Comparative Guides

Welcome to Mondaq Comparative Guides - your comparative global Q&A guide.

Our Comparative Guides provide an overview of some of the key points of law and practice and allow you to compare regulatory environments and laws across multiple jurisdictions.

Start by selecting your Topic of interest below. Then choose your Regions and finally refine the exact Subjects you are seeking clarity on to view detailed analysis provided by our carefully selected internationally recognised experts.

4. Results: Answers
FinTech
5.
Data security and cybersecurity
5.1
What is the applicable data protection regime in your jurisdiction and what specific implications does this have for fintech companies?
Mexico

Answer ... Chapter VI of the General Provisions for Financial Technology Institutions sets out data security and cybersecurity regulations for fintech companies. In this regard, the technological infrastructure of fintech companies must include security measures for the protection of user data, including:

  • identification and authentication mechanisms;
  • relevant controls for employees who have access to personal data;
  • internal policies and procedures for data access and prevention of unlawful data use; and
  • measures for the notification of privacy notice changes to users.

Finally, fintech companies are responsible at all times for the protection of users’ personal data.

For more information about this answer please contact: René Arce Lozano from Hogan Lovells, Mexico
5.2
What is the applicable cybersecurity regime in your jurisdiction and what specific implications does this have for fintech companies?
Mexico

Answer ... According to Article 67 of the General Provisions for Financial Technology Institutions, fintech companies must prevent and report to the National Banking and Securities Commission (CNBV) any cybersecurity incidents that occur. Fintech companies must immediately investigate the cause of the incident and provide the CNBV with a plan that outlines the actions that will be taken to eliminate or mitigate the risks that have arisen from the incident.

For more information about this answer please contact: René Arce Lozano from Hogan Lovells, Mexico
Contributors
Topic
FinTech