Latinia
A bank receives an account opening request. The identity document passes validation. The biometrics match. No red flags. Weeks later, the account accumulates credit and withdraws it in full. The ID holder never knew their identity had been used. The institution discovers the customer never existed.
This is not a hypothetical scenario. It is the operational description of AI-powered fraud already running in the region. And according to Juniper Research, as cited by Infobae, global banking fraud losses will escalate from USD 23 billion in 2025 to USD 58.3 billion in 2030, driven by a 153% growth in the most sophisticated fraud modalities.
In this article we analyse the three AI fraud vectors hitting Latin American banks hardest —deepfakes, synthetic identities and smishing— and, above all, the concrete decisions a financial institution can take to defend itself against each of them.
Deepfakes have turned biometrics into an attack vector. According to Unico, sophisticated fraud based on synthetic content grew by more than 1,000% between 2024 and 2025. A fake biometric profile can bypass facial recognition controls. A cloned voice can fool authentication systems. An AI-generated video can authorise transfers by impersonating a senior executive.
The answer is not to abandon biometrics, but to stop relying on it as a single layer. Banks that have already digitised their identity verification process can add two additional layers on top of what they already have: behavioural session analysis —detecting in real time how the user interacts with the device: typing speed, touch pressure, navigation patterns— and active liveness detection that requires responding to dynamic challenges that change every session. Both capabilities are offered by specialised digital identity verification platforms that integrate via SDK into the banking app or via API into the onboarding flow. A deepfake can imitate a face; it cannot improvise an unpredictable response in real time.
The real-time alert to the customer is the last line of defence when the attack has bypassed previous controls. If the legitimate account holder receives an immediate notification of any account opening, data change or access from a new device, they have the opportunity to stop the fraud before it materialises. This is where Latinia’s Real-Time Decision Engine ensures that last line does not fail: it detects the event, contextualises it and triggers the alert to the customer in milliseconds, without waiting for batch processes or for the fraud to have already taken place.
Synthetic identities are the hardest fraud modality to combat precisely because they produce no victim to report it. In Mexico, their use grew 1,200% in the first quarter of 2025, according to Sumsub. They combine real data with AI-generated false information to build internally consistent identities that pass standard validation controls.
This “Frankenstein” identity opens accounts. Builds up a credit history. And at the right moment, drains it completely. There is no concrete victim to report the fraud. By the time the loss materialises, the recovery window has already closed.
Defending against them requires moving away from point-in-time validation towards continuous transactional monitoring. In practice, this means tracking the behaviour of every account from the moment it is opened: is it accumulating credit at an unusual speed? Is there an absence of everyday transactional activity —purchases, payments, routine transfers? Is there an inconsistency between the declared profile and actual product usage?
Synthetic identities tend to behave in an accelerated and atypical way during the extraction phase, and those patterns are detectable if the bank has implemented a behavioural scoring engine that analyses transactional events in real time —not in batch— from day one of the account’s life. It is exactly what Latinia’s Real-Time Decision Engine does: it processes each event as it occurs, applies contextualised business rules and detects anomalies before the fraud has been completed. Without that layer, the damage is only discovered once it is already done.
AI-powered smishing has eliminated the markers that made it identifiable. Messages no longer contain grammatical errors or suspicious domains. A language model can replicate with precision the tone and format of any institution’s real communications. According to AppGate’s Fraud Beat 2026 report, 86% of confirmed fraud threats in LATAM’s digital channels correspond to scams and identity impersonation, with smishing as the main entry vector in the mobile environment.
The defence operates on two fronts.
The first is the channel: a legitimate SMS coexists with the fraudulent SMS messages imitating it, with no native way for the customer to tell them apart. Migrating critical communications to verified sender channels —RCS, native push in-app— eliminates that structural ambiguity. The customer sees the bank’s identity cryptographically verified. A fake message cannot replicate that.
The second is speed: smishing works because the customer does not know what is actually happening in their account. A bank that notifies in real time on any movement —before the fraudulent message has time to act— turns the customer into the first fraud detector, not its victim.
All three defensive fronts converge on the same operational requirement: a layer of intelligence, governance and security that acts across the complete lifecycle of every critical notification —not just its delivery.
At Latinia we have spent more than 25 years building exactly that infrastructure for banks across Europe and Latin America. The combination of our Critical Alerts Engine and our Real-Time Decision Engine creates a governance layer that decides what to communicate, through which channel and under what conditions, while guaranteeing the traceability, security and auditability of every notification, regardless of the delivery providers involved.
That distinction matters especially in fraud scenarios, where continuity and traceability are not optional.
In banking, an undelivered message can translate into an undetected fraud. That is why the operational resilience of the notification layer must be in place before the attack arrives, not after.
Latinia manages this through three complementary mechanisms.
These three layers together ensure the alert gets through. Always. Because in the defence against AI fraud, a notification that does not arrive at the right moment stops nothing.
The regulatory landscape is also raising the bar on traceability and auditability of critical communications. A growing number of financial institutions need complete evidence of which alerts were sent, when, through which channel and with what outcome —both for operational control and for compliance and supervisory purposes.
Venezuela +228%, Guatemala +206%, Mexico +311% in account takeovers. Social engineering fraud grew 155% across LATAM during 2025-2026. Every dollar lost to fraud carries a real cost of USD 5.16 for the institution.
AI fraud in LATAM is not waiting. Is your communications infrastructure ready?
Contact
