Corporate Governance 2026 Comparisons

The principal types of corporate organisations in Mexico are the following:

• Variable Capital Stock Corporation (Sociedad Anónima de Capital Variable – S.A. de C.V. or S.A.);
• Mexican Corporation for the Promotion of Investment with Variable Capital (Sociedad Anónima Promotora de Inversión de Capital Variable – S.A.P.I. de C.V. or S.A.P.I.); and
• Mexican Limited Liability Company with Variable Capital (Sociedad de Responsabilidad Limitada de Capital Variable – S. de R.L. de C.V. or S. de R.L.).

In Mexico, the following laws constitute the main legal framework governing corporate governance:

• General Commercial Corporations Act (Ley General de Sociedades Mercantiles – L.G.S.M.) – This is the principal regulation and the foundation for all Mexican companies, including S.A. de C.V. and S. de R.L. de C.V.
• Securities Market Law (Ley del Mercado de Valores – L.M.V.) – This is the strictest law regarding corporate governance in Mexico. The L.M.V. applies exclusively to publicly traded companies, including S.A.P.I., the Mexican Investment Promotion Corporation with Variable Capital (Sociedad Anónima Promotora de Inversión Bursátil – S.A.P.I.B.) and the Mexican Publicly Traded Stock Corporation (Sociedad Anónima Bursatil – S.A.B.).
• Law of Credit Institutions (Ley de Instituciones de Crédito) – This law specifically regulates the financial and banking sector, requiring much more rigorous internal controls and risk management for financial entities.
• General Provisions issued by the National Banking and Securities Commission (Comisión Nacional Bancaria y de Valores – C.N.B.V.) – This specifies the reporting and transparency obligations for public companies which are considered as regulated entities.

As to the companies with shares that are publicly traded, the L.M.V. sets the following additional mandatory requirements regarding corporate governance, which may be regulated by the shareholders either in the by-laws of the company and/or in a shareholders’ agreement:

• S.A.P.I.s must be managed by a board of directors, therefore it is not possible to elect a sole director.
• To appoint the S.A.P.I.’s board of directors, each shareholder (or group of shareholders) holding at least 10% of the shares may appoint one director.
• For an S.A.P.I.B., there must be at least one independent director.
• For an S.A.B., the management is entitled to a board of directors and a general director.
• The board of directors of an S.A.B. must be comprised of at least 25% independent directors.
• An S.A.B. requires the creation of auxiliary committees to assist the management of the company, such as audit and corporate practices committees.
• An S.A.B. requires duties of loyalty and diligence from its directors.

See 1.1 Corporate Forms and Governance Requirements.

See 1.1 Corporate Forms and Governance Requirements.

In December 2023, the Securities Market Law was amended, with one of the main objectives being to “democratise access” to financing offered by the stock market, especially to medium and small companies, through the procedure set for “Emisoras Simplificadas” (simplified issuers). These types of companies can operate by means of an S.A. instead of an S.A.P.I.B., meaning they do not have to comply with the corporate governance requirements set for the latter (therefore no requirements are set for publicly traded corporations).

The General Shareholders’/Partners’ Meeting

The general shareholders’/partners’ meeting has the maximum authority, with the ability to resolve all acts and operations of the company.

The Mexican entities can be fully (100%) owned by foreign companies or individuals, except for the following activities which are reserved for the Mexican State: petroleum, the national electricity system, nuclear energy, minerals, telegraphs, the post office, banknotes, minting of currency, airport control, ground transportation (excluding courier services), development banking institutions, provision of professional and technical services expressly indicated in legal provisions. Foreign investment may participate in any proportion in the capital stock of Mexican companies, acquire fixed assets, enter new fields of economic activity or manufacture new lines of products, open and operate establishments, and expand or relocate existing ones.

The Management

The management of the entity is entrusted to a manager (in the case of an S. de R.L.) or a director (in the case of an S.A.). Each entity must choose between a sole manager/director or a board of managers/board of directors. The managers/directors may be either Mexican or foreign nationals. It is important to note that the non-Mexican directors/managers who are hired and receive remuneration for the performance of their duties must hold an appropriate visa/work permit issued by the immigration authorities in Mexico.

The Statutory Examiner or Board of Surveillance Figure

The statutory examiner or board of surveillance figure, which supervises the management body, is mandatory for an S.A., and optional for an S. de R.L.

The General Shareholders’/Partners’ Meeting

The general shareholders’/partners’ meeting has the authority to resolve all acts and operations of the company, including the exclusive authority to annually approve the financial statements of the year prior, as well as the appointment of the directors/managers and the statutory examiner in the case of an S.A.; also, the general shareholders’/partners’ meeting has the exclusive authority to approve the following by means of a special quorum (majority vote):

• extension of the company’s duration;
• anticipated dissolution of the company;
• increase or reduction of capital stock;
• amendment of the company’s purpose;
• amendment of the company’s nationality;
• transformation of the company;
• merger with another company;
• issuance of preferred shares;
• redemption by the company of its own shares and the issuance of founders’ shares;
• the issuance of bonds;
• any other amendment to the by-laws; and
• any other matter for which the law requires a special quorum of the shareholders’ meeting.

Management

The management of the entity has the authority to manage all the operations inherent to the company’s purpose, including the review of financial statements, the compliance of the company regarding tax regulations, and the granting or revoking of special authorities for specific acts on behalf of the company.

The Statutory Examiner or Board of Surveillance

The statutory examiner or board of surveillance has the authority to:

• supervise that the board of directors/managers has granted the corresponding guarantee to secure their functions, when applicable;
• make sure that legal and statutory requirements are met when the shareholders decree dividends;
• verify that accounting records are accurately kept; and
• ensure that resolutions are accurately recorded at shareholders’ meetings.

Committees

Lastly, the shareholders may include the possibility of creating committees which have specific authorities and functions. These are generally created to support the main bodies (shareholders, management and surveillance) in operational matters.

In Mexico, the decision-making process in companies is governed by the General Commercial Corporations Act. There are two main bodies which take resolutions: (i) the shareholders’ meeting; and (ii) the board of directors.

