In a conversation with Brad Levy, chief executive of ThetaRay, a company focused on the “wiring” of trust through AI-powered monitoring that helps banks and fintechs scale safely while detecting and reporting financial crime, we examined what this speed means for risk, regulation, and trust in the financial system. 

Levy argues that old ways of tracking money flows no longer hold up.

Nigeria’s banking and fintech sector has expanded, almost faster than the systems built to regulate it. Payments now move in seconds, and fraud patterns move just as quickly. 

Regulators are responding with stronger policies and expectations.

For Levy, the transition is apparent. Systems built for manual checks cannot keep pace with today’s transaction volumes or the complexity of digital crime networks. He describes a system under stress, where scale has exposed the limits of human-led monitoring.

Across banks and fintechs, the gap in readiness varies. Some institutions are already adopting artificial intelligence and real-time oversight. Others still rely on older compliance models that struggle to connect customer data with live transaction behaviour.

The Central Bank of Nigeria’s recent direction on automated anti-money laundering (AML) systems sets a firm line, forcing the industry to move from gradual improvement to immediate action. Institutions now have to rethink how they see compliance, not as a back-office task, but as core infrastructure.

In this interview, Levy, who has spent his career building the plumbing of the global financial markets, first with nearly two decades at Goldman Sachs, then leading Symphony and MarkitSERV, explains what has changed, what still slips through the cracks, and why Nigeria’s approach may affect how digital finance is policed far beyond its borders.

TE: The Central Bank’s move makes automated AML systems effectively non-negotiable. From your vantage point, what changed in the risk sector to push regulators from guidance to outright mandates? 

Brad Levy (BL): The math simply stopped working for manual oversight. Nigeria has one of the most vibrant digital payment ecosystems in the world. You can’t monitor millions of instant transactions using spreadsheets and human eyes. 

The CBN’s March 2026 mandate recognises that guidance doesn’t stop automated, bot-driven crime. By mandating these systems, Nigeria is making a strategic move to protect the integrity of the Naira and ensure the country stays effectively connected to the global financial map.

TE: You’ve worked closely with financial institutions in Nigeria, where do most banks and fintechs actually stand today in terms of AML capability, and how wide is the gap? 

BL: The divide is significant, though it’s closing fast. We see forward-leaning institutions like Sterling Bank already moving toward a future-proof posture by putting AI at the centre of their monitoring. On the other hand, plenty of firms are still stuck in a “box-ticking” mindset.

The gap is most obvious when you look at the CBN’s anti-money laundering automation mandate. Most legacy systems can’t provide a unified view of the customer or link KYC/KYB data to transaction behaviour. 

The 18-month window for banks is tight, but the real pressure is the three-month requirement to submit a roadmap. If financial institutions haven’t started their gap analysis yet, they’re already behind.

TE: There’s a lot of talk about AI in compliance, but in practical terms, what kinds of financial crime patterns are still slipping through traditional monitoring systems that AI is better at catching? 

BL: Traditional systems are built on rules. They look for what we already know, like whether a transfer is over a certain dollar amount. Modern criminals have moved past that. They use smurfing or complex networks of mules to make illicit flows look like normal, low-value activity. AI catches the anomalies. 

It identifies patterns that look wrong even if we haven’t seen that specific tactic before. For a bank, it’s the difference between chasing 5,000 false alarms and actually finding the criminal network hidden in the noise.

TE: For Nigerian institutions, this goes beyond a tech upgrade to an operational shift. What are the biggest implementation challenges you’re seeing on the ground, especially around data quality, cost, and internal expertise? 

BL: The biggest hurdle is fragmented data. AI is only as good as what you feed it, and many institutions have their KYC data sitting in a different silo than their transaction logs. There is also a lingering perception that compliance is just a “tax” on doing business. 

I argue it’s a strategic asset. When you use AI to reduce false positives by 90%, you aren’t just satisfying the CBN; you’re making the entire bank more efficient. Your investigators can finally focus on real risks instead of low-value busywork.

TE: Do you see this directive as a Nigeria-specific response or part of a regulatory change across Africa? And how might it reshape expectations for cross-border transactions over the next few years? 

BL: Nigeria is the blueprint for the continent. We’re seeing similar shifts everywhere, from the EU’s new AML Authority to tightening rules in the US. This is Nigeria’s “mobile phone” moment. Just as the continent skipped landlines to go straight to mobile, Nigeria is leapfrogging the failing, manual era of compliance. 

By hard-coding AI and transparency into the banking system, Nigeria is making itself a much safer destination for global capital. This mandate turns compliance into a bridge for international trade rather than a barrier.

