Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Abstract]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Overview For Credicorp and its subsidiaries, technological progress imposes significant challenges in terms of data privacy, security and other information-related risks. With the increasing use of AI, cybersecurity risks to companies also rise, including threats such as denial-of-service attacks, malicious use of deepfakes and more advanced social engineering attacks. Cybercriminals can employ machine learning techniques to automate malware campaigns. Sophisticated and financially motivated cyberattacks, including with the use of ransomware, are constant threats across many industries, including financial services; and we expect they will become more common. With the rapid development and dissemination of AI tools, increasingly sophisticated and effective cybersecurity threats continue to emerge, creating a challenging environment for developing new digital solutions for our clients. Cybersecurity Risk Management The effective integration of cybersecurity processes into risk management is a strategic imperative for financial institutions in an increasingly digital and threatening environment. For Credicorp, this integration is not just a matter of regulatory compliance but also an essential measure to protect assets, reputation, and customer trust. By proactively addressing cybersecurity challenges, organizations within the group strengthen their resilience and maintain a strong competitive position in the market. Integrating cybersecurity processes into risk management involves identifying, assessing, mitigating and monitoring operational, fraud, and cybersecurity risks. This requires a holistic approach encompassing people, policies, procedures, technologies, and an organizational culture oriented towards risk management. Our goal is to support our business strategy by creating a cyber-resilient organization that protects our products and services and honors the trust our customers have placed in us. Our organization operates under a three lines model. The first line is responsible for managing risks daily, including by designing and implementing controls to mitigate risks. The second line is responsible for developing the cybersecurity strategy and governance program, as well as challenging and overseeing the first line. The third line operates independently and evaluates the processes and functions of both the first and second lines. Cybersecurity Governance In terms of personnel, our Chief Information Security Officer (the CISO) is the principal leader of the corporate cybersecurity team, and the CISO’s responsibilities include defining a comprehensive cybersecurity strategy aligned with the business and regulatory objectives affecting any of Credicorp’s subsidiaries and the organization’s risk appetite; providing guidance and advice to senior management on cybersecurity, risk, and compliance issues; coordinating responses and decision-making regarding major security crises; and acting as the focal point for communication with internal and external stakeholders, including regulators and government agencies, to ensure compliance with regulations and other relevant standards, such as preparing periodic reports and audits. Credicorp has internal teams of cybersecurity and IT security experts distributed across the group’s companies, which also work with external cybersecurity service providers for specific tasks. These teams are responsible for protecting technological infrastructure, confidential data, and business operations against cyber threats. Among the security capabilities and technologies that Credicorp and its subsidiaries have are vulnerability assessment and scanning tools, intrusion detection and prevention systems, security event and incident monitoring systems, penetration testing, adversary emulation exercises, data management (including classification, encryption at rest and in transit, and access management), multi-factor authentication requirements and other logical, physical and technical controls designed to prevent, deter, mitigate, and respond to cybersecurity threats. Additionally, our employees play a role in protecting Credicorp against cybersecurity threats and, therefore, receive mandatory periodic training on cybersecurity-related topics, including phishing exercises. Monitoring and identifying risks related to external providers are a fundamental part of our cybersecurity strategy. Given the interconnection and dependence on external services, robust mechanisms are implemented to assess and mitigate risks associated with external service providers. Finally, we have adopted the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as the basis for our cybersecurity framework and have established our cybersecurity program to address evolving threats, and have dedicated significant resources to implementing and maintaining processes and controls to manage cybersecurity risk within our appetite.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Finally, we have adopted the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as the basis for our cybersecurity framework and have established our cybersecurity program to address evolving threats, and have dedicated significant resources to implementing and maintaining processes and controls to manage cybersecurity risk within our appetite. Board Governance We believe that we have implemented robust cybersecurity risk governance with clear roles and responsibilities, committees, policies, and procedures to ensure the proper prevention, detection, and response to incidents, as well as the continuous improvement of the program. Cybersecurity risk is overseen by the Board of Directors’ Risk Committee. Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO. By adopting a proactive and collaborative approach and staying abreast of industry best practices and regulatory requirements, the Board, the Risk Committee, and the Audit Committee play key roles in governing the protection of the organization’s assets and reputation in an increasingly challenging cybersecurity environment.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]	Currently, we are not aware of any cybersecurity incidents that could have a material effect on our business strategy, operating results, or financial condition.
Cybersecurity Risk Board of Directors Oversight [Text Block]	Cybersecurity risk is overseen by the Board of Directors’ Risk Committee. Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO. By adopting a proactive and collaborative approach and staying abreast of industry best practices and regulatory requirements, the Board, the Risk Committee, and the Audit Committee play key roles in governing the protection of the organization’s assets and reputation in an increasingly challenging cybersecurity environment.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Cybersecurity risk is overseen by the Board of Directors’ Risk Committee. Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO. By adopting a proactive and collaborative approach and staying abreast of industry best practices and regulatory requirements, the Board, the Risk Committee, and the Audit Committee play key roles in governing the protection of the organization’s assets and reputation in an increasingly challenging cybersecurity environment.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO.
Cybersecurity Risk Role of Management [Text Block]	In terms of personnel, our Chief Information Security Officer (the CISO) is the principal leader of the corporate cybersecurity team, and the CISO’s responsibilities include defining a comprehensive cybersecurity strategy aligned with the business and regulatory objectives affecting any of Credicorp’s subsidiaries and the organization’s risk appetite; providing guidance and advice to senior management on cybersecurity, risk, and compliance issues; coordinating responses and decision-making regarding major security crises; and acting as the focal point for communication with internal and external stakeholders, including regulators and government agencies, to ensure compliance with regulations and other relevant standards, such as preparing periodic reports and audits.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	In terms of personnel, our Chief Information Security Officer (the CISO) is the principal leader of the corporate cybersecurity team, and the CISO’s responsibilities include defining a comprehensive cybersecurity strategy aligned with the business and regulatory objectives affecting any of Credicorp’s subsidiaries and the organization’s risk appetite; providing guidance and advice to senior management on cybersecurity, risk, and compliance issues; coordinating responses and decision-making regarding major security crises; and acting as the focal point for communication with internal and external stakeholders, including regulators and government agencies, to ensure compliance with regulations and other relevant standards, such as preparing periodic reports and audits.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Credicorp has internal teams of cybersecurity and IT security experts distributed across the group’s companies
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Overview

