safeguarding the broader economy.

The Mexican banking system is governed by a robust legal and regulatory framework aimed at maintaining financial stability and protecting depositors. The key elements of this framework include licensing requirements, intervention mechanisms, resolution strategies, and specific insolvency rules.

Mexico’s framework for the insolvency, recovery, and resolution of banks is primarily governed by the Banking Law and the Bank Savings Protection Law (Ley de Protección al Ahorro Bancario, the LPAB), under the supervision of the CNBV and the Instituto para la Protección al Ahorro Bancario (IPAB). These laws provide mechanisms to ensure financial stability and protect depositors during bank failures.

Principal Means of Resolving a Failing Bank

The resolution of a failing bank involves various stages under the Banking Law.

1. Intervention:

• The CNBV may declare managerial intervention if a bank’s capital ratios fall below regulatory thresholds or if significant payment obligations are unmet.
• If IPAB provides financial support, it appoints a “peremptory manager” with full authority to manage the bank during intervention.

2. Revocation of banking licence:

• When a bank’s licence is revoked due to insolvency or other violations, the IPAB assumes responsibility for liquidation. This process involves transferring assets and liabilities to other banks, establishing a new temporary bank, or pursuing other measures to minimise depositor impact.

3. Liquidation process:

• Liquidation follows the CNBV’s resolution, with the IPAB acting as liquidator. In cases of insolvency, liquidation is managed through court procedures tailored to the banking sector, ensuring priority payments according to established rules.

When a bank faces insolvency or financial instability, the following mechanisms are employed.

1. Recovery plans:

• Banks are required to maintain recovery plans detailing measures to restore financial health during periods of distress.

2. Resolution process:

The resolution process includes intervention by the CNBV and measures under the LPAB, such as the following.

• Temporary management – appointment of an administrator to manage the bank and stabilise operations.
• Asset transfers – transfer of assets and liabilities to another financial institution or a bridge bank.
• Liquidation – as a last resort, liquidation may occur under CNBV and IPAB oversight to ensure an orderly process.

3. Deposit insurance and payouts:

• The IPAB guarantees deposits up to a maximum of 400,000 UDIs (approximately USD135,000), ensuring that depositors are compensated promptly.

Implementation of FSB Key Attributes of Effective Resolution Regimes

Mexico has implemented key elements of the Financial Stability Board (FSB) Key Attributes of Effective Resolution Regimes, including the following.

• Legal authority – the CNBV and IPAB have broad legal powers to intervene in failing banks, including transferring critical functions and restructuring liabilities.
• Resolution planning – banks designated as systemically important are subject to recovery and resolution planning to minimise systemic risks.
• Continuity of critical functions – the LPAB mandates that resolution efforts prioritise continuity of essential services, such as deposit-taking and payment processing.
• Bail-in mechanisms – while not fully developed, certain tools allow for creditor and shareholder loss absorption to reduce reliance on public funds.

Insolvency Preference Rules Applicable to Deposits

Under Mexican law, depositors enjoy priority in insolvency proceedings.

• Deposit preference – insured deposits covered by the IPAB (up to 400,000 UDIs – approximately USD135,000) are paid first from the liquidation proceeds. The IPAB Law guarantees deposits in the above-mentioned amounts per person per institution.
• General deposits – uninsured deposits have a higher priority over other unsecured creditors but rank below secured creditors. Upon liquidation, payment preferences are established as follows.
1. Secured or pledged credits.
2. Liquid and enforceable labour liabilities.
3. Tax liabilities.
4. IPAB-related claims, including guaranteed obligations.
5. Bank deposits, loans, and other liabilities.
6. Preferred subordinated debentures.
7. Non-preferred subordinated debentures.
8. Shareholders.

Unsecured obligations cease to accrue interest upon liquidation, and derivatives or repurchase transactions are terminated and netted.

• IPAB reimbursement – as shown above, the IPAB, after compensating insured depositors, has a claim against the failed bank’s estate, ranking after insured depositors and before other unsecured creditors.