The following is a simplified summary of how they operate.

Shareholders’/Partners’ Meeting

This is the “supreme authority” of the company. This is where the shareholders/partners meet to make the most relevant decisions. To take the decisions, two steps are involved:

The call (convocatoria)

This must be published through the electronic system of the Ministry of Economy.

This must be done with the anticipation set in the company’s by-laws (usually within 8–15 days).

This must include the agenda, which is the list of topics to be discussed. Decisions made on topics not listed are generally invalid.

The meeting

Generally, there are two types of meetings:

• ordinary – held at least once a year to approve financial reports and appoint directors; and
• extraordinary – held any time to discuss critical changes to the company such as capital increases or decreases; changing the corporate name, domicile or purpose; approving acquisitions of assets or shares; approving mergers or anticipated dissolutions.

Once the above-mentioned steps are fulfilled, the resolutions are prepared. These are the hard copy including the final agreements taken by the shareholders. To be valid, they require a specific quorum (a minimum percentage of shares present) and a majority vote; in general, the quorum for ordinary meetings is 51% of votes, while for extraordinary meetings it is 75% of votes.

Lastly, in some cases, resolutions can be taken via a written document in lieu of a meeting, if the by-laws allow this and the written document is signed unanimously by the shareholders/partners.

Board of Directors/Managers

The board of directors/managers is in charge of the daily management and execution of strategy. It therefore meets more frequently than the board of shareholders/partners, which meets only occasionally. For the board of directors/managers to take decisions, two steps are involved:

The call

This is usually done via email or letter by the chairman or secretary of the board, following the rules set in the by-laws.

Resolutions

Decisions are taken by a majority vote of the directors present. The chairman often has a “casting vote” (voto de calidad) in the case of a tie.

In some cases, resolutions can be taken via a written document in lieu of a session, if the by-laws allow this and the written document is signed unanimously.

The board of directors of a business corporation is governed by the L.G.S.M., as well as by the provisions set forth in the company’s by-laws.

In the case of corporations (S.A. or S.A.P.I.) the board of directors is a collegiate body, the composition, organisation and operation of which are determined in the by-laws, with no statutory maximum number of members/directors established by law.

In practice, the board is typically composed of at least three members and is generally headed by a chairperson who presides over and co-ordinates the meetings.

In the case of limited liability companies (S. de R.L.), there is no board of directors as such. Management is entrusted to one or more managers, who may act individually or collectively, in which case they are commonly referred to as a management board. The structure, powers and operating rules of such a body is set out in the by-laws, allowing for a greater degree of flexibility in its organisation.

Mexican law does not establish a specific allocation of roles among the members of the board of directors; in practice, it is customary to provide for the appointment of an individual to act as chairperson of the board.

The role of each member of the board of directors may vary depending on the provisions set forth in the company’s by-laws and, where applicable, on internal policies or corporate governance practices.

Board members typically assume the following roles.

• Chairperson: Acts as the representative of the board in dealings with third parties and is responsible for chairing and co-ordinating its meetings. The chairperson generally has a casting vote in the event of a tie, where so provided in the by-laws.
• Secretary: Responsible for corporate governance and the corporate records of the board. Duties typically include preparing meeting notices, drafting and safekeeping minutes, and maintaining corporate books. The secretary may be a member of the board or, alternatively, the company may appoint an external professional to perform this role.
• Directors (board members): The remaining members of the board actively participate in decision-making, contributing experience and judgement to the company’s operations and strategy. These members generally include –
1. members of senior management;
2. representatives of the shareholders; and
3. external professionals.

Additionally, the board may be supported by specialised committees for the handling of specific matters. Such committees are typically composed of members of the board and may, where appropriate, include independent directors.

Notwithstanding the foregoing, the different roles within the board do not entail a substantive distinction in terms of the legal duties and liabilities of its members. All directors are subject to the same duties of care and loyalty and, accordingly, may incur liability to the company, its shareholders or third parties for damages caused in the performance of their functions. In certain cases, such liability may be joint and several, particularly where it arises from decisions adopted collectively or from failures in oversight.

In addition, board members may be subject to tax-related liabilities pursuant to the Mexican Federal Tax Code under specific circumstances set forth in applicable law, as well as to other regulatory obligations arising from their position.

In the case of S.A.B. and S.A.P.I., the composition and functions of the board are subject to additional provisions set forth in the L.M.V. In particular, for publicly traded companies, such provisions are mandatory and, among other features, require the participation of independent directors and the establishment of specialised committees as set forth in 1.1 Corporate Forms and Governance Requirements. In the case of S.A.P.I.s, such provisions are adopted with greater flexibility through their by-laws, allowing them to tailor their corporate governance framework to their specific needs.

As noted in 3.1 Board Structure, Mexican law does not establish strict guidelines for the composition of the board of directors; accordingly, such composition is determined by the provisions set forth in each company’s by-laws.

In this regard, and considering that the board, as previously mentioned, is a collegiate body, it is generally recommended in practice that it be composed of an odd number of members in order to facilitate decision-making and avoid deadlock.

Similarly, taking into account the various roles that board members may assume, as described in 3.2 Board Members, boards are commonly structured to include individuals with diverse experience contributing to key areas of the company. On this basis, the participation of members of senior management, shareholder representatives and external professionals provides a balance between internal knowledge and an objective external perspective.

From a corporate governance standpoint, the appointment of independent directors is recommended, particularly in companies with multiple shareholders or more complex operations, where their involvement is instrumental to the proper functioning of the board.

Additionally, as mentioned in 3.2 Board Members, the board of directors may be supported by specialised committees acting as auxiliary bodies, typically composed of individuals with relevant expertise depending on the matters assigned to each committee.

In the case of publicly traded companies (S.A.B. and S.A.P.I.), the composition of the board is subject to the provisions set forth in the Securities Market Law, in particular:

Publicly Traded Companies (S.A.B.)

The board of directors must be composed of no more than 21 directors, of which at least 25% must be independent directors, appointed based on their experience, capabilities and professional reputation. Directors may appoint their respective alternatives, who must meet the same requirements. A secretary must also be appointed, who may not be a member of the board, and whose duties and responsibilities are set forth in the Securities Market Law. The board of directors must be supported by at least two specialised committees, acting as auxiliary bodies, in the areas of corporate practices and audit.

