Join our mailing list to receive the latest updates and alerts Flag Subscribe

Effective January 1, 2022, Mexico joined the list of countries that require companies (including those owed by foreigners), trusts, other legal vehicles, financial institutions and others to gather, maintain, update and, if requested by Mexico’s Tax Administration Service (SAT), provide information about controlling beneficiaries (also called beneficial owners or ultimate beneficiaries). As currently enacted, these new requirements are very broad, yet unclear on application and reach. We hoped that the Mexican government would issue further guidance, but so far it has not and there is no indication it will; those bound by these requirements must figure out how to comply now with the new rules as they currently exist.

Who Is Covered?

The new requirements apply to all legal entities, trusts and other legal vehicles in Mexico. The law provides no exceptions (e.g., legal entities owned by public companies, private equity funds or other institutional investors are not exempted). For ease of reading, going forward this article will only make reference to legal entities, but the discussion applies to trusts and other legal vehicles. Furthermore, in regard to trusts, the regulations consider trustees, settlors and beneficiaries as controlling beneficiaries and imposes all the new legal obligations on all of them.

Also, public notaries and others that participate in the formation of legal entities and financial institutions (regarding information on financial accounts) have the obligation to obtain information to identify controlling beneficiaries. They must also adopt reasonable measures to prove their identity and provide such information to SAT when requested.

What Is Required?

Every legal entity must gather and maintain over thirty items of information on each of its controlling beneficiaries. The information includes full name, aliases, date of birth, gender, nationality(ies), tax residence, tax id number, marital status (with spouse’s id and marital property regime), full contact information, and detailed information of each controlling beneficiary about their participation in the legal entity.

If the controlling beneficiary has indirect control (e.g., through the use of legal entities or by means other than ownership), the entity must also obtain and maintain information about the chain of control used by the controlling beneficiary. If there is a change in the identity or participation of the controlling beneficiaries, the legal entity must update the information within 15 days from the change.

This information must be maintained as part of the entity’s accounting records and, if requested by SAT, provided to SAT. Mexican legal entities must maintain their accounting records electronically and SAT has access to them. It is unclear how the new information and documents regarding controlling beneficiaries will be incorporated into the accounting records. The Mexican government may share this information with foreign governments that request the information under applicable international treaties.

The legal entity must maintain the documentation backing up the information about the controlling beneficiaries and the chain of control (if applicable). Legal entities, public notaries and others obligated by these requirements must create and implement duly documented reasonable and necessary internal control procedures to obtain, maintain and update information on controlling beneficiaries. Those procedures will be part of their accounting records, which SAT may request.

Who Are “Controlling Beneficiaries”?

Article 32-B Quater of Mexico’s Federal Fiscal Code (the CFF) defines “controlling beneficiary” as the individual or group of individuals:

1. Who directly or through others or any legal instrument (e.g., by contract), obtains the benefit derived from their participation in a legal entity or who ultimately exercises the rights of use, enjoyment, exploitation or disposal of a good or service or in whose name a transaction is done.

2. directly or indirectly, exercises control of the legal entity. The individual or group of individuals has control when, through securities, contract or other instruments they can, directly or indirectly:

(a) dictate decisions at shareholders’ meetings (or equivalent) or appoint or remove the majority of the directors (or equivalent);

(b) maintain the voting rights on more than 15 percent of the corporate capital; or

(c) direct the administration, strategy or main policies of the legal entity.

Determining who are the controlling beneficiaries is not straightforward. The CFF states that to interpret these provisions legal entities may use the recommendations issued by the Financial Action Task Force or by the Global Forum on Transparency and Exchange of Information for Tax Purposes organized by the Organization for Economic Cooperation and Development, when their application “is not contrary to the nature of Mexican tax provisions.” However, the provisions under the CFF and the provisions interpreted by those international organizations are different.

Furthermore, the Mexican government has issued regulations on the provisions in the CFF that are not consistent with the recommendations of the aforementioned international organizations. Under the regulations, legal entities must apply all the sections and subsections stated above, in a successive order, so that when no controlling beneficiary is identified under Section 1, Section 2 and its subsections (a), (b) and (c) must be applied. This could lead to different interpretations, including that if Sections 1 and 2 should be read independently, any individual that derives any direct or indirect benefit from the legal entity will be considered a controlling beneficiary, regardless of the individual’s level of control or participation.

If no individual is identified after going through all the sections and subsections, the members of the board of directors (or equivalent) will be considered the controlling beneficiaries.

Penalties for Non-Compliance

The CFF states monetary penalties for failing to comply with the new requirements, ranging from 500,000 to 2,000,000 Mexican pesos (currently approximately $25,000- $100,000 USD) per controlling beneficiary and, possibly, per violation. Furthermore, non-complying legal entities will be issued a negative (non-compliant) opinion regarding their tax obligations. This may give SAT the right to suspend or cancel the non-complying legal entity’s digital seals, which would prevent such entity from issuing invoices, thereby potentially halting or severely hampering its operations.

SAT has the power to ask public registries, the unit of financial intelligence of the Ministry of Finance and Public Credit, the National Banking and Securities Commission, the National Commission of the Retirement Savings System or the National Commission of Insurance and Bonds for records to corroborate the information provided by legal entities.


While there are questions on how to comply with these new requirements, all Mexican legal entities must act now to become compliant. It is possible that SAT may start auditing legal entities at any time to verify compliance. Lack of compliance will likely result on penalties, which may be substantial. In some situations, this may also lead to other consequences that may make the legal entity’s operations considerably more difficult.

The first task is determining who are the controlling beneficiaries. This necessitates a review of the corporate structure and corporate documents. The difficulty of this task will depend on the complexity of the corporate structure of the Mexican legal entity and that of the entities above it. In complex structures, a legal opinion (or other similar professional document) may be recommendable as a backup for any future inquiries from SAT to explain how the legal entity concluded who are its controlling beneficiaries.

After the controlling beneficiaries are identified, the legal entity must gather all information required on all controlling beneficiaries and, if applicable, the chain of control, as well as the appropriate documentation to back up such information. Because the information required is extensive and some of it may be very sensitive, it is likely that it may take some time to gather all of it, so legal entities should start the process as soon as possible.

While legal entities are performing the tasks above, they should also design and document internal control procedures to obtain, maintain and update information on controlling beneficiaries. If properly designed and followed, such procedures should help legal entities prove to the authorities that they are in compliance with these new requirements.

Taking the steps above may be challenging and time consuming. However, legal entities must comply with the new requirements. There are no exceptions and SAT is unlikely to be sympathetic to legal entities that fail to comply regardless of the reasons.


Jump to Page

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.