Payments Regulatory Deadlines to Watch in March 2025

Each month, we leverage data from our Horizon Scanning Regulatory Deadlines Calendar to bring you a glimpse of the key response deadlines and legislation effective dates coming up, so you can plan and take action around some of the most important regulatory developments unfolding right now.

In March, there are 30 regulatory deadlines on the horizon — with 13 key consultation periods coming to an end and requiring a response, and 17 actionable deadlines to be aware of coming into effect.

What are the regulatory deadlines to watch in March?

Latvia

The Bank of Latvia has published Regulation No. 374, effective from 1 January 2025, detailing requirements for credit institutions, payment institutions, and electronic money institutions regarding the use of outsourcing services. The regulation outlines comprehensive guidelines for managing outsourcing risks, maintaining internal controls, and ensuring compliance with EU legislation, particularly Regulation (EU) No. 2022/2554 on digital resilience in the financial sector. It also requires institutions to develop robust outsourcing policies and maintain detailed registers of all outsourcing arrangements. Institutions must submit initial outsourcing registers by March 1, 2025 and align existing contracts with the new requirements by 1 May 2025.

Brazil

On February 5, 2025, the Central Bank of Brazil (BCB) issued Normative Instruction No. 590, which amends procedures for the registration of companies contracted by financial and payments institutions to assist with data sharing and fraud detection. Specifically, the normative instruction provides that such contracted companies must be registered in the BCB’s Entities of Interest Information System (Unicad). The normative instruction takes effect on March 3, 2025.

European Union

The European Union has published Commission Delegated Regulation (EU) 2025/301, establishing regulatory technical standards specifying the content and time limits for the initial notification, intermediate report, and final report on major ICT-related incidents, as well as the content of voluntary notifications for significant cyber threats under Regulation (EU) 2022/2554 (Digital Operational Resilience Act-DORA), in the Official Journal of the European Union. The delegated regulation will enter into force on the 20th day following its publication, on March 11, 2025.

Mexico

On February 21, 2025, the Bank of Mexico released Circular 2/2025, which amends the regulatory framework underlying the Interbank Electronic Payments System (SPEI). Specifically, the circular amends Circular 14/2017 to modify rules as they relate to indirect participation services through SPEI in order to enhance risk management and provide greater clarity to SPEI participants. The provisions of the circular take effect on March 24, 2025.

Fiji

The Reserve Bank of Fiji (RBF) has released the minimum requirements for risk management frameworks of licensed payment service providers (PSPs) in Fiji. This policy outlines the RBF’s minimum requirements for risk management of payment systems and is issued pursuant to Sections 5(a) and 5(b) of the National Payment System Act 2021. Included in the policy are cybersecurity requirements, third-party vetting protocols and monitoring/reporting risks. This policy becomes effective from March 31, 2025, with full compliance required within one year from the effective date.

‍
The Vixio PaymentsCompliance Horizon Scanning tool shows you real-time updates on regulatory deadlines and trends across 140+ global jurisdictions, including all US states, at the click of a button. Its Regulatory Deadlines Calendar feature sets out effective dates for published legislation, closing dates for consultation periods on proposed regulatory developments, and deadlines for specific requests for information by regulatory authorities.

‍

We’ve only shown you a snapshot of March’s deadlines. Want to see them all?

‍Book a demo with a member of our team, who can show you the full Regulatory Deadlines Calendar for this month.