The platform
Graph intelligence for fraud,
abuse & synthetic manipulation.
Ingest fragmented public and financial signals. Resolve them into a coherent entity graph. Detect illicit behaviour with explainable models. Route concrete, lawful action — all under one chain of custody.
Architecture
Five layers, one chain of custody.
Each layer is independently governed and auditable. Data flows forward; evidence and provenance flow back.
Ingestion layer
Connectors normalise heterogeneous sources into a common, governed event model.
- Public web, social & platform signals
- On-chain data where lawful
- Regulated banking, payments & e-money flows
- Client telemetry: logins, devices, customer events
Entity resolution
Probabilistic and deterministic matching collapse aliases into stable entities.
- People, accounts, devices, businesses, wallets
- Cross-source identity stitching
- Confidence scoring & provenance on every link
- Human-in-the-loop adjudication
Graph engine
A living graph reveals rings, mules, and coordinated agents in their full context.
- Relationship & money-flow traversal
- Community & ring detection
- Temporal pattern analysis
- Synthetic-cluster discovery
Detection & explanation
Rules, graph analytics, and ML combine — tuned for low false positives and full transparency.
- Hybrid rules + anomaly + ML scoring
- Risk drivers attached to every alert
- Deepfake & synthetic-media attribution
- Model & threshold versioning
Action & workflow
Findings become decisions inside the systems institutions already operate.
- Case management & investigator workspace
- KYC / KYB & onboarding controls
- Transaction holds & step-up verification
- Audit trail for every decision
Worked example
One ring, fully resolved.
A payout anomaly becomes a 42-account synthetic ring sharing three devices — surfaced with the evidence that justifies a step-up review.
Illustrative example. Figures are a worked scenario, not live data.
Engineering principles
Power that stays accountable.
The capabilities of a Palantir-class platform, built on commitments that make it trustworthy in European hands.
Explainability over scores
No black-box verdicts. Each alert ships with the evidence, the relationships, and the risk drivers that produced it — readable by an analyst and defensible to a regulator.
Data minimisation by construction
Purpose-limited pipelines retain only what a defined lawful purpose requires. Sensitive fields are tokenised, scoped, and expired automatically.
European-controlled infrastructure
Compute, storage, and cryptographic keys remain under European legal control, with no architectural dependency on US hyperscalers or the CLOUD Act.
Versioned & reproducible
Models, rules, and thresholds are versioned. Any historical decision can be reconstructed exactly — essential for audit, contestation, and trust.
Who deploys Elendil
Operational tools for the institutions Europe relies on.
Banks, PSPs & fintechs
Facing AI-accelerated fraud rings, mule networks, and synthetic onboarding at instant-payment speed.
Marketplaces & platforms
Targeted by fake accounts, coordinated abuse, and synthetic identities at scale.
Public authorities & regulators
Responsible for fraud, financial crime, and digital integrity — needing tools aligned with EU rules.
Critical digital services
Defending elections, information spaces, and essential systems from coordinated manipulation.
See the engine on your own data.
We run scoped, lawful pilots with European institutions. Tell us the adversary you face and we will show you the graph.