Tax Updates

Civil Guard and Bank of Spain pursue financial fraud: what changes in 2026

E
Equipo Editorial CambiosLegales
30 Jun 2026 7 min 31 views

Key data

RegulationResolution of June 23, 2026, from the Under-Secretariat, publishing the Agreement between the State Secretariat for Security and the Bank of Spain for the prosecution of financial fraud by unauthorized persons or entities
BOE PublicationJune 30, 2026
Entry into forceApril 23, 2026
Direct affected partiesEntities and persons operating in the financial sector without authorization from the Bank of Spain
CategoryTax Updates
Year2026
Higher frameworkAction Plan against Financial Fraud (signed in 2022 by 19 institutions)
Impact analysis reserved for PRO
The detailed impact analysis of this regulation is available for users with a PRO plan or higher. Access the full content and receive personalized alerts.
From €9.99/month · Cancel anytime

Operating in the financial sector without authorization from the Bank of Spain is no longer just a regulatory risk: as of 2026, it is an active and coordinated criminal risk. The Resolution of June 23, 2026 publishes the agreement between the State Secretariat for Security and the Bank of Spain that formalizes the collaboration between the Judicial Police Command of the Civil Guard and the financial supervisor to combat unauthorized practice of reserved financial activities.

This agreement does not come out of nowhere: it is the direct development of the Action Plan against Financial Fraud signed in 2022 by nineteen institutions. What was previously a political intention now becomes an operational mechanism with concrete obligations for both parties.

What does this regulation establish?

The agreement defines a system of bidirectional and permanent information exchange between the Civil Guard and the Bank of Spain. Each party assumes specific commitments:

OrganizationObligations assumed in the agreement
Civil Guard (Judicial Police Command)Notify the Bank of Spain of any unregistered entity carrying out reserved financial activities. Communicate judicial proceedings related to these activities.
Bank of SpainCommunicate to the Judicial Police any indications of crime detected during its supervisory activities. Advise the Civil Guard on applicable financial regulations in each case.

To articulate this collaboration, the agreement creates two permanent structures:

  • National Coordination Point, located in the Technical Unit of Judicial Police of the Civil Guard.
  • Joint Monitoring Commission, responsible for overseeing the functioning of the agreement.

All information exchange is subject to strict confidentiality obligations and the Bank of Spain's supervisory secrecy regime, which ensures that shared data does not leak outside the institutional circuit.

Economic and operational impact

For companies and professionals operating within the law, this agreement generates no direct costs or new obligations. Its impact is preventive and deterrent.

The real effect occurs on three levels:

  • Faster detection: The Bank of Spain detects irregularities in its supervisory activities and now has a direct channel to transfer them to the Civil Guard without delay. The gap between "detection" and "police action" is drastically reduced.
  • Dual alert source: The Civil Guard, for its part, can identify unregistered operators during investigations and notify the Bank of Spain immediately. The system works in both directions.
  • Elevated criminal risk: Reserved financial activities exercised without authorization may constitute a crime. With this agreement, the transfer of an administrative file to a judicial proceeding becomes systematic, not exceptional.

For companies in the regulated financial sector, this agreement indirectly strengthens fair competition: unauthorized operators competing with cost advantages (by not assuming regulatory compliance expenses) face unprecedented coordinated pressure.

Who does it affect?

  • Natural or legal persons who accept deposits, grant credit or carry out other reserved financial activities without being registered with the Bank of Spain.
  • Investment platforms, lenders, financial intermediaries and asset managers operating in Spain without the required supervisory authorization.
  • Companies offering payment services, currency exchange or electronic money issuance without a license from the Bank of Spain or the competent supervisory body.
  • Financial advisors acting as entities without being registered in official registries.
  • Foreign entities operating in Spain without a European passport or specific authorization for the Spanish market.

Entities duly authorized and registered with the Bank of Spain are not affected by this agreement beyond a cleaner competitive environment.

