ClearBank Secures Email with Human Behaviour AI from Abnormal

ClearBank knows the value of building a business on innovation. In 2017, ClearBank launched as the UK’s first new clearing bank in 250 years, with cloud-native banking as a service for acquirers, retail banks, fintechs, and other institutions. “We provide a simple API to connect our B2B customers to payments infrastructure so they can go to market faster,” said Bernard Wright, CISO. ClearBank recently expanded into the EU and plans to expand to the US in the near future.

To protect its cloud ecosystem, partners, and customers from credential phishing and financial fraud, ClearBank leveraged the full value of Microsoft 365's security tools. "We use the entirety of the Microsoft Defender Suite, Cloud App Security, and pretty much anything that Microsoft offers,” said Thomas Knowles, Head of Security Operations.

But eventually, advanced attacks breached those defences. “We saw a lot more phishing emails, QR code attacks, and quite convincing brand impersonation attacks targeting our executives,” Wright said. A surge in graymail created more user reports, which added to the SOC’s workload. Wright quickly realised they needed an additional email security layer.

“You can never stop innovating when you're a bank in the cloud. We're always looking at how we can scale and improve our resilience across our organisation, and Abnormal provides the transparent, AI-native security and automation we need to keep moving forward.”
—Bernard Wright, CISO

When Wright learned about Abnormal at a conference, he was impressed with the platform’s seamless functionality and potential to scale. “In a year or two we could double our number of employees. We need vendors that can grow with us,” he said.

The POV with Abnormal demonstrated its ease of use and efficacy. “We didn't want to implement a physical or virtual appliance within the estate or risk interrupting our business operations,” Knowles said. “When we integrated Abnormal, we simply had to click an ‘Authorise OAuth’ button within our tenant and then a single sign-on SAML certificate to allow administrative access." Abnormal quickly started identifying attacks that M365 was unable to detect.

Wright said Abnormal’s AI-native solution and API-based integration capabilities aligned with ClearBank’s own approach to innovation. “We manage the backend payments infrastructure for our customers, and Abnormal does the same for us with email security. We know we don’t need to change something when new threats appear because Abnormal will take care of them.”

In addition to keeping brand impostors and other spear phishing attacks out of user inboxes, Abnormal has reduced the company’s graymail workload. “The productivity gains have been massive, particularly for our marketing and sales departments and our people at the senior, executive, and board levels,” Wright said. “It’s also given our employees confidence that the emails in their inbox are genuine, so they don’t have to worry about falling for an attack.”

“Many companies have bolted AI onto their solutions. Abnormal's AI-native design sets it apart by evaluating and contextualising human behaviour in written communication. That means Abnormal can identify attack indicators that may go unseen by traditional email and security platforms.”
—Thomas Knowles, Head of Security Operations

ClearBank considers Abnormal a partner in security and in accelerating their own AI initiatives. “Bringing Abnormal on board has increased our understanding of how we can utilise AI internally to improve productivity and automation across the business,” Wright said.

He also said that with AI fueling attacks, an AI-native detection solution is a necessity. “In today’s security environment, the speed of change is massive and the entry level for attackers is a lot lower. Having Abnormal AI in our email security stack is critical.”