Operator Hypotheses #6: Charm Security
Testing whether mandatory liability forces AI scam prevention toward judgment ownership — and whether data custody is the only lever that changes the outcome.
Started: February 2026 (~15 months post-founding, ~12 months post-seed)
Check-back: February 2027 Confidence: 65–70% (first named enterprise contract terms not public)
About This Series
Operator Hypotheses tests whether execution forks in startups are predictable from public signals. Each entry follows one company for 12 months to see whether structural patterns show up on schedule.
Pattern #6 looks at authority drift in a regulated market - a variant of the dynamic in Pattern #5 (Patronus AI), but with a stronger forcing mechanism: mandatory financial liability.
It also introduces a sequencing wrinkle: how Charm gets to market can constrain its data leverage depending on which enterprise deal closes first.
The goal is not to map possibilities. It is to make falsifiable predictions.
See Pattern #0 for the full framework.
The Bottleneck That Moved
Fraud defense used to focus on stopping unauthorized access:
Identity checks
Multi-factor authentication
Transaction anomaly detection
Blocking transfers from compromised accounts
Generative AI shifted the problem to authorized manipulation.
In authorized push payment (APP) fraud — which accounted for £450.7 million of the £1.17 billion in total UK fraud losses in 2024 [8] — the real customer, logged in, verified, initiates the wrong transfer after being socially engineered. The system works fine. The person doesn’t.
Charm positions at this new problem: detecting that someone is being manipulated before the money moves.
Technology alone doesn’t decide what happens next.
The contract does.
Why Charm
Charm Security came out of stealth in March 2025 with an $8M seed round led by Team8 — a fund with deep roots in financial crime and cybersecurity. That fit matters. Team8 builds inside domains. They know what banks need from vendors.
The founding team pairs cybersecurity with behavioral psychology. CEO Roy Zur brings enterprise security experience and deliberate research into how scam victims get manipulated. Most fraud vendors track transaction patterns. Charm tracks human decision-making under pressure. The Give an Hour partnership — which pulled scam victim psychology and clinical research into model training — suggests this is an architectural stance, not a marketing line.
Charm’s current public positioning also emphasizes agentic AI for scam prevention and resolution, describing AI agents that help institutions prevent scams in real time and assist teams in resolving fraud events. That language is notable because it sits adjacent to the signal-vs-decision boundary explored later in this analysis, though no public evidence yet shows Charm claiming formal decision authority or certification responsibility.
The company has also been named a Top 10 finalist for the RSAC Innovation Sandbox 2026, receiving an additional $5M seed investment as part of the program — bringing total seed funding to $13M. Separately, Charm launched the National Member Protection Initiative (NMPI) in March 2026 with Curql Collective, a network of 160+ US credit unions, with five credit unions in the inaugural cohort. Both signal growing visibility and early institutional validation, though neither yet reveals how the core product forks will resolve.
At Month 15, Charm is approaching the window where early enterprise contracts typically begin and data terms get locked in. They have credible technology, credible backers, and a non-consensus view of where the fraud problem actually sits. What they don’t yet have — publicly — is any sign of how they’ll handle the forks those first contracts will force.
That’s exactly the moment worth watching.
Why Regulation Changes the Math
Mandatory liability pushes fraud vendors toward owning the decision. The only structural counterweight is shared learning across institutions — a network intelligence layer that gives banks a better option than outsourcing judgment.
In October 2024, the UK’s Payment Systems Regulator (PSR) started requiring banks to repay scam victims up to £85,000, with the cost split between the bank that sent the money and the bank that received it. A proposed U.S. law — the TRAPS Act — signals similar rules building in America.
This changes what scam prevention means for banks. It used to be: reduce fraud losses. Now it’s: avoid mandatory payouts.
Banks need to show regulators they tried to stop it. That means:
Proof they flagged the transaction
A clear record of what triggered the warning
A documented path from signal to action
That pressure changes what banks ask vendors to do — and who they ask to own the decision.
In Pattern #5 (Patronus AI), the pressure to take on authority was about reputation. Here it is about money.
