Contributed By GPG Advisory Partners
Despite the complex economic situation in Argentina, the country’s fintech market has continued to grow over the past year.
According to the latest surveys, the local ecosystem now comprises approximately 343 companies. There was an 11.5% compound annual increase in the number of projects between 2021 and 2023, rising from 276 to 343. Four out of ten fintech projects founded in Argentina are present in at least one other country. Besides the 343 local fintech projects already mentioned, there are a further 67 foreign projects operating in the country, giving a total of 410 fintech projects in the Argentine market.
In terms of payments, the amount of digital payment accounts increased by 38% in 2023, reaching 47 million. There were 422 million immediate transfers made between accounts provided by different entities (117.8% year-on-year), amounting to ARS19.4 billion (24.1% year-on-year), 67.2% of which originated or ended in a virtual account. Additionally, transfers made between virtual accounts provided by the same entity exceeded 185.7 million transactions (120.8% year-on-year), amounting to ARS1.3 billion (86.9 %year-on-year).
When it comes to credit, fintech companies have expanded their customer base to around 550,000 people in the first half of 2023, reaching five million. In this context, one out of every three loans granted in Argentina in the last year came from a fintech company.
On the cryptocurrency front, Argentina was ranked fifteenth in the world and second in Latin America in the 2023 Chainalysis Global Crypto Adoption Index.
Looking ahead, the fintech sector is expected to continue growing and developing in the next 12 months, with an increase in the number of transactions, customers and businesses. This is mainly because of the recent change of administration in the federal government, which leans towards promoting citizens’ liberties and freedom of choice in the market.
In Argentina, the payments and crypto verticals are the predominant business models.
In the payments vertical, emerging businesses are innovatively using technology and combining it with traditional businesses to speed up, expand and consolidate different payment mechanisms into a single platform, reducing the cost of payment processes.
In the crypto vertical, most crypto-asset exchanges operating in Argentina allow their users to acquire various types of cryptocurrencies and provide access to decentralised finance (DeFi) products.
In the lending vertical, the predominant business model involves companies that provide credit financing with own funds, using innovative processes to get clients on board and assess their credit ratings.
In addition, there have been important new projects and start-ups in the regtech sector and in the provision of IT services to financial institutions and fintech companies, as well as in the use of blockchain technology.
There is no centralised regulatory framework governing the entire fintech ecosystem in Argentina. Instead, there are separate regulations scattered throughout the legal system, with some issues receiving more detailed regulation than others. In the following paragraphs, we review the regulations that apply to the main fintech verticals.
Payments Verticals
The Credit Cards Law No 25,065 (CCL) applies not only to credit card payment systems but also to debit cards, “exclusive purchase cards” and any other payment system related to credit card operations. Financial Entities Law No 21,526 (FEL) applies to financial entities that provide payment services.
Before 2020, e-money systems were not expressly covered by any specific regulation within the Argentine domestic legal framework. The Argentine Central Bank (el Banco Central de la República Argentina or BCRA) therefore issued a series of communications in 2020, aimed at regulating these businesses, which have been named “payment service providers that offer payment accounts” (proveedores de servicios de pago que ofrecen cuentas de pago or PSPCPs). Throughout 2021, 2022 and 2023, the BCRA issued further regulation for payment service providers, incorporating new possible roles, including, among others, initiation, acquiring, aggregation or sub-acquiring, and non-bank agencies that collect payment of taxes and/or services.
In addition, all these businesses will also be subject to the Civil and Commercial Code (CCC), Consumer Protection Law No 24,240 (CPL), Personal Data Protection Law No 25,326 (PDPL) and Digital Signature Law No 25,506 (DSL), among others.
Online Lending Businesses
Online lending businesses are mainly regulated by the CCC, as regular lending operations, in addition to the CPL, PDPL and DSL.
However, in 2020 the BCRA amended the rules regarding “non-financial credit providers” (proveedores no financieros de crédito or PNFC), aimed at companies that, based on their last financial statements, granted credit in excess of ARS10 million and are not financial institutions.
In addition, in 2021 the BCRA regulated crowdlending businesses, which have been named “providers of credit services between individuals through platforms” (proveedores de servicios de créditos entre particulares a través de plataformas or PSCPP).
Equity crowdfunding is regulated by Entrepreneurial Capital Support Law No 27,349 (ECSL) and Securities and Exchange Commission (Comisión Nacional de Valores or CNV) Resolution No 717/17, which was amended by Resolution No 942/2022.
