Financial institutions are dealing with growing AI-driven fraud across digital channels. Traditional security tools operate in isolation and respond only after damage occurs, leading to losses, disruptions, and regulatory issues under DORA and NIS2.
Cleafy’s platform rebuilds complete attack chains by combining data from web, mobile, backend, and network channels with global threat intelligence, stopping threats days before they can act.
The €12 million funding round, co-led by United Ventures and eCAPITAL, brings Cleafy’s total funding to €22 million. This investment will support the development of predictive technology, expand global threat monitoring, and grow the company’s presence in Europe and Latin America.
Cleafy already protects over 250 million users across more than 150 institutions, including ING, Illimity, and BPS Suisse.
From playing defence to disrupting fraud before it starts
The story starts in 2014, when Matteo Bogana, Nicolò Pastore, and Carmine Giangregori, cybersecurity and fraud experts out of Milan Polytechnic, spotted a huge gap: existing tools were always one step behind modern attacks.
Instead of waiting for attacks to happen, they flipped the mindset: treat fraud as an active, structured attack, and connect the dots across sessions and devices in real time.
“The approach was met with genuine scepticism. The prevailing view in the fraud industry was that the tradeoffs were fixed: more detection meant more friction, and real-time precision at scale wasn’t achievable without local agents or lengthy model training. Cleafy’s founders, coming from outside the fraud establishment’s assumptions, believed that was a false constraint — and built the company to prove it,” explains Bogana to TFN.
Cleafy’s engine is backed by 85+ international patents and blends real-time data with AI threat analysis for deep detection. What stands out? Predicting entire attack paths (not just signals), zero customer churn in over a decade, and now, expanding protection to insider threats and internal systems with Cleafy for Workforce.
“The platform is designed to integrate with existing investments across all of these categories — enriching or collecting their signals, providing the upstream context they cannot generate independently, and enabling the cyber-fraud fusion that turns separate tools into a coordinated defence,” Bogana elaborates.
Bogana adds, “A bank’s existing transaction scoring engine becomes significantly more precise when it receives or provides Cleafy’s pre-transaction attack-phase classification. A SIEM becomes more actionable when it ingests Cleafy’s session-level threat intelligence. The value of the surrounding stack increases; it is not replaced. ”
While others like Netskope, Vectra AI, or Darktrace focus on networks, behavioural analytics, or anomaly detection, Cleafy focuses on banking-grade, cross-channel prediction.
What about diversity?
“Cleafy has a team of 90+ people across 4 countries — Milan (Italy, HQ), London (UK), Barcelona (Spain), and Bogotá (Colombia) — with a workforce that is approximately 25% female and 75% male,” Bogana confirms to TFN.
What’s next?
With this new funding, Cleafy is set to accelerate the development of predictive features, boost global threat analysis, and expand into additional banking markets.
The company plans to strengthen compliance with DORA and NIS2, provide more workforce protection, and new corporate partnerships to make Cleafy a core defence against evolving fraud.
