Digital banking platform Ibanera announced the launch of its ‘Nested Compliance’. Produced by the company CEO, Michael Carbonara, the infrastructure directly combats current risks faced by the Fintech and Banking as a Service (BaaS) industry. The framework differs from current financial compliance processes by automating KYC and AML processes while adopting a layered and tokenized design that embeds compliance across its vast customer network. Ibanera’s new Nested Compliance concept introduces high-level automation for KYC and AML processes for operational efficiency. The upgraded system uses API-driven, real-time compliance monitoring with early warning triggers for expiring KYC, automated counterparty verification, and embedded reporting to speed up processes and keep detailed records for audit purposes. The framework also debuts a unique design that tokenizes compliance. Sensitive data is replaced with unique identifiers, minimizing PII (Personally Identifiable Information) exposure risk. The tokenized design also creates a system where compliance is traceable and verifiable across complex networks of users, simplifying financial relationships and the overall compliance process. Through this, layered transactions are secure, monitored, and compliant with FATF, FINCEN, and global Anti-Money Laundering (AML) regulations. The new Nested Compliance protocol is being rolled out on Ibanera’s ecosystem this year and is available for customers and partners. Key updates include real-time risk assessments of counterparty data, along with ongoing AML checks to prevent illicit activities within nested payment structures.
P2P payment information network Phixius by Nacha partners Kinexys by J.P. Morgan to add near real-time global validation of bank account ownership, status and transactions to its real-time validation
Phixius by Nacha and Kinexys Liink established information exchanges between their payment information networks. The collaboration will enhance account validation coverage for financial institutions, FinTechs and corporations. Phixius, which is a peer-to-peer payment information network, will serve as Kinexys Liink’s key U.S. payment information network responder, enabling near real-time validation of domestic bank account data. Kinexys Liink, which is a bank-led peer-to-peer data-sharing network and part of Kinexys by J.P. Morgan, will allow Phixius participants access to its Confirm application’s global account validation capabilities, expanding the reach of the Phixius network. “Kinexys Liink and Phixius customers can benefit by validation services using data provided by either network, helping to mitigate payment fraud and reduce potential ACH returns,” Rob Unger, managing director of ACH Network development at Nacha, said. Gloria Wan, general manager of Kinexys Liink at Kinexys by J.P. Morgan, said: “Through the collaboration with Phixius by Nacha, we look forward to expanding the reach of Kinexys Liink to further strengthen account validation and cross-border payment infrastructure globally.”
Microsoft releases taxonomy of failure modes- security and safety- inherent to agentic architecture- novel modes unique to agentic systems (e.g. agent compromise) and modes representing amplification of existing GenAI risks (e.g. bias amplification)
Microsoft’s AI Red Team has published a detailed taxonomy addressing the failure modes inherent to agentic architectures. Agentic AI systems are autonomous entities that observe and act upon their environment to achieve predefined objectives. These systems integrate capabilities such as autonomy, environment observation, interaction, memory, and collaboration. However, these features introduce a broader attack surface and new safety concerns. The report distinguishes between novel failure modes unique to agentic systems and amplification of risks already observed in generative AI contexts. Microsoft categorizes failure modes across security and safety dimensions. Novel Security Failures: Including agent compromise, agent injection, agent impersonation, agent flow manipulation, and multi-agent jailbreaks. Novel Safety Failures: Covering issues such as intra-agent Responsible AI (RAI) concerns, biases in resource allocation among multiple users, organizational knowledge degradation, and prioritization risks impacting user safety. Existing Security Failures: Encompassing memory poisoning, cross-domain prompt injection (XPIA), human-in-the-loop bypass vulnerabilities, incorrect permissions management, and insufficient isolation. Existing Safety Failures: Highlighting risks like bias amplification, hallucinations, misinterpretation of instructions, and a lack of sufficient transparency for meaningful user consent
FDX standard APIs adoption hits 114m customer connections , a 50% increase from the comparable figure of 76 million a year ago helping companies to “improve interoperability when they integrate”
FDX has reported that approximately 114 million customer connections are now happening through APIs aligned to the FDX standard, as the use of standardized APIs to enable consumer-permission data sharing continues to grow. The growth in FDX API adoption to 114 million customer connections represents a 50% increase from the comparable figure of 76 million a year ago, while FDX called it “a sizable jump” from the 96 million reported six months ago. “Hitting 114 million customers connections reflects both the scale of FDX’s impact and the power of industry-led collaboration to drive interoperability,” said Kevin Feltes, chief executive officer of FDX. The organization stated that the FDX API standard “is solidly rooted as the leading method in North America for building APIs to enable safe, user-permissioned connections” and said that “industry-led standard-setting and collaboration” is helping companies to “improve interoperability when they integrate”. FDX noted that API adoption continued to grow “amid a shifting regulatory environment”, but pointed to the “work ahead”. According to FDX, “tens of millions of consumers and small businesses in North America are still sharing financial data through methods that require sharing login credentials with third parties and may offer less customer control”.