Investment Promotion Corporations (S.A.P.I.)

These entities may adopt the provisions applicable to S.A.B.s under the Securities Market Law with a degree of flexibility, allowing them to structure their board in a manner that best suits their specific needs.

Additionally, the following should be considered when determining the composition of the board:

• Clear policies and criteria for the appointment, tenure and, where applicable, removal or replacement of directors, should be established.
• A qualified majority should be provided for in respect of key decisions, in order to prevent disruption to the ordinary course of business.
• The number of board members should allow for efficient and effective decision-making.

Members of the board of directors or officers of the company are usually appointed by the general shareholders’ meeting, in accordance with the provisions set forth in the company’s by-laws, the General Commercial Corporations Act and, where applicable, the Securities Market Law.

Appointments may be made from among the shareholders or from individuals external to the company, and such members may be appointed or removed at any time in accordance with the by-laws or by a resolution of the general shareholders’ meeting.

Mexican law establishes, as a key restriction for serving as a director, that individuals who are legally disqualified from engaging in commercial activities may not be appointed. This includes undischarged bankrupt individuals, and persons convicted of offences against property.

Additionally, the by-laws may provide for further eligibility requirements, as previously noted in 3.2 Board Members and 3.3 Board Composition.

In the case of a publicly traded company (S.A.B.), in addition to the foregoing, the Securities Market Law provides that under no circumstances may an individual who has served as an external auditor of the company, or of any legal entities within the same corporate group, be appointed as a director of a company within the group within the 12-month period following the audit.

As a matter of law, there is no general statutory framework establishing rules or requirements regarding the independence of directors, with the exception of publicly traded companies (S.A.B.). As noted in 3.3 Board Composition, at least 25% of the members of the board of directors of such entities must qualify as independent directors, appointed on the basis of their experience, capabilities and professional reputation.

An independent director is generally understood to be an individual who does not maintain any direct or significant relationship with the company, thereby enabling the proper and impartial discharge of their duties and mitigating potential conflicts of interest.

With respect to conflicts of interest, directors are under a duty to disclose to the company any circumstance that may affect their independence or impartiality, and must abstain from participating in deliberations and resolutions in which they have a personal or direct interest.

Members of the board of directors and the officers of the company must act in the best interests of the company and in compliance with its by-laws, as well as with applicable laws and regulations.

In this regard, they are expected to observe, among others, the following duties:

• Duty of care – they must act in good faith and in the best interests of the company, rather than in their own personal interest.
• Duty of loyalty – they must remain loyal to the company, conducting themselves in a manner that prioritises the company’s interests over their own or those of third parties, thereby avoiding any potential conflicts of interest.
• Confidentiality – they must maintain strict confidentiality with respect to the company’s information and any matters that come to their knowledge by virtue of their position as directors or officers.

Directors have a duty to remain adequately informed regarding matters relevant to the proper discharge of their functions and the sound operation of the company.

Additionally, directors may incur liability to the company, its shareholders or third parties for damages arising from a breach of their duties. In certain circumstances, such liability may be joint and several among members of the management body, particularly in connection with decisions adopted collectively.

In this regard, liability may arise from, among other things:

• adopting decisions in breach of applicable law or the by-laws;
• failure to comply with duties of oversight or supervision;
• undisclosed conflicts of interest or the improper receipt of personal benefits; or
• engaging in acts that cause harm to the company, its shareholders or third parties.

From a regulatory perspective, directors are also subject to various tax and administrative obligations, and liability may arise under the Federal Tax Code in specific cases of non-compliance. They must also comply with applicable anti-corruption and compliance regulations, including the General Law of Administrative Responsibilities (Ley General de Responsabilidades Administrativas), which provides for sanctions in connection with misconduct such as bribery, misuse of information or conflicts of interest.

In the case of publicly traded companies (S.A.B), the applicable regime is more stringent and includes enhanced duties of care and loyalty, as well as additional obligations relating to disclosure, corporate governance and the operation of board committees.

Directors primarily owe their duties to the company, ensuring its proper operation in accordance with the duties described in 3.6 Legal Duties of Directors/Officers. Indirectly, such duties extend to the shareholders, to the extent that their interests form part of the overall interests of the company.

Directors are not required to prioritise or take into account the interests of other parties; however, in the course of the company’s operations, situations may arise in which it is appropriate to consider such interests in connection with specific objectives or particular circumstances that may lead to significant decision-making.

In the event of a breach, liability may be incurred by the directors in favour of the company. On this basis, it is expected that directors perform their duties in compliance with the standards set out in 3.6 Legal Duties of Directors/Officers.

In the case of publicly traded companies (S.A.B.), directors must act in the interests of the company as well as those of minority shareholders. Accordingly, their actions are subject to a higher level of scrutiny, taking into account various internal control mechanisms as well as the role of specialised committees acting as auxiliary bodies.

In accordance with Mexican corporate law, compliance with directors’ obligations is enforceable by the company through the shareholders’ meeting, by means of the corresponding corporate resolutions. Additionally, shareholders representing at least 25% of the share capital may bring a civil liability action directly against members of the board of directors, as set out in 4.4 Shareholder Claims.

In the case of publicly traded companies (S.A.B.), in addition to the mechanisms described above, the authorities responsible for overseeing their proper operation may intervene in the event of non-compliance with applicable obligations, with a view to protecting investors. As a general matter, a failure to comply with the duties of the board of directors may give rise to civil liability of its members vis-à-vis the company, administrative sanctions and, in certain cases, criminal liability where provided for under applicable law.

In addition to the civil liability action referred to in 4.4 Shareholder Claims, Mexican law provides various grounds to enforce compliance and liability against members of the board of directors and officers of the company in matters of corporate governance. These include individual actions brought by shareholders where they suffer direct damages, as well as claims arising from breaches of the by-laws, shareholders’ agreements or other applicable contractual arrangements.

