The Brazilian Fintech market is experiencing a growth boom in 2020/21, and with it the need to pay close attention to the Compliance of each sector’s regulations to avoid the risk of fines, liabilities and criminal charges.
In Brazil, there are several categories of fintechs, such as credit, payment, wealth management, loan, financing, investment, foreign exchange, debt negotiation, insurance and multi-services.
We list below some of the main Compliance Policies and Codes that Fintechs operating in Brazil should consider adopting:
1. Know Your Client Policy (KYC): regulated by Brazilian Central Bank regulation, the KYC Policy must establish the procedures to be followed by the Fintech to know its clients, including due diligence in their identification, qualification and classification;
2. Data Protection Privacy Policy: framed by the Brazilian Data Protection Law, the Data Protection Privacy Policy must establish the rules for collection, registration, storage, use, sharing and elimination of data collected from customers, employees and third parties related to the Fintech;
3. Anti-Corruption Policy: required by Federal Law, the Anti-Corruption Policy must prevent the Fintech, including shareholders, management, employees and outsourced service providers, from practicing harmful acts against domestic or foreign public administration;
4. Code of Ethics and Conduct: based on the Brazilian Anti-Corruption Law, Administrative Misconduct Law and certain resolutions, the Code of Ethics and Conduct must provide for the ethical principles and standards of conduct that are part of the way of acting and conducting the Fintech’s business with the most diverse stakeholders related to the company;
5. Money Laundering Prevention and Terrorism Financing Policy (PLDFT): regulated especially by Brazilian Central Bank regulations and Federal Money Laundering Prevention, the PLDFT must provide that the Fintech, including shareholders, management, employees and outsourced service providers must adopt the best practices in contracting with customers and to prevent and combat money laundering and terrorist financing;
6. Cyber Security Policy: regulated by Brazilian Central Bank regulation, the Cyber Security Policy must provide principles and guidelines that seek to ensure the confidentiality, integrity and availability of data and information systems used by the Fintech in its business;
7. Stakeholder Relationship Policy: the Stakeholder Relationship Policy seeks to provide for the parameters for assessing the macroeconomic, social and environmental impacts on stakeholders related to the Fintech’s businesses, and their interests in planning new products or services offered.
Even if they seek to streamline access to financial products and services, the Fintechs are subject to several regulations, and the compliance and implementation of Policies and Codes related to their activity and sector, such as like those described above, are critical to your operation.