CrowdStrike’s SIEM solution is first to bring managed threat hunting to third-party data- unifies real-time intelligence and AI-driven automation to deliver expert-led threat hunting across all attack surfaces
CrowdStrike introduced Falcon® Adversary OverWatch Next-Gen SIEM, the first and only solution to bring managed threat hunting to third-party data. This breakthrough innovation extends the visibility of CrowdStrike’s elite threat hunters into unmanaged attack surfaces adversaries have long exploited. By leveraging third-party data ingested by Falcon® Next-Gen SIEM, CrowdStrike delivers 24/7 expert detection beyond endpoints, identity and cloud environments to stop breaches across every attack surface. Powered by the AI-native CrowdStrike Falcon® cybersecurity platform, Falcon Adversary OverWatch uses deep adversary expertise and industry-leading threat intelligence to rapidly uncover evasive threats. Falcon Next-Gen SIEM unifies native and third-party data, real-time intelligence and AI-driven automation to deliver comprehensive visibility, high-fidelity alerts and machine speed response. New innovations include: Expert-Led Threat Hunting Across all Attack Surfaces; UEBA and Case Management for Falcon Next-Gen SIEM; Unified Identity Security and Next-Gen SIEM; CrowdStrike Pulse Services.
Acoru’s gen AI platform tracks account changes and detects mule accounts by leveraging pre-fraud indicators and continuously monitoring and classifying account types over time, to prevent omnichannel authorized fraud
Acoru, a cybersecurity firm, has launched its operations after securing €4 million seed funding in 2023. The company aims to revolutionize fraud prevention in the financial sector by developing a NextGen platform equipped with generative AI, enhanced analytics, and a configurable intelligence network. The platform excels at tracking account changes and detecting mule accounts by leveraging pre-fraud indicators and continuously monitoring and classifying account types over time. Acoru’s platform leverages advanced technology to process both structured and unstructured data, delivering insights through an intuitive, user-friendly interface. The platform’s intuitive interface, easy customization, and effectiveness in identifying pre-fraud signals have driven rapid adoption. Acoru’s founders, Pablo de la Riva Ferrezuelo and David Morán, bring over 20 years of expertise in cybersecurity and fraud prevention. The company plans to use the funding to continue its international expansion.
Google Wallet may let you add a card just by NFC tapping it to your Android phone, instead of scanning or manually entering card information
Google appears to be working on a new feature that would allow users to add a credit card to Google Wallet simply by tapping the card to their phone. The current process of adding a card to Google Wallet typically involves either scanning or manually entering card information, then going through some sort of verification with your bank. It’s not a difficult process, but it’s one that Google seemingly wants to simplify by letting you add a card by tapping it to your phone. Code added to the latest Google Play Services update directly explains a process in which you “hold your card” to the back of your phone, using NFC to add it to Wallet. This new code was apparently found alongside the existing “Add payment method” screen, taking out any doubt that it’s for anything but adding a new payment card to the app. Presumably, users will still need to verify with their banking institution and complete other steps, but this would provide a quick and easy way to end the card information. It’s also a fairly familiar process as some banking apps, the Capital One app as one example, use NFC to interact with physical cards.
