After almost a year, from December 2022, in which the Organic Law for the Development, Regulation and Control of Technological Financial Services (Fintech Law) was issued, approved in the legislature on October 30, 2022 with 74 votes in favor, the President of the Republic, Guillermo Lasso , issued its regulations on November 6 of this year. He did this together with another regulation, the one on the organic protection of personal data.

The law defines fintech activities as the development, provision, use or offer of technology-oriented payment methods, technological financial services, specialized companies for electronic deposit and payments, technological services of the securities market and insurance. Currently, in Ecuador there are already companies that provide services based on fintech, which until now have operated without specific and specialized regulations on the matter.

In 2022, the country was seventh in Latin America among 17 nations in terms of the number of fintechs that exist in each of its territories. In 2021, he counted 60 fintech located in Quito, Guayaquil and Cuenca. Of this, 38% is dedicated to managing business finances, mostly replacing paper invoices with digital ones. The second and third relevant activities are digital payments (15%). He crowdfunding or the collaborative fund occupies 11%. In Ecuador, fintech companies grew 77% between 2017 and 2020.

The Fintech Law is published in the Official Register

In the meantime, the Regulation will come into force after publication in the Official Register, which happened only this Thursday, November 9 morning, but what does the Regulation include?

There are 10 subjects. Article 1 determines its goal, that is, to ensure the applicability of the provisions of the Organic Law for the development, regulation and control of technological financial services.

Article 2 states the scope, stating that the provisions of the Regulation are of public order and social interest, its application and compliance is mandatory for natural and/or legal persons, domestic and/or foreign, participating in any fintech activity.

While Article 3 deals with the regulation of fintech activities, which will be the responsibility of the Committee for Monetary Policy and Regulation and the Committee for Financial Policy and Regulation, each within the scope of their powers.

The qualifications, supervision and control of the companies that develop these activities will correspond to the Central Bank of Ecuador (BCE), the Supervision of Companies, Securities and Insurance (Supercias) or the Supervision of Banks, as stated in Article 4 of the Regulation. This article also provides that these entities must establish administrations or municipalities dedicated to the supervision and control of companies developing fintech activities. In addition, they must train personnel who will be dedicated to supervision and control tasks. However, he clarifies that the establishment of administrations or municipalities will depend on the availability of the budget, before the positive opinion of the governing body of public finances, that is, the Ministry of Economy and Finance, in this case.

Article 5 determines the limits of these activities in the country. It is stated that the corporate purpose of the companies that develop these activities will be specific and exclusive for the performance of the aforementioned activities and cannot contain different activities. They can provide one or more services that are part of different fintech activities, as long as they receive approval for this purpose from each of the competent entities and after fulfilling the requirements for each activity, with the exception of Specialized Companies. electronic deposits and payments whose sole purpose is to receive resources for the sole purpose of facilitating payments and transferring resources through authorized electronic means of payment: and sending and receiving financial transfers.

Towards the end of his term, Guillermo Lasso issued regulations for laws on Fintech and personal data protection

Meanwhile, Article 6 states that standardized computer systems will be implemented for the reports that companies developing fintech activities must produce. This execution will be carried out by BCE, Supercias and the Supervisory Board of Banks, in coordination with the Ministry of Telecommunications.

Furthermore, according to Art. 7. Regulations, the Committee for Monetary Policy and Regulation and the Committee for Financial Policy and Regulation, with the technical input of the Unit for Financial and Economic Analysis, must adopt appropriate regulations to prevent money laundering and crime financing.

The control subjects must also adopt an appropriate regulation on information security and cyber security, as stated in Article 8.

Article 9 establishes cooperation in the implementation of regulatory sandboxes, i.e. test environments, which will also be the responsibility of the BCE, the Bank Administration and the Companies Administration, which may require the cooperation of the Tax Administration during this process. Internally, the Financial and Economic Analysis Unit, ministries or other public sector entities. This, in case it is defined that it is necessary that the new business model subject to the testing environment requires regulations or regulatory changes in the areas of competence of the said entities.

Finally, the last article of the Regulation talks about the competencies for the implementation of sandboxes. It indicates that the Committee for Monetary Policy and Regulation and the Committee for Financial Policy and Regulation are the only bodies competent for their regulation, in the monetary and financial area. Likewise, BCE, Superintendency of Banks and Supercias are the only organizations responsible for implementation.