June 17, 2025 - The Financial Market Commission (CMF) issued today a regulation establishing minimum standards for necessary safety, registration, and authentication for conducting electronic payments and transfers. It applies to payment card issuers and other financial providers to fulfill the provisions of Article 4 of Law No. 20,009.

These standards provide guidelines for the definition and use of different mechanisms to conduct electronic transactions. The regulation involves the following aspects:

1. Minimum standards for security, registration, and authentication of transfers. They set forth robustness, independence, and factor differentiation criteria.
2. Standards for reinforced client authentication (RCA), and determination of usage cases and transactions when using RCA is mandatory. They include fund transfers and sign-up processes for digital platforms. Issuers may also apply RCA in other cases, with the presumption of fraud or gross negligence stated in Law No. 20,009 applicable to them.

The regulation becomes effective as of August 1, 2025 except for issues about mandatory RCA uses, which start in July 2026. Although the Fraud Act sets forth regulatory requirements for payment card issuers, the CMF is assessing the reach and need of establishing standards for other participants in the retail payments system.