Regtech Businesses
Regtech businesses, the provision of computer services and innovations in the use of blockchain technology are regulated by the CCC, the DSL and Intellectual Property Law No 11,723 (IPL).
Public Offerings of Securities, Securities Markets and Exchanges
Capital Market Law No 26,831 (CML) regulates public offerings of securities, securities markets and exchanges, and intermediaries operating in such markets; it also covers the public offering of term contracts, futures and options, their markets, clearing houses and intermediaries.
Insurtech
Insurtech activities fall under the general rules of Insurance Law No 17,418 (IL).
General
Many of the companies involved in these businesses will also be subject to Anti-money Laundering Law No 25,246 (AMLL). A draft law to amend the AMLL to comply with FATF’s requirements was approved by the House of Representatives. The draft is pending approval by the Senate House. If approved, Virtual Asset Service Providers (Proveedor de Servicios de Activos Virtuales or PSAVs), and any entity that the BCRA decides to extend the applicability of the Financial Entities Law to, will become reporting subjects to the Financial Information Unit (Unidad de Información Financiera or UIF). The draft also establishes a registry of PSAVs and CNV as the competent authority.
Compensation models vary from business to business and vertical to vertical.
Businesses related to payments verticals are usually compensated through transactional commissions that are ultimately borne by the affiliated businesses.
The crypto-asset exchanges frequently charge a fee for their services or include their earnings in the prices of the cryptocurrencies that can be purchased or sold on their platforms.
Businesses related to lending verticals are compensated through the interest rate charged to the borrower. It is important to mention that case law exists that limits the interest applicable to loans when such interest is deemed excessive.
In regtech undertakings and the provision of IT, as well as blockchain, and services to financial institutions and fintech companies, the compensation model is freely agreed between the parties (ranging from fixed amounts to variables per transaction).
While legacy players’ activity tends to be highly regulated and centralised by the BCRA and the CNV, the regulation applicable to the fintech industry is more flexible and, as mentioned in 2.2 Regulatory Regime, there is no centralised regulatory framework governing the entire fintech ecosystem. Nevertheless, the BCRA and the CNV do issue specific regulations on certain verticals.
Unlike financial institutions, in some cases, prior authorisation from a state agency is not required to carry out or operate a fintech business.
There are also some distinctions from a tax perspective between transactions carried out by or through financial institutions and transactions carried out by or through fintech companies.
However, it is likely that such distinctions will gradually disappear.
There is no regulatory sandbox in Argentina. However, in April 2022, the CNV launched an “Innovation Hub” aimed at those entities with service technology projects and/or innovative financial products that are linked to the capital market. This was to be the first step towards a possible CNV regulatory sandbox, which was ultimately not launched in 2023.
Just as fintech regulations are scattered (as mentioned in 2.2 Regulatory Regime), so too is the jurisdiction of the regulators involved in the sector.
The BCRA
The BCRA has jurisdiction over entities engaged in regular intermediation between the supply and demand of financial resources (financial institutions) that fall within the scope of FEL. It is responsible for the regulation and supervision of monetary policy, credit policies and exchange control regulations. In addition, the BCRA has competence in payments and can expand its regulatory purview to other activities when deemed necessary, considering the volume of operations and their impact on credit and monetary policies.
The CNV
The CNV is responsible for implementing the CML. It has jurisdiction and oversight over various areas, including public offerings, brokerage entities, collective investment schemes, and securities exchanges and markets. As mentioned in 2.2 Regulatory Regime, if the amendment of the AMLL is approved, the CNV will also be the authority of PSAVs.
The AAIP
Another relevant regulator is the Public Information Access Agency (Agencia de Acceso a la Información Pública or AAIP), which is the implementing authority of the PDPL.
The UIF
The UIF is the implementing authority of the AMLL.
The SSN
The Superintendence of Insurance (Superintendencia de Seguros de la Nación or SSN) has jurisdiction over the Insurance Law (IL), supervising the activities of producers, intermediaries, and insurance and reinsurance entities.
Financial institutions may outsource several functions to third-party vendors. However, this activity is regulated by the BCRA, which must be informed of such arrangements and which may carry out inspections of the premises and activities of the vendors. Despite this, the outsourcing of regulated functions does not release a financial institution from its obligations vis-à-vis its clients and the BCRA.
Fintech providers are under no specific legal obligation to act as gatekeepers.
