The Fintech Law regulates the organisation, operation, and services of financial technology institutions (FTIs), including crowdfunding platforms and electronic payment funds institutions (EPFIs). The law also covers new, innovative models for providing financial services using digital means. While it does not mention the FATF Travel Rule or wire transfer regulations by name, it clearly establishes obligations that form the foundation for compliance with international wire transfer transparency standards.

Scope of Application to Virtual Assets & Electronic Payments

The law explicitly recognises that FTIs, including EPFIs, may engage in transactions involving virtual assets, electronic payment funds, and cross-platform fund transfers. These activities involve the issuance, transmission, and redemption of funds via electronic accounts, and may occur in national currency, foreign currencies, or authorised virtual assets, subject to oversight by Banco de México and the National Banking & Securities Commission (CNBV).

These transfers fall within the functional remit of FATF Recommendation 16, and therefore must comply with the obligation to retain and transmit information about the originator and beneficiary when funds move between institutions or across borders.

Authorisation & Supervision of FTIs

FTIs must obtain formal authorisation from the CNBV, with the prior agreement of an Inter-Institutional Committee, to offer services that may involve value transfers. The law mandates that all FTIs must have transactional account records, a clear governance structure, and secure technological infrastructure to support regulatory compliance. These conditions are prerequisites for enabling traceable and transparent fund flows, which is central to WTR enforcement.

Data & Transaction Records

FTIs are required to keep complete and accessible records of all transactions, including the identification of clients, digital authorisations, and transaction history. These records must be retained for at least ten years, a requirement that directly supports the traceability of electronic fund transfers. EPFIs must also be able to deliver a refund in national currency or the equivalent value of virtual assets, which underscores the necessity for robust transaction monitoring and reconciliation systems.

AML & WTR-Related Obligations

Article 58 of the law imposes detailed AML compliance requirements. FTIs must establish internal procedures for:

• Identifying and reporting suspicious, unusual, and large-value transactions;

• Performing risk assessments of their products, services, and clients;

• Appointing a compliance officer;

• Submitting reports to the Ministry of Finance (SHCP) via the CNBV.

These provisions enable Mexican authorities to enforce the Travel Rule in practice by ensuring FTIs can detect, document, and report suspicious patterns of fund transfers—whether involving fiat or virtual assets.

Additionally, FTIs must participate in information-sharing mechanisms with national and international institutions, including other financial entities, crypto exchanges, and payment providers. This is essential for supporting cross-border compliance with the WTR.

Control over Virtual Asset Transactions

FTIs must obtain specific authorisation from Banco de México to transact with virtual assets. Only certain digital assets are approved, and institutions must adhere to strict custody, control, and traceability measures. Clients must be informed about the inherent risks of virtual asset transactions, including volatility, irreversibility, and susceptibility to cybercrime. This requirement reinforces consumer protection and aligns with the WTR’s objective to mitigate the misuse of payment systems for illicit activity.

Disclosure & Transparency

Institutions must publish clear, accurate, and timely information on their websites and digital platforms regarding their authorisation status, risks of financial transactions, and their obligations under the law. Misuse of FTI-related terms by unauthorised persons or entities is prohibited and penalised. This transparency requirement underpins the regulatory integrity of Mexico’s digital financial ecosystem and aids in ensuring the legitimacy of data accompanying electronic transfers.

Conclusion: WTR Compliance Integration

Although the Mexican Fintech Law does not explicitly reference the wire transfer regulations or the FATF Recommendation 16, it creates the necessary regulatory conditions for its implementation. Through strict licensing, client identification, transaction monitoring, and AML controls, Mexico’s regulatory architecture for FTIs supports the secure and transparent execution of electronic fund transfers, including those involving virtual assets. Banco de México and CNBV serve as key enforcers of these provisions, which collectively uphold the country’s commitments under the global AML regime.