Fintech Weekly Digest: 7/30 – Ramp Hits $22.5B, Allianz Breach Exposes 1.4M, Wise Faces Governance Blowback

Welcome to this week’s edition of ONSEC Fintech Cyber Weekly, brought to you by the ONSEC team.

From billion-dollar fintech acquisitions and AI-fueled platform rollouts to deepfake scams and VPN breaches targeting financial infrastructure, this week showcased the volatile intersection of innovation and risk. Regulatory concerns around governance and data access intensified, while cybersecurity threats—from CRM exploits to state-backed espionage—kept the pressure on defenders. As banks, startups, and attackers move fast, staying secure means staying informed.

Here are the top stories shaping the future of finance, technology, and trust.

Trends & Innovation

• MTN Uganda to Spin Off Fintech Unit Ahead of IPO. On July 23, MTN Uganda announced plans to transform its mobile money and fintech operations into an independent company under MTN Group Fintech Holdings. The newly formed entity is expected to list on the Uganda Securities Exchange within three to five years, aiming to unlock value and expand digital financial services across East Africa. Source: Reuters
• Glass Lewis Raises Governance Concerns Over Wise U.S. Listing Plans. Also on July 23, shareholder advisory firm Glass Lewis voiced opposition to Wise PLC’s proposal for a U.S. primary listing. The concerns focused on an extension of its dual‑class share structure — which the group warned could entrench disproportionate voting power in the hands of a few executives. Source:  Reuters
• Corpay to Acquire UK’s Alpha Group in $2.2 B Cash Deal. On July 23, U.S.-based payments firm Corpay announced a $2.2 billion all-cash acquisition of London-based Alpha Group, a fintech firm offering institutional banking accounts. Alpha holds roughly $3 billion in deposits across 7,000+ client accounts. The acquisition—which is expected to close in Q4 2025—reinforces Corpay’s push into European private markets and corporate payments infrastructure. Source: Reuters
• Ramp Raises $500 M, Valued at $22.5 B Following AI Roll‑Out. On July 30, fintech startup Ramp secured $500 million in a late-stage funding round led by ICONIQ, driving its valuation to $22.5 billion. The company recently launched AI agents that automate fraud detection and policy reviews. Investors view Ramp as emblematic of investor appetite for AI-enabled financial platforms.  Source: Money US News
• Blackstone Sees Deal Pipeline Reach 2021‑Era Peak. On July 24, alternative asset manager Blackstone reported its strongest M&A and IPO advisory pipeline since 2021, citing surging demand from fintech and private credit clients. Fee-related revenue rose notably, as fintech-linked dealmaking gained momentum in markets across private finance and fund structures.  Source: MSN

Security & Cyber Threat

• Allianz Life Discloses Major Data Breach Affecting 1.4 M U.S. Customers. On July 28, Allianz Life confirmed a breach tied to a third‑party cloud-based CRM system, which exposed PII of approximately 1.4 million North American clients. The incident involved social engineering tactics targeting Salesforce’s Data Loader tool. Allianz has notified the FBI and is offering 24 months of credit monitoring and identity theft protection. The breach highlights growing risks from vendor-based vulnerabilities. Source: Itpro
• Financial Sector Most Susceptible to AI-Driven Cyberattacks. A study published on July 30 by Deep Instinct revealed that 45% of financial services organizations have experienced AI-enabled attacks—such as phishing, deepfakes, and AI-generated malware—in the past year. While the sector remains relatively resilient, the survey warns that as cybercriminals refine use of AI, threats are expected to intensify and shift firms toward predictive cybersecurity strategies. Source: Axios
• AI-Fueled Deepfake Scams Surge in Australia with Huge Financial Losses. On July 27, reports emerged of a rising tide of AI-enabled voice phishing attacks in Australia. Hackers used deepfake voices to impersonate executives in financial scams, including a $53 million fraud in the UAE. Experts likened the scale to a “nuclear bomb” breach—urging adoption of zero-trust security, employee training, and real-time threat monitoring to combat the speed and sophistication of such attacks. Source: Adelaide Now
• U.S. Cyber Attack Hits Fermilab via Microsoft SharePoint Zero-Day. According to a July 29 update from Reuters, the U.S. Department of Energy’s Fermilab suffered a breach exploiting a Microsoft SharePoint zero-day. While not directly a fintech firm, the incident underscores how infrastructure-level vulnerabilities can jeopardize sensitive financial and research data, reinforcing the need for patching discipline across sectors. Source: Reuters
• Xage Highlights Widespread VPN Credential Attacks Targeting Finance Infrastructure. In its July 29 cyber‑risk roundup, Xage Security noted that the SafePay ransomware gang has breached over 220 organizations in the past year—including finance firms—by exploiting stolen VPN credentials. The report points to the persistent fragility of VPN-based remote access and advocates for Zero Trust models and multifactor authentication across fintech operations. Source: Xage security

Product & Platform Launches

• Mastercard Launches AI Card Design Studio. On July 24, Mastercard rolled out its AI Card Design Studio—a digital tool enabling banks and issuers to generate branded, compliant card designs automatically. The AI-guided platform slashes design-to-production timelines and enhances brand consistency across digital and physical card issuance. Source:  FinTech Weekly
• J.P. Morgan Markets Unveils Next‑Gen Institutional Platform. On July 24, J.P. Morgan Markets revealed a revamped trading and investment platform for institutional clients, consolidating research, analytics, execution and post-trade tools into a unified, intuitive interface. The redesign aims to streamline decision-making in volatile markets and supports API, mobile, and desktop access . Source: FinTech Weekly
• Ecx Pay Launches Mining‑Focused Fintech Services in Brazil. On or around July 27, Brazilian fintech Ecx Pay expanded its corporate suite, introducing salary advance services and Pix Transporte, a transport voucher system for logistics employees. The firm also entered Brazil’s enterprise expense management market, positioning itself as a vertical fintech provider for mining industry partners. Source:  This Week in Fintech
• InTick Secures £2 Million to Expand Derivatives Trading Platform. On July 30, UK-based InTick announced a £2 million funding round to enhance its listed derivatives exchange platform with automated liquidity tools and improved user experience. The funding marks confidence in fintech-enabled capital markets infrastructure. Source:  Fintech Global
• ComplyControl Launches SafeStart Program for Fintech Compliance. On July 30, UK-based ComplyControl introduced SafeStart, an AI-driven compliance onboarding program aimed at fintech and RegTech firms. The platform uses machine learning to guide startups through licensing, KYC/AML setup, and regulatory screening in multiple jurisdictions. Source:  finance.yahoo.com

Final Words

From major M&A moves and governance shakeups to AI-powered security threats and compliance innovation, this week underscored the dynamic and fast-evolving nature of global fintech. As funding rebounds and regulatory landscapes shift, platforms that prioritize resilience, transparency, and user trust are gaining ground. Stay vigilant, stay informed — and we’ll be back next week with more of what matters in fintech, cybersecurity, and financial innovation.