# Mozambique's Electronic Transactions Law and Digital Finance Regulatory Landscape
The rapid evolution of information and communication technologies has profoundly transformed the global financial ecosystem, and Mozambique is no exception. As digital platforms and electronic services become increasingly integrated into the national economy, the need for robust regulatory frameworks has never been more critical. For institutional investors, policymakers, and fintech operators looking at Southern Africa, understanding Mozambique's regulatory environment is essential. At the heart of this landscape is the Electronic Transactions Law (Law No. 3/2017), which serves as the foundational pillar for digital finance, e-commerce, and data protection in the country.
As AfriVest continues to build Africa's sovereign digital asset infrastructure—encompassing tokenization, CBDC infrastructure, digital identity, and stablecoins—aligning with national and regional regulatory standards is paramount. Mozambique's approach to digital finance regulation offers valuable insights into how the country is balancing innovation with security, consumer protection, and international compliance.
Regulatory Background and the Electronic Transactions Law
Enacted on January 9, 2017, the Electronic Transactions Law (Law No. 3/2017) was a landmark piece of legislation designed to regulate electronic transactions, e-commerce, and e-government in Mozambique. The primary objective of this law is to create legal certainty and security in electronic communications and transactions, thereby promoting public and private investment in the information and communication technology (ICT) sector.
Before the enactment of this law, Mozambique relied on fragmented provisions within the Constitution and the Civil Code to address issues of privacy and data protection. The Electronic Transactions Law consolidated these principles, establishing a comprehensive legal framework that grants legal effect to data messages and electronic signatures, provided they meet specific legal requirements. Furthermore, the law created the National Institute of Information and Communication Technologies (INTIC), which is tasked with ensuring compliance, managing the ".mz" domain, and implementing the State's electronic certification service.
Key Provisions for Digital Finance and Fintech
For fintech operators and digital asset platforms, several key provisions within the Electronic Transactions Law are of particular importance. First and foremost, the law legally recognizes electronic contracts and digital signatures, equating them to their traditional paper-based counterparts. This recognition is crucial for the seamless execution of digital financial services, including tokenization and the issuance of digital assets.
Additionally, the law assigns the Bank of Mozambique the authority to issue safety assurance standards for all payments made through electronic payment instruments. This mandate ensures that digital payment platforms, including those facilitating stablecoin transactions or CBDC infrastructure, adhere to stringent security protocols. The law also establishes a legal framework for consumer protection in e-commerce, ensuring that users of digital financial services are safeguarded against fraud and cyber offenses.
Recent supplementary regulations have further strengthened this framework. For instance, the Regulation on the Registration and Licensing of Intermediary Providers of Electronic Services and Operators of Digital Platforms (Decree 59/2023) requires all digital platform operators offering services in Mozambique to be licensed, even if they do not have a physical establishment in the country. This regulation categorizes platforms into various types, including digital payment platforms, thereby providing clear guidelines for fintech operations.
Data Protection and Compliance Implications
While Mozambique does not yet have a standalone, comprehensive data protection act akin to South Africa's POPIA or the GDPR, the Electronic Transactions Law incorporates significant data protection provisions. The law defines personal data as any information relating to an identified or identifiable natural person and establishes strict rules for data processors.
Under Article 64 of the law, data processors must protect personal data against unauthorized access, loss, destruction, or modification. The law explicitly prohibits unauthorized access to databases for the purpose of obtaining third-party personal data and restricts the transfer of personal data between different institutional files, except where permitted by law or judicial decision.
Furthermore, Mozambique has ratified the African Union Convention on Cybersecurity and Personal Data Protection (Malabo Convention) through Resolution No. 5/2019. This ratification elevates the country's data protection standards, aligning them with regional harmonization efforts. For platforms like AfriVest, compliance means implementing robust data governance frameworks that ensure data accuracy, purpose limitation, and stringent security measures, in line with both national laws and the Malabo Convention.
Enforcement Mechanisms and Institutional Oversight
Enforcement of the digital finance regulatory framework in Mozambique is a collaborative effort involving multiple institutions. The Bank of Mozambique plays a central role in overseeing electronic payments and financial consumer protection. In 2021, the central bank issued the Code of Conduct for Credit Institutions and Financial Companies (Notice No. 8/GBM/2021), which mandates that financial entities maintain clear internal policies to ensure data protection and privacy for their consumers.
The National Institute of Information and Communication Technologies (INTIC) is responsible for the broader supervision of electronic transactions and the licensing of digital platforms. Violations of the Electronic Transactions Law, particularly concerning cyber offenses and data breaches, can result in significant penalties, including fines and the revocation of operating licenses. The legal framework also allows for judicial intervention in cases of severe non-compliance or cybercrime.
Preparing for the Future of Digital Assets
As Mozambique continues to modernize its financial sector, digital asset platforms must proactively adapt to the evolving regulatory landscape. The progressive enactment of regulations, such as the legal regime for commercial contracts (Decree-Law No. 3/2022) which touches upon smart contracts, indicates a forward-looking approach by Mozambican authorities.
To thrive in this environment, platforms should prioritize compliance with the Bank of Mozambique's security standards and INTIC's licensing requirements. Implementing international best practices, such as ISO 20022 for financial messaging and FATF guidelines for AML/CFT, will not only ensure regulatory compliance but also build trust with institutional investors and users.
Conclusion
Mozambique's Electronic Transactions Law and its subsequent regulations represent a critical step towards integrating the country into the global digital economy. By establishing clear rules for electronic transactions, digital signatures, and data protection, Mozambique is creating an enabling environment for fintech innovation and digital finance. For platforms like AfriVest, navigating this landscape requires a deep understanding of both national legislation and regional frameworks like the Malabo Convention. As Africa's digital economy transformation accelerates, robust and compliant digital asset infrastructure will be the cornerstone of sustainable financial inclusion and economic growth across the continent.