That difference makes authority drift more likely. Most new vendors start by providing signals only — risk scores, alerts, recommendations — while the bank makes every final decision. Under mandatory repayment rules, that boundary is hard to hold. Banks want someone else to own the call. The most likely path is not that the boundary holds. It is that it slowly erodes, with the bear case being the point where it breaks entirely and Charm takes formal responsibility for outcomes.
Fork 1: Who Owns the Learning
Charm only builds a lasting edge if it can keep patterns learned across all its customers — not just within each bank it serves.
Banks’ legal teams will ask:
Does our fraud data leave our systems?
Can what we show you help your other bank customers?
Who owns the insights your model generates?
Path 1A — Each Bank Keeps Its Own Data (Default)
Each bank’s learning stays inside that bank
No cross-customer improvement
Charm competes by doing custom work, not by being smarter
Its edge weakens over time
Path 1B — Charm Keeps the Learning
Anonymized patterns flow back to improve the core model
Each new customer makes the product better for all customers
Charm’s edge grows with scale
Banks will often frame exclusivity as a compliance or legal risk, not a commercial preference. That makes Path 1A the easy default. Path 1B requires a technical solution — things like federated learning or differential privacy — not just a better negotiating position.
The only signal we have before contracts: In September 2025, Charm partnered with Give an Hour to pull scam victim research and clinical psychology into model training. It is the only public act before any enterprise deal that tells us anything about how Charm thinks about data. It is weak evidence — but it is evidence. If Charm later uses language about learning across customers, this fits a pattern. If not, it was cosmetic.
Fork 1 is usually the first thing that locks in — unless distribution locks in first.
Fork 2: How Charm Gets to Market
How Charm reaches banks shapes three things: how much leverage it has on data terms, how deep it embeds into bank workflows, and whether channel conflict becomes a problem.
Order matters: This fork can resolve before Fork 1, depending on which deal closes first. If Charm’s first major deal comes through a platform — a core banking system or fraud orchestration layer — that platform’s standard terms will constrain what Charm can negotiate on data. If the first deal is direct to a bank, data terms start from a cleaner position. The order is deal-dependent, not predictable from the framework alone.
Path 2A — Direct sales to banks
Most control over data terms
Deep embedding into bank operations
Higher risk of being asked to take on decision authority
Path 2B — Distribution through platforms
(Core banking systems, fraud orchestration layers, payment networks)
Faster reach across more banks
Platform sits between Charm and the bank, weakening data leverage → pushes toward 1A
Less direct embedding → lower risk of taking on decision authority
Distribution pushes Fork 1 and Fork 3 in opposite directions at the same time. Neither path avoids both risks. There is a longer-term structural tension here too: embedded distribution that solves early leverage may later cap independence, as the platform sitting between Charm and its customers becomes a ceiling on how directly Charm can build toward an intelligence network.
Fork 3: Does Charm Own the Signal or the Decision?
Regulation makes this the most important fork.
Charm’s recent public messaging increasingly references AI agents that help prevent and resolve scams, language that sits close to intervention and workflow control. However, current public materials still describe these agents as supporting teams rather than explicitly owning transaction outcomes. The distinction matters for how this fork ultimately resolves.
Under the UK’s mandatory repayment rule, if a scam goes through, the bank has to show it tried to stop it. Which story is easier to tell a regulator?
A) “Our analyst reviewed Charm’s risk signal.” B) “Charm’s system flagged this and triggered the hold.”
Option B puts the decision on Charm. That creates pressure — from the bank’s side, not Charm’s — to push the vendor into owning outcomes.
This drift shows up in two ways:
Type 1 — Explicit certification (visible, deliberate): “Charm-certified protocol.” “PSR-compliant process.” A badge. A stamp.
Type 2 — Workflow enforcement (more common early, harder to spot): Block/hold/allow gates. Escalation queues. Scripts Charm controls. Each feature looks like a small product improvement. Together, they shift who owns the outcome.