Conclusion

Mexico’s legal and regulatory framework aligns closely with international standards, including the FSB Key Attributes. The framework emphasises depositor protection, systemic stability, and orderly resolution, with clear priorities in insolvency proceedings and tools to manage failing banks effectively.

Banking Regulatory Requirements Related to ESG in Mexico

Mexico’s financial sector is undergoing significant regulatory changes to align with global environmental, social and governance (ESG) standards. These adjustments aim to integrate sustainability into financial practices and reflect Mexico’s commitments to reducing greenhouse gas emissions and combating climate change. Below are the key ESG-related banking regulatory requirements currently shaping the sector.

Mexican sustainable taxonomy

Launched in March 2023 by the Ministry of Finance and Public Credit, the sustainable taxonomy is a cornerstone of Mexico’s ESG framework. It serves as a science-based classification tool to identify sustainable economic activities across six sectors.

• Agriculture – includes farming, forestry, and greenhouse operations.
• Energy and water supply – encompasses renewable energy and water treatment projects.
• Construction – focuses on sustainable housing and infrastructure.
• Manufacturing – covers industries like cement and steel with climate mitigation thresholds.
• Transportation – targets sustainable public and freight transport systems.
• Waste management – supports recycling and safe waste disposal practices.

This taxonomy mandates financial institutions to consider sustainability metrics when funding projects, ensuring they align with climate change adaptation, gender equality, and basic service access objectives.

Sustainable financing mobilisation strategy

Published in September 2023, this strategy is designed to align Mexico’s financial system with sustainability goals. Its three pillars include the following.

• Sustainable public financial management – integrating sustainability into public finance systems.
• Sustainable financing mobilisation – encouraging private-sector investment in sustainable projects.
• Transversal actions – promoting inclusiveness, gender equality, and social impact monitoring.

The strategy fosters a conducive environment for ESG-compliant financial practices, including low-cost financing for sustainable activities and transparent information disclosure.

Amendments to financial laws

Recent changes to the Securities Market Law and Mutual Funds Law (November 2023) reinforce climate action. These amendments empower the Ministry of Finance to issue provisions for monitoring sustainable development and gender equality within securities markets. This legal framework promotes accountability and transparency among financial institutions.

Sustainability Information Standards (NIS)

In May 2024, the Mexican Council for Financial Information and Sustainability Standards introduced NIS A-1 and B-1.

• NIS A-1 – establishes a conceptual framework for sustainability disclosures, providing quality and consistency standards.
• NIS B-1 – requires disclosure of Basic Sustainability Indicators (IBSO), promoting transparency on entities’ sustainability performance.

These standards are harmonised with international frameworks like the IFRS Sustainability Disclosure Standards, ensuring Mexico’s alignment with global practices.

Self-assessment tool for ESG risks

Developed by the CNBV, this tool helps financial institutions evaluate their integration of ESG factors and climate-related risks. Based on global guidelines, it covers:

• corporate governance for sustainability;
• ESG factors in operations; and
• climate-related risk mitigation.

The tool generates confidential reports for internal use while providing aggregated benchmarks for Mexico’s financial sector.

ESG obligations for pension fund managers

Effective January 2022, Mexican pension fund managers (AFOREs) are required to consider ESG criteria when making investment decisions. This regulation ensures that pension funds contribute to sustainable economic and environmental projects, maximising benefits for the economy and society.

Conclusion

Mexico’s regulatory developments reflect a broader commitment to embedding ESG principles into its financial framework. From the introduction of the sustainable taxonomy to enhanced disclosure standards and tools, the nation is creating a robust environment for sustainable financing. These efforts not only support Mexico’s climate goals but also position its financial sector as a key player in the global transition to a sustainable economy. Financial institutions operating in Mexico must now navigate these regulations to ensure compliance while leveraging opportunities to support environmentally and socially impactful initiatives.

