Name
Global FinTech Guide
Country _ Name
Uruguay
SectionTitle
Identification
Body
FinTechs belonging to this category provide identification services, which are required for most banking services.

Introduction

Attitude of the country towards identification services

There is an increasing interest in this type of services.

Legal affairs

Obligations and requirements to provide identification services

If the identification services described above are for the benefit of an entity which is under the control of the CBU, it may be deemed that the same is an outsourcing of services of such entity and therefore an authorization of the CBU would be necessary. Please refer to our answer to question i) Legal issues 2) above.

If the identification services are electronic signature and tokens, that have been instated through Law 18.600 and the regulatory Decree, a license would be required. In order to qualify as an identification service provider, certain requirements and obligations are in order:

  • The provider must be a natural or legal person, providing sufficient economic warranty and solvency to provide such service.
  • To comply with the necessary qualified staff with the required knowledge and expertise to provide such services of certification, as well as the security and managing in the advanced electronic signature market.
  • Comply with the tools and standards of the Electronic Certification Unit.
  • Being domiciled in the Republic of Uruguay, this being that the technological infrastructure and other material and human resources are located in Uruguayan territory.

According to section 18 of Law 18.600, all electronic certification services provider must:

  • Abstain from demanding, taking knowledge, or accessing under any circumstance to the creation of the electronic signature done by the users certified by the own provider.
  • To provide to the requirer, prior to the expedition of the electronic signature, a set of minimum information done without cost and through physical or electronic format, which includes:
    a) The providers obligations, including the way the token must be kept safe, the procedure to follow in case of loss of theft, as well as the devices that are compatible with the token provided.
    b) The different procedures in order to guarantee the trustiness of the of the electronic signature through time.
    c) The method used by the provider in order to fully check the identity of the signer and all other data which arise from the certificate.
    d) The correct use of the device, it’s possible limitations and the way the provider ensures its own patrimonial responsibility.
    e) The accreditations and endorsements that the provider has obtained.
    f) All other information included in the certification usage statement.
    g) To keep an up-to-date registry of the certifications provided, including the number of equipment provided, and if they are in force up to date. Such a registry shall be protected through adequate means of protection.
    h) To guarantee the availability of a consulting service regarding the number of the certificates in force.
    i) To inform Electronic Certification Unit of any modification regarding the conditions precedent which allowed the accreditation and inscription in the Electronic Certification Providers Registry Unit.

Other identification services not included within the scope of the above reference regulations do not require any type of license.

Additional comments regarding the legal situation for identification services or what FinTech’s must be aware of in this business area

The Uruguayan government has taken a particular interest in regulating and promoting FinTech and different technological

Authors

NameOrganisationEmail
There are no records.

Close

Choose country