Global Fintech Interview with Baran Ozkan, co-founder & CEO of Flagright

How can banks and financial institutions (FIs) use new age fintech to prevent money laundering and threats? Baran Ozkan, co-founder & CEO of Flagright dives deeper in this fintech interview:

___________

Please take us through your fintech journey and tell us about your time as CEO at Flagright.

My fintech journey has been shaped by a simple belief, which is trust is the product. Compliance is one of the few functions that touches every customer, every transaction and every regulator expectation at once.

As CEO & co-founder at Flagright, the most consistent pattern I’ve seen is that the hardest part of financial crime operations isn’t getting an alert. It’s what happens next with the investigation, evidence gathering, decisioning, documentation and governance. Too many teams are forced to choose between speed and defensibility, and that’s a false trade-off.

That’s why my work has focused on building systems that make compliance more effective and more auditable at the same time. In practice, that means treating financial crime as a closed loop of detection leading to investigation, to disposition, to feedback and finally to tuning. It also means respecting how financial institutions actually operate with different SOPs, different risk appetites and different regulatory environments.

Leading Flagright has also reinforced a pragmatic view of AI. It’s not replacing analysts. It standardises repeatable work, reduces noise, reveals better context faster, and keeps humans in control where the risk is highest.

How are modern AI-native transaction monitoring platforms changing the compliance game for today’s global market?

They’re changing it by moving from alerting systems to decisioning systems, and by making those decisions governable.

Modern platforms are collapsing the gap between detection and investigation. Traditional monitoring ends when the alert fires; the expensive part is the manual work that follows. AI-native approaches attach an investigation playbook directly to the alert type, not a one-size-fits-all checklist, but a workflow that matches the institution’s SOPs and risk appetite.

They’re also enabling risk proportionate automation. Some alert categories are high volume and low risk; others are low volume and high risk. The right design is not all-manual or all-auto; it’s rule-level control over when automation runs immediately, when it requires analyst initiation and when it runs conditionally (based on customer risk, volume, time of day, etc.).

Thirdly, they’re making change safer. The adoption blocker in regulated environments is rarely capability, it’s governance. If you can replay historical alerts against a proposed change, compare outcomes to prior dispositions and version control approvals before deployment, AI stops being a black box and becomes a controllable, testable control.

Read More on Fintech : Global Fintech Interview with Kristin Kanders, Head of Marketing & Engagement, Plynk App

What fundamentals should banks and FIs focus on more as they try to upgrade their systems against threats and money laundering?

Five fundamentals matter more than vendor selection:

1. Data and identity foundations. If entity resolution is weak, everything else is noise. You need consistent identifiers, linkages across accounts/counterparties and reliable customer/beneficial ownership data.
2. Risk segmentation, not ‘one threshold to rule them all’. High-risk customers and products should have different monitoring logic, SLAs and escalation paths than low-risk retail flows.
3. Closed loop operations. Monitoring that doesn’t learn from outcomes drifts. Dispositions and analyst notes should feed back into tuning.
4. Real-time intervention capability. Alerts that surface days later are useful for reporting but limited for stopping harm. Banks and FIs should build the ability to step-up, delay, or route transactions proportionately.
5. Governance by design. If you can’t explain why an alert cleared or escalated, you’ll struggle under audit. Version control, approvals and replay/testing should be part of the operating model, not a spreadsheet on the side.

What myths around modern fintech and financial crime would you like to bust?

The first myth is that ‘more alerts means more safety’. In reality, alert volume can be a risk signal of its own, as it often means poor calibration. High noise lowers true positive detection because analysts burn time on low-value work.

The second myth is ‘AI in compliance is a black box, so it’s unsafe’. AI becomes unsafe when it’s ungoverned. If the investigation steps are transparent, logged, testable on historical data and deployed with version control, it becomes more auditable than manual work.

Another myth is that ‘fincrime is an AML team problem’. Fraud, AML, sanctions and onboarding risk are converging. Criminal operations don’t respect internal org charts, and your controls shouldn’t either.

Finally, there is a myth that global expansion is mainly a licensing problem. Licensing is necessary, but operational resilience is the real bottleneck.

Can you talk about some key incidents that fintech has helped protect end users against during recent threat and related events?

Without naming specific institutions, there are a few recurring stress moments where good fintech controls materially protect end users.

Firstly, are sanctions escalations and list updates. When sanctions programs shift, screening hits spike and false positives rise. The difference between a good and bad outcome is whether you can investigate quickly with evidence and only block where the match is credible.

Secondly, in scam waves involving impersonation, social engineering and account takeover. These attacks move fast and often use mule accounts. The best defence is behavioural monitoring alongside network signals and rapid intervention, not static thresholds.

Another key incident is low-identifier screening (common names, limited data). PEP and adverse media hits with sparse identifiers create friction for legitimate customers. Controlled, auditable public-source research can close information gaps faster and reduce unnecessary customer outreach, while keeping an audit trail of what was checked and why.

Finally, fintech has helped protect end users against incidents of cross-border “smurfing” and rapid movement patterns. Criminals rely on speed and fragmentation. Systems that link activity across time, counterparties and related entities are far better at surfacing the real pattern than transaction-by-transaction rules.

Five fintech takeaways you’d leave us with before we wrap up?

1. Compliance is a product surface. How you handle investigations and decisions is part of customer trust.
2. Don’t automate alerts, automate investigations. That’s where the real cost and inconsistency live.
3. Make AI governable or don’t deploy it. Replay, test, approve and version changes like any other critical control.
4. Build for real-time intervention. Reporting matters, but stopping harm matters more.
5. Treat fincrime as a network problem. Criminals operate across accounts, entities and rails, and detection should too.

Catch more Fintech Insights : When DeFi Protocols Become Self-Evolving Organisms

[To share your insights with us, please write to [email protected] ]

The post Global Fintech Interview with Baran Ozkan, co-founder & CEO of Flagright appeared first on GlobalFinTechSeries.