The compliance platform that owns its data, its screening and its AI agents - and uses all three to find the one real threat hiding inside 38,000 false alarms.
It is 9 a.m. at a mid-sized bank. The overnight screening run produced thousands of alerts. An analyst opens the queue, knowing from experience that nearly all of them are noise - a customer who shares a name with a sanctioned arms dealer, a transaction flagged for a country it never touched. Somewhere in the pile is a real one. The job is to find it before lunch, and before a regulator finds it first.
Castellum.AI was built for exactly that morning. The New York company sells AI agents and proprietary risk data to banks, credit unions, fintechs and crypto firms - the institutions legally required to screen everyone they touch against sanctions lists, politically exposed persons and adverse media. Its pitch is unfashionably specific: cut the noise by 94%, the review time by 83%, and show your work to the auditor afterward.
"We've built something distinct by having fully in-house data, screening and AI agents."
- Peter Piatetsky, Co-Founder & CEOMost vendors in this corner of finance stitch together a watchlist from one provider, a screening engine from another, and a thin layer of automation on top. Castellum owns all three layers. That sounds like a small architectural preference. It turns out to be the whole argument.
Anti-money-laundering compliance has a dirty secret: it mostly produces false positives. Legacy systems were tuned to catch everything, which means they catch almost nothing useful and bury the signal under it. Piatetsky has the number that became the company's origin story - a month in which his team received roughly 38,000 alerts, exactly one of which was a genuine threat.
The traditional fix is to hire more analysts and ask them to read faster. This scales the way a bucket scales against a flood. Banks were forced into a false choice: be accurate or be fast, pick one. Pick accuracy and the queue backs up for days. Pick speed and something slips through, which is how institutions end up in the headlines and the consent decrees.
Legacy screening asks humans to be the search algorithm. That was always going to age badly.
Piatetsky had seen both sides of that ledger. At the U.S. Treasury he fined banks, helped jail money launderers and froze illicit assets. Then he went to run compliance at a large Asian bank, where he sat on the receiving end of the same broken tooling he had once enforced against. The gap was not regulation. The gap was data and software.
In 2019 Piatetsky teamed up with Julian Vasilkoski, an engineer out of high-frequency trading - a world where being a few milliseconds slow is the same as being wrong. The pairing is the joke and the strategy at once: a man who knows precisely what regulators look for, and a man who knows how to process enormous volumes of data without flinching.
Their bet was that the screening problem is, underneath, a data-quality problem. If you collect sanctions, PEPs and adverse media directly from original sources - and keep them fresh - you can be both fast and accurate instead of trading one for the other. So they built the data pipeline first, the screening engine on top of it, and only then the AI agents that read the results.
Co-Founder & CEO. Former U.S. Treasury sanctions officer; 15+ years in financial-crime prevention across local, national and international levels.
Co-Founder & CTO. Came from high-frequency trading, where fast, scalable systems are the whole game.
~20 people in New York blending ex-regulators, banking compliance veterans and trading-grade engineers.
The foundation is a risk-data engine that pulls from more than 200,000 global sources - sanctions regimes, watchlists, PEP records, adverse media in multiple languages - and refreshes them every five minutes. Castellum has gone so far as to document and correct errors in the government's own published sanctions data, which is the kind of thing that is either deeply nerdy or quietly heroic depending on whether you work in compliance.
Real-time checks against 1,000+ watchlists, refreshed every five minutes from in-house data.
AI condenses global, multi-language negative news into readable summaries that gut review time.
Customer and business onboarding with beneficial-ownership (UBO) screening and custom risk controls.
High-volume transaction screening that surfaces suspicious activity as it happens.
Explainable agents that adjudicate Level 1 and 2 alerts - and passed the CAMS certification exam.
A proprietary database of shelf and unburned shelf companies to catch emerging fraud typologies.
"The AI agents were trained by ex-regulators - and then passed CAMS, the certification many humans study months to earn."
Source: company materials, 2025The word the company keeps returning to is explainable. An AI that flags or clears an alert without a reason is useless to a compliance officer, because the officer cannot defend it to an examiner. Every Castellum decision arrives with a paper trail. That is the unglamorous feature that makes the glamorous numbers usable.
In compliance you cannot get away with vague claims; somebody with subpoena power eventually audits them. Castellum publishes its headline figures plainly: a 94% reduction in false positives before any tuning, 83% less time spent on Level 1 reviews, and 95% of alerts resolved by AI rather than by a tired analyst at 4 p.m.
Same flood, much smaller bucket. The remaining sliver is where the actual money launderers hide.
The customers tell the same story from the other direction. Daniel Schneider, BSA Officer at Lead Bank, credits the team's availability and support. The investor roster is its own proof point: the Series A was led by Curql, a fund backed by 130+ credit unions including Navy Federal, with BTech Consortium (banks including Customers Bank) and Framework Venture Partners (Tier 1 institutions including RBC) joining in. When the people who would normally be your skeptical buyers become your backers, that is a signal.
"The team is always readily available for assistance and technical support."
- Daniel Schneider, BSA Officer, Lead BankCriminals adopted automation years ago. They generate synthetic identities at scale, route money through shelf companies, and probe for the bank with the slowest queue. Compliance teams, meanwhile, were handed tools from a different decade. Castellum frames its mission as closing that asymmetry: help institutions prevent financial crime with speed and precision, so the defenders are not bringing a spreadsheet to a software fight.
It is a B2B SaaS business with priced-by-usage subscriptions, which is to say it makes money the boring, durable way. But the people inside talk about it less like a software contract and more like infrastructure - the plumbing that decides whether dirty money moves or stops.
Sanctions only work if someone enforces them at the teller window. Castellum is trying to be that someone, at machine speed.
Regulatory scope keeps widening - crypto, real-time payments, beneficial-ownership rules, sanctions lists that change with the news cycle. Every expansion adds volume to the same morning queue. The institutions that survive that growth will be the ones whose screening scales without proportionally scaling their headcount. That is the market Castellum is betting on, and the bet is aging well.
Back to that 9 a.m. queue. With Castellum running underneath it, the analyst opens a far shorter list, each item carrying a plain-language reason it is there and a recommendation backed by data refreshed minutes ago. The real one is no longer buried under 37,999 fakes. It is near the top, explained, ready to act on. The flood did not stop. Somebody just built a much better filter - and then taught it to pass the exam.