Path 3A — Charm Provides the Signal, Bank Makes the Call
Charm surfaces risk and recommendations
Bank owns the decision and the liability
Clean software economics
Path 3B — Charm Controls the Outcome
Charm’s system decides what happens to the transaction
Charm enters the liability chain
Edge cases need human judgment
Humans at scale → services economics
What “entering the liability chain” means in practice: banks will require indemnification clauses — Charm is on the hook if an approved transaction turns out to be a scam. They will require audit documentation proving each decision was defensible. They will need exception processes for edge cases the software cannot handle cleanly. And when a regulator or insurer asks who made the call, Charm’s name is in the room. None of that is abstractly bad — but all of it requires people, process, and legal exposure that software alone cannot absorb. That is where the services gravity comes from.
This fork has played out before in fraud specifically. Kount provided risk scores to merchants and financial institutions. As customers relied more heavily on those scores, the natural next ask was for Kount to own the block/allow decision — not just inform it. That shift toward decisioning authority preceded Kount’s acquisition by Equifax in 2021 for $640 million. The pattern is not hypothetical. The regulatory pressure Charm faces makes the same pull stronger, not weaker.
The Evidence: Five Companies, Two Paths
I selected the closest well-capitalized comparables that both sell to banks and have faced the signal vs decisioning fork in practice. That set is five companies. It is not a complete census of fraud prevention broadly — that category is large — but it is the most directly relevant population for the specific fork Charm is approaching. Small-sample caveats apply. Pattern #3 (Chai Discovery) had seven drug discovery AI companies to draw on. This has five. Treat the directional evidence as strong; treat specific probability estimates as rough priors.
The two-path pattern is clearest in the three direct banking analogues — BioCatch, Feedzai, and Featurespace — each of which sells behavioral or AI-native risk intelligence to retail banks under regulatory environments directly comparable to Charm’s. Sardine and Kount are adjacent but informative: Sardine illustrates the cross-customer intelligence network architecture in a fintech/crypto context; Kount illustrates the authority-drift dynamic in a merchant/bank context. Both are relevant, neither is a direct banking-regulatory analogue.
Signal-provider path (three direct analogues + Sardine as adjacent precedent):
BioCatch and Feedzai are the closest direct analogues — both sell behavioral intelligence to retail banks, both faced the same signal vs decisioning pressure from enterprise bank buyers, and both operated under UK and EU regulatory environments directly comparable to Charm’s.
BioCatch built behavioral biometrics for bank fraud detection on a pure signal-provider model — risk scores and behavioral intelligence, with the bank owning every final decision. Rather than drifting toward authority as mandatory repayment pressure grew, they built BioCatch Trust™, an inter-bank intelligence sharing network that lets member institutions share behavioral risk signals in real time before a payment clears. Cross-institution shared learning, no decisioning authority taken. Permira acquired BioCatch in May 2024 for $1.3 billion — the best exit in the category, achieved by deepening the signal layer rather than crossing into judgment ownership.
Sardine (adjacent comparable — network effect precedent) started as a fraud and compliance platform for fintechs and crypto exchanges and built SardineX, a cross-customer intelligence consortium: shared fraud signals across institutions, network effects compounding, platform positioning maintained. It raised a $70 million Series C in February 2025 with 130% year-over-year ARR growth and over 300 enterprise customers. Still independent and growing.
Feedzai offers the most mature version of this path in the category. Founded in 2011, the company reached a $2 billion valuation in October 2025. When enterprise bank customers pushed back on raw data sharing, Feedzai built Feedzai IQ using federated learning — cross-institution intelligence that improves fraud detection across all customers without any bank’s raw data leaving their systems. That technical architecture is the practical solution to Fork 1: shared learning rights secured through engineering rather than negotiation. Still independent. $75 million raised in October 2025.
Authority drift path (one company):
Kount provided fraud risk scores to merchants and financial institutions. As customers grew more comfortable relying on those scores, the natural next ask was for Kount to own the block/allow decision rather than just inform it. Decisioning authority tends to create exception-handling labor — each edge case needs human review, contextual judgment, and documented rationale — which is the structural pressure on margins relative to pure signal software. Equifax acquired Kount in January 2021 for $640 million — a solid outcome, but below the BioCatch ceiling.
Strategic acquisition, different mechanism (one company):
Featurespace built AI-native transaction monitoring and fraud detection for banks, staying focused on risk scoring rather than decisioning authority. Visa acquired Featurespace in December 2024 for approximately £700 million, absorbing their AI capability into its Risk and Identity Solutions unit. This looks like a payments network buying AI talent and technology rather than a services-gravity exit. Featurespace is worth noting, but its exit mechanism differs from Kount’s and should not be read as direct evidence for either fork path.