While the Digital Operational Resilience Act (DORA) is an EU regulation and does not directly apply in Mexico, certain regulatory frameworks in Mexico address operational resilience, cybersecurity, and third-party risk management in the banking sector, which align with DORA’s objectives.

ICT Risk Management

The CNBV requires financial institutions to implement robust frameworks for managing risks related to information and communication technology (ICT). Banks must establish internal controls, regularly assess vulnerabilities, and adopt measures to mitigate cybersecurity threats as per the CUB.

Incident Reporting

Mexican banks must report significant operational or cybersecurity incidents to the CNBV promptly. This is outlined in Article 168 Bis 16 of CUB, which aims to address and protect operational continuity and cybersecurity, ensuring transparency and timely intervention in the event of disruptions.

Third-Party Risk Management

Financial institutions are obligated to oversee and manage risks associated with third-party service providers, especially those offering ICT services. Regulations require due diligence, regular monitoring, and contractual safeguards to ensure resilience across outsourced operations.

Operational Continuity and Disaster Recovery

Banks in Mexico are required to maintain robust business continuity and disaster recovery plans, aligning with best practices for operational resilience. Testing and periodic updates of these plans are mandatory to ensure preparedness for operational disruptions.

International Standards Influence

While DORA is not directly applicable, Mexican regulators are influenced by global standards and practices, including those of the EU, to maintain international competitiveness and ensure the stability of cross-border banking operations. Mexican banks with EU operations or partnerships are particularly mindful of DORA’s requirements to maintain compliance in those jurisdictions.

These requirements reflect Mexico’s commitment to operational resilience in the financial sector, even though DORA itself does not impose direct obligations. Mexican banks should stay vigilant regarding international developments to ensure alignment where cross-border operations are involved.

Banco de México has published drafts of amendments to Circular 13/2017 and Circular 14/2017 for public consultation, open until 4 December 2025. These drafts propose targeted adjustments to existing provisions, focusing on refining operational requirements, updating thresholds, and enhancing the efficient functioning of payment systems. While subject to further changes, the proposed amendments indicate important regulatory developments for the banking sector in Mexico.

Key Adjustments to Circular 13/2017

This Circular regulates the proper functioning of payment systems, sets requirements for fund transfer services, and establishes obligations for participants. The proposed changes include the following.

1. Increased thresholds:

• The monetary threshold triggering additional requirements for fund transfers will be adjusted to 6,000 UDIs (approximately USD2,025), reflecting updated risk management practices while maintaining accessibility.

2. Stricter terms for third-party providers:

• Contracts with third-party service providers must now explicitly prohibit subcontracting and the transfer of contractual rights, enhancing accountability and alignment with Banco de México’s standards.
• Authorisation requests to Banco de México must include the proposed contract with the third party, approved by senior officials within two levels below the director general.
• Authorisations granted for these contracts will be personal and non-transferable.

3. Exceptions for contract modifications:

• While prior authorisation remains a general requirement for contract amendments, exceptions include changes related to fees, addresses, or representative contact details.

Key Adjustments to Circular 14/2017

As the internal rules for SPEI (Sistema de Pagos Electrónicos Interbancarios), this Circular outlines technical and operational requirements for system participants. The proposed changes include:

1. Refined processing times:

• Criteria for processing large and low-value transfers are being updated to ensure faster settlements and improved reliability.

2. Enhanced security standards for mobile transactions:

• New measures include mandatory encryption protocols, secure data storage, and authentication processes to safeguard sensitive user information.

3. Stricter indirect participation requirements:

• Indirect participants and clearinghouses must meet enhanced operational and security measures to maintain system integrity.

4. Streamlined notification and reporting obligations:

• SPEI participants will be required to meet clearer timelines and standards for notifications and reports to Banco de México, ensuring better oversight.

Conclusion

These amendments are designed to modernise and strengthen the regulatory framework for Mexico’s financial institutions, aligning it with current operational realities and risk management priorities. While the drafts may evolve before final publication, they highlight key areas that banks should monitor closely to ensure compliance and operational readiness.