{"id":1828,"date":"2024-07-05T16:07:20","date_gmt":"2024-07-05T19:07:20","guid":{"rendered":"https:\/\/www.jdf.cl\/?p=1828"},"modified":"2024-07-05T18:05:49","modified_gmt":"2024-07-05T21:05:49","slug":"comision-para-el-mercado-financiero-dicta-norma-de-caracter-general-n514-que-regula-el-sistema-de-finanzas-abiertas","status":"publish","type":"post","link":"https:\/\/jdf.cl\/en\/comision-para-el-mercado-financiero-dicta-norma-de-caracter-general-n514-que-regula-el-sistema-de-finanzas-abiertas\/","title":{"rendered":"FINANCIAL MARKET COMMISSION ISSUES GENERAL RULE NO. 514 REGULATING THE OPEN FINANCE SYSTEM"},"content":{"rendered":"<p class=\"translation-block\">On July 3, 2024, the Financial Market Commission (the \"CMF\"), exercising its legal powers, published General Rule No. 514 (hereinafter \"NCG 514\" or the \"Regulation\") which regulates the Open Finance System (hereinafter the \"System\" or the \"SFA\"), in accordance with the provisions of Title III of Law 21,521, also known as the \"Fintech Law\".<\/p>\n<p>The SFA aims to allow the exchange of financial customer information and other types of data between different service providers, who have given their express consent, through remote and automated access interfaces that enable direct interconnection and communication between Participants (as defined below), under appropriate security standards and subject to compliance with the requirements and conditions established in the Fintech Law.<\/p>\n<p>The Regulation is divided into the following sections:<\/p>\n<ul>\n<li><strong>Scope of the open finance system <\/strong><\/li>\n<\/ul>\n<p>Identifica a todas las instituciones participantes en el SFA (colectivamente, los \u201c<u>Participantes<\/u>\u201d), para lo cual se dictan los requerimientos que les permiten participar en el SFA de acuerdo con los roles espec\u00edficos que posean seg\u00fan lo establecido en el Directorio de Participantes, que ser\u00e1 implementado por la CMF para facilitar una adecuada interacci\u00f3n de los diversos participantes en el contexto del SFA y que permitir\u00e1 la \u201cb\u00fasqueda, consulta y actualizaci\u00f3n de los participantes habilitados en el SFA, incluyendo sus datos de registro o autorizaci\u00f3n, roles y perfiles, recursos de API y certificados digitales, entre otros\u201d.<\/p>\n<p>El Directorio de Participantes estar\u00e1 compuesto por dos registros y dos n\u00f3minas asociadas a entidades que deben participar obligatoriamente en el Sistema, o bien que, ya encontr\u00e1ndose incorporadas al per\u00edmetro de la CMF, pueden participar del SFA sin necesidad de un nuevo proceso de registro conforme al nivel de requisitos que les aplique. Estos son:<\/p>\n<ul>\n<li class=\"translation-block\">Register of service providers based on information. It is a voluntary register for service providers enabled by financial information who intend to participate in the SFA to consult, access, and receive data to provide services to customers, reserved for legal entities constituted under Chilean laws and domiciled within Chilean territory. Exceptionally, foreign entities may participate provided they have established an agency in Chile prior to the application.<\/li>\n<li class=\"translation-block\">Register of payment initiation service providers. This register will include entities intending to provide services consisting of instructing on behalf of a customer to an Account Provider Institution, the execution of payment orders or electronic transfers, including predefined recurring payments in favor of third-party beneficiaries indicated by the customers, debiting their respective accounts and payment methods (hereinafter, \"PSIP\").<\/li>\n<li class=\"translation-block\">List of information provider institutions and account providers. All entities considered as Information Provider Institutions (\"IPI\") and Account Provider Institutions (\"IPC\") under the Fintech Law must submit the necessary documents to be incorporated and enabled in the lists of entities called \"IPI List\" for information provision and \"IPC List\" for payment orders or electronic transfers.<\/li>\n<li class=\"translation-block\">List of Information-Based Service Providers (\"PSBI List\"). Entities qualifying as IPI and those registered in the Financial Service Providers Register can voluntarily participate in the System as Information-Based Service Providers (\"PSBI\"). For this, these entities must request their voluntary inclusion in the PSBI List. The Fintech Law considers PSBI as entities enabled to participate in the SFA to consult, access, and receive data to provide services to their customers.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ol>\n<li><strong>Operation of the SFA<\/strong><\/li>\n<\/ol>\n<p>De conformidad a lo establecido en la Ley Fintech, la NCG 514 establece que el mecanismo de intercambio de informaci\u00f3n de datos dentro del SFA son las <em>Application Programming Interfaces<\/em> (\u201c<u>APIs\u201d<\/u>), y las define como aquel \u201cmecanismo tecnol\u00f3gico por medio del cual dos o m\u00e1s programas o sistemas computacionales pueden comunicarse entre s\u00ed\u201d y que, en conformidad a lo se\u00f1alado en la Ley Fintech, permiten una interconexi\u00f3n y comunicaci\u00f3n directa entre instituciones participantes del SFA. Luego, se definen los est\u00e1ndares b\u00e1sicos que les ser\u00e1n aplicables a las APIs, junto a los niveles de disponibilidad y rendimiento que estas interfaces deber\u00e1n cumplir.