Italy-based Cleafy has raised EUR 12 million in a Series B round to scale predictive cybersecurity capabilities across European and Latin American banking markets.
The capital will be directed towards accelerating product development, expanding threat analysis operations, and entering new banking markets across Europe and Latin America.
Cleafy's platform is designed to address a structural gap in how banks detect and respond to fraud. Conventional security and anti-fraud tools typically operate in isolation, analysing individual transactions or discrete signals against static rules. This reactive model means institutions often absorb financial losses, operational disruption, and reputational damage before any intervention can take place. Cleafy's approach centres on reconstructing the full chain of an attack, identifying hostile infrastructure, attacker intent, and behavioural patterns across web, mobile, backend, and network channels, before damage occurs.
The system is continuously updated and draws on real-time global threat intelligence to detect attack campaigns at an early stage. According to the company, this model gives banks the possibility to move from reactive incident response towards pre-emptive prevention. A recently launched product, Cleafy for Workforce, extends this approach to detecting insider threats and compromised accounts within corporate environments.
Regulatory momentum and market context
The funding round coincides with a period of heightened regulatory scrutiny across the EU financial sector. The Digital Operational Resilience Act (DORA), which entered into application in January 2025, alongside cybersecurity requirements introduced under NIS2, has increased compliance obligations for financial institutions regarding digital resilience and incident reporting. These frameworks are broadly expected to drive demand for solutions that can demonstrate proactive threat detection and operational continuity.
A company representative noted that fraudsters are increasingly using automated and AI-assisted methods to scale attacks, placing pressure on banks that continue to rely on legacy tools built for a different threat environment. In addition, Cleafy will continue to focus on meeting the needs, preferences, and demands of clients and users in an ever-evolving market, while prioritising the process of remaining compliant with the regulatory requirements and laws of the industry as well.