What the pattern suggests:
The highest-value independent outcome in the category — BioCatch at $1.3 billion — followed the signal path. No authority-drift company matched that ceiling. The directional evidence is consistent across five companies, and Feedzai’s federated learning architecture makes the bull case technically concrete: the data custody problem in Fork 1 has a known engineering solution, not just a negotiating posture.
How the Forks Reinforce Each Other
If Fork 1 goes 1A: No cross-customer learning. Charm’s edge doesn’t grow with scale. The main upsell available is deeper workflow control and outcome ownership — which is exactly what mandatory repayment rules create demand for. Drift toward 3B becomes more likely.
If Fork 3 goes 3B: Banks push harder for exclusive data: “If you’re making decisions for our customers, you need our context — and you can’t share it with other banks.” Forks 1 and 3 pull each other toward the worst quadrant.
Distribution cuts both ways: Direct bank sales → more leverage on data terms, higher risk of taking on decision authority. Platform distribution → less leverage on data terms, lower risk of taking on decision authority.
Outcome Matrix
Charm keeps the learning (1B) Each bank keeps its own data (1A) Charm provides signal, bank decides (3A) Intelligence network — edge grows with scale Feature vendor — solid but capped Charm controls outcomes (3B) Viable only if Charm can automate authority without adding headcount High-touch fraud layer
On the bottom-left (1B + 3B): This quadrant is not automatically a dead end. It works if Charm can automate decision authority — compliance built into the product, exceptions handled by software, not people. If headcount grows to handle exceptions, it collapses toward the bottom-right. That is a testable claim.
Probability-Weighted Scenarios
Base Case (50–55%): Feature Vendor with Gradual Drift
Fork 1: 1A — banks default to keeping their own data under time and regulatory pressure Fork 2: 2A mostly — direct bank sales, UK and Australia first Fork 3: Starts at 3A, drifts toward 3B as PSR contract renewals create pressure
This is the honest base case. When banks face mandatory repayments, stable signal-only positioning is hard to hold. The more likely path is signal-only at launch, with enforcement features — block/hold/allow gates, escalation controls — accumulating over 12–18 months as banks use renewals to push accountability onto the vendor. That 12–18 month window is grounded in renewal cycles: most UK retail bank vendor contracts renew annually, and authority pressure tends to surface at the first renewal, when the bank’s compliance team has data on outcomes and leverage to renegotiate terms. Banks are not the only source of this pressure. If liability markets respond to mandatory repayment rules — insurers entering the space, requiring vendor certification as a condition of coverage — that could accelerate the same drift independently, on a timeline that has nothing to do with bank renewal cycles.
The base and bear cases move in the same direction. The difference is speed and what forces the shift — not a different outcome. Without cross-customer learning from Fork 1, Charm has little leverage to resist. The natural upsell is deeper control over outcomes, which is exactly what the regulation creates demand for.
Exit: strategic acquisition by a fraud incumbent — FICO, Mastercard’s fraud division, Experian — in the $300–700M range over 3–5 years, likely after drift is visible in hiring and product signals.
Bull Case (20–25%): Intelligence Network
Fork 1: 1B — aggregate learning rights secured through technical architecture, not negotiation Fork 2: 2A initially, with a platform distribution wedge by Q4 2026 Fork 3: 3A held or productized 3B — cross-customer learning gives Charm a credible alternative to owning decisions: “the platform gets smarter with every bank we add” is a better offer than “we’ll own your outcomes”
How to know this path is real — structural milestones matter more than valuation multiples here:
Shared-learning language appearing in partner announcements or regulatory filings
Network participation by 3+ Tier-1 banks with shared-learning termsEvidence of cross-bank fraud pattern preemption (a scam variant caught across institutions before widespread loss)
Series A led by an infrastructure-oriented investor with no strategic conflict
Path toward $2–4B+ as the behavioral intelligence layer for bank fraud operations. The valuation follows from the milestones, not the other way around.
