The fintech industry has grown significantly in the Honduras since 2018 when a Fintech Congress, organised by the Inter-American Development Bank, took place.

Subsequently, the National Congress of Honduras held assemblies in which bills were discussed to regulate the services offered by these new entities, and this resulted in the publication of Decree No 83-2021 by which it was ordered to regulate the organisation, operation and functioning of national and foreign legal entities that provide payment and transfer services, as well as to regulate these services.

In this way, the fintech market has presented a great opening and has been a centre of investment for several foreign legal entities that have decided to expand their presence in the region and have opened operations in the country. There are also several initiatives of national companies that have been presented and have been placed in the market holding competitive positions.

Given the fact that fintech regulation has advanced, most fintechs in the country offer payment gateway services, e-wallets, payment networks, alternative lending, Bitcoin ATMs, payment facilitators, cryptocurrency and digital banking.

This is all regulated by the Central Bank of Honduras and the National Banking and Insurance Commission.

Previously it was mentioned that in Honduras we have regulations on electronic wallets, as well as the Law of Electronic Commerce and other legislation concerning activities similar to, or of the same nature as, the activities provided by the fintech. However, regulations issued by the Central Bank of Honduras, which are intended to comply with the order by Decree No 83-2021, empower the Central Bank of Honduras and the National Commission of Banks and Insurance to regulate the services offered by fintechs.

The regulations issued by the Central Bank of Honduras are:

• Regulation for Payment and Transfer Services Using Electronic Money; and
• Regulation for Services Offered by Electronic Payment Service Providers.

These rules, apart from being the most recent, are considered innovative, due to the challenge that the regulator assumes in entering and regulating the organisation, operation and functioning of national and foreign legal entities that provide fintech services through technological platforms in any of its broad areas.

It is worth mentioning that with the issuance of these new regulations, they come to complement the existing regulations that regulate financial services that are performed in a traditional or analogous way compared to the services offered by fintech, such as the Securities Market Law, Financial System Law, and others, which over time have fulfilled the role of dictating the basis of the procedures to be performed and the definitions that the regulator issues on the services to be offered, so that, in order to understand the regulatory regime that may be applicable to fintechs, the complementary use of the different laws, regulations and resolutions issued by the regulators is recommended.

The most recent regulatory development in the country is that in February 2024 the National Commission of Banks and Insurance issued a resolution in which it prohibits the institutions supervised by the National Commission of Banks and Insurance to maintain, invest, intermediate or operate with cryptocurrencies, crypto-assets, virtual currencies, tokens or any other similar virtual assets, which have not been issued or authorised by the Central Bank of Honduras as the country’s monetary authority, as well as not allowing their financial users to utilise the platforms to perform operations with the aforementioned instruments.

There are no legal restrictions regarding compensation models, therefore, it is up to the companies to decide which compensation models they would want to implement.

With the issuance of new regulations and resolutions issued by the regulators of financial institutions, the Central Bank of Honduras and the National Commission of Banks and Insurance, these have been complementary to existing regulations applicable to legacy players, so that the field of application previously structured by the regulators has served as a guide and support for the issuance of new fintech regulations, without prejudice to the evolution that may occur in such regulation which currently has a position merely of data collection and analysis to the category. This could mean that in the future the regulation could adopt the control and supervision character that is currently exercised by the regulations applicable to legacy players.

There is no legislation that allows regulatory sandboxes in Honduras, as of February 2024.

The institutions with the obligation to regulate and supervise fintechs, according to Decree No 83-2021, are:

• National Banking and Insurance Commission (CNBS) – the entity that supervises financial activities as well as those related to insurance, pensions and securities, including the utilisation and investment of funds and resources provided by the general public. It also monitors that proper systems of anti-money laundering and counter-terrorism financing are in place, as well as ensuring that players have adequate liquidity and solvency and that good practices are taken into account in order to minimise inherent risks of the activities carried out by supervised entities.
• Honduran Central Bank (BCH) – the institution in charge of formulating, developing and implementing the country’s monetary, credit and exchange policies, as well as organising, regulating and overseeing the payment systems.