At the same time, these entities fall under the general security and diligence obligations contained in the CCC, the CPL and the PDPL and must therefore ensure that their platforms operate adequately.
In addition, depending on the nature of the business, fintech companies could fall within the scope of the AMLL and be considered as reporting entities under the regulations, subject to registration, know your customer (KYC) and suspicious transaction reporting obligations.
When the scope of the services provided by fintech companies is not well defined or fintech companies engage in activities that fall within the scope of the FEL or the CML, without the corresponding authorisations, both the BCRA and the CNV may initiate summary investigations.
The CCC
As mentioned in 2.2 Regulatory Regime, all fintech businesses fall under the provisions of the CCC, based on the similarities of their operations with nominated businesses provided for in the CCC. In addition, the general rules applicable to contracts and obligations under the CCC include the following topics:
The DSL
The DSL also applies since this regulation incorporates the concepts of digital documents, electronic signatures and digital signatures into the Argentine legal framework and establishes the terms of equivalence between these new concepts and the concepts of material documents and handwritten signatures.
The PDPL
The PDPL establishes several rights that companies must recognise regarding personal data holders. It also limits the way data can be collected and processed and mandates specific actions that companies must take before the competent authority.
The CPL
B2C business is subject to the CPL, which is designed to protect consumers as the weaker party in contractual relationships.
Regulation of Cybersecurity
There is no uniform set of rules regarding cybersecurity. Responsibility (including the indemnification regime) arising from the loss of information by fintech companies is governed, in principle, by the CCC, the CPL and the PDPL. Resolution 47/18 issued by the AAIP sets forth a series of recommended security measures aimed at facilitating compliance with the PDPL, including matters related to the collection of personal data, access control, control of changes, back-up and recovery, vulnerability management, information destruction, security incidents and development environments.
Regarding financial entities, BCRA Communication “B" 11847 establishes the obligation to communicate any security incident to the external audit management.
Through Communications “A” No 7266, No 7328 and No 7463, among others, the BCRA issued a series of “Guidelines for response and recovery from cyber incidents” and measures to mitigate fraud targeted at PSPCP, digital wallets and payment initiation services. Later in 2023, the BCRA issued Communication 7783 with a new regulation to address risks related to technology and information security in digital financial services. This new standard is applicable to both financial entities and payment service providers.
Regulation of Social Media
Social media and similar tools are not subject to any specific regulation, and are mainly governed by the CCC, the PDPL and the CPL. In addition, there is relevant case law regarding the responsibility of companies administering these kinds of tools.
Regulation of Software Development
Software development is basically regulated by the CCC and the IPL.
In addition to regulators, there are other relevant players actively involved in the sector. The most important fintech companies are grouped in the Argentine Fintech Chamber, and different bank associations represent the interests of financial institutions. There are also important organisations that promote the use of blockchain technology in its various forms.
In Argentina, there are several cases of industry participants offering unregulated products and services in conjunction with regulated products and services.
Many fintech companies offer unregulated products and services in conjunction with regulated products.
For example, Mercado Libre (an Argentine company that hosts the largest online commerce and payments ecosystem in Latin America) operates simultaneously from a single entity as a PSPCP, a PNFC and a marketplace, and offers its clients the possibility to invest in funds administrated by different companies.
In addition, the BCRA has allowed financial institutions to participate in fintech companies and provide unregulated services through these companies.
Notwithstanding this, it is worth mentioning that in May 2022 the BCRA prohibited financial institutions from carrying out or facilitating their clients to carry out operations with crypto-assets, which was also extended to PSPCPs in May 2023, banning these companies from carrying out and facilitating crypto-asset transactions for their clients.
The anti-money laundering rules impact many fintech businesses, given that many of the companies that carry out these businesses fall expressly under the orbit of the AMLL. For example, PSPCPs that issue prepaid cards, or facilitators, aggregators or groupers of credit card payments.
On the other hand, many fintech companies that are not yet formally considered as reporting entities under the AMLL still act as if they were; for example, crypto-asset exchanges. There is a draft pending Senate House approval that provides for the express inclusion of these entities under the AMLL.
For further information, see 2.2 Regulatory Regime,2.6 Jurisdiction of Regulators, 2.8 Gatekeeper Liability and 7.3 Impact of the Emergence of Cryptocurrency Exchanges.
Robo-adviser services can vary, ranging from financial advice to the possible assumption and automated management of the client's investment portfolio based on their profile.