If Fork 1 is secured, Fork 3 becomes much easier to hold. That is the asymmetric bet here.
Bear Case (20–25%): Drift Locks In
Fork 1: 1A — exclusive Fork 2: 2A — direct sales, deep workflow embedding Fork 3: 3B — a specific event converts gradual drift into an explicit commitment
The bear case is the base case on a faster clock. One forcing event — a high-profile scam at a client bank, a PSR audit, a board-level liability review — converts slow accumulation into a formal decision. Certification product launches. Compliance hiring becomes visible. Gross margins compress from 80%+ toward 65–70%.
Exit: acquisition by a fraud incumbent or financial infrastructure player — FICO, Equifax (as with Kount), Mastercard’s fraud division, or a payments network absorbing AI capability (as with Featurespace to Visa) — at $300–500M.
Combined base + bear probability: 70–75%. This reflects the core claim: mandatory repayment rules make drift the default, not the exception, in this category. The 20–25% bull probability is not an equal-weight alternative — it is the asymmetric bet. Drift is the path of least resistance; the bull case requires deliberate architectural choices made early, under time pressure, before contracts lock in the terms. That is hard to execute. 25% reflects “doable but requires Charm to solve things most vendors don’t” rather than “equally likely.”
Scoring Rules
Fork 3 is scored binary at the February 2027 check-back:
3A: Charm does not control block/hold/allow outcomes and does not market certification authority.
3B: Enforcement gates, certification products, or clear decision responsibility are visible in product, marketing, or hiring signals.
Gradual feature additions without visible enforcement gates do not count as 3B. The test is whether Charm controls the outcome, not whether it scores the risk.
On advisory features: A “recommended hold” or “suggested action” flag that requires bank-side discretionary confirmation before executing remains 3A. 3B requires Charm’s logic to execute or enforce outcomes — block, hold, or release — without a bank-side discretionary step in between. If the bank retains a human confirmation click, the decision still sits with the bank.
Primary Falsifier
If Charm moves into enforcement or certification authority and gross margins stay above 75% and no services expansion appears, then taking on authority does not require adding headcount in regulated fraud. That validates the bottom-left quadrant as viable — and falsifies the core “authority → services gravity” claim. This is not a failure. It is the most interesting result.
Early federated architecture as a probability trigger: If Charm publicly announces a federated learning architecture — or any privacy-preserving cross-customer learning approach — before major enterprise contracts close, that is a material Fork 1 signal and should immediately reweight bull case probability upward. The reason: Feedzai demonstrates that solving Fork 1 technically (rather than through negotiation) substantially reduces the pressure to drift at Fork 3. Banks that know the platform learns across customers without accessing their data have less leverage to demand exclusive terms. If this signal appears in Q2 2026, treat it as the single strongest early indicator that the bull path is in play.
Observable Signals
Q2 2026 — Data and Distribution
Language about learning across customers in any partnership announcement
Technical posts on federated learning or privacy-preserving data methods
Give an Hour partnership expanding or new similar initiatives
Platform integrations announced vs. named direct bank wins
Public messaging emphasizing agentic AI, intervention, or resolution workflows
Q3 2026 — Authority
Block/hold/allow features released
Escalation workflows Charm controls
Certification products or badges launched
Compliance, fraud ops, or professional services hiring visible on LinkedIn
February 2027 Scorecard
Learning signals (Fork 1):
□ Cross-customer learning language present in any partnership announcement?
□ No exclusive data terms visible in partnership language?
Authority signals (Fork 3):
□ No certification or authority product launched?
□ No block/hold/allow enforcement features released?
□ No compliance, professional services, or fraud analyst roles visible?
Business model signals:
□ Infrastructure-oriented investor leads Series A?
□ Gross margins disclosed or implied above 75%?
□ 2+ named bank customers with specific fraud reduction numbers?
Productized authority signal (bottom-left viability test):
□ Enforcement features exist but no visible services hiring and no margin compression below 75%?
Scoring:
Bull path: Learning signals both yes + no services gravity (margins above 75%, no services/delivery hiring, regardless of whether Fork 3 is 3A or productized 3B) Base path: Mixed signals — learning partial or authority drifting without full enforcement Bear path: Authority signals triggered + services hiring visible + margins compressing
The model expects drift pressure throughout the 12-month window. The scorecard measures only when that pressure crosses the operational-control threshold. Gradual feature creep that stays advisory does not score as 3B, even if it reflects the base case dynamic building beneath the surface.