<\/p>\n<p>Asimismo, se se\u00f1alan las condiciones que deben considerarse para el uso de un mecanismo alternativo para el intercambio de datos, el cual debe estar disponible para asegurar la continuidad operacional del SFA, cumpliendo los requisitos que se definan en las especificaciones t\u00e9cnicas de la NCG 514.<\/p>\n<p>Finally, the requirements related to the quality of information exchanged within the SFA are addressed, and communication mechanisms in case of contingencies, and the notification procedure to the involved Participants and the CMF, as applicable, are established.<\/p>\n<ul>\n<li><strong>System security and safeguards<\/strong><\/li>\n<\/ul>\n<p>The Regulation sets requirements concerning risk management and internal control of participants; cybersecurity and incident reporting; the mechanism for reporting operational incidents; and elements participants must consider regarding business continuity. In particular, standards for information security within the system are established; client authentication and confirmation; and verification of validity and roles of PSBI and PSIP within the Participant Directory. This section also indicates cases where access to information will be interrupted and new payment orders will be denied.<\/p>\n<p>Additionally, it outlines the requirements and manner in which client consent must be granted as an essential condition for entities to access their financial information, as well as the management of these consents while they remain valid. Finally, other standards regarding interoperability and distribution of reimbursable costs are specified.<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><strong>System information<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>It establishes the types of data permitted to be exchanged within the SFA, classified by type and their respective details, indicating conditions of availability, validity, updates, and applicable means of exchange.<\/p>\n<p>Additionally, the obligations and responsibilities of Participants concerning the integrity, availability, security, and confidentiality of data involved in each transaction and the proper protection of clients' personal data are stated.<\/p>\n<p>Requirements for disclosing information related to the implementation of the SFA on the supervised entities' websites are also established.<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><strong>Other provisions<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>The Regulation includes provisions related to the application of temporary suspension measures and sanctions associated with non-compliance with NCG 514.<\/p>\n<p>Regarding implementation and validity periods of the Regulation, it contemplates an implementation period divided into two stages:<\/p>\n<p>The first stage will last 24 months from the publication of the rule and is aimed at technological preparation and development of tasks assigned to participants and the CMF. After this period, the Regulation will come into effect. Finally, the second stage establishes gradual compliance periods for availability according to participant type and APIs, ranging from 6 to 36 months from the Regulation's effective date.<\/p>\n<p class=\"translation-block\">If additional information on this matter is required, you may contact Christian Schiessler (cshiesslerq@jdf.cl) and Diego Miranda (dmiranda@jdf.cl).<\/p>","protected":false},"excerpt":{"rendered":"<p>Con fecha 3 de julio de 2024, la Comisi\u00f3n para el Mercado Financiero (la \u201cCMF\u201d) haciendo uso de sus facultades legales, public\u00f3 la Norma de Car\u00e1cter General N\u00b0514 (en adelante, la \u201cNCG 514\u201d o la \u201cNormativa\u201d) que regula el Sistema de Finanzas Abiertas (en adelante, el \u201cSistema\u201d o el \u201cSFA\u201d), conforme a las disposiciones del [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1836,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1828","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-novedades"],"acf":[],"_links":{"self":[{"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/posts\/1828","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/comments?post=1828"}],"version-history":[{"count":3,"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/posts\/1828\/revisions"}],"predecessor-version":[{"id":1837,"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/posts\/1828\/revisions\/1837"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/media\/1836"}],"wp:attachment":[{"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/media?parent=1828"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/categories?post=1828"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jdf.cl\/en\/wp-json\/wp\/v2\/tags?post=1828"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}