The platform

Language·

System on watch · vigialegal.mx

P.03The platform · Compliance file

The file STPS wants to see.

For every vendor with personnel in Mexico, Vigía Legal maintains a live, signed REPSE file: sixteen critical documents, twelve recommended optional documents, expiries monitored day by day and a chain of custody that holds up in an inspection.

vigialegal.mx / vendors / SVC-Industrial-2041

on watch

Vendor

Servicios Industriales del Golfo SA de CV

RFC SIG970812K39 · REPSE registry 4128/2022 · Contract MSA-2041

Score

91/100

Next close

T2 · 2026

REPSEREPSE certificate

2026-09-30Valid

SAT32-D opinion · SAT

2026-06-15Valid

IMSSPositive IMSS opinion

2026-06-20Valid

INFONINFONAVIT opinion

2026-05-28Expiring

SISUBSISUB · 1st quarter

—Valid

ICSOEICSOE · 1st quarter

—Valid

IMSS-CUOTASIMSS contribution payment

abr 2026Valid

RCVINFONAVIT RCV payment

abr 2026Valid

NOM-035NOM-035 evidence

2026-06-30Expiring

DC-3DC-3 STPS training

—Valid

CFDIPayroll CFDI (stamped)

—Valid

RITInternal labor regulation

—Missing

Chain of custody · NOM-151 · SAT sealLast verified · 18 min ago

01The 16 critical documents

What STPS asks for when they arrive — ready, signed, valid.

There's no single "REPSE manual": STPS combines obligations from LFT, IMSS, INFONAVIT and SAT. Vigía Legal consolidates the 16 critical documents that show up in every inspection and keeps them valid, with source and refresh cadence.

Document

Source

Refresh

Valid REPSE certificate

STPS registry

Annual

32-D compliance opinion (SAT)

SAT portal

Monthly

Positive IMSS opinion

IDSE API

Monthly

INFONAVIT opinion

INFONAVIT portal

Monthly

SISUB · Subcontracting info

IMSS API

Quarterly

ICSOE · STPS contractor info

STPS portal

Quarterly

IMSS contribution payment

SUA / EBA

Monthly

INFONAVIT RCV payment

SUA

Bimonthly

Signed labor contracts

Upload / e.firma

Per hire

Sealed payroll payment

CFDI 4.0

Biweekly

Stamped payroll CFDI

SAT PAC

Per event

DC-3 STPS training

STPS catalog

Per course

NOM-035 evidence (psychosocial risk)

Internal system

Annual

Internal labor regulation

JCA / CCT

Versioned

Mixed health & safety committee

Signed minutes

Biennial

IMSS employer registration

IDSE API

Per hire

Plus 12 recommended optional documents (liability insurance, annual internal audit program, training matrix, etc.) configurable by contract or risk level.

02How it stays alive

Automatic capture, cross-validation, signed evidence.

Phase A

Capture

The vendor uploads their PDF (or we sync from their portal). OCR extracts folio, RFC and expiry. Signature and SAT seal validation.

Phase B

Cross-check

Each document is validated against the official source: REPSE registry, SAT 32-D opinions, IMSS IDSE, INFONAVIT and STPS portals.

Phase C

NOM-151 seal

Once validated, Vigía seals the document with a NOM-151 timestamp issued by an authorized PSC. Immutable chain of custody.

03Traffic light + 9 statuses

Green, amber, red — and seven shades in between.

Every vendor holds a real-time status calculated against configurable rules. The traffic light is the public face — behind it nine statuses cover the entire cycle from onboarding to offboarding.

Green

Compliant

Complete file, valid, no findings. Eligible for new POs and payments.

Amber

Compliant with findings · Expiring soon

Document expiring in 30/14/7 days or a minor remediable item. Provisionally approved, soft hold.

Red

Non-compliant · Blocked

Mandatory document missing or REPSE expired. Automatic AP hold. No new POs until resolved.

The nine internal statuses

DraftOnboardingPending infoUnder reviewCompliantCompliant with findingsNon-compliantBlockedDeactivated

04Cross-validations

Eight cross-checks that STPS will also run.

REPSE compliance isn't reviewing documents one by one — it's cross-checking them against each other. Vigía runs eight automatic validations weekly to detect inconsistencies before the auditor does.

Check 01

CIF ↔ Coupa registry

Tax registration certificate vs. vendor master in Coupa

Check 02

Payroll CFDI SDI ↔ IMSS/INFONAVIT SDI

Integrated daily salary on CFDI vs. reported to IMSS and INFONAVIT

Check 03

Payroll CFDI ↔ ISR S&S return

Sum of payroll CFDIs vs. ISR return for salaries and wages

Check 04

ISR S&S ↔ IMSS/INFONAVIT

Monthly ISR return vs. bipartite contributions to IMSS/INFONAVIT

Check 05

Bank payments ↔ Returns

Bank receipts vs. amounts reported to authority

Check 06

Positive opinions

SAT 32-D + IMSS + INFONAVIT — all three positive and valid

Check 07

STPS portal validity

Daily verification against the official REPSE registry

Check 08

Employees ↔ Contract

Personnel reported in SISUB vs. personnel assigned to contract

Each cross-check runs weekly and is recorded in the audit log with result and delta. What doesn't match is escalated to the relevant role — Tax for fiscal, AP for payments, Legal for REPSE, HSE for personnel.

05Traceability per worker

SISUB isn't a spreadsheet. It's every person with NSS and validity.

REPSE isn't fulfilled at the vendor level — it's fulfilled at the level of each reported worker. Vigía maintains a live record per NSS: name, assigned contract, hire date, IMSS status, DC-3 coverage, NOM-035 training validity. When STPS asks for "the personnel report for contract X during quarter Y", the signed PDF comes out in less than a minute.

By NSS

Unique ID

11 digits · AES-256 encrypted at rest

By contract

Temporal assignment

Add and remove per contract and period

By training

DC-3 + NOM-035

Validity and refresh per worker

By site access

HSE integration

Block on expired validity

06Configurable rules engine

Your rules, not ours.

Base REPSE is standard — the 16 critical documents are the same for everyone. But every organization has different policies: optional documentation by service category, risk levels, vendor segmentation, contract-specific requirements. Vigía exposes those rules in a configurable layer your legal team owns — no code changes.

By client / entity

Different rules per contracting entity. The same vendor may have different requirements at Pemex than at an IPP.

By category / service

High-risk services (heights, confined spaces) require specific DC-3, extra insurance, etc. Configurable without development.

By risk level

A/B/C segmentation with different review cadences and extra documents for high risk.

By contract

Over-rules at the individual contract level. Specific annexes required by particular negotiations.

→Let's talk

Your vendor base online in 72 hours.

Assisted onboarding: we import your current vendor base, match against the STPS REPSE registry, configure rules per entity and contract, and by day three you have the real status of every vendor.

Request a proposal Book a demo (30 min)