ControlOne is an AI-native financial crime detection company building next-generation AML infrastructure for banks and financial institutions.
The prevailing approach to financial crime detection has a structural ceiling. Rules-based transaction monitoring scores accounts and transactions in isolation. Machine learning has improved alert triage but has not changed the underlying architecture. Criminal networks distribute activity across accounts and time periods to stay beneath detection thresholds. Entity-level scoring cannot close that gap.
ControlOne’s L8 architecture addresses this at the foundation. Rather than scoring individual accounts, L8 detects coordinated criminal structures by reasoning across communities of accounts simultaneously — identifying the hub accounts, layerers, and cash movers that only become visible when you look at a network as a whole.
L8 processes each community as a chronological event stream, learning the temporal sequences that characterise different crime typologies directly from data. It produces a structured risk output at inference: a community-level risk score, probabilities across twelve FATF predicate offences, dynamic entity role assignments, and the specific event subsequence that drove the decision. Explainability is inherent to the model, not a downstream approximation.
Existing rule-based controls are not discarded. L8 converts an institution’s rules into event generators feeding the model’s token stream — enabling an incremental adoption path rather than a high-risk wholesale replacement.
ControlOne is headquartered in the UK, in active PoC engagement with Tier 1 banks, and at the inflection point between technical validation and commercial scale.
ControlOne exists because each successive wave of innovation in financial crime detection has hit the same wall — and we’ve been close enough to each one to see exactly where it breaks.
The journey started in fraud analytics and rules-based compliance. Rules were explainable and auditable, but static. They told you what had happened before, not what was happening now. The industry responded with machine learning — first for alert triage, then for dynamic risk scoring. Detection improved. The underlying architecture didn’t change.
The next frontier was graph analytics and network visualisation. For the first time, investigators could see the connections between accounts. But seeing a network and automatically detecting suspicious structure within it are different problems. The tools gave analysts better maps. They still had to read them manually.
Each of these waves produced genuine progress. Each one also revealed the ceiling of the approach it represented. The pattern became clear: the fundamental unit of analysis was wrong. Financial crime doesn’t happen at the account level. It happens at the network level. Any architecture built around scoring entities will always be one abstraction short of where the risk actually sits.
L8 is built around that insight. It treats communities of accounts as the primary unit of analysis — scoring coordinated structures, not individual entities. The model learns the temporal event sequences that characterise criminal behaviour across twelve FATF predicate offences, reasons across the full network simultaneously, and produces a structured, auditable risk output without a downstream agent or manual narrative step.
We are not augmenting the existing paradigm. We are replacing the architectural assumption it rests on — and building the infrastructure that comes next.