Activities can be outsourced with the vendor that actually provides the service undertaking the responsibility to comply with any applicable regulation. There may be requirements for the hiring entity if the regulators consider it a necessary related party. If the outsourcing is for mere auxiliary functions or technological infrastructure, whatever activities are carried out would need to comply with the general obligations of the hiring party.

There are no mandatory contracts established by law. Outsourcing certain activities may lessen the hiring fintech’s burden of regulation, but an analysis of every specific case should be carried out.

Financial institutions can outsource fintech services as long as these services take into consideration the applicable regulations of the hiring institutions. The only specific provision regarding outsourcing is that contracts need to be celebrated at arms-length.

The fintech regulations establish in the requirements that to be considered as a gatekeeper the provider must submit certifications proving that the cybersecurity of the activities to be performed is reliable, along with a plan of measures on each of the services to be provided, as well as establishing obligations that the fintech must ensure and comply with the users regarding the protection of their personal information and data relating to the transactions made.

Depending on the activity that the fintech performs, the scope of the responsibility that the fintech may bear might be defined, since the services to be offered do not always represent withholding or issuance of money, but rather payment gateway services.

In the case that a fintech company undertakes or offers activities or services regulated by the National Banking and Insurance Commission and the Honduran Central Bank, they are well equipped by law to impose administrative sanctions in case the entity does not comply with the standing regulations, ranging from fines to a prohibition of carrying out a specific activity. Failing to comply with regulations regarding information and communications protection set forth for traditional supervised institutions would also cause administrative sanctions.

In the case of outsourcing, the hired entity would not be affected by sanctions imposed by the regulators unto the hiring party. However, there are provisions which establish that, within outsourcing contracts, clauses must be included that permit the National Banking and Insurance Commission to audit the provider or hired party, in certain cases.

Honduras has rigorous anti-money laundering and counter-terrorism financing regulations. There are specific regulations exclusively for supervised financial institutions regarding these matters.

There are other regulations encompassing anti-money laundering and counter-terrorism financing that have a wide application, which include non-banking lending institutions as obliged players. Amid other provisions, these require that the compelled parties name a Compliance Officer before the CNBS and provide both a Compliance Programme based on risk management and a Manual for Policies and Internal Procedures.

As of February 2024, there is no specific legislation in the country regarding cybersecurity or privacy protection. Also, exclusively for legacy players as supervised financial entities, regulations regarding information and communications protection must be taken into account as they do contain certain provisions about cybersecurity and privacy protection.

Furthermore, the Honduran Constitution recognises the Habeas Data principle which grants the right to a person in Honduras to request and amend information stored in a database. This obligation is applicable to persons who request and gather the information in Honduras and not abroad.

Based on the constitutional principle above, it is suggested that personal information is treated as sensitive. It is also suggested that an express consent is provided by the counterparties to enable the information to be transferred outside the jurisdiction and to third parties.

Regarding the banking secrecy principle in Honduras, it is embodied in Article 956 of the Honduran Commercial Code which has been in force since 1950. This article provides that banking institutions may not disclose information with regards to deposits and other banking operations, to any other person but the depositor, debtor or beneficiary, or any legal representative who has the power to dispose of the account or to intervene in the operation. This same article establishes two exceptions to the principle, allowing third parties to request information. These are the following:

• the judicial authority prior to a court order issued in a trial in which the depositor is a party to; or
• any banking authority for tax purposes issues.

The article finally establishes that bank officials shall be responsible under the terms of the law for the disclosure of information, and the bank institution shall be obliged to pay the damages caused by such disclosure of information.

From the above concept of bank secrecy, it is understood that financial institutions in general may not disclose customer information to third parties arising out of any financial or banking operation.

However, since 1950, and particularly during the past 20 years, there have been significant changes in the Honduran financial legal system, with regards to specifying the exceptions to the banking secrecy principle, established in the Honduran Commercial Code.

These exceptions allow certain confidential information to be disclosed to authorities upon request, as well as the exchange of confidential information between financial institutions, private and public credit bureaus and regulators. The following establishes the different cases where no liability is incurred on behalf of the financial institutions by disclosing confidential information.