Robo-advisers are subject to the same regulations applicable to agents (brokers and investment managers) who are authorised to participate in exchanges and markets under the CML and CNV regulations.
Through its rules and general resolutions, the CNV regulates different figures that could use robo-advisers as an investment tool. Therefore, the use of a robo-adviser by an agent regulated by the CNV will be subject to the general rules applicable to such activity.
Legacy players continue to carry out their activities within the existing legal framework.
Although robo-advisers are gaining increasing popularity among investors, traditional players have not yet widely implemented the use of robo-adviser solutions.
In line with international guidelines, proper execution of client operations involves knowing the integral profile of the client (their risk profile as well as their financial expectations) and, on the basis of this information, providing advice in a reasonable manner that is personalised and consistent between the profile of the investor and the recommended trade.
When the online lender is a financial institution (which finances its loans with third-party deposits), the activity is heavily regulated by the BCRA in order to safeguard the funds of the general public. In this sense, there are restrictions on the amount of the loans that can be granted, the concentration among sectors, etc.
Where the online lender is a fintech company (in which case, the main source of funds is own capital and the securitisation of previous loans), its lending activity may be subject to the PNFC regulations mentioned in 2.2 Regulatory Regime, which establish the need to register and report to the BCRA, as well as a series of information duties addressed to its clients, and certain obligations and conditions applicable to its operation, including how to calculate rates and impose additional charges, how their contracts should be redacted, and how to handle claims.
Fintech lenders tend to cater to the credit market, which is not usually covered by traditional lenders; ie, individuals with insufficient credit records.
Fintech companies operating in the online credit market rely on various digital onboarding systems to identify and link with clients remotely, using digital documents and electronic signatures. However, these systems vary in terms of their security measures.
To reinforce customer identification and credit risk prediction, these companies are increasingly utilising the opportunity to collect, process, and cross-check customer information.
Recently, the BCRA and the UIF have also authorised banks to introduce a fully digital onboarding experience, which has led to the emergence of 100% digital financial entities.
See 4.1 Differences in the Business or Regulation of Loans Provided to Different Entities and 4.4 Syndication of Loans.
Although they are not a syndication of loans in the traditional sense, crowdlending platforms that currently operate in the local market (where loans are funded by several investors through the platform) could be regarded as a case of syndication of loans.
This activity is subject to the PSCPP regime mentioned in 2.2 Regulatory Regime, which establishes the need to register and report to the BCRA, as well as a series of information duties addressed to the platform’s clients, and certain obligations and conditions applicable to its operation, including the obligation to segregate the funds of its clients. Under certain conditions, PSCPPs may provide credit analysis, administration and collection management services.
Payment processors can use existing payment rails or create and implement new payment rails.
In January 2020, the BCRA imposed the PSPCPs regime mentioned in 2.2 Regulatory Regime, which establishes the need to register and report to the BCRA, as well as a series of information duties addressed to the processor’s clients, and certain obligations and conditions applicable to its operation, including the obligation to segregate the funds of its clients and the obligation to refund client funds immediately upon request.
Over the past couple of years, the BCRA has promoted interoperability among different PSPCPs and among PSPCPs and banks. For this purpose, it has created the so-called Uniform Virtual Code (CVU) to identify virtual accounts provided by PSPCPs and introduced standards for payments through rapid-response codes (QR codes) to make it possible for customers of one payment system (a banking account or a virtual account provided by a PSPCP) to execute payments in shops added in a different payment system. At the very beginning, this was only available for payments with account balance.
In 2022, the BCRA established a regulatory framework for “payments initiation services providers” (proveedores de servicios de iniciación de pagos or PSI), requiring their registration, among other things. Likewise, the BCRA regulated “pull” transfers, empowering PSIs and PSPCPs to initiate payments. Technical specifications were finalised during 2023.
During 2022, the BCRA established special authentication and cybersecurity requirements for PSIs and PSPCPs, stipulated special responsibilities with regard to consumer protection for the companies involved in these businesses, and required the entire financial industry to implement certain anti-fraud measures. Many of these measures were strengthened and reinforced for all payment service providers during 2023, as discussed in 2.10 Implications of Additional, Non-financial Services Regulations.
