Full access to Entrepreneur for $5

Now the bank - and the fintech companies - will know your location

You, as a user, can refuse to grant your location, but if you do, the bank will not allow you to use their application.

This article was translated from our Spanish edition. Opinions expressed by Entrepreneur contributors are their own.


As you know, a new law came into force on March 23 that obliges banks to know the location of their users in their digital applications in order to provide them with the service, and fintech companies were born with this requirement of the Law.

You, as a user, can refuse to grant your location, but if you do, the bank will not allow you to use their application. So let's face it, they are forcing you to accept, or you would have to go to the branch to make your transactions. But if you avoid giving your location and decide to go to the branch to be non-conformist, consider that they will also know that your location is that of the branch. In short, if you want to use financial services, resign yourself to letting them know where you are.

However, you shouldn't worry that they know your location. It is likely that before this law came into force, these applications already obtained your estimated location through your IP. But if you have delusions of persecution, there are applications that allow you to modify the location that your cell phone reports, in addition to using a VPN to "hide" your IP and complete the feat. If you decide to "cheat" the bank with your location, I recommend you avoid pretending to be in Iran or North Korea, highly risky countries in terms of Prevention of Money Laundering according to the FATF (Traditional Financial Action Task Force), as you will run the risk of your accounts being frozen.

This brings me to the reason why location is now a requirement of the authorities for banks, and it boils down to the Prevention of Money Laundering (PLD). The same Fintech regulated as Prestadero, which I direct, we also need to know the geolocation of the users.

The General Provisions referred to in Article 58 of the Law to Regulate Financial Technology Institutions mention in their Articles 11, 35 and 101, the need to know the geolocation of users to integrate the files, and the requirement of consider such information in their transactional profile. In other words, in order to determine possible risks of money laundering and terrorist financing in transactions, the authority considers it important to know that a customer who declares his domicile in Mexico is not carrying out transactions from Iran or Yemen, which could generate an alert.

In general, banks and Fintechs already considered location data via IP not only for PLD, but for fraud prevention. For example, someone who claims to live in Mexico City, but whose IP is geolocated in Durango, may represent a risk of identity theft. Or someone who is using a VPN (discoverable in most cases) may pose a risk as well.

Some have expressed that they are afraid that the bank employees know their location and give the "whistle" to be robbed. But 99% of the bank's employees will not have access to this information, so that risk will be miniscule.

The location is undoubtedly very powerful information, and it can be used for purposes beyond the main purpose to improve PLD practices, as long as it is so mentioned in the privacy notice of the institution. For example, knowing the location of users could theoretically allow:

  1. Locating delinquent debtors
  2. Identification of possible identity theft or fraud
  3. Strengthening in fraud audits
  4. Data for alternative credit scoring
  5. Data that can be used by authorities (after a proper search warrant) to find out the location of criminals (including entire gangs of criminals and their dens).
  6. Data for the designation of strategic expansion or marketing plans (for example, where to place / eliminate branches), where to place advertisements with bank promotions, etc.
  7. Data to offer you promotions at the moment (“Welcome to Walmart San Jerónimo, use your Banco ABC card to buy XYX and we will give you a 5% discount”).
  8. Many others, only limited by the creativity of data analysts.

What can you do? In my opinion loosen the body. There is not much you can do about a regulatory issue, and if this information is used correctly by institutions, it can contribute to having a country with safer financial transactions.