• Upon request of a judicial authority prior to a court order issued in trial.
• Upon request of regulators for tax purposes issues.
• The exchange of information between the financial institutions or between the financial institutions and the National Banking and Insurance Commission (CNBS), the Central Bank of Honduras (BCH), and the Insurance Deposit Fund. The exchange of information is also allowed when complying with treaties signed with regards to cross-border supervision and prevention of money laundering and terrorist financing
• The exchange of credit information between financial institutions and private and public credit bureaus.
• The exchange of information when requested by AML authorities in order to comply with AML regulations. These regulations provide for financial institutions to supply information and report to the AML authorities under certain conditions when certain types of transactions occur, subject to criteria pertaining to amounts, regularity and in general when non-typical transactions take place. The reports and information are handled with complete confidentiality and no other person, aside from compliance officials, is aware of them, unless an investigation is opened in which case the investigated party is notified or becomes aware as a consequence of certain actions that may be ordered to secure values or information.

It is important to mention that financial institutions are required by law to send customer credit information to the public credit bureau, “Central Credit Information” (CIC), managed by the CNBS. Financial institutions are not required by law to send or exchange information to private credit bureaus unless they have previously entered into an agreement which governs how the exchange of the credit information will occur. This agreement shall contain provisions with regards to the liability to be assumed by the financial institution as the source and provider of information, in case the information provided by the financial institution to the private credit bureau is illegal, inaccurate, erroneous or obsolete, or has been obtained or given fraudulently.

Even with the new regulations issued in fintech there are no legally mandated reviews taking place for fintech players. There are, however, accounting or auditing firms that may review them, whenever they privately request them to do so. These firms have a valuable purpose, considering that companies, fintech or not, will have to present audited financial statements in the instance that they want to apply for a loan from a financial institution.

Banks and traditional supervised institutions are also regularly evaluating the market, not wanting to be blindsided by disruptive industry participants.

Certain supervised financial institutions started to innovate using fintech services before the regulator issued the first provisions. With the issuance of the new regulations, the institutions have adapted to the parameters set by the regulator, although it is true that the regulator is taking into consideration the new practices of any new regulations to be issued in the future or modifications on the existing ones.

It should be recalled that supervised entities are allowed to outsource activities to regulated fintechs, using technology provided by the latter. Currently, there are several strategic alliances between fintechs and financial institutions, in order to innovate the services to be provided to users.

The current fintech regulation does not contain reporting obligations for AML purposes, however, as previously mentioned, the Money Laundering Prevention Law establishes the following.

• The exchange of information when requested by AML authorities in order to comply with AML regulations – these regulations provide for financial institutions to supply information and reports to the AML authorities under certain conditions when certain types of transactions occur, subject to criteria pertaining to amounts, regularity and in general when non-typical transactions take place.
• The reports and information are handled with complete confidentiality and no other person, aside from compliance officials, is aware of them, unless an investigation is opened in which case the investigated party is notified or becomes aware as a consequence of certain actions that may be ordered to secure values or information.

There is another registry managed by the National Banking and Insurance Commission called Designated Non-Financial Businesses and Professions (DNFBPs) – non-financial institutions that are at risk of money laundering or terrorist financing. For fintechs related to electronic money issuance and money retention, part of the regulatory process is to apply for registration with the DNFBP registry.

As of February 2024, there are no fintech players offering robo-adviser services. The existing fintechs in the country include the following services:

• payment facilitators;
• payment gateways;
• Bitcoin ATMs;
• digital banking;
• electronic wallets;
• payment networks;
• cryptocurrencies; and
• alternative lending.

The authors understand “robo-adviser” to be a digital platform, like any other fintech, that provides automated, algorithm-driven financial platform planning services with almost no human supervision, especially regarding investment and stock market operations. In any case, they would need to comply with the Securities Market Law, which regulates issues related to fund management companies that perform activities in stock markets.

Furthermore, there is no specific regulation for robo-advisers nor, to the best of the authors’ knowledge, is the technology being used within the limited local stock market.

To the best of the authors’s knowledge, the use of robo-advisers is still in the areas of credit viability analysis regarding loans, collaterals and related services, and not really engaging in stock market activities. This is legally permitted if they comply with the financial regulation regarding credit bureaus and management of credit portfolios.

