The 8 critical points CNBV reviews on visit.
Eight questions, under five minutes. At completion you receive a PDF report with your maturity level against the 2026 update of the Mexican AML statute (LFPIORPI) and the concrete next steps to reach the FATF evaluation with end-to-end auditable compliance. Designed for SOFOMs, SOFIPOs, IFPEs and fintech holdings operating in Mexico.
What CNBV evaluates on every visit and UIF on every request.
The diagnostic covers the eight domains on which a regulatory conversation without substantive observations is built. Each is measured on a four-level scale, from manual on Excel to end-to-end automated with complete traceability.
-
Point 01
KYC with signed file
Identity validated against SAT, RENAPO and CURP (Mexican tax, civil registry and unique ID services), an electronic file signed by the client and an immutable log of the opening. Simple ID copies no longer satisfy the regulator.
-
Point 02
Transactional monitoring with AML scoring
Continuous operations surveillance with real-time scoring, actionable alerts and rules calibrated to client risk profile. Without automated monitoring, inspections raise observations from the start.
-
Point 03
Documented scoring and thresholds
Written scoring methodology, parameters approved by committee, versioned adjustments. CNBV asks how the risk of a specific client was calculated and the answer must be in the system.
-
Point 04
Single client file
A single digital file with KYC, transactional profile, operations, alerts and resolutions. Information scattered across folders, email and modules generates recurring observations.
-
Point 05
Traceability of automated decisions
Immutable log of every decision made by the system (alerts raised, alerts closed, reports submitted) queryable instantly during inspection. Without cryptographic signature, logs are not sufficient regulatory evidence.
-
Point 06
ROU/ROP reports to UIF via SITI
Generation, validation and timely submission of unusual (ROU), concerning (ROP) and internal-concerning (ROIP) operation reports. The submission and acknowledgment history is visible to the supervisor.
-
Point 07
Corporate governance and compliance officer
Formal designation of compliance officer, communication and control committee meeting with cadence and minutes, signed manuals communicated to the team, documented annual training program.
-
Point 08
Response capacity to a CNBV request
Capacity to respond to a CNBV technical request in under 72 hours with information available in the system. If it depends on an external firm or rebuilding information, the regulatory risk is structural.
PDF report with score, maturity level and gap closure plan.
- · Percentage maturity score across the 8 domains.
- · Classification by level: low, intermediate, advanced or optimal.
- · Executive summary interpreting the level achieved.
- · Five recommended next steps, ordered by regulatory priority.
- · Downloadable PDF report with your institution masthead and date.
- · Contextual DTX service recommendation based on the level achieved.
- · Optional complimentary 45-minute DTX Audit session to go deeper.
- · No noisy newsletter. Just a 7-day follow-up if you want to go deeper.
Begin the LFPIORPI diagnostic. 8 questions.
Under five minutes to map your maturity across the eight critical points. Instant PDF report with score, level and gap closure plan. Designed so a compliance officer can take it to the next board session.