For Credicorp and its subsidiaries, technological progress imposes significant challenges in terms of data privacy, security and other information-related risks. With the increasing use of AI, cybersecurity risks to companies also rise, including threats such as denial-of-service attacks, malicious use of deepfakes and more advanced social engineering attacks. Cybercriminals can employ machine learning techniques to automate malware campaigns. Sophisticated and financially motivated cyberattacks, including with the use of ransomware, are constant threats across many industries, including financial services; and we expect they will become more common. With the rapid development and dissemination of AI tools, increasingly sophisticated and effective cybersecurity threats continue to emerge, creating a challenging environment for developing new digital solutions for our clients.

Cybersecurity Risk Management

The effective integration of cybersecurity processes into risk management is a strategic imperative for financial institutions in an increasingly digital and threatening environment. For Credicorp, this integration is not just a matter of regulatory compliance but also an essential measure to protect assets, reputation, and customer trust. By proactively addressing cybersecurity challenges, organizations within the group strengthen their resilience and maintain a strong competitive position in the market. Integrating cybersecurity processes into risk management involves identifying, assessing, mitigating and monitoring operational, fraud, and cybersecurity risks. This requires a holistic approach encompassing people, policies, procedures, technologies, and an organizational culture oriented towards risk management.

Our goal is to support our business strategy by creating a cyber-resilient organization that protects our products and services and honors the trust our customers have placed in us. Our organization operates under a three lines model. The first line is responsible for managing risks daily, including by designing and implementing controls to mitigate risks. The second line is responsible for developing the cybersecurity strategy and governance program, as well as challenging and overseeing the first line. The third line operates independently and evaluates the processes and functions of both the first and second lines.

Cybersecurity Governance

In terms of personnel, our Chief Information Security Officer (the CISO) is the principal leader of the corporate cybersecurity team, and the CISO’s responsibilities include defining a comprehensive cybersecurity strategy aligned with the business and regulatory objectives affecting any of Credicorp’s subsidiaries and the organization’s risk appetite; providing guidance and advice to senior management on cybersecurity, risk, and compliance issues; coordinating responses and decision-making regarding major security crises; and acting as the focal point for communication with internal and external stakeholders, including regulators and government agencies, to ensure compliance with regulations and other relevant standards, such as preparing periodic reports and audits.

