Skip to content
In the news TRM Labs × Finray — audit-ready crypto transaction monitoring for banking
Finray
Book a briefing

Company

Built for institutions where software is part of the evidence chain.

A financial institution does not fail only because a payment is wrong, a customer file is incomplete, or an alert is cleared too quickly.

It fails when no one can reconstruct why the decision was made.

Finray builds infrastructure for that moment.

We build for banks, payment institutions, crypto firms and FinTech companies whose operations must withstand audit, supervision and board review. The work is not to add another dashboard. The work is to connect the activity, the risk logic, the approval, the exception and the evidence into one operating record.

Fragmented systems create false comfort. A payment moves in one system. The customer risk file lives in another. The sanctions rationale sits in email. The board report shows a green status that cannot be traced back to the workflow that produced it.

That is not an efficiency problem.

That is institutional exposure.

Software must not only run the institution — it must help the institution prove control.

The pattern is consistent. In due diligence, the question is rarely whether a decision was reasonable in isolation. The question is whether the institution can prove how the decision was reached.

We have seen payment and crypto firms lose credibility not because the risk decision was obviously wrong, but because the decision path lived across email, spreadsheets, screenshots and disconnected systems.

The commercial consequence comes later: a partner walks away, an auditor escalates, a board loses confidence, or a licence process slows down.

Finray's portfolio is built around that standard:

  • Corebanq — core banking and ledger infrastructure.
  • XZiel — fiat and crypto transaction risk, sanctions, investigations and case management.
  • Ordinis — governance, risk, internal controls and operational evidence.

Finray is the infrastructure layer for institutions whose operations must survive scrutiny.

Company /1.1

Story

The architecture came from the failure mode.

Finray Technologies Ltd was founded in Cyprus in 2023.

The original thesis was simple: financial institutions were being pushed to move faster while proving more than their infrastructure could support. The market offered two bad answers — buy fragmented vendors and stitch them together, or build internally over a multi-year horizon.

Neither solves the real problem if the institution still cannot reconstruct the decision.

From the beginning, Finray was built around one architectural principle: the system that records the activity must also preserve the risk context, the approval path, the exception handling and the evidence.

That principle shaped the first generation of Corebanq, Zahlex and XZiel.

In 2025, Finray achieved ISO/IEC 27001:2022 certification for its information security management system, certified by NQA under UKAS accreditation. The certificate covers IT services including software development, maintenance and consulting. It relates to the management system, not to product certification.

In February 2026, Finray and TRM Labs announced a global reseller and referral partnership. The partnership brings TRM's blockchain intelligence into Finray's XZiel environment for transaction monitoring, sanctions screening, investigations and audit-ready decisioning across fiat and digital-asset workflows.

The objective is not another compliance dashboard.

The objective is one risk profile, one case history and one decision trail across fiat and crypto rails.

One architecture.

One operating record.

One standard of accountability.

Story /1.2

Leadership

Oleksandr Potapenko

Founder & CEO

Oleksandr founded Finray in 2023.

He started in banking at an EBRD partner bank, then served as CFO at UDP and UFuture, two of Ukraine's largest diversified holding groups.

He later founded and led a Swiss Art. 1b FinTech licensing and infrastructure project, bringing together payments, financial-crime controls, outsourcing governance, operational risk and machine-learning applications in finance.

Finray was built from that work.

At Finray, Oleksandr leads strategy, product direction and regulatory positioning. His operating view is simple: financial software is not serious until it can support the people who must defend its outputs — management, compliance, audit and the board.

He does not approach Finray as a software concept. He approaches it from the scar tissue of what happens when finance, compliance and engineering are separated.

Vasyl Melnychuk

Chief Technology Officer

Vasyl leads Finray's engineering organisation and platform architecture.

He has built financial-technology systems for more than two decades.

At Finray, his responsibility is architectural consequence: permissions, data models, resilience, integration boundaries, deployment discipline and audit trails.

In this market, architecture is not a technical preference.

It decides whether the institution can explain itself when something goes wrong.

Kateryna Horoshchak

Head of Finance & Operations

Kateryna leads finance, operations and execution discipline at Finray.

She is an ACCA-qualified finance professional with audit and transaction-due-diligence experience, including EY. Her work sits behind the parts of infrastructure companies that clients rarely see but regulators and auditors always test: contracts, vendors, procedures, evidence, financial discipline and follow-through.

