Overview: Mexico’s Proposed Artificial Intelligence Bill

Last Updated: February 27, 2024

Any AI That Is Used or Generates Data Within Mexico

Risk-Based Approach: Low, High, and Unacceptable

Significant Penalties: Up to 10% of Annual Revenue

Utah AI Policy Act Compliance

AI Compliance doesn’t have to be so complicated.

Use FairNow’s AI governance platform to:

Effortlessly ensure your AI is in harmony with both current and upcoming regulations

Ensure your LLMs and GenAI are transparent, reliable, and unbiased

Stay ahead of compliance requirements before fees and fines become commonplace

FAQs About The Federal Law Regulating Artificial Intelligence In Mexico

What are the core concepts of the Mexico’s proposed artificial intelligence bill?

Senator Ricardo Monreal’s bill aims to regulate AI development, use, and marketing in Mexico, emphasizing human rights, intellectual property protection, and national AI advancement.

The core concepts include:

  1. Risk Classification and Oversight: AI systems are classified into three risk categories—unacceptable, high, and low—with specific obligations for each (similar to the EU AI Act). The Federal Telecommunications Institute (IFT) is designated as the enforcement authority, empowered to issue sanctions and supported by a newly formed National Commission for Artificial Intelligence.
  2. Developer Obligations: AI developers are required to conduct thorough assessments, ensure human oversight, and obtain pre-launch approval from the IFT for high-risk systems. Transparency and ongoing monitoring are mandatory.
  3. Intellectual Property and Ethical Considerations: The bill also mandates clear labeling of AI-generated content for IP registration and requires developers to secure consent from IP rights holders for data use.
Who does Mexico's proposed AI legislation apply to?

The proposed artificial intelligence regulation bill in Mexico applies to AI system developers, providers, and users who operate within the Mexican jurisdiction.

Specifically, it encompasses any entities involved in the development, marketing, and use of AI systems that either function in Mexico or generate data within the country. This includes both domestic and international organizations that have operations or impact in Mexico through their AI technologies

What are the compliance requirements of Mexico's proposed AI regulation?
  1. Risk Classification Compliance: AI systems must be classified according to their risk level (unacceptable, high, low) and comply with specific obligations for each category.
    • Unacceptable Risk: These systems are prohibited.
    • High Risk: Systems require thorough assessment, human oversight, and pre-launch authorization from the Federal Telecommunications Institute (IFT).
    • Low Risk: These require basic compliance with monitoring and transparency standards.
  2. Monitoring and Reporting: All AI system providers must implement adequate ongoing monitoring mechanisms and inform users about their interaction with AI.
  3. Intellectual Property: AI-generated content must be clearly labeled when registering for intellectual property protection, and consent must be obtained from IP rights holders before their data is used to train AI systems.
  4. Transparency and Ethical Use: Developers and providers must ensure ethical use of AI, promoting transparency and preventing potential negative impacts on society.
  5. Authorization and Oversight: Developers of high-risk AI systems must seek formal approval from the IFT before deployment. The IFT, supported by the National Commission for Artificial Intelligence, will oversee compliance.
What are the non-compliance penalties?

The proposed AI regulation bill in Mexico stipulates that non-compliance with the set guidelines and requirements can lead to a range of penalties, which are scaled according to the revenue of the offending parties. These penalties include:

  1. Warnings: Initial minor non-compliance may result in warnings issued to the AI system providers or developers.
  2. Significant Fines: More significant violations could incur financial penalties. The exact scale of the fines isn’t specified, but they are expected to be proportionate to the severity of the infringement and the company’s annual revenue. Some reports have suggested up to 10% of annual revenue.
  3. Suspension of AI Systems: In cases of severe violations, particularly those posing unacceptable risks or repeated non-compliance, the authorities may suspend the operation of the AI systems involved.

The Federal Telecommunications Institute (IFT), proposed as the primary regulatory and enforcement authority under the bill, will enforce these penalties.

What is the status of Senator Ricardo Monreal's proposed artificial intelligence regulation bill?

As of the last update, the artificial intelligence regulation bill introduced by Senator Ricardo Monreal in February 2024 was still under consideration by the Senate of the Republic in Mexico.

How can companies best ensure compliance under Mexico's AI bill?

We’re so glad you asked!

To effectively implement the requirements of Mexico’s proposed AI regulation bill, companies should focus on strategic actions to ensure compliance and optimize their AI governance.

What does this look like practically? We recommend the following eight steps to ensure compliance:

1. Understand the Legal Framework: Companies need to thoroughly understand the specifics of the bill, including risk classifications, developer obligations, and penalties for non-compliance. Consulting with AI governance experts in AI and technology law can provide clarity and guidance.

2. Risk Assessments and Classification: Evaluate all AI systems to classify them according to the defined risk levels (unacceptable, high, and low risk). This will dictate the specific obligations each system must meet, such as the level of monitoring and the need for pre-launch approvals.

3. Implement Robust AI Governance: Adopt governance frameworks that align with international standards like ISO/IEC 42001, “Artificial Intelligence Management System.” These standards will help establish structured processes for AI quality and risk management.

4. Enhance Transparency and Accountability: Develop clear policies that outline how AI systems interact with users and other stakeholders. Ensure that these interactions comply with the bill’s requirements for transparency, such as informing users about AI interactions and securing consent where necessary.

5. Compliance Audits and Monitoring: Regularly audit AI systems to ensure ongoing compliance with the bill’s requirements. Implement continuous monitoring mechanisms to detect and correct any deviations from required standards.

6. Human Oversight: Ensure that systems designated as high-risk have adequate human oversight mechanisms in place, as specified by the bill. This involves having qualified personnel to supervise AI operations and intervene when necessary.

7. Documentation and Reporting: Maintain comprehensive documentation of AI systems, including their development, deployment, and operational procedures. Prepare to disclose these documents to regulatory authorities if required.

8. Prepare for Additional Adjustments: Be prepared to adjust operations as the bill evolves through the legislative process and as final regulations are enacted. Keeping a flexible approach will allow for smoother transitions and better compliance.