Since April 2021, through Resolution No. 1049-2021, the Superintendency of Banking, Insurance and AFPs (SBS) approved a procedure simplified authorization to Municipal Savings and Credit Banks (CMAC), in order to facilitate and speed up the issuance of credit cards.
The conditions to apply to said simplified process consist of having a risk classification in the “B-” risk category or higher in the last semester; be authorized to issue debit cards; have adequate organizational structure, computer systems and compliance with the provisions of current regulations regarding the new operation, as explained by the entity.
The maximum term for issuing the authorization, once the requirements have been met, is 30 calendar days.
Regarding the procedure, María del Socorro Heysen, superintendent of the SBS, who participated in the launch of the first credit card issued by a savings bank, indicated that this process is characterized by being simplified and agile.
“This procedure is much more agile than the previous one and emphasizes critical aspects of the product, that are evaluated based on the risk management capacity of each of the entities that apply”, Heysen pointed out.
He stressed that this is essential because it allows supervisors to know the business model and the strategy proposed by the company for the development of a certain product, which is the basis for a “solid and robust” generation of a new one.
“The credit card authorization process should not be seen as a barrier, but rather as an independent review by the SBS prior to launching a product, because it is essential that products offer security to users,” said Heysen.
Likewise, the superintendent explained that credit card operations are highly transactional, and this is due to the multiplicity of channels under which they can be used as a means of payment, which are increasingly digital.
“This particularity generates greater exposure to operational risks, especially those linked to cybersecurity, which is why standards are required to prevent card data theft and identity theft. to the detriment of the users and the reputation of the entity and the system”, he concluded.