Practical example

Imagine a company offering peer-to-peer loans through a digital platform. It has been operating since 2023 without requesting authorization from the Bank of Spain, arguing that it acts as a "mere intermediary."

Under the new agreement, the scenario is as follows:

  1. The Bank of Spain detects the activity during a routine inspection of the fintech sector and finds indications of exercising reserved activity without authorization.
  2. Through the National Coordination Point in the Technical Unit of Judicial Police, it transfers the indications to the Civil Guard with technical advice on which financial regulations would be violated.
  3. The Civil Guard opens proceedings, notifies the Bank of Spain of the judicial procedure initiated, and both organizations coordinate the investigation through the joint Monitoring Commission.

The result: what previously could remain an administrative sanction now has a direct path to criminal proceedings, with two institutions working in a coordinated manner and obligated to communicate progress to each other.

Do you need to monitor this and other regulations?

Consult the full details on CambiosLegales

What should companies do now?

  1. Verify your registration status: Check that your company or activity is correctly registered in the Bank of Spain's registries. If you offer any financial service, registration is not optional.
  2. Review the scope of reserved activities: Some companies carry out activities that border on the regulatory scope without knowing it (fund-raising, credit intermediation, payment management). Analyze whether any of your operations require supervisory authorization.
  3. Update your authorizations if you have expanded services: An authorization obtained for a specific service does not automatically cover new business lines. Each reserved activity requires its own authorization.
  4. Train your compliance team: The agreement activates surveillance from two simultaneous fronts. Your compliance department must know which activities are reserved and what thresholds trigger the authorization requirement.
  5. Consult with a specialist advisor in financial regulation if you have doubts about whether your business model requires authorization from the Bank of Spain. The cost of preventive consultation is minimal compared to the criminal risk of operating without a license.

Frequently asked questions

What financial activities are "reserved" and require authorization from the Bank of Spain?

Reserved activities are those that Spanish financial regulations attribute exclusively to supervised entities: acceptance of deposits from the public, professional credit granting, electronic money issuance, provision of payment services and other banking activities. Exercising them without authorization from the Bank of Spain constitutes unauthorized practice and may result in criminal liability. The agreement does not define a new list: it applies current financial regulations, but activates a coordinated prosecution mechanism between the supervisor and the Civil Guard.

When did this agreement between the Civil Guard and the Bank of Spain come into force?

The agreement came into force on April 23, 2026, although its publication in the BOE occurred on June 30, 2026. This means that the National Coordination Point and the Monitoring Commission have been operational since April, prior to official publication.

What happens to the information shared by the Civil Guard and the Bank of Spain?

The agreement establishes strict confidentiality obligations for all exchanged information. Additionally, the data is subject to the Bank of Spain's supervisory secrecy regime, which limits its use exclusively to the purposes of the agreement and to any resulting judicial or administrative proceedings.

Is this agreement new or did a previous collaboration framework already exist?

The agreement develops the Action Plan against Financial Fraud signed in 2022 by nineteen institutions. What in 2022 was a political commitment between organizations now becomes an operational agreement with concrete obligations, permanent structures (National Coordination Point and Monitoring Commission) and formal information exchange channels.

Does a company authorized by the Bank of Spain have any new obligations due to this agreement?

No. Entities duly authorized and registered in the Bank of Spain's registries do not assume any additional obligations due to this agreement. The agreement is aimed exclusively at combating unauthorized practice by those operating without authorization. For regulated entities, the effect is indirect: a cleaner competitive environment by reducing the activity of unauthorized operators.

Official source

Consult complete regulation in official source

Notice: This article is purely informational in nature and does not constitute legal advice. For specific decisions, consult a qualified professional. Source: https://www.boe.es/diario_boe/txt.php?id=BOE-A-2026-14222



Share:
E
Equipo Editorial CambiosLegales

El equipo editorial de CambiosLegales analiza diariamente los cambios normativos que afectan a empresas y autónomos en España, ofreciendo análisis pro...

Comments

No comments yet. Be the first to comment!

Leave a comment
Get free alerts