Around 100 users were affected, with some reporting unauthorised transactions. Passwords were reset, credit monitoring was provided and the company said the issue, linked to part of its Working Capital product, had been active between July and December 2025 before it was discovered and corrected.

This appears small, as the platform did not shut down and markets did not panic. But I believe the big issue sits elsewhere.

The incident exposes a structural weakness in the cashless economy, a system that depends entirely on digital trust, centralised platforms and uninterrupted code.

The Cashless System Has No Shock Absorber

Cash absorbs failure. If one bank’s card network glitches, cash still works. If a payment processor has downtime, physical notes settle transactions. But with economies moving further into digital-only rails, that shock absorber disappears.

Digital payments now account for the overwhelming majority of retail transactions in advanced economies. In the United Kingdom, debit and credit cards represent more than 85% of consumer payments.

Globally, non-cash transactions have been growing at double-digit annual rates. Emerging markets are scaling even faster as mobile wallets replace traditional banking.

Efficiency has improved, friction has reduced, but resilience has become more fragile.

When money exists as code, failure is binary. Either the system works, or it does not.

Concentration Risk Is Growing

The global cashless economy runs through a small number of dominant platforms. PayPal reports over 400 million active accounts worldwide and processes more than a trillion dollars in annual payment volume.

Add card networks, digital wallets and online gateways, and you have a tightly interconnected ecosystem.

This concentration creates scale and convenience, but also creates single points of failure.

If a major payments node is compromised, whether through a coding flaw, cyberattack or infrastructure outage, disruption spreads quickly. Merchants cannot settle.

Refund cycles stall, subscription services fail, cross-border transfers are delayed, and small businesses feel it first because they rely heavily on digital rails for liquidity.

The PayPal exposure did not escalate to that scale. But it revealed how long a vulnerability can remain embedded inside a critical platform before detection. Five months is not a short time in financial systems.

In a cashless economy, detection lag is systemic risk.

Digital Trust Is Not Infinite

Consumers rarely abandon platforms after breaches. Behavioural data shows that convenience and network effects usually outweigh fear. But trust weakens gradually. It does not collapse overnight. It erodes.

In a system without physical alternatives, confidence is everything. If users begin to question whether their data or funds are secure, their behaviour changes subtly. They diversify platforms, withdraw balances faster and hesitate on large transactions.

Trust underpins liquidity.

And liquidity underpins financial stability.

The Illusion of Seamless Security

The digital economy creates an illusion of precision and control. Transactions settle in seconds. Fraud detection algorithms flag anomalies instantly. Authentication systems appear sophisticated.

However, the PayPal incident was not a sophisticated nation-state attack. It was reportedly a coding error inside an interface. That shows vulnerability does not always come from external hackers. It can originate internally, through routine development processes.

Platforms are scaling, codebases expanding, integrations multiplying and third-party dependencies increasing, but complexity is growing faster than oversight.

The more seamless digital finance appears on the surface, the more complex and layered it becomes underneath.

Complex systems fail in unexpected ways.

Systemic Risk Has Shifted Shape

Traditional financial crises were driven by credit excess, leverage and liquidity mismatches. Today, systemic risk has evolved. Operational fragility is growing alongside digital dependence.

International regulators have already flagged cyber threats as one of the top risks to financial stability. The concern is not just theft, it is service disruption and cascading effects across interconnected systems.

In a cashless economy, payment platforms are not peripheral but infrastructure.

If infrastructure weakens, confidence weakens. If confidence weakens, economic activity slows.

Regulatory Convergence Is Inevitable

Fintech once operated in a lighter regulatory environment compared to banks. That gap is narrowing and incidents like this strengthen the case for tougher operational resilience standards.

Expect stronger audits, faster disclosure requirements and possibly mandatory cyber stress testing for major platforms. If digital payments are essential to economic function, they will be supervised like essential utilities.

Is fintech innovative? Yes! But is it resilient?

What Breaks Next?

The cashless economy seeks efficiency, transparency and speed. It does well in all three, but it also concentrates risk inside digital architecture that most users never see.

The PayPal incident is not an isolated lapse but a signal. When vulnerabilities continue inside core payment systems for months, even at small scale, it forces a big thought.

Have we prioritised growth over durability?

The structural weakness in the cashless economy is not fraud but dependence. Dependence on uninterrupted code, concentrated platforms and continuous connectivity.

If one payment platform fails briefly, inconvenience follows. If several fail simultaneously, confidence follows. And in finance, confidence is the system.