CodeSightAI launched its AI-powered code review platform designed to help development teams deliver high-quality software faster. The platform seamlessly integrates with GitHub to provide intelligent code analysis, real-time collaboration, and comprehensive security scanning. The new platform addresses critical inefficiencies in traditional code review processes that cost the global software industry billions annually. By leveraging advanced AI algorithms, CodeSightAI enables development teams to reduce review time by up to 60% while catching 90% of security issues before deployment. CodeSightAI’s comprehensive feature set includes AI-powered code analysis that detects bugs, security vulnerabilities, and performance issues in real-time. The platform provides smart fix recommendations with automated application capabilities and supports multiple programming languages with pattern-based security scanning. The AI-powered code review platform offers seamless GitHub integration through one-click OAuth authentication, automated pull request analysis, and real-time synchronization with repository changes. Development teams benefit from live collaboration features including real-time cursors, code comments, and team performance analytics. Key capabilities of the platform include: – Advanced AI algorithms for bug and vulnerability detection; Real-time code quality assessment with detailed suggestions; Comprehensive security scanning with Row-Level Security; Team collaboration hub with activity feeds and performance metrics; Smart analytics dashboard tracking pull request metrics and quality improvements; Flexible billing and subscription management through Stripe integration.
Embedded lending experiences become seamless with a best-of-breed orchestration stack that unifies KYC, AML, open banking, and audit trails for real-time risk decisions
The global market for embedded lending is expected to reach $7.2 trillion by 2030, but traditional compliance systems are facing challenges due to false positives in AML alerts. This can lead to delays, frustrated customers, and extra operational strain. Research shows that 32% of lenders see manual income verification as their biggest bottleneck in risk decisioning, while a quarter say document validation is their single highest cost. A robust orchestration layer with a best-of-breed approach can help reduce false positives and connect all risk and compliance checks to improve the borrower experience. This results in faster decisions, fewer customer drop-offs, and an uninterrupted lending experience. False positives in the KYC process can cause delays while compliance teams review the loan application manually. A pause in this process or within the process of transaction monitoring is more likely to cause a customer to abandon their purchase, leading to missed interest, revenue, and potential new-to-bank customers. Quick KYC and AML decisioning is a key part of the embedded lending compliance process, and regulators are tightening their grip on this issue. An integrated orchestration layer can build smarter, faster compliance directly into the customer experience. Effective AML hinges on piecing together up-to-date data from a web of internal and external sources. Modern orchestration layers typically include money laundering risk scoring modules, API connectivity to multiple vendors, and complete audit trails for compliance. The flexibility of the orchestration layer comes down to the lender’s risk appetite, allowing them to balance effective fraud detection with minimising false positives. An effective orchestration layer not only streamlines AML checks but also stitches together all the critical services required to deliver a seamless, compliant lending and customer onboarding experience.
Figure Technology embeds AI and Provenance blockchain into consumer lending to cut HELOC approval to 10 days, enabling on‑chain origination, AI underwriting and smart‑contract loan trading.
Figure Technology’s recent filing to go public spotlights the growth of AI and blockchain into loan origination, underwriting and secondary market trading. The company’s platform is built on the Provenance blockchain, which it describes as a “record of truth” for assets. Every loan originated through its system is recorded on the blockchain, providing an immutable record of ownership and performance. Figure combines that with automated valuation models, AI-powered underwriting, and smart contracts that govern loan sales and transfers. This approach has allowed the company to shorten approval times for home equity lines of credit (HELOCs) to a median of 10 days from an industry average of 42 days. Loan applications can be completed in five minutes, with funding available in as little as five days. Figure estimates its addressable market across lending and capital markets at approximately $185 billion in annual revenue potential, based on consumer credit originations and marketplace trading. In addition to lending, management is targeting tokenization and stablecoins as growth opportunities. The filing contends that the company has achieved profitability and scaled it in a capital-efficient way. Revenue models are built on fees from originations, servicing, gain on loan sales, and technology usage. Partner-branded lending, where banks and mortgage originators use Figure’s platform under their own brand, accounts for 77% of total originations. Figure had 168 active partners as of mid-2025. The company has also built regulatory infrastructure to support its ambitions. It holds more than 180 lending and servicing licenses, 48 money transmitter licenses, and SEC registration as a broker-dealer with authority to operate an alternative trading system. Internationally, it has crypto licenses in the Cayman Islands and Ireland. Management argues that this licensing framework differentiates it from competitors and will support scaling of new products.
