An AI-native platform that folds transaction monitoring, screening, risk scoring, case management, and filing into one system - and then puts an agent on top to do the tedious part.
Here is a fact about financial crime compliance that is both boring and load-bearing: most of the work is not catching criminals. Most of the work is closing alerts that turned out to be nothing. A rule fires, a human looks, the human decides it was a birthday transfer and not a laundering ring, the human writes it down, and then the human does that a few hundred more times before lunch. This is the daily texture of a multi-billion-dollar industry, and it is, if we are being honest, mostly a filing job with legal consequences.
Flagright is a company that looked at that texture and decided the problem was the tools. Its cofounder and CEO, Baran Ozkan, spent something like 18 months trying to buy a real-time, risk-based transaction-monitoring system he actually liked. He could not find one. The vendors were fragmented, the alerts were noisy, and the whole stack seemed designed for a world of overnight batch files rather than money that moves in a second. So in 2022 he did the thing that frustrated buyers occasionally do, which is stop buying and start building. He teamed up with Madhu G. Nadig, who had built scalable, data-intensive systems at Palantir and AWS, and they made the product they wished had existed.
This is a good founding story because it is a common one. The best enterprise software tends to get built by people who had to live with the bad version. The pitch more or less writes itself: instead of stitching together a monitoring vendor here, a screening list there, a case-management tool somewhere else, and a spreadsheet to hold it all together, you get one platform that does transaction monitoring, sanctions and watchlist screening, dynamic risk scoring, case management, and regulatory filing. Flagright calls this an "AI operating system for financial crime compliance," which is the kind of phrase that should make you slightly suspicious, because everyone claims to be building an operating system for something. The mitigating detail here is that Flagright has customers - more than 100 banks and fintechs across 35-plus countries - which is a more credible thing to have than a category name.
What does the product actually do? At the base is a transaction-monitoring engine with a no-code scenario builder, sub-second API response times, rule simulation, and dynamic risk profiling. In plainer terms: a compliance officer can write and test the rules that decide which transactions look suspicious, without waiting on an engineering ticket, and see what those rules would have flagged before turning them on. That "without waiting on engineering" part is the quiet, important one. A large share of compliance pain is not the logic itself but the lag between wanting a rule and getting a rule.
On top of that base sits the part everyone wants to talk about in 2026, which is the AI. Flagright's is branded AI Forensics, or AIF, and the framing is more interesting than "we added a chatbot." AI Forensics is pitched as an agentic investigation engine: it does not just summarize an alert, it runs the investigation. It follows the institution's own standard operating procedures step by step, gathers evidence from the relevant data sources, and reaches a disposition - a defensible answer to the question "is this actually suspicious?" - in seconds rather than minutes. The product family has expanded from screening into monitoring, governance, and quality assurance, which is the natural direction if your thesis is that most of compliance is repeatable procedure that a machine can follow.
The reason the CTO's line about black boxes matters is that compliance is one of the few software markets where "the AI decided" is not an acceptable answer. If a regulator asks why an alert was closed, "the model was confident" is a liability, not a feature. So the whole value proposition rests on the investigation being explainable and audit-ready - a trail a human examiner can read and a court could, in principle, accept. This is a real constraint, and it is arguably what separates a compliance-AI product from a demo. Anyone can generate a plausible narrative. The hard part is generating one you would be willing to defend.
Does it work? The company reports the kind of numbers you would expect a company to report, and you should read them with the usual grain of salt, but they are at least specific. Institutions that consolidate onto Flagright cite up to a 93% reduction in false positives, roughly 80% lower compliance costs, and a 27% drop in operational errors. One customer, the Singapore-based payments firm HitPay, said it cut false positives by 83.8% and halved investigation times across six markets in the Asia-Pacific region. Betterment, the US robo-advisor, adopted Flagright as unified risk infrastructure across its products. The platform advertises a roughly two-week deployment, which is fast enough for enterprise compliance software that it is worth noting as either a genuine engineering achievement or a claim to test carefully during procurement.
False positives are, incidentally, the whole ballgame. A monitoring system that flags everything is technically compliant and practically useless, because it buries the real signal under an avalanche of nothing and burns out the analysts who have to dig through it. The economically interesting promise Flagright is making is not "we catch more" - it is "we make you look at less." If a bank can shrink its alert pile by 90-something percent without missing the cases that matter, it has effectively converted a cost center staffed by tired people into something closer to a system. That is the pitch, anyway, and it is a good one because it aligns with what the buyer actually wants at 4pm on a Friday.
The money has followed the thesis. Flagright went through Y Combinator and raised a $4.3 million seed round in April 2025 led by Frontline Ventures, with YC, Pioneer Fund, Moonfire, and a set of fintech angels participating. Then, in June 2026, it announced a $12.5 million Series A led by Infinity Ventures, with the Italian banking group Sella, Frontline, and Y Combinator also in. The stated plan is to expand explainable-AI use cases across compliance operations and to push harder into the US market. Fourteen months from seed to Series A is a brisk pace, and it suggests investors are buying the "operating system for compliance" framing rather than treating Flagright as one more point tool.
