LATAM Regulations 2025: Key Updates and Implications

New fraud prevention regulations are rolling out across Latin America, creating fresh challenges for banks and businesses trying to stay compliant. To help you keep up, we’ve compiled a quick summary of the most important updates by country.

Read on to learn the most recent regulatory changes in your market.

Key Takeaways

• Mexico’s new CNBV regulation requires financial institutions to implement a fraud prevention plan and establishes individual transaction limits for customers.
• Brazil’s Central Bank is implementing limits for PIX transactions made from unrecognized devices. 
• Chile’s new regulations impose strict customer authentication requirements for transactions and criminalize fraudulent use of payment methods.
• To tackle rising credit card fraud, Peru’s new SBS regulation No. 2286-2024 will require two-factor authentication (2FA) for all card transactions.

What Are the New Fraud Prevention Requirements in Mexico?

In 2024, according to the The State of Scams in Mexico study published by the Global Anti-Scam Alliance (GASA), 59% of Mexicans have suffered at least one scam attempt per month. New CNBV regulations, effective June 15, 2024, require financial institutions to implement a fraud prevention management plan, strengthen internal controls, define fraud typologies, and enhance information sharing and complaint processes.

The regulation establishes an individual transactional limit for each customer. Transactions exceeding this limit will require stricter authentication measures. The goal is to ensure customers are aware of account restrictions, increasing transparency, and operational security. If your organization fails to comply, it may be held liable for financial losses.

Implementation Deadlines for Banks:

• Fraud management plan submission: 180 days
• Implementation plan: 10 months
• Establishment of transaction limits per customer: 16 months

The same study from GASA states that fraud cost Mexican consumers 293 billion MXN last year. The CNBV’s regulations aim to create a more secure financial environment for Mexican consumers. These changes signify a major shift by increasing bank liability for non-compliant institutions and empowering customers with control over transaction limits. It will require heavy investment in fraud prevention and increased transparency.

How is Brazil Enhancing Security for Pix Transactions?

In Brazil, according to material from the newspaper Valor Economico,¹ the Brazilian Federation of Banks (Febraban) reported that frauds carried out through the illicit use of Pix, as a means of disbursing amounts originating from scams and fraud, there was a 43% jump, reaching R$2.7 billion.

To mitigate this growing risk, the Central Bank has introduced specific limits for Pix transactions made from unrecognized devices. 

• For transactions using unregistered devices, the limit is R$200 per transaction or R$1,000 per day.
• Initial Pix transactions are also limited to a maximum of R$200 per transaction.

These measures aim to enhance security and reduce the impact of scams, which have become a major issue for financial institutions in Brazil. These rules have been in effect since November 2024.

By limiting Pix transactions from unregistered devices, the Central Bank aims to curb the rising tide of digital fraud. Focus on implementing robust device tracking and registration mechanisms to enhance security for both your institutions and your customers when using Pix.

 

What Changes Has Chile Made to Combat Payment Fraud?

In Chile, credit card fraud increased by approximately 20% and debit card fraud by 113% in 2023 when compared with 2023, according to bank data.² Alongside this rise, reports of friendly fraud have significantly intensified. Visa reports that up to 75% of the credit card fraud can be due to friendly fraud.³

Amendments to Law No. 20.009, which took effect on August 1, 2024, impose stricter customer authentication requirements for transactions and criminalize fraudulent use of payment methods, including improper chargebacks.

Financial institutions will be required to follow stricter procedures, demanding legal documentation for refund and chargeback requests, which may complicate and prolong the reimbursement process for consumers.

With these changes, Chile is moving towards stricter authentication and a crackdown on payment fraud, including friendly fraud. Your banks will face increased responsibility and stricter procedures. The good news is that your customers should benefit from enhanced security and clearer legal recourse if they are impacted by fraud.

Why Is Peru Implementing Two-Factor Authentication for Card Transactions?

In 2024, there was a 40% increase in reports of cybercrime compared to 2023, according to RPP Data.⁴ To strengthen financial transaction security and protect consumers from fraud, the new S.B.S regulation No. 2286-2024 will be implemented in phases, requiring two-factor authentication (2FA) for all card transactions.

• User authentication will be required for CP debit transactions starting the day after the resolution is published.
• For CP credit transactions, the authentication requirement takes effect:
  • For cards issued from July 1, 2025.
  • For existing cards, upon renewal.
• For CNP transactions (credit, debit, and mobile wallets), user authentication will be mandatory starting July 1, 2025.

Liability for losses from unrecognized transactions applies to all products as of July 1, 2025.

Peru’s mandate for two-factor authentication across all card transactions and the shift in liability for unrecognized transactions will significantly impact banks, requiring substantial technological upgrades. Customers will benefit from a more secure transaction environment and greater protection against financial losses from fraud.

How Can Financial Institutions Prepare for These Regulatory Changes?

Recent regulatory changes in Latin America reveal a concerted effort to address the escalating issue of financial fraud and scam losses across the region’s banking and business sectors. The increasing sophistication of cybercriminals and the growing reliance on digital financial services requires increased consumer protection and a shift to greater responsibility for financial institutions to implement stronger security measures. 

To meet these new requirements,  consider taking the following measures.

• Craft a Comprehensive Fraud Prevention Plan: Make sure your organization’s fraud prevention strategy and internal controls align to meet the latest regulatory requirements.
• Secure Real-Time Payments: As payments move faster, use AI-powered tools to quickly catch suspicious activity, ensuring real-time transactions are safe.
• Enhance Customer Education: Develop and deploy comprehensive communication strategies to educate customers about the new security measures, prevalent scam tactics, and best practices for ensuring online financial safety.
• Foster Industry Collaboration: Actively participate in information sharing initiatives within the financial industry by responsibly sharing fraud insights. Collaborate closely with regulatory bodies and law enforcement agencies to strengthen the collective ability to detect, prevent, and respond to financial crime.
• Maintain Adaptive Frameworks: Continuously monitor emerging fraud trends and adapt your fraud management frameworks and security protocols to remain ahead of fraudsters’ latest tactics.
• Prioritize User Experience: Minimize friction for legitimate customers and ensure the continued adoption and use of digital financial services.
• Enhance Your Authentication Efforts: Bring in authentication methods, including two-factor authentication (2FA), to add an extra layer of protection and make it harder for fraudsters to compromise transactions.

What Are the Broader Implications of These Regulations for LATAM’s Financial Sector?

These regulatory changes reflect a regional commitment to combating financial crime and enhancing consumer protection. While they may introduce operational challenges, they also present opportunities for institutions to strengthen security frameworks and build customer trust.

The fight against financial fraud is an ongoing endeavor. Vigilance, adaptation, and close collaboration among all stakeholders will be crucial in creating a more secure and resilient financial ecosystem for businesses, financial institutions, and consumers.

Resources

• Blog: BCB Normative Nº 491: How Brazil Can Strengthen Pix Fraud Prevention
• Blog: CNBV Regulatory Changes: Finding Balance Between Security and User Experience
• Report: 2025 AI Trends in Fraud and Financial Crime Prevention
• Solution: AI that Goes Beyond the Ordinary