We would like to ensure that you are still receiving content that you find useful – please confirm that you would like to continue to receive ILO newsletters.
23 November 2010
Creating and maintaining client databases plays a significant part in addressing clients' needs and cross-selling. Databases also represent a valuable asset that can be exploited by sharing, exchanging or even selling client information. However, Mexican law limits the exploitation of such data(1) and imposes particular restrictions on financial operators, including insurance companies.
The Federal Law for the Protection and Defence of Users of Financial Services requires financial operators to refrain from:
Thus, insurance companies are required to consult the relevant registry databases.(2)
The General Law on Insurance Institutions prohibits insurance companies from disclosing client information received under 'know your client' policies. Moreover, the rules for insurance agents require them to keep information on clients confidential, as such data is regarded as a trade secret. Agents may not disclose such information to third parties unless they secure express authorisation beforehand or are otherwise mandated to communicate it by law - for example, new regulations to prevent money laundering and terrorism financing require insurance companies to submit frequent reports about certain client operations.
The recently enacted Federal Law on Personal Data Protection has added general requirements to these sector-specific obligations. Among other things, it provides that the processing of personal data is subject to the consent of the individual data subject, whose approval must be obtained before the information is used for any purpose. Moreover, security measures and procedures must be adopted to protect data against damage, loss, alteration, destruction and unauthorised use, access or processing.
Insurance companies must determine how they will comply with these obligations - in many cases, it will be necessary to implement new operating procedures.
(1) Several laws regulate the collection and use of client information. They include the Federal Law for the Protection of Consumers, the Federal Law for the Protection of the Rights of Users of Financial Services, the Federal Copyright Law and the Federal Law on Personal Data Protection.
(2) The databases can be consulted at at www.condusef.gob.mx.
The materials contained on this website are for general information purposes only and are subject to the disclaimer.
ILO is a premium online legal update service for major companies and law firms worldwide. In-house corporate counsel and other users of legal services, as well as law firm partners, qualify for a free subscription.