Lawyers involved
On December 26, 2019, and after a public consultation process, the Financial Market Commission (CMF) published a modification to the normative that regulates the conditions for banks, auxiliary financial companies and issuing and payment card operators to outsource their services (Chapter 20-7 of the Updated Collection of Standards), easing the obligation that existed in maintaining a data processing site or site in Chile. Thus, as stated by the CMF, it seeks to boost competition and generate greater benefits for customers and the development of markets.
The regulatory update provides that it will be up to the board of each entity responsible to assess the benefits and difficulties that outsourcing services entails, being able to hire those entities in any case to the providers that best meet their needs, providing that compliance is met to certain operational requirements such as i) that the data processing sites comply with an operation availability time equal to or greater than the provisions of Chapter 20-9 of the RAN; ii) That the sites are in different locations that mitigate both geographic and political risks, and iii) that there is an annual report that supports the risk analysis carried out, which must be issued by an independent company of recognized prestige and experience in the evaluation of this type of services.
Additionally, the regulations allow services abroad to be provided from a country that does not have a country risk rating in investment grade, to the extent that the place where the services are outsourced has protection laws and adequate personal data security.