Visa launches global framework unifying fraud and disputes for both acquirers and merchants; merchants above 2.2% disputes pay $8 each, threshold drops to 1.5% in April 2026.
Visa has launched its updated Visa Acquirer Monitoring Program (VAMP), introducing a unified global framework for fraud and dispute monitoring designed to strengthen compliance and safeguard the payments ecosystem. By consolidating fraud and dispute oversight for both acquirers and merchants, VAMP has been positioned as a pivotal development in the fight against payment fraud. Under the new framework, merchants whose disputed transactions have exceeded 2.2% – whether fraudulent or not have been subjected to penalties of $8 per dispute, with the threshold set to be reduced to 1.5% from April 2026. In parallel, merchants whose transactions have included more than 20% enumeration attacks – fraudulent test purchases made with stolen card details – have been brought under the scope of enforcement, regardless of transaction value. The introduction of VAMP has signalled a fundamental shift for merchants, who have been faced with increased compliance obligations, heightened cost pressures, and the potential risk of being restricted from accepting Visa payments. “With VAMP, Visa compels merchants to get on the front foot with fraud. If they don’t, they may find themselves hit with additional fees or even blocked from accepting Visa payments altogether. No merchant wants to find themselves unable to accept Visa payments, which make up almost 40% of global card transactions. Maintaining low fraud rates is not just a cost-control or compliance issue; it’s a business-critical priority. Merchants can’t afford to sit back. VAMP is here, and the impact will be felt across customer experience, operations and revenue,” said Martin Sweeney, CEO of Ravelin.
Fintech Jar’s gold micro-investment infrastructure integrates UPI auto payments with localization technology and gamification engines to grow revenue 49x
Jar, an Indian fintech startup that allows users to invest in gold, has turned profitable by helping millions of first-time savers use its app to build digital gold holdings. While many consumer fintechs focus on affluent urban users or credit products, Jar has gained traction by offering a culturally familiar asset — gold — as a low-barrier entry point to saving. The startup targets low- to middle-income users —a segment often underserved by traditional financial institutions—by allowing them to save in gold for as little as ₹10 (about $0.11) a day. That strategy has helped Jar reach over 35 million registered users across 12,000 zip codes, co-founder and CEO Nishchay AG said. About 60% of users are from India’s smaller cities and towns (known as tier-2 and tier-3 towns), and more than 95% are saving formally for the first time, he told. Jar’s operating revenue — primarily from its core gold-saving app — grew ninefold in fiscal year 2024, which ended in March, to ₹2.08 billion (roughly $23.6 million), as disclosed in its latest filing. More dramatically, its total revenue across all business lines during that same period jumped to ₹24.50 billion (approximately $279.3 million), representing a 49-fold jump from ₹500 million ($5.7 million) in the previous financial year (FY24). This total revenue figure includes earnings from digital gold transactions, jewelry sales through its Nek platform, and fees from third-party distribution partnerships. The jewelry component is a sizable piece of this diversified approach. The platform works on a drop-shipment model with zero inventory. By controlling the entire value chain, Jar can now capture a larger share of the gold value chain and even distribute its gold through third-party platforms,including the Walmart-owned fintech firm PhonePe.
MANTL processes $3B in deposits from existing customers in six months through real-time core integration, automated KYC/KYB workflows and omnichannel 3-minute account opening technology
MANTL, an Alkami solution team and leading provider of loan and deposit account opening technology, announced that its clients raised over $3B in deposits with existing banking relationships in the first half of 2025. This achievement highlights the significant opportunity financial institutions have to achieve low-cost, sustainable growth by strengthening customer and member relationships and driving banking primacy with omnichannel account opening technology. In just six months, MANTL clients opened nearly 130,000 deposit accounts from existing customers and members, with an average funding amount exceeding $24,000. Notably, nine institutions generated more than $100 million in deposits each from existing account holders in the first half of 2025, demonstrating how banks and credit unions can leverage MANTL to activate existing banking relationships and drive sustainable growth at scale. MANTL Deposit Origination streamlines the process for existing banking customers and members to open new accounts in just a few clicks. Powered by real-time data and actionable insights, MANTL enables financial institutions to activate their banking relationships, increase lifetime value, and achieve a more cost-effective path to deposit growth than traditional acquisition strategies.