In 2023, the BCRA regulated new roles of payment service providers and required these players to register. The roles are acquiring, aggregation or sub-acquiring, and non-bank agencies that collect payment of taxes and/or services. In addition, in 2023, the BCRA reinforced the interoperability of QR codes by extending them to credit cards. The effective date of the obligation to implement QR code interoperability for credit cards has been postponed several times, and as of the latest amendment, the effective date is set for May 2024.
Argentina has a series of exchange control regulations aimed at restricting the outflow of foreign currency.
In this sense, and broadly speaking, specific requirements are applicable to the inflow of funds, and the remittance of funds outside the country may, depending on each particular case, be restricted or subject to the prior authorisation of the BCRA.
Investment funds are regulated by Law No 24,083 (IFL) and by the CNV regulations.
Within this regulatory framework, the management and administration of investment funds must be carried out by an authorised stock corporation (sociedad gerente) or by a financial entity authorised under FEL to act as a portfolio manager of marketable securities.
In addition, the entities responsible for the management of the investment fund usually resort to advisory, processing and back-office services provided by third parties.
In Argentina, certain aspects of the contracts between companies that manage investment funds and their advisers or service providers are regulated.
The terms of these contracts tend to reflect and cover the obligations applicable to fund managers, seeking to ensure the performance and effectiveness of the operation of the investment fund.
In addition to the traditional exchanges and markets regulated by the CML and the CNV resolutions, there are emerging crowdfunding businesses, such as crowdfunding platforms connecting borrowers with lenders, and a significant number of crypto-asset exchanges.
As mentioned in 2.2 Regulatory Regime and 4.4 Syndication of Loans, only equity crowdfunding and crowdlending have been expressly regulated. The remaining crowdfunding business models fall within the scope of the general provisions of the CCC, among other regulations.
With respect to crypto-asset exchanges, see 7.3 Impact of the Emergence of Cryptocurrency Exchanges.
See 7.1 Permissible Trading Platforms.
The regulatory treatment of crypto-assets in Argentina depends on their nature, with some being considered marketable securities and therefore subject to the provisions of the CML. This interpretation was provided by a communication posted on the CNV’s website in December 2017.
Although crypto-asset exchanges are not regulated as such, if crypto-assets that could be assimilated into marketable securities are traded on a specific exchange, the exchange in question would fall within the scope of the CML.
With respect to anti-money laundering regulations, crypto-asset exchanges are not yet formally considered as subject to reporting requirements. However, in practice, crypto-asset exchange administrators act as reporting entities subject to the AMLL, identifying their clients, tracking their operations, and even reporting suspicious operations.
The National Congress is expected to enact a bill that amends the AMLL and classifies PSAVs as reporting entities. In this context, the CNV has requested to be designated as the authority responsible for maintaining a PSAV registry.
In addition, exchange control and tax regulations refer to crypto-assets.
In April 2023, the CNV approved regulation on the trade of Bitcoin future contracts based on the index “Bitcoin Matba Rofex Index”, by Matba Rofex, a market authorised by the CNV. The initiative is part of the Innovation Hub hosted by the CNV back in 2022. The new set of rules determines a reference index based on the input of Bitcoin price information provided by different entities that offer operations in the BTC/ARS pair. Trading and settlement are in Argentine pesos – no actual Bitcoin is traded because the underlying assets is not the crypto but the index. As announced by the CNV and Matba Rofex, these contracts will initially only be offered to qualified investors. However, Matba Rofex must include warnings to alert investors of the risks associated with this type of operation.
Within the context of equity crowdfunding mentioned in 7.1 Permissible Trading Platforms, equity crowdfunding platforms must review and select the projects that will be offered for financing. For this purpose, a project selection guide must be prepared that must include objective, reasonable and non-discriminatory parameters applying measurable and consistent criteria. In addition, the platform must contemplate procedures to inhibit or cancel potentially fraudulent projects.
CNV rules set down the guidelines on how agents must execute orders placed by investors. In this respect, it is established that orders must be executed in the terms given by the clients and promptly entered into the order registration system of the market. Furthermore, the agents are required to have procedures in place that allow them to enter orders into the computer trading system of the interconnected market where the best market conditions are available to their clients, while the system used by the agent for the placement of orders must ensure the accurate registration of the order in the transaction ticket.
In addition, the CNV has specific rules for equity crowdfunding (see 7.1 Permissible Trading Platforms).
In addition to the crowdfunding platforms already mentioned, crypto-asset exchanges that operate in a decentralised manner have also emerged from smart contracts stored on the blockchain that allow the execution of peer-to-peer transactions.