Credicorp has internal teams of cybersecurity and IT security experts distributed across the group’s companies, which also work with external cybersecurity service providers for specific tasks. These teams are responsible for protecting technological infrastructure, confidential data, and business operations against cyber threats. Among the security capabilities and technologies that Credicorp and its subsidiaries have are vulnerability assessment and scanning tools, intrusion detection and prevention systems, security event and incident monitoring systems, penetration testing, adversary emulation exercises, data management (including classification, encryption at rest and in transit, and access management), multi-factor authentication requirements and other logical, physical and technical controls designed to prevent, deter, mitigate, and respond to cybersecurity threats.

Additionally, our employees play a role in protecting Credicorp against cybersecurity threats and, therefore, receive mandatory periodic training on cybersecurity-related topics, including phishing exercises.

Monitoring and identifying risks related to external providers are a fundamental part of our cybersecurity strategy. Given the interconnection and dependence on external services, robust mechanisms are implemented to assess and mitigate risks associated with external service providers.

Finally, we have adopted the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as the basis for our cybersecurity framework and have established our cybersecurity program to address evolving threats, and have dedicated significant resources to implementing and maintaining processes and controls to manage cybersecurity risk within our appetite.

Cybersecurity Risk Management Processes Integrated [Text Block]

Finally, we have adopted the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as the basis for our cybersecurity framework and have established our cybersecurity program to address evolving threats, and have dedicated significant resources to implementing and maintaining processes and controls to manage cybersecurity risk within our appetite.

Board Governance

We believe that we have implemented robust cybersecurity risk governance with clear roles and responsibilities, committees, policies, and procedures to ensure the proper prevention, detection, and response to incidents, as well as the continuous improvement of the program. Cybersecurity risk is overseen by the Board of Directors’ Risk Committee. Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO. By adopting a proactive and collaborative approach and staying abreast of industry best practices and regulatory requirements, the Board, the Risk Committee, and the Audit Committee play key roles in governing the protection of the organization’s assets and reputation in an increasingly challenging cybersecurity environment.

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

Currently, we are not aware of any cybersecurity incidents that could have a material effect on our business strategy, operating results, or financial condition.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity risk is overseen by the Board of Directors’ Risk Committee. Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO. By adopting a proactive and collaborative approach and staying abreast of industry best practices and regulatory requirements, the Board, the Risk Committee, and the Audit Committee play key roles in governing the protection of the organization’s assets and reputation in an increasingly challenging cybersecurity environment.

Cybersecurity Risk Role of Management [Text Block]

In terms of personnel, our Chief Information Security Officer (the CISO) is the principal leader of the corporate cybersecurity team, and the CISO’s responsibilities include defining a comprehensive cybersecurity strategy aligned with the business and regulatory objectives affecting any of Credicorp’s subsidiaries and the organization’s risk appetite; providing guidance and advice to senior management on cybersecurity, risk, and compliance issues; coordinating responses and decision-making regarding major security crises; and acting as the focal point for communication with internal and external stakeholders, including regulators and government agencies, to ensure compliance with regulations and other relevant standards, such as preparing periodic reports and audits.

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

In terms of personnel, our Chief Information Security Officer (the CISO) is the principal leader of the corporate cybersecurity team, and the CISO’s responsibilities include defining a comprehensive cybersecurity strategy aligned with the business and regulatory objectives affecting any of Credicorp’s subsidiaries and the organization’s risk appetite; providing guidance and advice to senior management on cybersecurity, risk, and compliance issues; coordinating responses and decision-making regarding major security crises; and acting as the focal point for communication with internal and external stakeholders, including regulators and government agencies, to ensure compliance with regulations and other relevant standards, such as preparing periodic reports and audits.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Our Appetite Dashboard incorporates a set of cybersecurity risk appetite metrics, which are monitored monthly. Any deviation from our appetite is reported to the Risk Committee, including action plans to resolve such deviation. Additionally, periodic updates on our cybersecurity program and any cybersecurity incidents or threats are also reported to the Risk Committee, the Audit Committee, or the Board of Directors, as necessary. These reports are consolidated by our CISO team, include contributions from the first and second-line teams of individual companies as needed, and are delivered to the Board and relevant committees by our CISO.