Mastercard unveils digital media network to deliver personalized advertising; uses proprietary card-linking technology to attribute conversion and incrementality for advertisers
Mastercard has unveiled a new digital media network designed to deliver personalized advertising across its owned channels and other channels. The new Mastercard Commerce Media will use insights from permissioned data to deliver personalized offers and content to consumers, and it will use proprietary card-linking technology to attribute conversion and incrementality for advertisers. Advertisers can use this digital media network to deliver tailored offers and content like cashback, discounts, incentives and advertising. Mastercard will use permissioned data about past purchase behavior and real purchase signals to identify the right audience for each offer. Because consumers who receive the offers will be able to activate them on their enrolled card, Mastercard will then be able to attribute each purchase to the served content. This offering will benefit advertisers by helping them make the most of their budgets, publishers by providing accurate attribution and helping build loyalty with their audience, and consumers by delivering relevant content and offers.
Salt Edge’s API solution to leverage IBM Z platform to enable banks to meet evolving global open banking regulations and simplify compliance with built-in consent management without overhauling their core systems
Salt Edge, a global provider of API technology for financial services, has confirmed its Open Banking API suite is compatible with IBM LinuxONE and IBM Z platforms, allowing global banks to implement a fully managed API access layer that meets evolving open banking compliance requirements. The solution leverages IBM Z’s performance, security, and scalability to help financial institutions modernize customer-facing services without overhauling their core systems. Salt Edge’s platform supports a broad range of open banking regulatory frameworks, simplifying compliance by exposing consent-based APIs that align with local laws and market needs. When deployed on IBM LinuxONE or IBM Z, Salt Edge’s platform enables banks to: Meet global open banking regulations without incremental development; Offer API-based services to fintechs and third parties with reduced operational burden; Accelerate time-to-market with built-in consent management, developer tools, and third-party onboarding; Leverage the reliability and performance of enterprise-class infrastructure to support critical workloads.
ThetaRay’s compliance solution allows users to build, modify, and simulate AML rules independently through no-code interface with customization and aggregation and safely test the impact of rules without affecting live systems
ThetaRay has introduced the Rule Builder Simulator, an AI-powered tool that enables banks and other financial institutions to build, test, and implement anti-money laundering rules faster. The tool offers a no-code interface for defining complex rule logic, reducing operational friction and approval bottlenecks. The Self-Service Rule Builder allows teams to test and analyze the impact of new rules in a secure environment before deployment without affecting live systems. This is part of ThetaRay’s mission to equip financial institutions with AI-enhanced tools that strengthen compliance, support growth, and innovation. Key Compliance Benefits: Autonomy and Speed: Users can build, modify, simulate, and deploy AML rules independently, reducing the rule lifecycle times from weeks to hours. Tailored Risk Coverage: Complex rule logic using no-code customization and aggregation, addressing institution-specific compliance needs with precision. Safe Testing Environment: Validate new rules in a secure simulation environment before going live, ensuring confidence in compliance decisions. Optimized Detection: Simulations help teams evaluate rule and AI combinations for optimal results in detecting financial crime. Seamless Production Deployment: Approved simulations can be applied to production with built-in governance and oversight workflows
PCI DSS new rules for ecommerce sector requires employing targeted risk analysis to address client-side attacks and implement API and payment script security, rapid detection and response to compromised credentials, and regular vulnerability scans
The Payment Card Industry Data Security Standard (PCI DSS) has expanded its guidance to include numerous security controls for retailers and e-commerce providers. These controls include payment script security, API protection, rapid detection and response to compromised credentials, and regular vulnerability scans. Client-side attacks, such as infostealers and malware, can harvest user credentials and be used for account takeovers and fraud. Web application firewalls (WAFs) are still a strategic security control, but the speed of modern application development requires additional capabilities to dynamically detect and automatically protect endpoints. Attackers constantly retool to bypass defenses, pivoting from web apps to mobile apps or escalating their tactics. The updated PCI DSS includes recommendations for employing targeted risk analysis versus traditional enterprise-wide risk assessments. It addresses the growing threat of client-side attacks with two client-side requirements effective March 31, 2025. Content security policies (CSPs) and subresource integrity (SRI) web methods are difficult to implement and maintain, especially in the e-commerce sector where competition for customer mindshare is driving continuous enhancements to digital experiences. Customers expect seamless and secure transactions, and widely used security controls may not adequately extend protections to client browsers or backend APIs. Bot management solutions that inject user challenges via Captcha are ineffective at deterring sophisticated bots but are effective at frustrating users. To meet PCI DSS compliance mandates, e-commerce providers should consider unified security platforms designed to protect web apps, APIs, and customers throughout the digital life cycle from actual threats targeting their industry.