The Banco Central de Reserva del Perú has issued Circular 0011-2026-BCRP, replacing the existing LBTR operational framework with updated rules covering cybersecurity, participant classification, fee structures, and liquidity management. The regulation takes full effect in June 2026, with phased compliance windows extending up to three years for infrastructure requirements.
The circular mandates hardware security module deployment in both production and certification environments, annual ethical hacking evaluations, and vulnerability assessments for all LBTR-connected infrastructure. It establishes a two-tier participant structure: Type I participants, primarily banks, must maintain fully automated straight-through processing connectivity, while Type II participants, including non-bank financial entities, may use flexible access channels such as a web client interface. Participants must submit compliance work plans within the first month of the adaptation period, with up to six months to implement web client access.
The most significant operational change is the Bypass FIFO mechanism, which allows the system to execute lower-value transactions when a higher-priority payment at the head of the queue lacks sufficient funds. This addresses a long-standing liquidity gridlock risk in queue-based RTGS systems. The revised fee schedule sets electronic transfers at S/ 1.4 per operation, carta orden transfers at S/ 2.5, and compensation settlement operations at S/ 5.0. The regulation also introduces simultaneous payment models for foreign exchange transactions, aligning with broader central bank efforts to reduce settlement risk in FX markets.