Directors are liable to the company for breaches of the obligations inherent to their positions, including those related to capital contributions, compliance with applicable provisions governing the distribution of dividends, and the implementation of resolutions adopted by the shareholders’ meeting. In such cases, liability may arise jointly and severally among those directors who participated in, or were aware of, the relevant irregularity, in line with the duties set out in 3.6 Legal Duties of Directors/Officers.

In this context, members of the board of directors or officers may also incur liability for acts or omissions of prior management bodies where, having knowledge thereof, they fail to disclose such matters to the company.

In the case of publicly traded companies (S.A.B.), the applicable regime is more stringent. As noted in 3.7 Responsibility/Accountability of Directors, breaches relating to disclosure obligations, corporate governance or investor protection are more likely to result in liability to the company, as well as administrative sanctions imposed by the competent authorities.

With respect to S.A.P.I, while there is greater flexibility in their internal regulation, members of the board of directors remain subject to duties and liabilities arising from the improper performance of their functions.

As regards limitations of liability, Mexican law does not provide for a complete waiver of liability for directors or officers in respect of the legal duties inherent to their positions. In practice, however, certain mechanisms are commonly adopted to delineate such liability, including the limitation of powers in the by-laws or shareholders’ agreements, and, in some cases, the procurement of directors’ and officers’ liability insurance (D&O insurance).

Such mechanisms will not apply in cases where directors or officers are guilty of wilful misconduct, bad faith or in situations involving a conflict of interest. In this regard, however, directors or officers who are not at fault and who have duly recorded their dissent in respect of a given decision will not incur liability.

The remuneration, fees or benefits granted to directors or officers are determined in accordance with the provisions set forth in the company’s by-laws or, as applicable, by resolution of the shareholders’ meeting.

Typically, the general shareholders’ meeting is responsible for approving the compensation schemes applicable to members of the board of directors, while the board itself, in accordance with the company’s internal policies, determines or approves the remuneration of senior management.

In the case of publicly traded companies (S.A.B.), compensation schemes are subject to a higher level of oversight, with the involvement of the company’s auxiliary committees, which must act in line with applicable corporate governance policies, guidelines and practices.

With respect to S.A.P.I, although there is greater flexibility, these matters are generally regulated in the by-laws or in shareholders’ agreements.

As regards restrictions, compensation must be aligned with the functions performed, be reasonable in amount and not give rise to conflicts of interest. Any compensation that may directly benefit a member of the board must adhere to principles of transparency and, where applicable, require the relevant director to abstain from participating in the corresponding approval, in accordance with the duties set out in 3.7 Responsibility/Accountability of Directors.

Failure to comply with the applicable requirements for the approval of compensation may result in the nullity or challenge of resolutions adopted by the shareholders’ meeting. In the case of an S.A.B., such non-compliance may additionally give rise to significant administrative sanctions.

As a rule, Mexican law does not require the disclosure of compensation schemes for directors or officers, except in the case of an S.A.B., which is required to disclose certain relevant information regarding such schemes to the National Banking and Securities Commission through periodic reports and the applicable annual report.

The relationship between a company and its shareholders is primarily governed by the company’s by-laws and the General Commercial Corporations Act. In certain cases, particularly in the context of corporate governance practices, such relationship may also be regulated through a shareholders’ agreement.

Through the shareholders’ meeting, the owners of the company, namely, the shareholders, exercise their rights and fulfil their obligations, which may vary depending on the class of shares or the provisions set forth in the by-laws. This is particularly relevant in the case of S.A.P.I. where greater flexibility exists to establish differentiated rights and restrictions.

Mexican law does not establish specific rules governing the manner in which this relationship must be conducted; however, in practice, principles such as equitable treatment among shareholders, access to information and respect for minority rights are generally observed.

With respect to the shareholders’ register, while companies are required to be registered with the Public Registry of Property and Commerce (Registro Público de la Propiedad y del Comercio), such registry cannot be regarded as a comprehensive or fully reliable public record of share ownership, as the General Commercial Corporations Act does not require all transfers of shares to be recorded there. Nevertheless, companies are required to maintain a share registry book, which records the ownership of shares and any transfers of shares; this book is maintained internally by the company.

In the case of publicly traded companies (S.A.B.), share ownership may be administered through specialised institutions, thereby allowing for an adequate level of traceability; however, from a legal standpoint, this does not constitute a public registry as such.

The day-to-day management of the company is entrusted to the management body, while shareholders participate indirectly through the shareholders’ meeting. In this sense, shareholders do not intervene in the operation or ordinary course of business, but rather in the decision-making process on significant matters, such as the appointment of directors and the approval of financial statements, among others.

Shareholders do not have the authority to directly instruct the company or its directors to act in a particular manner. However, certain guidelines may be established through resolutions of the shareholders’ meeting or, where applicable, through a shareholders’ agreement, in order to regulate the approval of specific matters depending on their relevance or economic value.

Additionally, shareholders’ corporate rights may be exercised in proportion to their shareholding, including, among others, the ability to call shareholders’ meetings, bring liability actions, or influence strategic decision-making where certain ownership thresholds are met, in accordance with applicable law and the provisions of the by-laws.

From a corporate governance perspective, while shareholders are not subject to the same fiduciary duties as directors, they are expected to exercise their corporate rights in an informed and diligent manner, particularly when attending shareholders’ meetings, voting on material matters, appointing directors, and reviewing the company’s financial information.

In the case of an S.A.P.I., it is possible to establish mechanisms that influence decision-making, such as veto rights, reserved matters or prior approval requirements for certain actions. However, such mechanisms must not contravene applicable legal provisions or undermine the powers of the management body.

In a publicly traded company (S.A.B.), direct shareholder involvement in management is even more limited, favouring a corporate governance framework in which the board of directors and its committees play a central role, with an emphasis on investor protection and transparency in decision-making.

Mexican corporate law requires the holding of at least one annual ordinary shareholders’ meeting to approve the financial statements, review the company’s management and, where applicable, resolve on the distribution of profits. Such meeting must be held at the company’s registered office within the first four months following the end of the financial year.