At Finray, she makes sure the company operates with the same standard it builds for its clients.

Leadership /1.3

How We Work

Regulated software fails when engineering builds the system, compliance explains it later, and operations invent the workaround.

Finray works differently.

The regulatory logic, product logic and engineering logic sit in one loop. Workflows are designed with reconstruction in mind. Permissions are designed around accountability. Exceptions are not treated as noise. They are treated as the moments where the institution proves whether it is governed or not.

We build around three questions:

  1. 01 Can the institution operate it?
  2. 02 Can management control it?
  3. 03 Can auditors reconstruct it?

If the answer is no, the system is not finished.

How we work /1.4

Operating posture

What Finray commits to, in writing.

  • Operating entity

    Finray Technologies Ltd, a limited company registered in the Republic of Cyprus, 115 Griva Digeni, Trident Centre, Limassol.

  • Information security

    ISO/IEC 27001:2022 certified by NQA under UKAS accreditation. Certificate No. 215646, issued 21 October 2025, valid to 21 October 2028. Scope: IT services — software development & maintenance, IT consulting.

  • Release cadence

    Platform changes ship through versioned releases, each accompanied by an upgrade note and an evidence record.

  • Incident posture

    An on-call rotation with defined response SLAs. Post-incident reports are published to customers under NDA.

Operating posture /1.5

FAQ

Frequently asked questions.

  1. What is Finray?

    Finray builds core infrastructure and control systems for regulated financial institutions. Its systems connect operations, risk logic, approvals, exceptions and audit evidence into one operating record. Finray is ISO/IEC 27001:2022 certified and partners with TRM Labs for blockchain intelligence.

  2. Is Finray Technologies the same as Finray (finray.io)?

    No. Finray Technologies (finray.tech) is a Cyprus-registered software vendor for regulated financial institutions, founded in 2023 by Oleksandr Potapenko. Finray (finray.io) is a separate, US-based data-management vendor for financial services. The two companies are unrelated.

  3. Who is Finray built for?

    Finray is built for banks, payment institutions, e-money institutions, crypto firms, FinTech companies and regulated financial operators whose systems must withstand audit, supervision and board review.

  4. What does Corebanq do?

    Corebanq provides core account and payment infrastructure for regulated financial institutions, including account operations, payment workflows, roles, approvals and operational evidence.

  5. What does Ordinis do?

    Ordinis supports governance, risk, compliance, internal controls, policy workflows, incidents, access requests and audit evidence for regulated financial institutions.

  6. What does XZiel do?

    XZiel supports transaction-risk monitoring and investigations across crypto and fiat financial operations, including alerts, cases, sanctions logic and evidence capture. It integrates blockchain intelligence from TRM Labs.

  7. Is Finray ISO 27001 certified?

    Yes. Finray Technologies Ltd holds ISO/IEC 27001:2022 certification, Certificate Number 215646, issued by NQA, a UKAS-accredited certification body. The certificate is valid from 21 October 2025 to 21 October 2028. This is a company-level Information Security Management System (ISMS) certification, not a product-level attestation.

  8. Does Finray have technology partnerships?

    On 24 February 2026, Finray Technologies announced a strategic partnership with TRM Labs. The partnership embeds TRM's blockchain intelligence directly into Finray's XZiel compliance engine, enabling regulated financial institutions to manage digital-asset and fiat transaction risk in a single operational environment.

  9. Is Finray a bank?

    No. Finray is a software company, not a bank, payment institution, e-money institution, crypto-asset service provider, or any other licensed financial entity. Finray provides core infrastructure and control systems used by such institutions. Regulated financial services should be provided only by appropriately authorised entities.

Frequently asked questions /1.6

Press

Working on a story about Finray?

Contact us at partnership@finray.tech. We reply within two business days.

Press /1.7

What we operate

Three platforms.
One operating posture.

Corebanq for the core ledger. XZiel for risk and monitoring. Ordinis for governance and control. The architecture the operating company is built around.

See the operating stack See the proof rail
What we operate /1.8
Certificate of Registration NQA · UKAS Management Systems
ISO/IEC 27001:2022 Certificate of Registration issued by NQA to Finray Technologies Ltd, certificate number 215646, valid 21 October 2025 to 21 October 2028
Search
Type to search across Finray, products, company, and journal.

    Press Esc to close · to open the highlighted result.