Through resolution SB-2021-2126 subscribed on December 2, 2021, and published on the Official Gazette 604 of December 23, 2021, the Superintendence of Banks (hereinafter the “Superintendence”) reformed the “Regulations on managing operating risk” (hereinafter the “Regulations”) applicable to “banks, financial service entities and ancillary service entities.”
This reform updated the Regulations to consider the risks arising from the entry into force of the Data Protection Law on May 26, 2021. Article 23 of the Regulations establishes that controlled entities must “(…) generate plans and programs that allow them to comply with provisions of the Data Protection Law.” It is relevant to note that in the first transitory provision of the Regulations, the Superintendence states that “(…) it is the controlled entities responsibility to present to the Superintendence of Banks, until March 31, 2022, a compliance plan in relation to all obligations recognized on the Data Protection Law.”
Specialist in Data Protection
Rafael Serrano, associate at CorralRosales
amoya@corralrosales.com
+593 2 2544144
Would you like to receive our newsletters with information like the one you have just read?
Click here and subscribe.