Welcome to Fintech Brainfood, the weekly deep dive into Fintech news, events, and analysis. You can subscribe by hitting the button below, and you can get in touch by hitting reply to the email (or subscribing then replying)

Hey Fintech Nerds 👋,

I got some good news for you. This exclusive link gets you the lowest price Fintech NerdCon tickets will be all year. Price goes up EOD Monday. Grab them fast.

It happened. Hell froze over. And Revolut finally got their full UK Bank Licence. Never bet against them.

Meanwhile, we saw the CFTC act fast on making prediction markets accountable for some of the recent “insider trading” allegations. That’s your Rant this week. Let’s dig in.

Here's this week's Brainfood in summary

📣 Rant: 🧠 The Everywhere Insider

💸 4 Fintech Companies:

👀 Things to Know:

📚 Good Read: How to sell to AI Agents

If your email client clips some of this newsletter click below to see the rest

🧠 The Everywhere Insider

For 90 years, insider trading laws applied almost exclusively to publicly traded securities. You needed a corner office. A Bloomberg terminal. A Goldman badge.

In one week in February 2026, three very different people proved that era is over.

A YouTube video editor in North Carolina. A suspected auditor at a Big Four firm. An intelligence officer with advance knowledge of a drone strike.

None of them had a Bloomberg terminal. All of them had something better: access.

Prediction markets have turned everything into a tradable asset. Every NDA, every classified briefing, every unreleased earnings report, every private Slack channel is now material non-public information with a ticker attached.

We built prediction markets to find the truth. Turns out, the highest yields go to the people leaking it.

On February 25, Kalshi publicly revealed its first insider trading enforcement. The target? Artem Kaptur, a video editor for MrBeast.

Kaptur used his backend knowledge of unreleased videos and subscriber milestones to place bets. Kalshi's surveillance flagged him for "near-perfect trading success on markets with low odds." He made roughly $4,000.

Beast Industries launched an internal investigation and cited a "no tolerance" policy. Kalshi responded with a $20,397 fine, two-year ban, formal referral to the CFTC.

Kalshi's head of enforcement Bobby DeNault said the platform has opened over 200 investigations into insider trading in the past year alone. Twelve are still active. Two things taking shape here: a change in corporate governance, and prediction markets becoming the front line of enforcement.

Speaking of corporates.

In late February, analyst Matt Lamers at EventWaves published a deep dive showing a cluster of crypto wallets making eerily accurate earnings bets on Polymarket. These wallets only bet big on companies audited by KPMG. Home Depot. DoorDash. CarMax. Thor Industries. StoneX.

Max conviction trades, right before the numbers dropped.

The wallets cycled through usernames to avoid detection. They bet small on non-KPMG companies. And they kept winning.

Old-school insider trading requires shell companies, brokerage accounts, and leaves a massive SEC paper trail. On Polymarket, a junior staffer in an offshore audit hub can buy binary options with an anonymous crypto wallet. The SEC's Consolidated Audit Trail is useless here.

Someone in r/Accounting said, maybe KPMG-audited companies just have "a certain je ne sais quoi that make them uniquely fun to trade." That tickled me.

Unlike Kalshi, Polymarket's blockchain gives anyone the ability to audit the auditor. But will there be action by the platform or the firm?

This one's on a different scale entirely.

On February 28, the U.S. and Israel launched "Operation Epic Fury" — coordinated strikes on Iran that killed Supreme Leader Ayatollah Ali Khamenei. Hours before the bombs fell, Polymarket saw a massive, highly specific surge in volume.

Blockchain analytics firm Bubblemaps flagged six freshly created wallets that were funded within 24 hours of the attack. They bought "Yes" shares on "US strikes Iran by February 28, 2026?" at roughly 10 cents each. The largest wallet turned $61,000 into nearly $500,000. Combined, these suspected insiders walked away with around $1.2 million.

Another account, "Magamyman," made $553,000 betting on Khamenei's removal — placing bets just before the strike confirmed his death.

This wasn't the first time. In January, an anonymous account turned $32,000 into $400,000 by betting on the capture of Venezuelan leader Nicolás Maduro before it was publicly announced. Earlier in February, Israeli prosecutors indicted an IDF reservist and a civilian for using classified military intelligence to place winning bets during last June's 12-day war with Iran.

War is no longer just a geopolitical event. It's a tradable derivative.

All of this is happening right as the regulator claiming authority over prediction markets walks into a trap of its own making.

