Baran Ozkan knew exactly what his bank needed: a single tool to catch money laundering and fraud in real time, without relying on a patchwork of disconnected solutions. As head of financial-crime product at a European institution, he spent 15 months combing the market. Vendors showcased flawless demos, but their software collapsed under the operational load of a serious bank. When his own employer tried to build an internal solution, the project sank amid technical complexity and runaway costs. Finally, Ozkan took the most drastic route: he built it himself. That’s how Flagright was born, a startup that just announced a $12.5 million funding round.

The gap Flagright aims to fill

The 15-month search is not just a personal anecdote—it signals a structural problem. Compliance software for the financial sector must handle massive transaction volumes, apply increasingly sophisticated rules, and, most crucially, reside where the data actually lives. For many European banks, that means on-premise or at most a private cloud, because GDPR and internal policies demand that sensitive information never leaves the corporate perimeter. Yet most commercial solutions are built with a cloud-first mindset, often clashing with strict data residency requirements.

Why on-premise is non-negotiable (and why vendors stumble)

Industry insiders know: moving customer data to third-party infrastructure, even encrypted, introduces a risk that compliance officers deem unacceptable. It’s not just a legal matter—it’s about trust and operational control. An anti-money laundering system running on the bank’s own hardware enables real-time audits, extreme rule customization, and minimal latency—all critical when suspicious transactions must be blocked in milliseconds. Traditional vendors, on the other hand, tend to offer multitenant SaaS with limited tailoring and updates that escape the internal IT team’s control. The result? Overpromises and pilot projects that never reach production.

The AI-RADAR angle: why the Flagright story matters now

For those evaluating on-premise deployment of AI-powered compliance tools, Ozkan’s journey marks a turning point. The rise of Large Language Models and local inference frameworks is making it possible to build fraud detection systems that run entirely on-owned infrastructure, without cloud API dependencies. Flagright hasn’t disclosed whether its platform follows this path, but the market direction is unmistakable: banks want models they can execute on-premise, with data never leaving their perimeter. This not only lowers compliance risk but also reduces Total Cost of Ownership over time, cutting recurring cloud license fees and ensuring full technological sovereignty.

Beyond the round: what it means for the ecosystem

The $12.5 million injection isn’t just a vote of confidence in Flagright. It’s a signal for the whole sector: there is pent-up demand for compliance software that can coexist with the most demanding on-premise architectures. The failure of Ozkan’s bank to build an in-house solution shows that resources alone aren’t enough—vertical expertise and obsessive focus on legacy integration are essential. For companies now assessing AI stacks for compliance, the lesson is twofold: be wary of vendors who promise everything without real-world proof, and seriously consider in-house development only if a dedicated team and a continuous update pipeline are available.

As Flagright prepares to scale, the market watches to see if the startup can deliver on its promise of a tool that finally runs where banks truly need it: behind their own firewalls.