Financial institutions are combating increasing AI-powered fraud across digital channels. Because traditional security tools operate in isolation and respond only after damage has occurred, DORA and NIS2 create losses, disruptions, and regulatory issues.
Clafy’s platform combines data from web, mobile, backend, and network channels with global threat intelligence to reconstruct the complete attack chain and stop threats days before they take action.
The €12 million funding round, co-led by United Ventures and eCAPITAL, brings Clafy’s total funding to €22 million. The investment will support the development of predictive technology, expand global threat surveillance, and increase the company’s presence in Europe and Latin America.
Clafy already protects more than 250 million users at more than 150 institutions, including ING, Illimity, and BPS Swiss.
From defense to proactive prevention of fraud
The story begins in 2014. Matteo Bogana, Nicolò Pastore and Carmine Giangregoli, cybersecurity and fraud experts from Politecnico di Milano, discovered a major gap: existing tools are always one step behind the latest attacks.
Instead of waiting for an attack to happen, they reversed their thinking. In other words, we treated fraud as an active, structured attack, connecting the dots between sessions and devices in real time.
“There was real skepticism about this approach. The general view in the fraud industry was that the trade-offs were fixed: more detections meant more friction, and real-time accuracy at scale meant no local agent or long-term This cannot be achieved without extensive model training.The founders of Clafy believed that was a false constraint because they came from outside the constellation of fraud organizations, and they founded the company to prove it. TFN.
Clafy’s engine is backed by over 85 international patents and combines real-time data with AI threat analysis for deep detection. What makes it stand out? Predicting entire attack vectors (not just signals), achieving zero customer churn for over a decade, and now extending protections to insider threats and internal systems with Clafy for Workforce.
“The platform is designed to integrate with existing investments across all of these categories; it enhances or collects signals, provides upstream context that cannot be generated independently, and enables the fusion of cyber fraud that turns individual tools into a coordinated defense,” Bogana elaborates.
Bogana continued, “Banks’ existing transaction scoring engines become significantly more accurate when they receive or provide Clafy’s pre-transaction attack stage classifications. SIEMs become more actionable when they ingest Clafy’s session-level threat intelligence. The value of the surrounding stack increases; the stack is not replaced.”
While Netskope, Vectra AI, Darktrace, and others focus on network, behavioral analytics, and anomaly detection, Clafy focuses on bank-level cross-channel predictions.
What about diversity?
“Cleafy has a team of over 90 people across four countries: Milan (Italy, headquarters), London (UK), Barcelona (Spain) and Bogota (Colombia), with around 25% of our employees being women and around 75% being men,” Bogana admits. TFN.
What’s next?
With this new funding, Clafy plans to accelerate the development of its predictive capabilities, strengthen its global threat analysis, and expand into additional banking markets.
The company plans to strengthen compliance with DORA and NIS2, strengthen employee protections, and offer new corporate partnerships to make Clafy the core of its evolving defense against fraud.