These exchanges have no specific regulation, and the prevailing doctrine is that responsibility for an exchange’s operation lies with whoever implemented the exchange, although the supervision of these platforms gives rise to important and obvious challenges.
Equity crowdfunding platforms allow for direct interaction between investors and entrepreneurs. In this sense, it is understood that these platforms must take all the necessary actions and measures that might be required to guarantee a reliable, predictable and more formal financial environment for the client, to properly assess the risks involved in investing in, or proposing, a project.
In Argentina, the practice of payment for order flow is not well regarded as this could affect market transparency and would be contrary to the duty of loyalty and diligence owed to investors.
The CML recognises the following principles:
Within this context, the following are considered contrary to market integrity:
The creation and use of these technologies in Argentina are regulated by the markets and exchanges that operate in the country as part of the self-regulating powers granted by the CML and CNV regulations.
CNV regulations specifically delegate to each market and exchange the drafting of the rules and registry applicable to market makers. CNV regulations only stipulate certain minimum requirements that the markets must follow when issuing the rules that regulate the activity. In 2023, the CNV issued Resolution 951/2023, which incorporated amendments to the regulation for market makers. Certain broker dealers are allowed to perform as market makers under certain conditions specified in the regulation. Each market must have a registry of its market makers. Market makers can only operate in this capacity for instruments they are authorised to handle by the respective market.
In Argentina, the regulations do not distinguish between funds that engage in these activities and dealers engaged in these activities.
There is no specific regulation regarding the creation of trading algorithms and other electronic trading tools. These kinds of tools are subject to the regulations set forth by each of the markets and exchanges that operate in the country as part of the self-regulating powers granted by the CML and CNV regulations, as well as the general rules of the CCC and the IPL.
Currently, there is no specific regulation for DeFi. In this context, DeFi is governed by the CCC rules as well as the IPL, the CML, the CPL, the PDPL and the DSL, among other laws.
Financial research platforms are not subject to registration. However, their activities are regulated by different sets of rules.
Certain legal provisions issued by the CNV, within the context of public offerings, set forth prohibitions regarding the use of privileged information, and the manipulation and deception of the market. For further information about market principles, see 7.9 Market Integrity Principles.
In addition, the CCC rules on civil liability, the provisions of the Criminal Code regarding crimes against the economic and financial order, and the CPL, among others, could also apply.
See 9.2 Regulation of Unverified Information.
In recent years, the insurance contracting process has become increasingly flexible and agile by taking advantage of the possibilities of digitalisation. For example, the SSN has allowed insurance companies to issue policies with digital signatures, and to receive instructions from their customers through digital platforms.
In addition, with the increased ability to obtain and process information about policyholders and the risks that fall on insured assets, insurance companies have been steadily improving their results.
Each of the different types of insurance (eg, life, property and casualty) has its specific regulation, as provided by the IL and SSN rules, mainly set up before the rise of insurtech.
See 2.2 Regulatory Regime and 2.7 Outsourcing of Regulated Functions.
Contractual terms regarding the provision of technology services are established on a case-by-case basis from the negotiations of the respective parties, since the outcome of such negotiations will vary on a case-by-case basis according to the negotiating strength of each party in a particular case.
Financial services firms try to impose the following contractual terms on technology providers, among others:
Many traditional players are using (or planning to use) blockchain technology in order to improve the processing, management and storage of information, as well as to automate the execution of certain processes, execute transnational payments, and tokenise and trade financial assets.
Research and exercises are currently being carried out between financial institutions and private sector providers.
There is no specific regulation regarding blockchain technology in Argentina.
However, it is generally understood that the existing regulations in the DSL and the CCC regarding digital documents, and electronic and digital signatures, are sufficient to allow the use of blockchain technology, although, in practice, this should be reviewed on a case-by-case basis.
Regulators have so far limited themselves to warnings and making consumers aware of the risks involved in the use of this technology. In addition to the CNV statement mentioned in 7.3 Impact of the Emergence of Cryptocurrency Exchanges, in 2014 the BCRA published a general public announcement that, although alerting the public to the disadvantages and risks of cryptocurrencies, also confirmed that their use was not restricted under its regulations. In a similar position, in 2021 the BCRA along with the CNV published a general warning regarding the risks associated with cryptocurrencies, highlighting the importance of providing investors with complete and accurate information about the risks involved in such investments.