Ordinary, Extraordinary and Special Shareholders’ Meetings

The law distinguishes between ordinary, extraordinary and special shareholders’ meetings. Ordinary meetings address matters relating to the company’s regular management; extraordinary meetings resolve structural matters, such as amendments to the by-laws, increases or reductions of share capital, or mergers; and special meetings are held when the approval of a specific class of shareholders is required in relation to actions affecting their rights.

Notice of the Meeting

The notice of a meeting is, in principle, issued by the management body or, as applicable, by the statutory examiner. Additionally, shareholders representing at least 33% of the share capital may request that a meeting be convened and, in certain circumstances, may petition the competent court to order its convening. Additionally, on an exceptional basis, the holder of a single share may request the convening of a shareholders’ meeting when no meeting has been held for two consecutive fiscal years or when mandatory matters have not been addressed. The notice must include the agenda and be issued in accordance with the by-laws; in the case of stock corporations, it must be published in the electronic system maintained by the Ministry of Economy (Publications System for Commercial Companies – PSM). Shareholders’ meetings may only resolve matters included in the agenda.

Key Quorum and Voting Requirements

For validity purposes, the L.G.S.M. establishes key quorum and voting requirements. Ordinary meetings generally require the presence of a majority of the share capital on first call, while extraordinary meetings are subject to higher quorum and voting thresholds. Resolutions are adopted by a majority of votes, unless the law or the by-laws require a qualified majority.

Meetings may be held in person or through electronic, optical or any other technological means, provided that real-time interaction, proper identification of participants and the effective exercise of voting rights are ensured, in accordance with applicable law and the provisions of the by-laws.

The proceedings of shareholders’ meetings must be recorded in minutes entered into the company’s corporate books, and shareholders may attend in person or be represented by duly authorised proxies, in accordance with applicable law and the by-laws. In the case of S.A.P.I., there is greater flexibility to regulate these matters – the by-laws may regulate, with greater flexibility, matters such as quorum and voting thresholds (within legal limits), notice mechanisms, the holding of non-in-person meetings, and the restriction or expansion of voting rights. In publicly traded companies (S.A.B.), in addition to the foregoing, the provisions of the Securities Market Law apply, establishing enhanced standards in relation to minority rights, transparency, disclosure and corporate governance, including specific rights to request information, appoint directors and bring liability actions, whereas in publicly traded companies (S.A.B.), in addition to the foregoing, the provisions of the Securities Market Law apply, establishing enhanced standards in relation to minority rights, transparency, disclosure and corporate governance, including specific rights to request information, appoint directors and bring liability actions.

Additionally, shareholders may provide in the by-laws that unanimous consent resolutions adopted in lieu of a general ordinary shareholders’ meeting by the shareholders holding the total voting shares of the company, will have the same validity and legal effect as those adopted at a duly convened meeting.

Actions Against the Company

The L.G.S.M. provides various legal grounds for shareholders to bring actions against the company or its directors. Among these, the most notable is the liability action against directors for damages caused to the company as a result of a breach of their duties, which may be brought either by the company itself or directly by shareholders representing at least 25% of the share capital.

In the latter case, the action must be exercised for the benefit of the company and not solely in the interest of the claiming shareholders; accordingly, the claim must cover the full amount of the damages caused. Furthermore, shareholders bringing such action must not have previously approved any shareholders’ resolution determining that no action should be taken against the directors. Any recovery obtained as a result of the action shall accrue to the company.

Additionally, shareholders may bring individual actions where they suffer direct damage to their own patrimony, distinct from that suffered by the company.

In relation to shareholders’ meetings, shareholders may primarily seek the nullity of resolutions and exercise opposition rights. Nullity actions arise where resolutions contravene the law or the by-laws, or where legal requirements relating to notice, quorum or voting are not satisfied. The opposition action allows shareholders to challenge specific resolutions before the courts and may be exercised by shareholders representing at least the minimum percentage required under applicable law, generally ranging from 25% to 33% of the share capital, depending on the circumstances.

Minority Protection Mechanisms

The L.G.S.M. also provides for minority protection mechanisms, such as the right of shareholders representing at least 33% of the share capital to request the convening of a general shareholders’ meeting. In particular, as noted in 4.3 Shareholder Meetings, this right may be exercised by the holder of a single share where no shareholders’ meeting has been held for two consecutive fiscal years or where such meetings have failed to address the matters required by law. Shareholders may also request that the vote on matters with respect to which they do not consider themselves sufficiently informed be deferred.

In the case of publicly traded companies (S.A.B.), shareholders also benefit from additional mechanisms under the securities regulatory framework, enabling them to seek remedies for breaches relating to disclosure obligations, corporate governance and investor protection. In contrast, in a S.A.P.I., shareholders’ agreements commonly include additional mechanisms for the protection and enforcement of shareholders’ rights.

Disclosure Obligations

In the case of publicly traded companies (S.A.B.), there are significant disclosure obligations applicable both to the company and to certain shareholders, particularly those acquiring or exceeding substantial shareholdings. As a general rule, such obligations are triggered when specific ownership thresholds are reached or exceeded (such as 5% or 10% of the share capital), as well as upon material changes in such holdings. In these cases, shareholders must notify the issuer and the market of the relevant acquisition or disposal, in accordance with applicable regulations, in order to ensure transparency and protect the investing public.

In this regard, significant shareholders, members of the board of directors and senior management are subject to additional obligations concerning the disclosure of transactions involving the issuer’s securities, as well as restrictions relating to the use of inside information. These obligations fall under the securities regulatory regime and are supervised by the National Banking and Securities Commission.

Ultimate beneficial owner disclosure requirements

Furthermore, with respect to the ultimate beneficial owner (UBO), Mexican law has incorporated specific identification and disclosure requirements, particularly through tax provisions and anti-money laundering regulations. In this context, companies are required to identify and maintain updated information regarding the natural persons who ultimately, whether directly or indirectly, exercise control over or benefit from the entity, in accordance with the Federal Tax Code and the Federal Law for the Prevention and Identification of Transactions with Illicit Resources (Ley Federal para la Prevención e Identificación de Operaciones con Recursos de Procedencia Ilícita).

