CHALLENGE · 01
Real-time fraud at instant-payment speeds
FedNow and UPI settle in 10 seconds — the fraud window is the same. Batch-trained, batch-scored models can't keep up.
≤ 50ms SLAIndustry · 01 of 06 · Banking · Payments · Risk
Move money in milliseconds. Catch fraud before the customer feels it.
Legacy cores still run the world's banks — and they don't have to be the bottleneck. We sit between the COBOL and the customer, building the real-time fraud, payments and reg-reporting layers that make a 40-year-old core feel like a 4-week-old fintech.
12msp99 fraud decision
9.4MDaily events · per stream
−67%Fraud false-positives
fraud-decisioning · liveSTREAMING
14:02:18card•9921 · Mumbai → Berlin · CNP€1,420BLOCK
14:02:18acct•7714 · payroll · 312 txn$1.2MPASS
14:02:19upi•vp@hdfc · device drift₹89,000STEP-UP
14:02:19card•4407 · grocery · home loc$48PASS
14:02:19wire•DE89 · new beneficiary€56,000REVIEW
14:02:20card•1188 · subscription renewal$14.99PASS
14:02:20acct•0023 · 14 in 90s velocity$2,310BLOCK
14:02:20rtp•FedNow · 24/7 instant$8,940PASS
queue · 09.4Mevents/daySLA · 99.997%
The reality on the ground
The shape of banking 2026.
Real-time rails, sophisticated fraudsters and a regulator with a calendar full of new deadlines. The institutions winning are the ones that stopped pretending compliance is a project — and started treating it as architecture.
FACT · 01$485B
Global card fraud losses — and the curve hasn't flattened. Most banks still queue every alert and triage by hand.
FACT · 0224/7
Real-time payment rails — UPI, FedNow, SEPA Instant, Pix. Settlement in 10 seconds. Fraud has the same window to act.
FACT · 031 in 3
Bank IT budgets still consumed by run-the-bank work. Modernization is the only path out — and the longer it's deferred, the more it costs.
FACT · 04150+
Discrete regulatory regimes a global bank touches in a year. Hand-built reporting doesn't scale; policy-as-code does.
The hard problems
What keeps a CIO & Chief Risk Officer awake at 02:00.
The Venn of regulator, customer, board and engineer doesn't have a clean centre. We've been in enough war-rooms to know what the real ask is.
CHALLENGE · 02
Legacy core, modern customer
The mainframe is fine. The 2003 web layer wrapped around it is not. Customers want app-grade experiences without a 5-year core swap.
Strangler-figCHALLENGE · 03
Reg-reporting that owns the roadmap
Every quarter a new return. CCAR, FRTB, AnaCredit, DORA. Built once by hand → broken every release.
Policy-as-codeCHALLENGE · 04
KYC / AML drowning in alerts
Industry-standard SAR queues run 95% false positive. Analysts burn out. Bad actors get through the cracks.
Graph + MLCHALLENGE · 05
Payments orchestration · many rails
Cards, ACH, RTP, FedNow, UPI, SEPA, SWIFT, crypto. Each rail has its own SDK, settlement and dispute flow.
ISO 20022CHALLENGE · 06
Open Banking · without exposing the bank
PSD2, FDX, India OCEN. Third-party APIs that meet the spec without leaking PII or destabilizing the core.
OAuth · FAPIWhat we build · and own
Six modules. One real-time stack.
Each module ships into your repo on day one, runs in your cloud, and is yours to keep. We don't build the part you can't maintain after we leave.
Module · 01
Real-time fraud decisioning
Sub-12ms scoring on card, ACH, RTP, UPI and SWIFT. Streaming ML with rule + model ensemble and a human-review queue that fits analyst capacity.
- Kafka + Flink streaming
- Gradient-boosted model
- Velocity + network rules
- Explainability for disputes
Module · 02
Payments orchestration
One API across every rail — ISO 20022, FedNow, UPI, SEPA Instant, cards, crypto rails. Smart routing, fallback, dispute and settlement.
- ISO 20022 native
- Multi-rail smart routing
- PSP waterfall fallback
- Dispute + chargeback flow
Module · 03
Regulatory reporting engine
CCAR, FRTB, AnaCredit, DORA, BCBS 239. Reports that run from the same lineage-tracked data lake every time — and don't break when the schema changes.
