Lessons learned 2024 and challenges 2025
Season 6 Episode 02
Transcript
Juan José Ríos (Host):
The risk landscape has changed dramatically. However, the real challenge lies in what awaits us in 2025.
How's it going? How are you? I'm Juan José Ríos. Welcome to Mundo Financiero Seguro, the Plus TI podcast.
In this episode, we will analyze the lessons learned in 2024 and the key challenges for the financial sector in 2025.
To do so, I am joined by an expert in the field: Marta Leuro Villamarín, VP of Customer Success at Plus TI, with more than 25 years of experience in the financial industry, former CISO at BBVA in Colombia, and specialist in fraud management, risk, compliance, innovation, and digital transformation.
Marta, how are you? Welcome, and thank you for joining us.
Martha Leuro:
Hello, Juan José. Good afternoon. Thank you very much.
Without a doubt, 2024 has been a totally challenging year, with radical changes in the world of fraud. We have seen the evolution of traditional techniques and the emergence of new types that have become popular and exploited.
What lies ahead for 2025 will require us to stay one step ahead. If 2024 was already complex, 2025 will be even more challenging if we don't focus on the right things.
Juan José Ríos:
To put it in context, Marta, one of the biggest challenges of 2024 was synthetic identity fraud, which grew alarmingly thanks to the use of artificial intelligence.
Previously, fraudsters combined stolen data; today, they can generate complete profiles. According to figures from TransUnion, this type of fraud accounted for more than 20% of identity fraud in 2024, with global losses exceeding $6 billion.
In addition, internal fraud in financial institutions remains a serious problem. A study by the ACFE revealed that these frauds cost organizations an average of $1.5 million per case.
What has made this type of fraud so difficult to detect?
Martha Leuro:
It is extremely difficult to detect because advances in artificial intelligence have made it possible to create increasingly sophisticated fake identities, to the point of deceiving even highly advanced systems.
Generative artificial intelligence allows for the creation of passports, driver's licenses, and identity documents with a level of detail that can even surpass expert analysis. Furthermore, these identities not only have credible documents, but also credit and transaction histories specifically designed to pass risk filters.
Criminals generate prior banking transactions, regular income, and service payments, which allows them to access credit, cards, and open accounts. All of this makes fraud increasingly complex and difficult to detect.
Synthetic identities were a critical problem in 2024 and will continue to grow in 2025. In fact, they are shaping up to be among the top five most relevant types of fraud for the coming year.
Juan José Ríos:
It's impressive how artificial intelligence has taken synthetic identity fraud to such a sophisticated level. In this context, Marta, what do you consider to be the most shocking attacks of 2024?
Martha Leuro:
In addition to synthetic identity fraud, large-scale identity theft played a very significant role. Although they appear similar, they are different: one involves creating false identities, and the other involves impersonating real people with good financial histories.
Both seek the same thing: to deceive financial institutions in order to access products such as loans, cards, or accounts. In 2024, one in every 100 users was linked to financial fraud due to this type of attack. In an institution with one million customers, this means at least 10,000 users were affected.
This phenomenon is the result of the growth of phishing, massive data leaks, and the use of artificial intelligence to clone legitimate documents.
Furthermore, 38% of fraud in 2024 was related to digital wallets, instant payments, and new payment methods. Each innovation brings benefits for customers, but also new vulnerabilities that criminals are quick to exploit.
Internal fraud remains one of the most costly and difficult threats to detect. Employees with access to sensitive information can manipulate records, approve fraudulent transactions, or sell information to criminal networks. The risk increases even further when there is collusion between internal and external actors.
We also saw a 28% increase in person-to-person (P2P) payment fraud, due to the difficulty of reversing instant payments. Added to this is card-not-present fraud, which grew by 25%, card numbering attacks, and QR code and super app scams, with increases of around 30%.
In summary, these were the main types of fraud that marked 2024 and give us a clear indication of what we will face in 2025.
Juan José Ríos:
There is no doubt that fraud will continue to evolve. Artificial intelligence is becoming a tool for both preventing and committing fraud. How do you think this will impact the financial fraud landscape in 2025?
Martha Leuro:
Institutions that fail to keep pace with technological change will be much more exposed to financial losses and reputational risks.
We will see an increase in fraud powered by artificial intelligence, especially in the creation of false identities, fraudulent account openings, credit applications, and cards. Advanced identity theft using deepfakes, voice cloning, and social engineering will also grow.
In addition, instant payments, especially cross-border payments, will increase risk due to the inability to reverse transactions. Added to this are multi-channel attacks and the growth of Fraud as a Service and Ransomware as a Service, which facilitate access to criminal tools through subscriptions.
Finally, regulatory pressure will become an additional risk for the financial ecosystem, as requirements and penalties for entities increase.
Juan José Ríos:
We have discussed the need for collaboration. Fraud is not an isolated problem affecting a single institution. How can we strengthen cooperation between sectors and even at the international level?
Martha Leuro:
I am absolutely convinced that communication and cooperation are key. Sharing fraud intelligence allows us to turn experiences into actionable knowledge.
It is not about revealing sensitive data, but rather sharing typologies, patterns, and lessons learned. Fraud must be addressed in a cross-sectoral and international manner, as many threats, such as SIM swapping, involve telcos, banks, and other players in the ecosystem.
Overcoming our fear of sharing information is essential to anticipating and reducing impacts.
Juan José Ríos:
To conclude, Marta, what would be your main recommendation for companies and users?
Martha Leuro:
Staying one step ahead means preparing, researching, adopting advanced technologies, and sharing fraud information.
Educating and raising awareness among employees and customers is key to reducing risks. It is not enough to inform customers; we must also train our internal teams.
Juan José Ríos:
Marta, this has been an extremely enriching conversation. We have seen how fraud evolved in 2024 and the challenges that await us in 2025.
To our listeners, thank you for joining us on Mundo Financiero Seguro, the Plus TI podcast.
Don't forget to tune in to our upcoming episodes, where we will continue to explore the challenges and strategies for a more secure financial sector.
I'm Juan José Ríos. See you next time.