These obligations entail the maintenance of corporate and supporting documentation, as well as the disclosure of such information to the competent authorities when required. While such information is not necessarily public, compliance is mandatory and forms part of the regulatory framework aimed at enhancing corporate transparency and preventing the use of opaque structures.

In the case of publicly traded companies (S.A.B.), although there is no public register of UBOs in the strict sense, the disclosure regime allows for the identification of significant shareholders and, in certain cases, the individuals who exercise control. This framework is complemented by regulatory and tax obligations that strengthen the traceability of ownership and corporate control.

Pursuant to the L.G.S.M., Mexican companies are obliged to approve their financial statements on an annual basis, in the first four months following the closing of a specific fiscal year (ie, by April). Certain companies, such as an S.A. or S.A.P.I., specify in their by-laws the obligation to hire an external auditor to certify their financial statements, however this is not mandatory for all companies.

Article 32-A of the Federal Tax Code sets the obligation to certify financial statements by external auditor to: (i) companies which, in the immediately preceding fiscal year, have declared in their normal tax returns cumulative income (for income tax purposes) equal to or higher than an amount of MXN1,940,178,120; as well as those that (ii) in the previous fiscal year have shares placed among the general investing public, on the stock exchange (such as an S.A.B.).

Furthermore, according to Foreign Investment Law, Mexican companies with foreign investment are obliged to register (the company) before the National Registry of Foreign Investments and they have the obligation to file quarterly reports when a company changes its corporate name and/or corporate purpose; and regarding financial information, the company has an obligation to file annual and quarterly reports when the operation exceeds a certain threshold (of approximately MXN20,000,000).

Lastly, these are the special requirements regarding publicly trading companies’ financial statements:

S.A.P.I.B. Obligations

• Quarterly reports: must be submitted to the Mexican Stock Exchange and the National Banking and Securities Commission;
• annual reports: these must include a summary of the fiscal year’s performance;
• external audits: these are mandatory and must be performed by an independent external auditor;
• audit committees: these can operate with a smaller board or simplified oversight structure;
• material events: any significant changes that could impact the company’s finances or stock price must be reported; and
• filing deadlines: these are generally within 20 business days following the end of each quarter.

S.A.B. Obligations

• Quarterly reports: these are mandatory, including comprehensive disclosure notes;
• annual reports: these must be highly detailed (known as Annual Information Documents);
• external audits: these are mandatory and must comply with International Financial Reporting Standards (IFRS);
• audit committees: these are mandatory and must be composed exclusively of independent board members;
• material events: there is an immediate obligation to disclose these under strict regulatory surveillance; and

• filing deadlines: strictly within 20 business days following the end of each quarter.

In April 2026, certain additions were made to the aforesaid regulations, mainly the following:

• data retention – ten years instead of five;
• audit obligation – mandatory for internal and external purposes; and
• PEP verification – stricter protocols for identifying politically exposed persons (PEPs), including the use of specialised databases and official lists managed by the Financial Intelligence Unit (Unidad de Inteligencia Financiera – UIF).

Companies have an obligation to disclose corporate governance arrangements in their annual report.

Companies under Mexican law are incorporated by the main types described in 1.1 Corporate Forms and Governance Requirements.

All Mexican companies must be registered before the Public Registry of Property and Commerce located at the corporate domicile of each company. Failure to register a company will result in its being considered an “irregular” company. The practical consequence is that although the company exists, it cannot operate legally, because all of its acts and operations are void; it must therefore register immediately to be considered a regular company in compliance with corporate law.

The Public Registry of Property and Commerce, as its name indicates, is indeed public and available to anyone. The registry does not have supervisory powers per se, but it does have authority to review the acts (the legal instruments or contracts) presented to be registered, and it has exclusive authority to accept or reject such acts.

The reporting requirements for companies in Mexico, regarding global AML are as follows.

• UBO: It is the obligation of all notaries public and financial institutions to identify the individual who actually controls or benefits from a Mexican company in any given legal or financial situation. This obligation is set by the Tax Administration Service (Servicio de Administración Tributaria – SAT).
• Know your customer (KYC): As with the UBO obligation, it is required that files on the identity and economic activity of customers of notaries public and financial institutions should be completed.
• Notices and reports: Transactions that exceed legal thresholds (for “vulnerable activities”) or are suspicious (financial sector) must be reported.
• Risk-based approach: Clients must be classified by risk level.

Regarding the oversight on the part of the board of directors/managers of Mexican companies, the following are the main activities required to comply with AML provisions.

• Mandatory approval: The company’s compliance manuals, policies and programmes must be validated.
• Appointments: A compliance officer and a communication and control committee must be appointed.
• Audit review: The results of internal and external AML audits must be received and addressed annually.
• Monitoring: A company must ensure it has the technological and human resources to detect unusual transactions.

Members of the board of directors/managers could face the following sanctions if they transgress AML provisions in Mexico.

• Criminal: Imprisonment from five to 15 years if it is proved that board members facilitated or permitted transactions involving funds of illicit origin.
• Administrative: Direct financial penalties and disqualification from holding similar positions.
• Civil: Lawsuits from shareholders/partners or third parties for damages resulting from negligence in supervision.
• Reputational: Inclusion on blacklists that prevent any activity within the global financial system.

As mentioned in 5.1 Financial Reporting Requirements, the obligation to appoint an external auditor in connection with a company’s financial statements is contingent upon the company’s legal nature and its applicable regulatory regime. Publicly traded companies (S.A.B.) and issuers of securities subject to the oversight of the National Banking and Securities Commission are required to retain an independent external auditor to audit and issue an opinion on their annual financial statements, in accordance with the Securities Market Law and the general provisions issued by the National Banking and Securities Commission.

In the case of non-public commercial entities, the L.G.S.M. does not generally impose such requirement. However, under certain circumstances – particularly for tax compliance purposes – specific taxpayers may be required to obtain an external audit report, such as those obliged to file a tax audit report pursuant to Article 32-A of the Federal Tax Code.

