By: Moema Giovanella

Published on 05/23/2023 by the Central Bank of Brazil – BACEN and the National Monetary Council – CMN, Joint Resolution 6/23 establishes new procedures for sharing data related to signs of fraud by financial institutions, payment institutions and other institutions authorized by Bacen to operate among themselves.

The deadline for implementing the standard is November 1, 2023.

With the aim of reducing the asymmetry of information in access to data and information used to support procedures and controls of these institutions for fraud prevention, the standard will allow the improvement of the capacity of supervised institutions to prevent fraud, as well as improve their internal controls.

BACEN considers that institutions are responsible for the use of data and information obtained through consultation of the electronic system, as well as for preserving their banking secrecy, and must obtain consent from their customers for the processing and sharing of fraud data, to be included in a signed contract with a special clause.

Institutions must make documentation on the electronic system and compliance with the requirements applicable to its implementation available to BACEN, including with regard to security, data protection and interoperability.

Data, records and information on the application of the system's control mechanisms must remain available for five years, counting from each application of the controls.

The data shared by the system and the documentation containing the criteria and procedures for identifying the person possibly responsible for the attempted fraud must be available for ten years.

Compliance with Joint Resolution 6/23 does not exempt the institution from the responsibility of carrying out procedures and controls to prevent fraud as provided for in the regulations in force, nor of communicating information about fraud to the competent authorities, as provided for by law.