Latin America. The accelerated digitalization of the financial sector in Latin America and the tightening of regulatory frameworks have put regulatory compliance at the center of the institutions' agenda. According to Oswaldo Palacios, cybersecurity expert at Akamai Latin America, "financial institutions that do not comply with established security standards are more exposed to cyberattacks, operational interruptions, and significant economic losses."
The IBM X-Force 2025 report indicates that, in 2024, the financial and insurance sectors were the most affected by cyberattacks in Latin America, with 33% of cases. The study Threat Landscape for the LATAM Financial Sector in 2025, conducted by Digi Americas Alliance, Duke, and Recorded Future, points out that the region is among the least prepared for this type of incident due to a lack of investment in cybersecurity, a shortage of qualified professionals, and weak regulatory frameworks.
"In Latin America, there are still significant gaps in the implementation of these regulatory frameworks, which represents a latent risk to the stability of the financial system and consumer confidence," says Palacios. Faced with this scenario, the specialist proposes five lines of action to strengthen the compliance posture:
- Simplify regulatory compliance: Using micro-segmentation to reduce the scope of compliance environments, streamline audits, and control access to sensitive data.
- Drive operational productivity: With unified management security platforms, proactive threat hunting capabilities, and advanced AI API protection.
- Improve customer experience: ensuring continuity of service from DDoS attacks and protecting data through real-time API monitoring.
- Optimize security and compliance costs: through scalable, cloud-based solutions and strategies that reduce audit time and resources.
- Strengthen institutional resilience: integrating security as an essential part of operations and aligning it with current regulations.
"Regulatory compliance in Latin America must no longer be seen as a simple legal requirement. It is an essential component of financial resilience, user protection and institutional confidence, investing in it not only avoids sanctions, it also protects the future of banking in the region," concludes Palacios.