Additionally, in practice, this requirement frequently arises from the needs of financial statement users. Most commonly, it derives from compliance with covenants agreed with financial institutions, which, in connection with lending arrangements, require borrowers to submit financial statements audited by an independent external auditor. Similarly, such requirement may be imposed at the request of shareholders or other stakeholders seeking a higher degree of assurance regarding the company’s financial position.

The relationship between the company and the external auditor is governed by principles of independence, professional competence, and adherence to the International Standards on Auditing, as well as the applicable financial reporting framework, which typically includes the Mexican Financial Reporting Standards (NIF), the International Financial Reporting Standards (IFRS), or US Generally Accepted Accounting Principles (US GAAP).

The external auditor is appointed by the shareholders’ meeting, upon recommendation of the board of directors or the audit committee, and reports directly to such governing bodies. The auditor is responsible for the accuracy and reliability of its opinion and may be subject to liability and sanctions in cases of negligence or professional misconduct.

There is no specific legal provision requiring companies to report geopolitical risk to regulatory authorities. However, the National Banking and Securities Commission and the Ministry of Finance and Public Credit through its Financial Intelligence Unit, oversee risks related to anti-money laundering, counter-terrorism financing, and compliance with international sanctions, all of which are directly linked to geopolitical factors.

From a corporate governance standpoint, the board of directors bears responsibility for identifying and managing strategic risks, including geopolitical risks, as part of its fiduciary duties. Audit and risk committees are typically tasked with monitoring such matters and reporting to the board.

With respect to compliance with international sanctions, Mexico is bound to adhere to sanctions issued by the United Nations Security Council. Although there is no legal framework mandating compliance with unilateral sanctions imposed by other jurisdictions, Mexican companies with international operations are, as a practical matter, required to observe such sanctions in order to mitigate the risk of market exclusion or the imposition of economic penalties.

Accordingly, the board of directors is expected to oversee the implementation of internal controls designed to prevent transactions with sanctioned entities or jurisdictions, in alignment with the requirements of the Financial Intelligence Unit and recognised best practices in corporate governance.

In January 2025, the National Banking and Securities Commission announced an amendment to the regulatory framework applicable to issuers in the securities market, mandating the adoption of the international standards IFRS S1 and S2, issued by the International Sustainability Standards Board (ISSB). These standards establish criteria for the disclosure of climate-related information, as well as sustainability-related risks and opportunities that may affect a company’s financial position.

Entities that prepare their financial statements under Mexican GAAP must include the disclosures required by the NIS to comply with the NIS conceptual framework, which may pose a significant challenge for organisations in 2026. Meanwhile, regulated entities – such as financial or insurance institutions, as well as entities listed on the Mexican stock exchange – must comply with the sustainability reporting requirements set out by their respective regulators. Any other entity may choose to adopt the NIS to report sustainability information voluntarily.

Importance of Data Collection and Disclosure

• Regulatory compliance: Collecting the 30 BSIs (Basic Sustainability Indicators) and disclosing them within financial statements demonstrates that an entity is aligned with industry best practices and compliant with current regulatory frameworks.
• Enhancement of corporate governance: Documenting internal controls, risk assessments, and operational processes strengthens the control environment. This facilitates effective oversight by governing bodies, such as the board of directors or the audit committee.
• Reputation and trust: For third-party stakeholders (investors, financial institutions, and tax authorities), a robust analysis of the BSIs serves as an indicator of operational maturity and regulatory adherence. However, due diligence must be exercised to avoid “greenwashing” risks.
• Risk mitigation: The data collection process compels the entity to identify material weaknesses, enabling the implementation of remedial actions before these weaknesses escalate into significant financial or legal liabilities.

Furthermore, the integration of these sustainability disclosures is deeply rooted in the principles of the Mexican Code of Principles and Best Corporate Governance Practices. By aligning ISSB standards with the Code’s recommendations, entities reinforce their commitment to transparency, professional ethics, and institutional stability. This synergy ensures that the board of directors and specialised committees have the high-quality, verifiable data necessary to fulfil their fiduciary duties, ultimately fostering a corporate culture of accountability that meets both domestic governance expectations and international financial standards.

In May 2024, the Mexican Council for Financial Reporting and Sustainability Standards (Consejo Mexicano de Normas de Información Financiera y Sostenibilidad), published the first two Mexican Sustainability Standards (Normas de Información de Sostenibilidad or NIS) applicable to all entities that report their financial statements under Mexican Financial Reporting Standards.

• NIS A-1, Conceptual Framework for Sustainability Information Standards, establishes the basis for the development of specific sustainability standards and their application in preparing sustainability information for an entity, and sets quality requirements for this information.
• NIS B-1, Basic Sustainability Indicators, requires the determination and disclosure of Basic Sustainability Indicators, which represent universally applicable metrics that provide the entity and the users with a clear understanding of the entity’s sustainability status.

In January 2025, the National Banking and Securities Commission announced an amendment to the regulatory framework applicable to issuers in the securities market, mandating the adoption of the international standards IFRS S1 and S2, issued by the ISSB. These standards establish criteria for the disclosure of climate-related information, as well as sustainability-related risks and opportunities that may affect a company’s financial position.

As of 2026, companies operating in Mexico and listed on the Mexican stock exchange will be required to disclose information regarding the actions undertaken during 2025 in matters of sustainability. This requirement constitutes a significant shift in the manner in which organisations must report their performance and risks, incorporating for the first time environmental, social and governance (ESG) impacts into their annual financial statements.

Sustainability information has become particularly relevant for investors, analysts, financial institutions, regulators, members of the value chain, and tax authorities (when there are tax benefits involved), which requires entities to generate and provide reliable, relevant, clear, comparable, and verifiable information. The Mexican Sustainability Reporting Standards were issued in response to the need for users to access such information.

Mexico does not currently have a statute imposing AI-specific board composition rules, mandatory committees, or dedicated board-level AI oversight duties across all companies. In practice, oversight is built from general corporate and regulatory obligations. For ordinary private companies, administrators are vested with corporate representation and are liable for duties arising from the law, by-laws and mandates; they must also preserve confidentiality and are jointly responsible for the existence and maintenance of the company’s accounting, control, recordkeeping, archive and information systems. That framework is broad enough to capture AI material where AI affects decision-making, data governance, operational control, or legal compliance, but it does so indirectly, not through AI-specific rule.