New regulations targeting PSAVs are expected to be issued in the near future, and a prior authorisation regime may be introduced. For further information, see 7.3 Impact of the Emergence of Cryptocurrency Exchanges.
There are no specific regulations applicable to crypto-assets. However, as mentioned in 7.3 Impact of the Emergence of Cryptocurrency Exchanges, it is possible that certain crypto-assets could be assimilated into marketable securities. This could be the case with what are commonly known as “security tokens”, which are crypto-assets that represent or function as marketable securities.
As such, tokens that function as currency (payment tokens or cryptocurrencies) and tokens that function as digital coupons, granting access to services or functionalities (“utility” or “user” tokens, or appcoins), do not fall within the scope of the CML and the CNV.
In Argentina there is no specific regulation applicable to issuers of blockchain assets, although, as mentioned in 12.3 Classification of Blockchain Assets, where crypto-assets are security tokens that could be assimilated into marketable securities, the issuance of such assets would fall under the provisions of the CML.
Also, see 7.3 Impact of the Emergence of Cryptocurrency Exchanges.
See 7.3 Impact of the Emergence of Cryptocurrency Exchanges and 7.6 Rise of Peer-to-Peer Trading Platforms.
In 2023, Banco Industrial (“BIND”) launched the first investment fund that includes investments in digital assets alongside instruments regulated by the CNV. The investment portfolio includes Bitcoin futures, and Argentine Depositary Certificates of Foreign Shares in tech companies and in fixed income assets.
In line with the CNV and BCRA’s interpretation of security tokens and utility tokens, it could be understood that cryptocurrencies have a different character and as such there is no restriction on their use as a means of payment or investment.
DeFi platforms are not expressly regulated in Argentina (see 12.2 Local Regulators’ Approach to Blockchain).
NFTs have not yet been subject to specific regulation in Argentina.
In this context, NFTs are governed by the CCC rules as well as the IPL, the CML, the CPL, the PDPL and the DSL, among other laws.
For further information, see 12.3 Classification of Blockchain Assets.
In recent years, both the BCRA and the UIF have incorporated some provisions supporting the open banking concept into their regulations – e.g., by allowing banks to share their clients’ information at their request within the framework of digital onboarding processes. However, these rules have not yet been fully implemented and adopted in practice by the industry and the absence of sufficient regulations prevents open banking’s full deployment.
Draft legislation on personal data protection exists (which, to a certain extent, replicates the EU’s General Data Protection Regulation). This draft legislation incorporates the right to personal data portability, thereby allowing for the consolidation of open banking. However, little progress has been made towards enacting this legislation.
In practice, some fintech providers have implemented platforms that allow clients to access all their bank accounts in different entities. For this purpose, fintech companies mainly use agreements with the different entities.
The novelty during 2022 was that the BCRA began to regulate “payment initiation services providers” (proveedores de servicios de iniciación de pagos or PSI) along with “pull” transfers, empowering PSIs and PSPCPs to initiate payments. Technical specifications were finalised during 2023 (see 5.1 Payment Processors’ Use of Payment Rails).
There is general agreement that this process could expose clients’ personal data due to the increase in information flow. It is in this context that a full open banking exercise will require that the protection of personal data is strengthened and reviewed.
Also, market players are concerned about compensation models, cybersecurity measures and how liability would be allocated among the different parties in the event of a breach.
The elements of fraud as it relates to financial services and fintech is similar to fraud as it relates to traditional financial institutions. The main law governing and punishing perpetrators of crimes related to fraud is the Criminal Code of Argentina (the “Criminal Code”), which applies to the entire country. Fraud can also give rise to civil liability for the involved companies. Fraud and scams are punished by law. Cyber fraud was incorporated into the Criminal Code in 2008. Cyber fraud punishes the crime of altering an online system with the purpose of defrauding someone. Fraud involves deception that causes financial loss to the victim.
Regulators are most closely focused on fraud involving the impersonation of users of financial services in the payments sector. The BCRA issued regulation related to the enrolment of accounts and cards in wallets, including security measures and consent of users. In 2023, the BCRA issued regulation on cybersecurity, providing for requirements for the onboarding of users, etc. See 2.10 Implications of Additional, Non-financial Services Regulations.
Av. Córdoba 315, 1st floor.
C1054AAC
CABA
Argentina
+54 11 4313 6644/6655
+54 11 4313 6644/6655
info@gpgadvisorypartners.com www.gpgadvisorypartners.com