On observable proxies for enforcement: We cannot always see inside Charm’s product directly. In practice, marketing and packaging claims (”we prevent,” “we block,” “we hold”), product UI or workflow descriptions in press releases or case studies, and job postings for fraud ops, compliance, or delivery roles are the public evidence for whether Charm controls outcomes. If language and structure diverge, trust structure.
Methodology Notes
On base and bear proximity: These scenarios move in the same direction. The difference is speed and what triggers the shift. The combined 70–75% probability reflects the realistic range for drift materializing to some degree by February 2027.
Sample size: Five companies constitute the closest well-capitalized comparables that sell to banks and have faced the signal vs decisioning fork in practice. That is not a census of fraud prevention broadly, but it is the most relevant set for the specific fork Charm is approaching. The highest-value independent outcome — BioCatch at $1.3 billion — followed the signal path, and no authority-drift company matched that ceiling. Feedzai’s use of federated learning is particularly relevant: it demonstrates that the data custody problem in Fork 1 has a known engineering solution, not just a negotiating posture. Treat probabilities as informed priors, not precise estimates. Note that BioCatch ARR figures cited in the evidence section are third-party estimates (Sacra), not disclosed financials.
On sequencing: How Charm gets to market does not bypass data term negotiations. It shapes the leverage Charm brings into them. Whether the first major deal is through a platform or direct to a bank is observable from public signals.
Confidence calibration: 65–70% reflects the early stage of enterprise contracting, a clear regulatory forcing mechanism, and uncertainty about which deal type closes first.
Regulatory assumption: UK liability pressure is assumed to spread to major markets. If U.S. federal action stalls, the forcing mechanism weakens for the largest market.
If I Were Charm
The forks above are not destiny. They are pressure points. Five things Charm can do to improve the odds:
1. Secure federated architecture before the first enterprise deal. Once a bank signs with exclusivity baked in, every subsequent bank will expect the same terms. The window to set different norms is now, before the template exists.
2. Resist indemnification creep. The first request will sound reasonable — “just sign off that you followed best practice.” It isn’t. Once your name is in the liability chain, the audit documentation, exception processes, and regulatory interface that follow are not optional.
3. Use shared learning as the negotiating frame, not a concession. “We can offer you better fraud detection because we learn across all our bank customers” is stronger than “we’d prefer not to be exclusive.” Make the network effect the product, not a side benefit.
4. Watch the channel conflict horizon. If distribution through a platform solves early leverage, that’s a reasonable trade. But be explicit internally about the ceiling it creates. Embedded distribution that works at Month 18 can cap the intelligence network at Month 36.
5. Build the renewal-cycle defense now. The first annual renewal is when banks will push hardest on authority. Having clear contractual language, product architecture, and a pre-agreed escalation model before that renewal arrives is the difference between holding the boundary and being caught unprepared.
