/ 2023-2024 CMF’s Regulatory Calendar: what is relevant?

The implementation of the new Fintech Law and the update of the outsourcing standard related to the use of the cloud in banks and financial institutions are highlighted.

Maria Ignacia Ormeño Sarralde
Associate Attorney
Alessandri Abogados

On April 25, 2023 the Financial Market Commission (CMF) presented to the public the regulatory projects contained in its regulatory plan for the years 2023 and 2024. The plan incorporates the regulatory projects that the CMF will work on during this and next year, within which, it details the regulation related to the new Fintech Law and the Updated Standards Compilation (RAN) 20-7 on outsourcing of critical services in banks and financial institutions.

Regarding the Fintech Law regulations, the plan highlights the regulatory projects necessary for its implementation and its open finance system (System), the procedure for authorizing the start of activities for fintech companies and the accreditation of suitability for persons and systems associated with it.

Regarding the implementation of the System, the CMF will establish the standards to be met by those who participate in it in order to comply with the interoperability and proper functioning regulated by the Law. It should not be forgotten that it will also be a General Applicability Rule (NCG) that must determine what information the institutions providing information will be obliged to communicate through the System and, likewise, the minimum standards under which such information will be delivered and exchanged.

This information will be transmitted through one or more remote and automated access interfaces, which must be kept available by the System’s participants. Therefore, the CMF will establish the necessary requirements and conditions for the design, development and security mechanisms of these interfaces for accessing, sending or obtaining data and information in a standardized manner, as well as any other requirement that the CMF determines as necessary for a secure and optimal operation. This will ensure interoperability and operational continuity within the System.

On the other hand, the CMF has a great challenge in relation to the rapid issuance of these new rules, since the Law itself establishes a period of 18 months from the entry into force of the Law (February 3, 2023), to issue approximately seventy NCGs.

The CMF establishes in this plan the need to update and revise RAN 20-07 regarding the outsourcing of services or outsourcing related to the use of the cloud in banks and financial institutions. It is of vital importance for the CMF that those who provide financial services and wish to outsource their services must comply with the provisions of this RAN, in order to safeguard the operational risk of this outsourcing.