Key Takeaways
- Cleafy secured $14.03 million in Series B funding, equivalent to €12 million, bringing its total lifetime funding to approximately $25 million (€22 million) since the company was founded.
- The investment round was co led by eCAPITAL Entrepreneurial Partners and United Ventures, supporting the expansion of Cleafy’s financial sector cybersecurity platform.
- The company currently provides protection for more than 150 banks and financial institutions across Europe and Latin America, safeguarding over 250 million end users from digital financial threats.
- Its proprietary threat detection technology is supported by more than 85 international patents, and the company reports zero customer churn over more than a decade of operations, indicating strong long term customer retention.
- The funding comes as European regulatory frameworks such as the Digital Operational Resilience Act and NIS2 increase cybersecurity requirements, prompting financial institutions to strengthen digital resilience and expanding the potential market for advanced threat detection platforms.
Quick Recap
Italy-based enterprise cybersecurity startup Cleafy announced on March 12, 2026, the successful close of a €12 million ($14.03M) Series B funding round, co-led by eCAPITAL Entrepreneurial Partners and United Ventures.
The official announcement was made through Cleafy’s press office and confirmed by CEO Matteo Bogana on LinkedIn, noting the milestone brings the company’s total capital raised to €22 million ($25M). The round was also reported across RegTech Analyst, FinTech Global, and The Paypers on the same day.
Cleafy’s Banking Security Technology
Founded in 2014 by Matteo Bogana, Nicolò Pastore, and Carmine Giangregorio, Cleafy was built on the premise that banking fraud and cyberattacks are not financial anomalies but structured kill chains that can be detected weeks before damage occurs. Rather than flagging individual suspicious transactions after the fact, Cleafy reconstructs how an attack forms, evolves, and spreads across a bank’s entire digital surface by correlating telemetry from web apps, mobile banking platforms, backend systems, and network infrastructure in real time.
The platform’s proprietary engine combines this multi-channel telemetry with global threat intelligence to identify hostile infrastructure and attacker intent at an early stage. This approach allows the system to answer not just “does this payment look abnormal?” but “is there an active attack campaign in progress, and at what stage of execution?” Clients include ING, BCC Iccrea Group, Illimity Bank, and BPS (Suisse), and the company reports a 100% client renewal rate since inception.
The freshly secured capital will be allocated across three fronts: accelerating predictive capability development, scaling the Cleafy Labs global threat intelligence network (which has already identified more than 60% of known global banking malware), and entering new markets including the DACH region and Asia-Pacific. A new product line, Cleafy for Workforce, extends the same attack-centric detection model to insider threats and compromised employee accounts inside corporate systems, broadening the platform beyond external fraud.
On the investor side, eCAPITAL Entrepreneurial Partners, a Münster, Germany-based deep-tech venture fund managing over €340 million in assets, brings specific cybersecurity portfolio expertise and adds an international dimension to Cleafy’s backer base. United Ventures, Cleafy’s original Series A lead from 2023, is doubling down; partner Fabio Pirovano described the predictive approach as “a strategic imperative” given the growing sophistication of fraud schemes.
Regulatory and Threat Context
The timing of this raise is not accidental. The European Union’s Digital Operational Resilience Act (DORA) came into force on January 17, 2025, mandating that banks, insurers, and other financial entities maintain verifiable ICT risk management frameworks, run threat-led penetration testing, and demonstrate continuous monitoring.
The complementary NIS2 directive, which entered into force across member states on October 18, 2024, extends cybersecurity requirements to 18 critical sectors and imposes fines of up to €10 million or 2% of global annual turnover for material breaches. Together, DORA and NIS2 have created a compliance imperative that is functionally indistinguishable from a procurement mandate: European banks must either build or buy demonstrably robust threat detection capabilities.
Cleafy’s proposition, which detects live attack campaigns before any fraudulent transaction is processed, maps directly onto DORA’s requirement for proactive ICT risk management rather than reactive incident response. CEO Matteo Bogana captured the urgency in his post-round statement: “While fraudsters weaponize AI to scale attacks at machine speed, European banks are fighting back with outdated, reactive tools. We built Cleafy to change this equation fundamentally.”