There is also no Mexican law currently requiring a dedicated technology committee or AI committee for all companies. Listed issuers already operate through audit and corporate-practices committee structures, and regulated entities in sectors such as finance may face additional sectoral governance, operational-risk, model-risk, outsourcing, cybersecurity and internal-control requirements. Whether those sectoral overlays apply depends on the entity’s status and activity, not on AI use alone.

For Mexican law the only directly relevant domestic AI document is the Chapultepec Principles (Principios de Chapultepec) of January 2026, which is expressly framed as an orientating ethical declaration, not as binding legislation. This document states that AI-supported decisions must have human responsibility, that non-explainable decisions should not be automated, and that AI governance should be collective and rights-based. Those principles are important as a federal policy signal, especially for public policy and institutional design, but they are not yet binding hard law.

As mentioned in 8.1 Board Oversight of AI, there is no AI governance act in force, so AI-use risks are addressed through a combination of constitutional rights, corporate governance duties, securities disclosure rules, private- and public-sector data protection laws, consumer protection, cybercrime rules, civil liability, and sector-specific regulation. Reputational risk does not operate as a legal category of enforcement, but it is legally relevant because it often results in misleading disclosures, consumer deception, discrimination, privacy violations, cyber incidents, securities misstatements, or moral damages claims.

During 2025, Mexico saw a clear acceleration of congressional AI initiatives and policy discussions, including proposals seeking risk-based AI regulation, transparency duties, governance standards, sanctions and ethical safeguards; however, none of those proposals matured into a comprehensive federal AI statute. In parallel, the transparency and data protection framework was undergoing post-2025 transition, which matters for AI enforcement because many AI risks in Mexico are still channelled through data protection law.

In terms of who is typically responsible, Mexican law does not yet prescribe a mandatory AI governance map. From a corporate governance standpoint:

• the board usually owns strategy and risk;
• the audit or risk committee typically oversees internal controls, data governance, cybersecurity, incident reporting and assurance;
• a technology, digital or innovation committee may exist in larger groups, but this is a matter of governance design rather than a statutory requirement; and
• the management body usually carries day-to-day responsibility through legal, compliance, privacy, security, technology, product and HR functions.

An internal audit or a compliance-monitoring function commonly provides assurance.

Misgoverned AI Use

The principal liability exposure for boards and officers in Mexico currently arises not from a dedicated AI statute, but from misgoverned AI use under existing laws as mentioned previously. The first and most obvious exposure is data protection. In the private sector, controllers must maintain administrative, technical and physical security safeguards, notify significant security breaches, and allow ARCO (access, rectification, cancellation (erasure) and opposition) rights, including opposition to certain automated processing. Non-compliance can trigger administrative proceedings before the competent data-protection authorities under the post-2025 framework.

Failure to Disclose

A second major exposure is disclosure failure for listed issuers. Mexican securities law does not impose an AI-specific disclosure chapter, but it does require issuers to disclose relevant events immediately, to provide full relevant information in connection with such events, and to include risk factors and contingencies in offering materials and annual reporting. If AI strategy, cyber-compromise, regulatory investigation or material dependence on AI is significant enough to affect the issuer’s operations, financial condition, legal position or market price, omission or under-disclosure can expose the issuer, directors and officers to regulatory sanctions and civil claims.

Unfair Practices

A third exposure is consumer law and unfair practices. The Federal Consumer Protection Law requires advertising and information to be truthful, verifiable and clear, and prohibits misleading or abusive content. AI-enabled chatbots and marketing can therefore create liability if they mislead consumers, conceal the nature or limits of the system, or produce discriminatory or abusive outcomes. The consumer protection agency (Procuraduría Federal del Consumidor – PROFECO) can investigate and impose sanctions.

IP, Confidentiality and Cybersecurity

A fourth exposure concerns IP, confidentiality and cybersecurity. Mexico has no enacted horizontal AI rule that comprehensively addresses ownership of AI-assisted outputs – therefore, existing copyright, industrial property, trade secret and contract rules continue to apply. At the same time, cyber intrusions into AI environments, unauthorised access to systems, data exfiltration and misuse of protected information may trigger both civil and criminal consequences under general information system offences and secrecy rules. Enforcement may therefore come from data protection authorities, PROFECO, the National Banking and Securities Commission, shareholders and investors, the civil courts, IP authorities (Instituto Mexicano de la Propiedad Industrial – IMPI/Instituto Nacional del Derecho de Autor – INDAUTOR) and criminal prosecutors.

For boards and officers specifically, the practical test in Mexico is whether AI-related conduct falls within existing duties of care, loyalty, confidentiality, internal control, lawful information handling and market disclosure. In listed companies, that link is strong and direct. In private companies, it is less codified but still real under the L.G.S.M., and general civil/commercial principles.

Mexico does not currently impose a standalone, cross-sector requirement for companies to disclose AI use, AI governance or AI incidents merely because they involve AI. There is no general Mexican equivalent, as of today, to a universal AI-reporting statute for annual reports or sustainability reports. Instead, disclosure turns on materiality, sector and document type.

For listed issuers, AI-related disclosure obligations are captured through the ordinary securities framework. Prospectus and offering materials must include the issuer’s risk factors and contingencies; annual reporting under National Banking and Securities Commission rules is built around risk-factor disclosure; and issuers must immediately disclose relevant events once known, together with all relevant information relating to them. Accordingly, if AI is materially linked to the issuer’s business model, internal controls, cybersecurity posture, product functionality, regulatory exposure, litigation, reputation, or operational continuity, it may need to be disclosed even though the rulebook does not say “AI” expressly. The same applies where an issuer’s public statements about AI are incomplete, imprecise or confusing.

For annual reports and sustainability-type reporting, the key point is that Mexican law presently works through general risk-disclosure logic rather than AI-specific line items.

For private non-listed companies, there is generally no duty to publish AI strategy or AI incidents to the market. The Chapultepec Principles reinforce human responsibility as policy expectations, but they do not yet create a hard-law disclosure regime.