Always referring to the fintech topic and its regulation, although it is true that Honduras does not have regulations applicable to robo-advisers, the National Commission of Banks and Insurance, in February 2024, issued a resolution in which it prohibited the institutions supervised by the National Commission of Banks and Insurance to maintain, invest, intermediate or operate with cryptocurrencies, cryptoassets, virtual currencies, tokens or any other similar virtual assets, which have not been issued or authorised by the Central Bank of Honduras as the country’s monetary authority, as well as not allowing their financial users to use the platforms to perform operations with the aforementioned instruments.

In general terms, there are no tangible differences in regulations for loans in consideration to whom they are given. Internally, entities may apply different criteria for approving them, in consideration to different factors. There may be, however, differences in regulation regarding who is issuing the loan.

Traditional supervised financial institutions operate under a different framework than lenders that do not perform financial intermediation, also known as non-banking lenders. The former complies with banking regulations issued by the National Banking and Insurance Commission and in compliance with the Financial System Law, whereas non-banking lenders have special regulations composed mostly of usury (lending money at unreasonably high rates of interest) provisions and reporting requirements of their credit portfolio.

Supervised financial institutions must comply with prudential regulations as well as consumer protection regulations, whereas non-banking lenders (entities that do not perform financial intermediation) only have to comply with consumer protection regulations.

There are no specific underwriting processes required by Honduran regulations for online lenders, as of February 2024.

For supervised financial institutions, the main sources of funds for loans is from deposits and lender raised capital. In the case of lenders that do not perform financial intermediation, the funds come from the entity’s own capital and lender raised capital.

Though there are no crowdfunding platforms operating in the country. They would need to comply with provisions regarding public and private offerings of securities, in case they plan to use tokens as a representation of the funding, given that there have been no specific regulations issued for these activities.

Syndications of loans are permitted by Honduran law and actively used by local players. There is no special process for syndicated loans as they follow the same guidelines as regular loans.

Processors must use existing payment rails. Nevertheless, they may create or implement new payment rails prior to the authorisation of the Honduran Central Bank (BCH), as it is the entity in charge of the payment systems in Honduras.

The regulation regarding currency negotiation contains specific provisions about currency management for remittances. There is also a security tax applicable to foreign transfers.

Fund administrators are regulated depending on their activities by the Securities Market Law. There are provisions for the incorporation of fund administrators, specifically and only when they undertake activities in the stock market. They must be authorised by the National Banking and Insurance Commission and there is also a framework for mutual guarantee funds.

As a general consideration, fund advisers may not impose conditions on fund administrators that contravene what is already narrowly established by investment rules, including that there are no fund administrators operating and only one mutual guarantee fund administrator is operating.

Online marketplaces are permitted and considered specifically by the Electronic Commerce Law, as long as they refer to general goods and services, not securities or currencies. In case they include securities, regulations regarding public-private security offerings would apply. There are no regulations regarding cryptocurrency exchanges, as of February 2024, but they could be understood as a securities exchange if they are in accordance with the criteria set forth by the Securities Market Law.

The Central American Stock Exchange is the only exchange marketplace authorised for public offerings of securities. Also, it is worth noting that the BCH carries out currency auctions as well as auctions for government bonds.

In the case of financial institutions, the following regulations exist regarding assets:

• weighting of assets according to their degree of risk;
• credit portfolio management depending on the types of securities provided by clients; and
• how to manage assets received in payments due to defaults of loans.

The latter regulation does not apply for non-financial institutions. It is important to note that all entities have to comply with the laws applicable to granting liens and mortgages on fixed or movable assets.

There have been no specific regulations issued regarding cryptocurrencies with the exception of the regulator’s pronouncements (see 2.2 Regulatory Regime). Regulators have been waiting to see how the adoption and uses of cryptocurrencies turn out, though this matter is expected to be tackled by provisions that will emerge from the Board of Financial Innovation. These will most likely be in accordance with the Financial Action Task Force’s (FATF) recommendations and statements from 2019.

It is worth mentioning that the BCH issued a statement, in February 2018, warning users that cryptocurrencies are not endorsed by them and that they do not regulate cryptocurrencies nor do they ensure their use. Thus, any transaction performed using cryptocurrencies is the responsibility of each user.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

The regulators within their functions of control and management of market activities, establish behaviours by financial institutions towards users, which serve to set the basis of integrity towards the users of financial institutions. In the same way, these can be standardised and taken as a parameter for fintechs related to the banking industry.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

There have been no specific regulations issued on this matter as of February 2024.

