Crypto Law Profile
Mexico’s Fintech Law defines virtual assets and gives Banco de México control over which assets and ITF transactions may be used. Circular 4/2019 limits financial institutions to authorized internal operations, while AML rules cover non-financial virtual-asset...
Mexico’s Fintech Law virtual assets regime is an in-force legal framework for virtual-asset activity connected to financial technology institutions, credit institutions and related anti-money-laundering controls. The core statute is the Ley para Regular las Instituciones de Tecnología Financiera (LRITF), which was published in March 2018 and entered into force the following day. As of June 3, 2026, the current consolidated LRITF text includes a latest reform date of November 14, 2025, while the operative virtual-asset chapter remains centered on Articles 30 to 34.
Article 30 defines an “activo virtual” as an electronically registered representation of value used among the public as a means of payment for legal acts and transferable only through electronic media. The definition excludes legal tender in Mexico, foreign currency and assets denominated in legal tender or foreign currency. The provision gives Banco de México a gatekeeping role: fintech institutions may operate only with virtual assets determined by the central bank through general provisions, and they must obtain prior Banco de México authorization for those operations.
The LRITF does not operate as a general consumer-facing crypto exchange license. Instead, it regulates when Mexican fintech institutions may interact with virtual assets under central-bank rules. Article 31 addresses delivery and settlement of virtual assets or Mexican pesos in transactions carried out by ITFs. Article 32 authorizes Banco de México to set characteristics, conditions and restrictions for virtual-asset operations and to impose custody and control measures. Article 33 restricts ITFs from disposing of client virtual assets except under client instructions and subject to the law. Article 34 requires risk disclosure, including that the virtual asset is not legal tender and is not backed by the federal government or Banco de México, together with irreversibility, volatility, technology, cyber and fraud risks.
Banco de México implemented the framework through Circular 4/2019, issued to credit institutions and fintech institutions. The circular narrows authorized activity to “internal operations” and states that institutions may conduct virtual-asset operations only when they correspond to those internal operations and have prior Banco de México authorization. It also states that direct services to clients for exchange, transmission or custody of virtual assets are not eligible under that circular. Banco de México framed the rule as maintaining a “healthy distance” between virtual assets and the financial system while preserving the possibility of internal technology use where risks do not reach the final consumer.
Mexico’s anti-money-laundering law, the LFPIORPI, separately treats certain non-financial virtual-asset services as vulnerable activities. The covered activity includes habitual or professional exchange of virtual assets by non-financial entities through electronic, digital or similar platforms that administer, operate or facilitate buying and selling for clients, or provide means to custody, store or transfer virtual assets. The current text also covers certain operations involving Mexican citizens from another jurisdiction. Reporting and information obligations depend on thresholds and general rules administered through the AML framework.
For CryptoSlate reference purposes, this profile treats the Mexico Fintech Law virtual assets regime as a combined legal regime rather than a single standalone “crypto law.” The law-level profile should be linked to Mexico, virtual assets, fintech, payments, custody and AML/CFT topics. The most important editorial caveat is that Mexico’s framework distinguishes between regulated financial institutions, which are subject to Banco de México’s restrictive internal-use model, and non-financial virtual-asset service providers, which are principally captured through AML vulnerable-activity rules. This profile does not describe a general authorization route for public-facing crypto exchange or custody services unless an editor verifies a specific official authorization or later Banco de México instrument.
Article 30 defines virtual assets as electronically registered value used among the public as a means of payment, excluding legal tender and foreign currency.
ITFs may operate only with virtual assets determined by Banco de México through general provisions and must obtain prior central-bank authorization.
Circular 4/2019 allows credit institutions and ITFs to conduct virtual-asset operations only as authorized internal operations.
The LRITF restricts ITF disposition of client virtual assets and requires disclosure of legal tender, backing, irreversibility, volatility and technology risks.
LFPIORPI covers certain habitual or professional virtual-asset exchange, custody, storage or transfer services by non-financial platforms.
The LRITF provides fines for virtual-asset operations without prior Banco de México authorization or with assets not determined by the central bank.
Mexico published the LRITF decree in the Diario Oficial de la Federación.
The LRITF took effect the day after official publication under its first transitory article.
Banco de México issued general provisions for credit institutions and ITFs operating with virtual assets.
Circular 4/2019 entered into force the day after DOF publication.
The LFPIORPI virtual-asset vulnerable-activity provision took effect 18 months after the Fintech Decree.
Banco de México modified Circular 4/2019, including governance approval language for third-party contracting.
Mexico published LFPIORPI amendments that updated the virtual-asset vulnerable-activity text.
The current consolidated LRITF text lists a latest reform date of November 14, 2025.
Credit institutions, Custodians, Exchanges, Fintech institutions, Virtual asset service providers
Crypto assets, Virtual assets
This profile treats Mexico’s virtual-assets rules as a regime composed of the LRITF provisions on ITF virtual-asset operations, Banco de México Circular 4/2019, and the LFPIORPI AML overlay for non-financial virtual-asset services.
