On July 10, 2025, the Financial Market Commission (CMF) opened a public consultation on a regulatory proposal introducing substantial amendments to General Rule No. 514, which governs the Open Finance System (OFS). The proposal includes Technical Annex No. 3 and aims to strengthen the system’s technical, operational, and cybersecurity infrastructure.

Key highlights:

• Reactivation of suspended participants: A procedure is established for reinstating suspended entities, subject to a technical report certifying resolution of the incidents that led to the suspension.
• Alternative information delivery mechanism: IPIs and IPCs must implement a secondary mechanism to ensure operational continuity if the main interface is unavailable. This mechanism must meet stringent security, traceability, and performance standards and be validated by the CMF.
• Mandatory sandbox testing: All system testing must be conducted within the CMF’s official Sandbox and validated by an external certifier with expertise in cybersecurity and APIs.
• Enhancement of the Participant Directory (DP): The DP is consolidated as the core of interoperability, requiring local maintenance, consultation, and reporting. The regulation defines the API structures needed to publish and update information.
• Consent regime reform: Consent is reinforced as a regulatory cornerstone and must be explicit, informed, specific, verifiable, and revocable.
• Differentiated responsibilities: PSBIs and PSIPs must verify the validity of consent. IPIs and IPCs are only responsible for technical user authentication.
• Prohibited practices: Altering consent content, duplicate authorizations, or user experience interference are prohibited.
• Mandatory control panel: Entities must provide an accessible, clear, and secure panel for users to consult and revoke their consents.

The proposal will remain open for public comment until August 18, 2025, in the “Public Consultation” section of the CMF website.