Sprive’s tech automates using cash-back offers, discount vouchers and spare cash from everyday shopping towards mortgage overpayments
Fintech startup Sprive is a “mortgage overpayment” platform aimed at the U.K. market that helps users repay their mortgages faster using automation and cash-back rewards. It claims to save users an average of £10,000 each over the lifetime of the mortgage. Sprive said the app works by letting homeowners pay off their mortgage faster through their everyday shopping, by automatically putting spare cash toward overpayments and continuously scanning the market to help customers find better mortgage deals. Users can pay toward their mortgage from a bank account linked to the Sprive app by shopping as they would normally with mainstream U.K. supermarkets. They then use cash-back offers, discount vouchers, and more in order to pay off a mortgage faster. It does this by allowing the user to save money on the interest on the mortgage and shave potentially years off the mortgage term. CEO Jinesh Vohra said Sprive gives lenders a more efficient digital means of being able to acquire new customers. “Every time someone shops or switches mortgages, we make money. Within 15 minutes of shopping, you get money towards your mortgage, and we scan the market every day for better mortgage deals. Every time a customer refinances, we get commission from the mortgage lender.”
Mastercard is partnering crypto exchanges and fintechs to unveil end-to-end acceptance and payments capabilities of stablecoins such as wallet enablement, card issuance and digital commerce
Mastercard is doubling down on stablecoins, unveiling new global end-to-end acceptance and payments capabilities with an integrated 360-degree approach to allow consumers and businesses to use stablecoins as easily as the money in their bank accounts. The company has partnered with a host of crypto natives such as MetaMask, Kraken, Gemini, Bybit, Crypto.com and Binance on wallet enablement and card issuance and acceptance. Now it is working with OKX to launch the OKX Card, providing millions with easy access to their funds. Mastercard is also teaming up with Nuvei and Circle to give merchants the option to receive their payments in stablecoins such as USDC, regardless of how a consumer chooses to pay. It already offers this functionality across Paxos-issued stablecoins. “When it comes to blockchain and digital assets, the benefits for mainstream use cases are clear,” says Jorn Lambert, chief product officer, Mastercard. “To realise its potential, we need to make it as easy for merchants to receive stablecoin payments and for consumers to use them. We believe in the potential of stablecoins to streamline payments and commerce across the value chain.
FIS next-gen enterprise treasury platform runs on public cloud and enables harnessing data from multiple sources such as ERP systems and bank APIs, to enable cash-management analysis in real time
FIS has launched its next-generation enterprise treasury platform, Treasury and Risk Manager – Quantum Cloud Edition. This cloud-native solution can support increased workloads, larger transaction volumes, and increased enterprise connectivity, scaling these capabilities to provide CFOs and corporate treasurers with greater visibility of risks; improved data-driven decision-making; and faster, more efficient money movement. FIS is launching its enhanced solution as CFOs and corporate treasurers increasingly need to accelerate performance across their technology infrastructure. According to EY, 65% of businesses have made strategic investments in the cloud, but only 32% are achieving their goals for the technology, a dynamic that reinforces the importance of true scalability for more effective cloud-based ecosystems. By running on a public cloud, this solution not only features stronger data processing power and connectivity, but also can provide a new level of flexibility for quicker implementations, faster product upgrades and more seamless rollouts of new capabilities. In addition to leveraging the power of the public cloud, this version of FIS’ treasury and risk management solution offers a new Liquidity Hub module for harnessing data from multiple sources – such as enterprise resource planning systems and bank APIs – to enable cash-management analysis in real time.