🇧🇷
Regulatory compliance in Brazil
Brazil's LGPD (Lei Geral de Proteção de Dados) closely mirrors GDPR and is enforced by the ANPD. The Central Bank also imposes strict open banking and fintech regulations.
Key regulatory authorities
Cleo monitors enforcement actions and guidance from these authorities in real time.
Regulations covered
Key regulatory frameworks monitored by Cleo in Brazil.
LGPDMarco Civil da InternetOpen Banking RegulationBrazilian AI BillConsumer Protection Code
Compliance by industry in Brazil
Explore sector-specific regulatory requirements.
Frequently asked questions
How does Brazil's LGPD compare to GDPR?
LGPD shares GDPR's core principles but has different legal bases, lighter penalties, and unique provisions. Cleo maps both and highlights gaps for companies operating in both jurisdictions.
What penalties does the ANPD impose for LGPD violations?
The ANPD can impose fines of up to 2% of Brazilian revenue (capped at R$50 million per violation), daily penalty payments, data processing suspensions, and public disclosure of violations. Enforcement has accelerated since the first fine in 2023.
Does Brazil require data localization?
LGPD does not require strict data localization, but the Central Bank mandates that certain financial data be stored in Brazil. International data transfers are permitted under adequacy decisions, standard clauses, or specific consent. Cleo tracks evolving ANPD transfer guidance.
Ready to master compliance in Brazil?
Start free scan and see your regulatory perimeter mapped by AI in minutes.