Cleafy’s €12M Bet: Outsmarting AI Fraud Before It Strikes

In the high-stakes arena of digital banking, where every second can mean the difference between a secure transaction and a costly breach, Milan-based cybersecurity firm Cleafy is rewriting the rules of defense. With the announcement of a €12 million Series B funding round, the company is doubling down on a bold thesis: the future of fraud prevention isn’t about reacting faster—it’s about predicting and stopping attacks before they ever materialize.

The round, co-led by returning investors United Ventures and Germany’s eCAPITAL, brings Cleafy’s total funding to €22 million. But this isn’t just another cash infusion; it’s a strategic investment in the company’s vision to transform how banks defend themselves against the rapidly evolving threat landscape, especially as cybercriminals harness the power of artificial intelligence to launch increasingly sophisticated attacks.

From Reactive to Predictive: A Paradigm Shift

For over a decade, Cleafy’s founders—Matteo Bogana, Niccolò Pastore, and Carmine Giangregorio—have been sounding the alarm about the limitations of traditional fraud detection. Most banks, they argue, are stuck in a reactive loop: a suspicious transaction is flagged, an alert is sent, and by the time the fraud team responds, the damage is often already done. It’s a game of catch-up, and the attackers are always a step ahead.

Cleafy’s platform flips this model on its head. Instead of waiting for anomalies at the transaction level, it ingests and analyzes data from web, mobile, back-end, and network channels simultaneously. By combining these signals with real-time threat intelligence, Cleafy can reconstruct the entire lifecycle of an attack—identifying malicious intent, the tools and methods being used, and the infrastructure behind it—sometimes weeks before any fraudulent activity is detected.

This predictive approach is more than a technical upgrade; it’s a philosophical shift. As Bogana puts it, “While fraudsters weaponize AI to scale attacks at machine speed, European banks are fighting back with outdated, reactive tools. We built Cleafy to change this equation fundamentally, reconstructing how attacks form and stopping them weeks before they can cause damage.”

Proven at Scale, Trusted by Giants

Cleavey’s approach isn’t just theoretical. The company now protects more than 250 million users across over 150 financial institutions, including major names like ING, Illimity, and BPS Suisse. Perhaps most impressively, Cleafy boasts zero customer churn throughout its history—a testament to the effectiveness and reliability of its platform.

This track record has been central to Cleafy’s pitch to investors. In a market where trust is paramount, the ability to demonstrate consistent, measurable results is invaluable. The Series B funding will allow Cleafy to accelerate its predictive security capabilities, expand its global threat intelligence network, and deepen its presence in banking markets across Europe and Latin America.

Expanding the Battlefield: Workforce Protection

With this new round of funding, Cleafy is also broadening its scope. A new product line, Cleafy for Workforce, extends the platform’s logic inward, focusing on insider threats and compromised accounts within corporate environments. This move recognizes that the perimeter of risk isn’t just outside the organization—it’s also within.

By detecting anomalous behavior or signs of account compromise among employees, Cleafy for Workforce aims to close another critical vulnerability. In an era where a single insider incident can have catastrophic consequences, this proactive approach to internal security is both timely and necessary.

Riding the Regulatory Wave

Cleavey’s expansion comes at a moment when European financial institutions are facing increased regulatory pressure. Two major pieces of legislation—the Digital Operational Resilience Act (DORA) and the updated Network and Information Security directive (NIS2)—are raising the bar for what banks must demonstrate in terms of cyber resilience.

Rather than viewing compliance as a burden, Cleafy is positioning its platform as the infrastructure upon which compliance is built. By integrating predictive security directly into the fabric of banking operations, Cleafy helps institutions not only meet regulatory requirements but also stay ahead of emerging threats.

Innovation Backed by Patents and Talent

Underpinning Cleafy’s technology is a robust intellectual property portfolio: more than 85 international patents protect its core innovations. The company’s team of over 90 people, spread across Milan, London, Barcelona, and Bogotá, brings together deep expertise in cybersecurity, artificial intelligence, and financial services.

This global presence isn’t just about talent—it’s also about perspective. By operating across multiple regions, Cleafy can tap into diverse threat landscapes, ensuring its predictive models are constantly refined and updated to address the latest attack vectors.

The Road Ahead: Scaling Predictive Defense

The question now is whether Cleafy’s core insight—that fraud is best stopped at the infrastructure layer, not the transaction layer—can travel as readily to Latin America as it has within Europe. The region presents unique challenges: different regulatory environments, varying levels of digital banking adoption, and distinct threat profiles. But it also offers immense opportunity, as banks and fintechs across Latin America race to modernize their defenses in the face of growing cyber threats.

Cleavey’s expansion into these markets will be a critical test of its model’s scalability and adaptability. If successful, it could set a new standard for fraud prevention—one where banks are no longer perpetually on the back foot, but instead operate with the confidence that comes from knowing their defenses are always a step ahead.

Why This Matters

In a world where AI is both a tool for innovation and a weapon for criminals, the stakes for cybersecurity have never been higher. Cleafy’s approach represents a fundamental rethinking of how to protect the digital economy. By focusing on prediction rather than reaction, on infrastructure rather than transactions, the company is offering a blueprint for how banks can survive—and thrive—in the age of AI-driven fraud.

As Cleafy scales its operations and refines its technology, the broader financial industry will be watching closely. If predictive defense can deliver on its promise, it may well become the new normal—ushering in an era where the bad guys don’t just lose; they’re stopped before they even get started.

Tags: Cleafy, cybersecurity, AI fraud, predictive defense, banking security, Series B funding, United Ventures, eCAPITAL, DORA, NIS2, digital banking, threat intelligence, insider threats, Milan tech, fintech innovation

Viral Phrases: “Stop fraud before it strikes,” “Predictive defense is the new normal,” “Outsmarting AI with AI,” “The end of reactive security,” “Banks’ secret weapon against cybercrime,” “Zero churn, zero compromise,” “From transaction to infrastructure: the fraud revolution,” “Cleavey: The future of banking is secure,” “AI vs. AI: The new battleground,” “Europe’s cybersecurity trailblazers go global”

,