There is a broader market reason this is landing now. Money has gotten faster - instant payments, stablecoins, crypto rails, cross-border flows that clear in seconds - while a lot of compliance infrastructure was designed around slower assumptions. Neobanks, crypto firms, and remittance providers feel that mismatch first, because they are the ones moving fast, and they are disproportionately represented in Flagright's customer base. The old stack was built for a world that no longer exists; the argument for Flagright is essentially that compliance should run at the speed of the money it watches.
It is worth pausing on who buys this, because compliance software has an unusual customer. The person evaluating Flagright is often the same person who will personally answer to a regulator if something goes wrong. That changes the sales dynamic. A consumer app can ship a feature that is 90% right and iterate; a compliance tool that is 90% right can produce a filing that is 10% wrong in a way that ends a career. This is why "explainable and auditable" is not marketing garnish - it is the thing that lets the buyer sleep. Flagright's customer base skews toward institutions that feel this acutely: payment processors, digital banks and neobanks, remittance providers, brokerages, and crypto firms, alongside more traditional banks and credit unions. Named references include Betterment in the US and HitPay across the Asia-Pacific region.
The company itself is deliberately lean - somewhere in the range of 40 to 56 people, remote-first, with offices that have included London, San Francisco, and Singapore. The stated mission is unromantic in a useful way: rebuild the infrastructure so compliance teams can stop drowning in repetitive triage and fragmented tools, and spend their attention on genuine risk. The stated vision extends that into agentic workflows, where the machine handles the operational noise and humans handle strategic judgment. It is the sort of division of labor that sounds obvious once you say it and is surprisingly hard to actually build, because the machine has to be trustworthy enough that a compliance officer will stake their signature on its work.
None of this makes Flagright a sure thing. It is a small company in a crowded field that includes well-funded rivals like Unit21, Sardine, Hawk AI, and ComplyAdvantage, plus entrenched legacy incumbents - the Actimices and SAS-es of the world - that banks are famously slow to abandon. Switching a core compliance system is a genuinely scary project for a risk officer, which is both a headwind for challengers and, once you have won a customer, a moat. Category creation is expensive, "AI operating system" is a claim that has to be earned quarter by quarter, and the reported metrics are, as always, the company's own. But the underlying bet is a sound one, and pleasingly unglamorous: that the way to fix compliance is not more alerts or more headcount, but better plumbing underneath - so that the humans who are good at judgment spend their time on judgment, and the machine handles the filing. If Flagright is right about that, the boring filing job quietly becomes a system, and that is a bigger deal than it sounds.
Real-time, risk-based monitoring with a no-code scenario builder, rule simulation, and dynamic risk profiling - built for money that moves in a second.
An agentic engine that runs alert investigations by following your own SOPs, gathering evidence, and reaching a defensible, auditable disposition in seconds.
Sanctions, PEP, and adverse-media screening integrated into the same platform, so onboarding and monitoring share one view of risk.
Configurable, behavior-aware risk profiles for customers and transactions, tunable to an institution's own risk appetite.
A centralized investigation workspace with collaboration tools, audit-ready narratives, and automated SAR and regulatory filing.
Business verification tied directly into ongoing monitoring and risk assessment, rather than living in a separate silo.
Baran Ozkan and Madhu G. Nadig launch the company after Baran's long, fruitless search for a real-time monitoring vendor.
Within six months of launch the platform is serving institutions internationally.
Frontline Ventures leads, with Y Combinator, Pioneer Fund, Moonfire, and angels participating.
The AIF family grows from screening into monitoring, governance, and QA.
Infinity Ventures leads, funding US expansion and deeper explainable-AI capabilities.
| Round | Amount | Date | Lead |
|---|---|---|---|
| Seed | $4.3M | Apr 2025 | Frontline Ventures |
| Series A | $12.5M | Jun 2026 | Infinity Ventures |
Y Combinator, Sella, Pioneer Fund, Moonfire Ventures, and fintech angels including Rubin Ritter (ex-co-CEO, Zalando) and Andre Silva (ex-global head of expansion, Revolut).
"The old compliance stack is too fragmented for modern financial institutions."
Baran Ozkan · Cofounder & CEO"AI in compliance cannot be a black box. It has to be explainable, auditable."
Madhu G. Nadig · Cofounder & CTOIt provides an AI-native platform for financial crime compliance - transaction monitoring, sanctions and watchlist screening, dynamic risk scoring, case management, and regulatory filing - in one system.
Baran Ozkan (CEO) and Madhu G. Nadig (CTO) founded the company in 2022.
Publicly, a $4.3M seed round in April 2025 and a $12.5M Series A in June 2026 led by Infinity Ventures, alongside backers including Frontline Ventures and Y Combinator.
More than 100 banks and fintechs across 35+ countries - payment processors, neobanks, crypto firms, and companies like Betterment and HitPay.
Flagright's agentic investigation engine, which runs alert investigations by following an institution's own procedures, gathering evidence, and reaching a defensible, auditable disposition in seconds.