- Policy-as-code rules
- Lineage + audit trail
- Regulatory schema registry
- Exception workflow
Module · 04
KYC / AML & graph analytics
Entity resolution, beneficial-ownership graph, SAR workflow with ML-scored alert triage. False-positive rates half industry benchmark.
- Graph entity resolution
- Beneficial-ownership tree
- ML alert triage
- SAR narrative draft
Module · 05
Core modernisation layer
Strangler-fig API layer over your existing core — COBOL, FIS, Temenos, Oracle FLEXCUBE. New channels and products without a core freeze.
- Core abstraction API
- Event-sourced ledger
- COBOL bridge adapters
- Zero-downtime cutover
Module · 06
Open Banking & embedded finance
PSD2, FDX, India OCEN-compliant APIs. Consent management, token lifecycle, developer portal. The bank as a platform without the bank as a bottleneck.
- FAPI 2.0 · OAuth 2.1
- Consent management
- Developer portal
- TPP onboarding & audit
Reference architecture
From transaction ingest to ledger, the path is six steps.
A single payment event flows through six clean stops on its way to being scored, routed, settled and reported — all within milliseconds.
STEP · 01IngestPayment event arrives on the stream — card, ACH, RTP, UPI or wire.
STEP · 02EnrichEntity resolution, device, velocity, network context added in <2ms.
STEP · 03ScoreML model + rule engine returns a decision in <12ms p99.
STEP · 04RouteApproved: rail-optimised routing. Flagged: step-up or queue.
STEP · 05SettleISO 20022 settlement message dispatched. Reconciled idempotently.
STEP · 06ReportLedger event flows to reg-reporting engine and audit store.
Tools we reach for
Battle-tested stack. No buzzword tax.
Application
Next.js · App RouterTypeScripttRPCPostgresRedisKafka
AI / ML
XGBoost · LightGBMFlink MLFeature StoreEvidently AISHAPMLflow
Payments & standards
ISO 20022FedNowSEPA InstantUPI · NPCISWIFT MXFDX · PSD2
Data & streaming
Apache KafkaApache FlinkSnowflakedbtIcebergGreat Expectations
Who we build for in finance.
From tier-1 global banks to digital-native neobanks, payments processors and the fintechs sitting between them.
Tier-1 & retail banksNeobanks & challengersPayments processorsWealth & asset managersInsurance carriersRegTech providersEmbedded financeCrypto & digital assets
Case study · in production
How a tier-2 bank cut fraud losses by 67% without touching the core.
A 40-year-old core processing 9.4M events a day. We layered a streaming fraud engine with graph-based KYC over the existing rails. False-positive queues dropped from 9,000/day to 1,400. The fraud team halved headcount on manual review and reinvested in model tuning.
ClientTier-2 bank · SEA region
Volume9.4M events/day · 3 rails
Timeline12 weeks · pilot to production
CoreFIS Profile · untouched
12msp99 fraud decision
−67%Fraud false-positives
9.4MDaily events · per stream
99.997%Platform SLA
Compliance · built-in
Audit-ready by default. Not by sprint.
Financial data is regulated data. We build with compliance as architecture — not a checkbox bolted on before an audit.
PCI DSS v4Cardholder data environment
SOC 2 · Type IIContinuous controls + evidence
GDPR · EU/EEALawful basis · data residency
DORA · EUOperational resilience reporting
BCBS 239Risk data aggregation + reporting
ISO 20022Message schema + migration
AML · FATFTransaction monitoring + SAR
Open Banking · FAPI 2.0Consent + TPP security profile
Questions you’ll probably ask
The short version of the kick-off call.
Can you work with our existing core — FIS, Temenos, Oracle FLEXCUBE?+
How do you get fraud scoring under 12ms?+
How do you handle false positives?+
Do we own the models and data?+
What does PCI compliance look like in this architecture?+
How long does a typical engagement take?+
Finance & Banking · fraud · payments · risk
Bring your core. We'll bring the real-time layer.
A 60-minute platform review with a senior fraud engineer and a payments architect. We'll map your rails, your alert queue and your next regulatory deadline.