With the issuance of Circular 004-2024, Colombia´s financial authority, the “Superintendencia Financiera”, established three different timeframes for compliance with several provisions of the authority´s main regulatory piece, “La Circular Básica Jurídica”.
The shortest of these timeframes expires on August 1st, 2024. By this date, the entities supervised by the “Superintendencia Financiera de Colombia” must have submitted their compliance plan to the authority for Title I, Chapter IX, Numeral 3.2 of the “Circular Básica Jurídica”. This numeral pertains to architecture, security, and data administration standards that will become enforceable by August 2025. These standards include ISO20022 compliance, information transfers executed using JSON, and adherence to the REST framework and RESTFUL implementation.
The second timeframe expires on the 7th of august, and relates to compliance with Chapter IX, Title I of the “Circular Básica Jurídica”. This chapter addresses the obligations, standards, and duties supervised entities and third-party recipients must comply with. Examples include:
Regulated Entities |
|
Third-Party Recipients |
|
The final timeframe is set on the 7th of February 2025, by which all supervised entities that commercialize their infrastructure or technology must comply with the instructions in Chapter X, Title I of the “Circular Básica Jurídica”. Among the requirements for supervised entities are the following:
– Assess, before entering into the contract, the risks associated with the commercialization of technology and infrastructure to third parties.
– Establish safeguards, such as insurance or guarantees, to cover the risk of non-compliance with contractual obligations.
– Manage the reputational risk associated with using the name or image of the supervised entity by those who acquire or use the technology or infrastructure.
– Manage the systemic risk associated with the failure of the technology or infrastructure subject to commercialization, if other supervised entities have acquired such technology or infrastructure.
– Implement quality controls on the technology and infrastructure subject to commercialization.
These timeframes reflect a proactive approach by the authority, aiming to advance open finance in Colombia, while accommodating the market´s need for adaptation to the new environment.