A four-year-old startup in San Francisco has convinced FIS, Deel, GoDaddy and X to outsource the hardest part of finance: deciding which transactions to trust. Now it's teaching AI agents to do the night shift.
Pick any morning in 2026. Somewhere in a Brazilian neobank, a fraud analyst opens an alert queue that used to take eight hours and finds it pre-triaged. In a Toronto branch of a 165-year-old bank, a digital onboarding flow flags a synthetic identity in the time it takes the applicant to mistype their address. In Bangalore, a compliance officer at a payments company reviews a draft Suspicious Activity Report she did not write. All three are quietly powered by the same San Francisco startup.
That startup is Sardine. It is not a brand most consumers will ever notice, which is exactly the point. Sardine sells the plumbing that decides whether your tap-to-pay goes through, whether your new crypto account opens, whether your refund goes to the person who actually made the purchase. Its platform fuses device intelligence, behavior biometrics, machine learning, and - increasingly - a fleet of AI agents that handle the work compliance teams hate most: writing reports, chasing alerts, narrating risk decisions.
For two decades, fintech bolted on a new vendor every time fraud invented a new trick. Device-fingerprint vendor. KYC vendor. Sanctions vendor. Behavior vendor. Transaction-monitoring vendor. Each one sent alerts to a different inbox. Each one required a separate analyst to babysit it. None of them talked to each other.
The result was the world's most expensive game of telephone. Fraud teams drowned in false positives. Compliance teams spent more time documenting decisions than making them. And the customers most banks actually wanted - immigrants opening accounts, gig workers cashing out, small businesses moving real money - kept tripping the same brittle rules.
Soups Ranjan saw the pattern from the inside. He had led risk and compliance at Coinbase during the crypto boom, and before that at Revolut, Uber, and PayPal. Each company had run the same play: stitch together a dozen vendors and hope your engineers can keep up. None of them could.
The problem was not a missing feature. It was a missing architecture. Risk needed a single platform that could see the device, the behavior, the transaction, the network, and the regulatory context in one place. In 2020, no such platform existed.
Ranjan teamed up with Aditya Goel and Zahid Shaikh - two engineers who had also done time inside fintech and crypto risk teams. The bet was unfashionable for 2020: that the future of risk was not another point solution but a horizontal platform with a network effect.
They called it Sardine, after the small fish that survives by schooling. The metaphor is not subtle. A single sardine is easy prey. A school is a shimmering, coordinated organism that confuses predators. Sardine the company runs on the same logic: every customer feeds anonymized device and behavior signals into a shared network, and every customer benefits from what the others have seen. The fraud ring that hit a crypto exchange on Monday gets flagged when it tries a neobank on Tuesday.
Andreessen Horowitz wrote the first big check in 2021. By late 2022 the company had closed a $51.5M Series B led by a16z - notable mostly because the funding climate had turned brutal, and fraud was suddenly back in fashion. Three years later, in February 2025, Sardine added a $70M Series C led by Activant Capital at a $660M valuation, with Google Ventures, Geodesic, Moody's, Experian Ventures and NAventures piling in. A $25M extension from National Bank of Canada followed, bringing total funding to $170M.
Sardine is sold as a single API and a single console, but underneath it does the work of about four legacy vendors. The pitch to a Head of Risk is brutally simple: rip out the four contracts, plug into Sardine, watch your false-positive rate fall and your time-to-decision drop.
Real-time device intelligence, behavior biometrics and ML scoring to stop ATO, payment fraud and synthetic identities before they post.
KYC, KYB, sanctions screening, transaction monitoring, and SAR/UAR filings inside a no-code rules engine.
Autonomous copilots that triage alerts, draft SAR narratives and assist human investigators 24/7.
A consortium dataset built from 2.2B+ profiled devices - the moat that makes new customers smarter on day one.
Risk decisioning and signal enrichment for lenders, BNPL providers and card issuers.
One integration, one console, one data model across every product above. Replaces an average of four vendors.
If you want to understand why investors leaned in at a $660M valuation in a tough year for fintech, look at the curves Sardine put on the board.
The bigger number is the one Sardine talks about less: 2.2 billion devices profiled. That is not a marketing stat. It is the moat. Every new customer makes the model better; every improvement in the model makes the next sales call shorter. This is what a network effect looks like when it lives inside a B2B compliance product.
The core-banking giant runs Sardine signals through its fintech program.
Global payroll uses Sardine to vet contractor onboarding across 150+ countries.
Domain and commerce platform leans on Sardine for payment-fraud scoring.
Trust & safety signals at consumer scale.
Listed partner integrating Sardine signals for issuers and acquirers.
Embeds Sardine's device and behavior biometrics into its fraud products.
Led the Series A and kept writing checks through C.
Led the 2025 extension; also a customer for fraud-ops automation.
Sardine's mission is not romantic. It does not promise to bank the unbanked or democratize anything. It promises to make fraud teams faster and compliance teams less miserable. That's it. And in a world where every fintech is being asked to do more KYC, more transaction monitoring, more sanctions screening, and more SAR filing with the same headcount, that's plenty.
The next move is agentic. Sardine is shipping AI agents that can read an alert, pull the relevant data from a dozen sources, draft an investigator's narrative, and queue it for human review. The thesis is that compliance is the perfect first home for agents: structured workflows, regulated outputs, clear audit trails, painful headcount math. If agents can do anything useful in finance, they can do it here.
Skeptics will note that fraud has never been easier to commit, thanks to the same generative AI that powers Sardine's tools. Synthetic identities are cheaper. Voice cloning is real. Deepfake KYC selfies are circulating in private Telegram channels. The arms race is escalating, and Sardine is not the only company gearing up. But it is one of the few that started from the assumption that risk would become a software-versus-software fight, and that the side with the better network would win.
Return to the Brazilian fraud analyst, the Toronto onboarding queue, the Bangalore compliance officer. None of them will mention Sardine in a tweet today. None of them needs to. The whole point of risk infrastructure is to be invisible when it works.
But somewhere between the device fingerprint and the SAR narrative, a small fish is doing the schooling. And the predators - the fraud rings, the synthetic identities, the money mules - are finding the water a little colder than it used to be.
That, more than the valuation or the funding round or the agent demos, is the story.