Bolivia Updates the Regulatory Framework for Financial Technology Companies

Bolivia Updates the Regulatory Framework for Financial Technology Companies

Circular ASFI/945/2026 introduces new rules on fintech licensing, virtual assets, payment systems, alliances, financing platforms, sandbox testing and technology infrastructure.

Through Circular ASFI/945/2026, the Bolivian Financial System Supervisory Authority (ASFI) has approved a new set of amendments to the Regulation for Financial Technology Companies (Reglamento para Empresas de Tecnología Financiera), incorporated into the Compilation of Rules for Financial Services.

The changes form part of Bolivia’s broader process of formalising the fintech sector and are relevant for companies operating — or intending to operate — in digital financial services, payment solutions, virtual assets, tokenisation, financing platforms, insurtech, and other technology-based financial models.

The message is clear: Bolivia continues to open space for fintech innovation, but within a more structured supervisory framework. Innovation will increasingly need to be supported by licensing analysis, documented governance, cybersecurity, consumer protection and risk management.

Below is a practical overview of the main changes and their implications for companies, investors and financial institutions.

1. The Central Bank of Bolivia becomes more relevant for fintech models

One of the most important changes is the express incorporation of the Central Bank of Bolivia (BCB) regulatory framework in matters related to the payment system.

This is particularly relevant for fintech companies whose business models involve:

• electronic payment instruments;
• digital wallets;
• electronic channels;
• payment processing;
• clearing or settlement mechanisms;
• integration with payment platforms; or
• services connected to the regulated payment ecosystem.

This means that fintech projects in Bolivia can no longer be analysed only from an ASFI perspective. Where a business model interacts with payments infrastructure, payment instruments or settlement mechanisms, BCB regulations may also become relevant.

2. Virtual assets: permitted activity, but under structured controls

Circular ASFI/945/2026 introduces relevant clarifications for operations involving virtual assets.

Licensed Financial Technology Companies may enter into alliances with:

• other licensed ETFs;
• financial institutions;
• securities market participants; or
• foreign entities authorised in their country of origin.

These alliances may support services involving the purchase, sale, exchange, transfer or use of virtual assets through wallets, electronic channels or technology-based platforms.

However, the Circular does not treat virtual-asset activity as a deregulated space. On the contrary, it requires formal documentation, operational controls and risk mitigation mechanisms.

Key areas of focus include:

• cybersecurity and information security;
• consumer protection;
• operational risk;
• fraud prevention;
• anti-money laundering and counter-terrorist financing controls;
• data protection and confidentiality; and
• clear allocation of responsibilities between the parties.

3. Alliances between fintechs and regulated entities must be properly documented

The Circular provides a more detailed framework for alliances between ETFs and other local or foreign entities.

These arrangements may be particularly relevant for:

• digital wallet operators;
• payment companies;
• technology providers;
• foreign fintech platforms;
• financial institutions;
• securities market participants; and
• companies exploring tokenisation or digital finance products.

The relevant agreements should address, among other matters:

• scope of services;
• cybersecurity standards;
• data protection and confidentiality;
• restrictions on the use and transfer of information;
• fraud prevention and detection;
• AML/CFT obligations;
• service-level responsibilities;
• failures, incidents and liability;
• fees, commissions and charges;
• communication channels;
• duration and termination; and
• dispute resolution mechanisms.

4. Financing platforms: clearer limits to avoid regulatory arbitrage

Circular ASFI/945/2026 introduces specific restrictions for financing platforms.

Under the amended regulation, supervised entities are prohibited from carrying out certain activities through these platforms, including:

• issuing securities without a public offering;
• obtaining financing from domestic or foreign financial intermediary entities;
• obtaining financing through investment funds; and
• acquiring debt through regulated financing platforms.

These rules seek to preserve the distinction between technology-enabled financing models and activities that may fall within banking, securities or investment fund regulation.

5. The regulatory sandbox becomes a more important pathway for innovation

The Circular further develops Bolivia’s Controlled Testing Environment (Entorno Controlado de Pruebas), which operates as a regulatory sandbox for financial innovation.

The sandbox may be used for innovative services in:

• financial services;
• the securities market;
• insurance;
• payments;
• virtual assets;
• tokenisation;
• financing platforms; and
• other technology-based financial solutions.

The process generally includes:

1. ASFI call or invitation;
2. submission of application and supporting documents;
3. description of the technology and proposed service;
4. identification of risks and mitigation measures;
5. testing under defined limits and conditions;
6. ASFI monitoring and evaluation; and
7. authorisation, adjustment, rejection or orderly exit.

The sandbox provides a controlled route to test innovative models. However, it does not operate as a regulatory exemption. Participants must demonstrate technical capacity, operational controls, consumer protection measures and a credible exit plan.

Business implication:
For new or uncertain fintech models, the sandbox may become the preferred route to validate the product before seeking full authorisation.

6. Extension of the adaptation period

The Circular extends the deadline for companies incorporated in Bolivia that are already providing technology-based financial innovation services to submit their letter of intent to begin the adaptation process.

New deadline: 30 June 2026

This extension gives existing market participants additional time to assess whether their activities fall within the ETF framework and to begin formal engagement with ASFI.

However, the extension should not be read as a suspension of regulatory scrutiny. Companies that continue operating without assessing their regulatory status may face increased exposure once the adaptation period closes.

7. Technology infrastructure and cybersecurity become central compliance requirements

Circular ASFI/945/2026 also introduces more detailed requirements on infrastructure, technology and information security.

ETFs must have physical and technological infrastructure appropriate to the nature, size, complexity and operational volume of their business.

Key requirements include:

• secure information systems;
• cybersecurity controls;
• business continuity and recovery mechanisms;
• traceability of critical operations;
• audit trails;
• data storage and protection measures;
• technical documentation for systems and applications;
• segregation of development, testing and production environments; and
• an internal officer responsible for information technology and communications.

This is one of the most relevant practical changes. Technology is no longer merely an operational tool. It becomes part of the regulatory perimeter.

Practical checklist for fintech companies

Companies operating or planning to operate fintech models in Bolivia should consider reviewing:

• whether their activities fall within one of the regulated ETF categories;
• whether the business model requires ASFI authorisation;
• whether BCB payment system rules are applicable;
• corporate purpose and governance structure;
• agreements with banks, fintechs, technology providers or foreign partners;
• virtual-asset, wallet, payment or tokenisation features;
• AML/CFT controls;
• consumer protection procedures;
• cybersecurity and information security framework;
• data processing and confidentiality policies;
• operational continuity plans;
• documentation required for the adaptation process or sandbox entry.

Conclusion

Circular ASFI/945/2026 marks a new stage in Bolivia’s fintech regulatory framework.

The amendments clarify the role of the BCB in payment-related matters, introduce more detailed rules for virtual assets and alliances, strengthen the regulatory sandbox, extend the adaptation period and impose more robust technology infrastructure and cybersecurity requirements.

For companies and investors, the opportunity remains significant. Bolivia continues to move toward a more formal digital finance ecosystem. However, the regulatory direction is clear: fintech innovation must now be supported by legal analysis, licensing strategy, documented governance, risk management, cybersecurity and consumer protection.

The challenge for the sector will not be only to innovate, but to innovate within a more structured and demanding supervisory framework.