Is Mexico’s “Fintech Law” Leading a New Trend in Fintech Regulation?

More and more financial regulators have been asking us at CGAP how to respond to “fintech.” Now, our first question back to them is usually: “What do you mean by fintech?” Countries have been issuing different sets of regulations to cover whatever array of innovations falls within their own definition of the term. Since developing all these regulations can become quite complex, regulators have expressed interest in passing a single, all-encompassing law to cover the full range of innovations. Many have been looking to Mexico and its so-called “fintech law” – the 2018 Financial Technology Institutions Law – as a potential example of how to accomplish this feat.

There’s just one problem: This is not what the Mexican law does. And there are good reasons for this.

Mexico’s fintech law mainly regulates two types of companies: electronic payment institutions (EPIs, or what other countries call "electronic money issuers") and crowdfunding institutions. Under the law, both types of institutions are permitted to operate with virtual assets (e.g., cryptocurrencies) that are authorized by Bank of Mexico. The law also introduces a regulatory regime for open banking. As such, the law covers only two types of fintech companies from the universe of fintech players that are not addressed by the Mexican regulatory system. It does not provide regulatory guidance for other technology-enabled innovations in financial services, such as fintechs offering balance sheet lending, big tech companies launching financial services, investment services other than crowdfunding, or central bank digital currencies.

Regulators around the world already have quite a bit of experience regulating e-money issuance (one of the four basic regulatory enablers advocated by CGAP) and crowdfunding institutions. In fact, what Mexico has done is not so different from other countries that have issued regulations for these types of players, except that they have combined both types into a single law rather than issuing separate regulations. However, it seems the use of the term “fintech law” has created unreasonable expectations that this law is the answer to all fintech issues.

Mexico’s approach of issuing a dedicated law to cover multiple fintech-related issues is one possible approach for other regulators to consider, and it may well be the best approach for Mexico given its goals and country context. However, covering several types of institutions in a single law may pose challenges for financial authorities if they have to deal with a wave of new applicants all at once. This might be the reason why Mexico has issued only one license to date, even though it is considered to have higher regulatory capacity than many of its peers in the region.

Since the law went into effect, 85 fintech companies have applied for a license. Sixty are seeking to become EPIs, and 25 aim to become crowdfunding institutions. The Mexican National Banking and Securities Commission (CNBV) issued its first license to an EPI in January 2020 but has not issued any licenses since then. This first licensed fintech is expected to start operations soon, as the CNBV and Banco de Mexico recently completed the inspection that is required ahead of launch. Hopefully, authorities will issue more licenses in the coming months as they continue to review applications. Many prospective EPIs are still waiting, including so-called "neobanks" like Albo, Mibo and Klar. EPIs are similar to e-money issuers in other markets, which are usually regulated under the broad umbrella of a national payment system law rather than a separate fintech law.

Fintech has the potential to advance financial inclusion, and it has continued to grow during the COVID-19 pandemic. However, fintech is not a very useful term when it comes to designing the best regulatory responses to innovative business models, processes or products. Regulators sometimes begin with the vague, generic goal of “regulating fintech." A better approach would be to start by considering which activities and functions should be regulated and whether they fit into existing regulatory frameworks. In some cases, new fintech business models will fit these frameworks, and it may not even be necessary to issue new regulations, let alone a new law.

However regulators choose to define it, fintech will always be context-specific. Policy makers in any given country will most likely need to consider a range of issues that the Mexican fintech law does not cover. And certain issues covered by the fintech law because they are important in Mexico may not need to be regulated in other jurisdictions. Regulators should not transition to Mexico’s approach without first carefully analyzing whether the approach meets the needs of their market.

Regulators should also understand that having a regulatory framework that supports the entry of a diverse range of fintech players may be more important than having a dedicated fintech law, which might not be flexible enough to do justice to a rapidly developing field. Such a framework can bring robust and fair competition, leading to lower prices, greater choice and better quality services for customers.

Fintech is a dynamic field, and it is unlikely that a single law will be the answer to regulating it.