On June 1, 2026, the Chilean Financial Market Commission (“CMF”) issued General Regulation No. 569 (“NCG 569”), which amends General Regulation No. 514 (“NCG 514”) and incorporates Technical Annex No. 3, completing the regulatory framework applicable to the Open Finance System (“OFS”) established under Law No. 21,521, or Fintech Law.

The new regulation incorporates comments submitted during the public consultation processes conducted by the CMF and develops essential technical and operational elements for the implementation of the OFS, including interoperability standards, certification, information security, API functionality, consent mechanisms, participant directory, and testing environments.

The amendments are particularly relevant for information provider institutions (“IPI”), account provider institutions (“IPC”), information-based service providers (“PSBI”), and payment initiation service providers (“PSIP”), which will need to assess the impact of the new technical, operational, and security requirements applicable to their participation in the OFS.

Key aspects:

• Incorporation of Technical Annex No. 3: The regulation establishes the technical standards required for the operation of the OFS, covering matters such as APIs, authentication, digital certificates, interoperability, functional testing, information security, participant directory, and testing environments.
• New licensing, certification, and participation requirements: The regulation strengthens the requirements applicable to PSBI, PSIP, IPI, and IPC, incorporating additional documentary, operational, and technical requirements, as well as more detailed rules on security certifications, functional testing, and compliance validation.
• Simplified participation regime: A simplified regime is established for certain smaller IPIs, with differentiated obligations and a more limited scope of participation within the OFS, to facilitate the incorporation of entities with smaller operational scale, while maintaining minimum operational and security standards.
• Strengthening of the API and interoperability model: The regulation develops technical standards for the exchange of information and provision of services through APIs, including availability, performance, operational continuity, monitoring, contingency management, and alternative operating mechanisms.
• Sandbox and Participant Directory: The operation of the Sandbox and the OFS participant directory is regulated in greater detail, including registration requirements, information update obligations, testing conditions, and identification of the different participants.
• Consents, authentication, and security: The regulation further develops the rules applicable to the granting, management, and revocation of customer consents, together with adjustments to strong authentication, identity verification, authorization management, and security controls.
• Pilot period for APIs: A 60-day pilot stage is established for APIs that become operational, during which certain performance metrics and service levels will not be required.
• New reporting and supervisory obligations: New reporting obligations to the CMF are incorporated regarding the operation of the OFS, use of APIs, consent management, and other relevant operational aspects.
• Effective date: NCG 569 adjusts the implementation timeline of the OFS, extending the technological preparation and operational adaptation period provided under NCG 514. Accordingly, the entry into operation is set for July 2027.