The broader fraud detection and prevention market underscores the opportunity. The sector was growing at close to 25% year-on-year as of 2023 and is projected to reach $190.93 billion by 2030. Cleafy’s entry into Latin America alongside European expansion suggests the company is positioning for a slice of that global growth, not merely a European niche.
Competitive Landscape
Cleafy occupies a specific segment of the banking fraud prevention market: predictive, attack-chain-aware threat detection designed exclusively for financial institutions. Its two most directly comparable European-originated peers at a similar or adjacent growth stage are SEON Technologies and Feedzai.
SEON (London/Budapest) focuses on real-time digital identity verification and behavioral signals to block fraudulent accounts and transactions, with total funding of $187 million following a $80M Series C in September 2025.
Feedzai (Lisbon) operates an AI-native RiskOps platform covering fraud, AML, and transaction risk, valued at over $2 billion after a $75M Series E round in October 2025. While Feedzai and SEON compete on breadth and scale, Cleafy differentiates on depth: its attack-kill-chain methodology is purpose-built for banking infrastructure rather than general digital commerce.
Banking Fraud Prevention: Cleafy vs. SEON vs. Feedzai
| Feature / Metric | Cleafy | SEON Technologies | Feedzai |
| Primary Focus | Predictive attack-chain detection for banks | Digital identity fraud & behavioral signals | AI-native fraud, AML & transaction risk (RiskOps) |
| Detection Approach | Reconstructs full kill chain before transaction | Digital footprint, 900+ fraud signals via API | ML-based transaction scoring + AML layer |
| Geographic Focus | Europe, Latin America, DACH, Asia-Pacific expansion | Global (North America, LATAM, APAC) | Global (ECB digital euro contract) |
| Clients / End Users Protected | 150+ financial institutions; 250M+ end users | Revolut, NuBank, Afterpay, Mollie and others | $70B+ annualized payment volume protected |
| Total Funding | ~$25M (€22M) Series B | ~$187M (Series C) | $75M Series E at $2B valuation |
| Latest Round | $14.03M Series B (March 2026) | $80M Series C (September 2025) | $75M Series E (October 2025) |
| Key Differentiator | 85+ patents, 100% client renewal, DORA-aligned proactive detection | 30-second trial, API-first, 90% reduction in fraudulent accounts | ECB digital euro fraud prevention contract |
| Insider Threat Coverage | Yes (Cleafy for Workforce) | Not primary focus | Partial (AML/compliance layer) |
Strategic Analysis
Cleafy holds a structural advantage in the pure-play European bank security segment, particularly under DORA compliance requirements, where its kill-chain reconstruction methodology addresses the regulation’s proactive resilience mandate more directly than SEON’s commerce-focused identity signals.
However, Feedzai’s $2 billion valuation, its selection as the European Central Bank’s digital euro fraud prevention provider, and its broader FRAML (Fraud + AML) stack make it the dominant platform for larger institutions seeking a single-vendor solution across fraud and compliance.
Bayelsa Watch’s Takeaway
I want to be straightforward here: this is a genuinely interesting raise, and I think it is more meaningful than the headline number suggests. A €12 million Series B in European deep-tech cybersecurity is modest by Silicon Valley standards, but in the context of the European startup ecosystem, particularly for a company that has kept zero customer churn for over a decade, it reads as disciplined, high-conviction capital rather than hype funding.
In my experience covering fintech and cybersecurity funding rounds, the companies that survive regulatory inflection points are almost never the ones with the biggest war chests. They are the ones whose product already maps onto what regulators are demanding. Cleafy is in exactly that position right now: DORA went live in January 2025, NIS2 is fully in force, and every European bank’s compliance team is now required to demonstrate proactive threat detection, not just post-incident response. That is Cleafy’s core product pitch, written almost verbatim into EU law.