References
[1] Team8. (2025). “Charm Security: Breaking the Scam Spell with Cyber, AI & Psychological Expertise.” https://team8.vc/charm-security/
[2] Payment Systems Regulator. (2024). “PS24/7: Faster Payments APP scams reimbursement requirement: Confirming the maximum level of reimbursement.” Official PSR policy statement, September 2024. https://www.psr.org.uk/publications/policy-statements/ps247-faster-payments-app-scams-reimbursement-requirement-confirming-the-maximum-level-of-reimbursement/
[3] U.S. Senate. (2025). “S.2019 — TRAPS Act (Taskforce for Recognizing and Averting Payment Scams Act), 119th Congress.” Introduced June 10, 2025, by Senators Crapo, Warner, Moran, and Warnock. https://www.congress.gov/bill/119th-congress/senate-bill/2019/text
[4] Finovate. (2025). “Charm Security and Give an Hour Combine AI with Mental Health Expertise to Fight Scams.” September 25, 2025. https://finovate.com/charm-security-and-give-an-hour-combine-ai-with-mental-health-expertise-to-fight-scams/
[5] PRNewswire. (2025). “Charm Security Emerges From Stealth.” March 25, 2025. https://www.prnewswire.com/news-releases/charm-security-emerges-from-stealth-to-combat-scams-and-social-engineering-exploiting-human-vulnerabilities-securing-8m-in-seed-funding-from-team8s-venture-creation-fund-302409642.html
[6] SecurityWeek. (2025). “Charm Security Emerges From Stealth With $8 Million in Funding.” March 25, 2025. https://www.securityweek.com/charm-security-emerges-from-stealth-with-8-million-in-funding/
[7] SiliconANGLE. (2025). “Charm Security launches with $8M in funding to tackle AI-driven fraud.” March 25, 2025. https://siliconangle.com/2025/03/25/charm-security-launches-8m-funding-tackle-ai-driven-fraud/
[8] UK Finance. (2025). “Fraud continues to pose a major threat with over £1 billion stolen in 2024.” Press release reporting full-year 2024 fraud data. APP fraud: £450.7 million of £1.17 billion total UK fraud losses. https://www.ukfinance.org.uk/news-and-insight/press-release/fraud-report-2025-press-release
[9] AlleyWatch. (2025). “Charm Security Raises $8M to Transform Fraud Prevention with Psychological Insights and AI.” March 24, 2025. https://www.alleywatch.com/2025/03/charm-security-ai-powered-fraud-protection-social-engineering-platform-roy-zur/
[10] Finovate. “FinovateFall 2025 – Charm Security.” Demo video. https://finovate.com/videos/finovatefall-2025-charm-security/
[11] Sacra. (2025). “BioCatch revenue, funding & news.” Estimates $160M ARR as of June 2025; covers Permira acquisition at $1.3B, May 2024. https://sacra.com/c/biocatch/
[12] BioCatch. (2024). “BioCatch unveils world’s first behavior-based financial crime intelligence-sharing network.” November 20, 2024. https://www.biocatch.com/press-release/biocatch-unveils-first-behavior-based-financial-crime-intelligence-network
[13] Business Wire. (2025). “Sardine AI Raises $70M to Make Fraud and Compliance Teams More Productive.” February 11, 2025. https://www.businesswire.com/news/home/20250211169372/en/Sardine-AI-Raises-$70M-to-Make-Fraud-and-Compliance-Teams-More-Productive
[14] Equifax. (2021). “Why the Equifax Acquisition of Kount is a Big Deal.” https://www.equifax.com/newsroom/all-news/-/story/why-the-equifax-acquisition-of-kount-is-a-big-deal/
[15] Visa. (2024). “Visa Completes Acquisition of Featurespace.” December 19, 2024. https://usa.visa.com/about-visa/newsroom/press-releases.releaseId.21106.html
[16] Feedzai. (2025). “Feedzai IQ Defends Banks Against AI-Driven Fraud With Privacy-Preserving Network Intelligence.” June 2, 2025. https://www.businesswire.com/news/home/20250602539121/en/Feedzai-IQ-Defends-Banks-Against-AI-Driven-Fraud-With-Privacy-Preserving-Network-Intelligence
[17] PRNewswire. (2025). “Feedzai Accelerates AI-led Financial Crime Prevention with New Investment Round that Grows Company’s Valuation to $2 Billion.” October 2, 2025. https://www.prnewswire.com/news-releases/feedzai-accelerates-ai-led-financial-crime-prevention-with-new-investment-round-that-grows-companys-valuation-to-2-billion-302573188.html
This is pattern research testing whether execution forks are predictable from public signals. It is not investment advice. Predictions will be evaluated February 2027.
Pattern tracking:
Pattern #1: Research Grid (Month 11) — Services trap — Check-back April 2026
Pattern #2: DatologyAI (Month 25) — Services trap verification — Check-back October 2026
Pattern #3: Chai Discovery (Month 20) — Compound fork effects — Check-back October 2026
Pattern #4: Flux (Month 29) — GTM lock-in — Check-back January 2027
Pattern #5: Patronus AI (Month 29) — Judgment authority trap — Check-back February 2027
Pattern #6: Charm Security (Month 15) — Regulatory authority drift — Check-back February 2027