Financial research platforms and their participants are not subject to registration.

Spreading of rumours and other unverified information is not regulated by law. However, as of February 2024, a data protection draft law is under discussion in the national congress that could have an impact on this issue.

Conversation curation is not regulated by Honduran law.

Insurtech is not specifically regulated in Honduras.

According to insurance and reinsurance regulations, different types of insurance will require a particular authorisation from the National Banking and Insurance Commission.

Regtech providers are not regulated per se in Honduras. They may become subject to regulation depending on the specific service that they provide for financial institutions.

Regulations regarding information and communications protection include dispositions that are mandatory for contracts celebrated with hired outsourcing entities, regarding data privacy and security standards, as well as the possibility that the outsourcing entities can be audited by the National Banking and Insurance Commission.

To the best of the authors’ knowledge, as of February 2024, only one legacy player has started to adopt blockchain technology as part of their regular services. Banco Ficohsa became part of the Interbank Information Network developed by JP Morgan, being the first Central American bank to do so, in May 2019.

There have been no specific regulations issued regarding blockchain as of February 2024. Regulators have been waiting to see how the adoption and uses turn out, though this matter is expected to be tackled by provisions that will emerge from the Board of Financial Innovation.

There has been no specific regulation issued regarding blockchain assets, as of February 2024. However, as mentioned, blockchain assets may fall under the description of securities.

Under Article 3 of the Securities Market Law, a security is defined as any title or document that is transferable, including stocks, certificates of participation, bonds, as well as futures, options and other derivatives, and in general all credit or investment instruments and other transferable obligations that the National Banking and Insurance Commission considers as such.

As of February 2024, blockchain has not been specifically regulated, including issuers of blockchain assets.

As of February 2024, blockchain has not been specifically regulated.

As of February 2024, blockchain has not been specifically regulated, including funds that invest in blockchain assets.

As of February 2024, blockchain has not been specifically regulated, including virtual currencies.

There have been no specific regulations issued on this matter as of February 2024.

The regulator’s pronouncements and issued regulations are not subject to regulation of activities related to NFTs because the emergence of the regulator to control and supervise such financial activities has not yet managed to cover issues that represent a sector which is being practised by a minority of the population, thereby not awakening the urgency to regulate.

Regulations in Honduras inhibit open banking due to the existence of the bank secrecy principle, which limits the information, specifically financial information, that they can share with third parties.

Due to the limitations of the bank secrecy principle, technology providers are required to sign confidential agreements and are prohibited from sharing financial information with third parties.

The relevant regulation does not establish elements on which attention should be paid, however, good practices are managed and foreseen on activities such as unauthorised financial intermediation, unauthorised public offering, and pyramid schemes in conjunction with the elements issued as financial education by the National Banking and Insurance Commission applicable to financial institutions and that complement the fintech sector.

The National Banking and Insurance Commission, through the different rules issued applicable to traditional financial institutions, warns and focuses on the following types of fraud.

• Fraudulent financial reporting (improper revenue recognition, overstatement of assets, and understatement of liabilities).
• Misappropriation of assets (misappropriation of funds, false remuneration, theft or misappropriation by external personnel, and procurement fraud).
• Income or assets obtained through fraudulent or illicit actions (embezzlement of invoices collected from customers, deceptive business practices, premature recognition of income, and falsification of income).
• Avoidance of expenses or liabilities through fraudulent or unlawful acts (tax evasion, abuses in the recognition of hours worked and compensation, and falsification of data submitted to regulatory compliance bodies).
• Expenditures or liabilities incurred for fraudulent or illicit reasons (commercial or public bribery, and kickbacks).
• Other irregular conduct (conflicts of interest, insider trading, discrimination, theft of trade secrets from competitors, monopolistic practices, and environmental violations).

These measures can be complied with by the fintech players involved in the country as examples of good practices, although it is true that fintech regulations do not issue these types of measures, as they are homologous activities that can be replicated in practice.