In mid-February, CFTC Chairman Michael Selig filed an amicus brief in the Ninth Circuit arguing the CFTC has exclusive federal jurisdiction over event contracts. They're "swaps" under the Commodity Exchange Act, not gambling. His message to states: "We will see you in court."

State regulators from Nevada, Massachusetts, and Tennessee are fighting back. 36 states have filed amicus briefs asserting their right to regulate what they see as gambling under state police powers.

Utah Governor Spencer Cox responded to Selig with possibly my favorite tweet of the year:

But here's the trap.

By claiming exclusive jurisdiction, the CFTC now owns the enforcement obligation. And when Kalshi caught the MrBeast insider, the CFTC Chairman called exchanges "the first line of defense" in policing insider trading.

Read that again. The regulator is reliant on these very new, very early companies to manage enforcement.

The CFTC was built in 1974 to monitor wheat futures. Its staff has been cut roughly 21.5% since the end of fiscal year 2024. There are now over 200,000 active prediction markets. The insiders are video editors, junior accountants, and military reservists.

How does the wheat futures regulator police that?

This week, we got the first answer. The CFTC's Division of Market Oversight issued a formal advisory reminding exchanges that they are "front-line regulators" with obligations to conduct real-time monitoring, investigate anomalies, and guard against the "unauthorized or premature release" of settlement data. T

ranslation: the KPMG problem and the MrBeast problem are now in the regulatory record. The CFTC also explicitly named insider trading — misappropriation of confidential information — as a prosecutable violation on prediction markets.

But the advisory also makes clear: the Commission retains authority to investigate and bring enforcement actions. The sword stays with the regulator. The shield goes to the exchanges.

They're going to need AI. And the wisdom of the crowds. (Oh, delicious irony.)

Detection and enforcement has started.

Prediction markets may have better surveillance infrastructure than traditional financial markets. On Polymarket, every wallet, every transaction, every timestamp is visible to anyone with an internet connection. The KPMG wallets were caught by a Substack writer. The Iran wallets were flagged before the news cycle processed the strikes.

The blockchain is the worst place to commit financial crime. The question for Polymarket is what enforcement looks like. Kalshi, for its part, is taking a proactive stance — and that's the silver lining the skeptical optimist in me needed today.

When you add the recent moves by the CFTC, there’s a chance that this smaller but fast-moving regulator presents a real opportunity to catch bad actors faster.

Prediction markets have political cover right now — the Trump administration has dropped multiple federal investigations, and Don Jr. advises both Kalshi and Polymarket. That window won't last forever. Every insider they catch strengthens the argument that these platforms deserve the CFTC's jurisdictional shield.

I hope they use that window wisely.

We could just be seeing the tip here.

Every NDA is now a potential trading edge.

Beast Industries had to launch an internal investigation over a video editor making $4,000. KPMG — and every Big Four firm — now faces the prospect that any employee with access to earnings data has a monetization path that didn't exist 18 months ago. Military and intelligence agencies have a new dimension of operational security: their personnel can now cash out classified information without ever touching a stock.

The old compliance model: don't trade securities in companies you have information about.

The new compliance model: don't trade on anything you have information about. On any platform. In any asset class. Including whether your boss will say "billion" in his next YouTube video.

Good luck enforcing that.

I wrote in October that prediction markets are truth-seeking APIs. That thesis hasn't changed. But the Everywhere Insider is the stress test I didn't expect to arrive in a single week.

Prediction markets will survive this. They're too valuable and too popular to ban. But the platforms that treat enforcement as a PR exercise rather than an infrastructure investment will not.

Build the surveillance. Invest in AI-driven detection. Prove the model works before Congress takes it away.

The Everywhere Insider is here. 

The question is whether we built markets that can catch them.

ST.

1. Nomain - AI intelligence for legacy code bases

Nomain turns legacy code into accessible knowledge as documentation, or answering questions like “how does the overnight batch process FX transactions.” They create interactive system visualisations. The platform makes sure all role based access and data privacy rules are followed. 

🧠I can imagine this is catnip for every bank who feels beholden to their mainframe. The hyperscalers have products that do this sort of thing, but they feel complex and weapons grade. Imagine a Nomain MCP server for enterprise ChatGPT or Claude that let staff understand the mainframe, and today’s code and ask “how will the “XYZ regulation impact our regulatory reporting”

2. Stacks - The financial reporting platform

Stacks sync’s ERPs, bank accounts, and will automate journal entries, variance analysis and reporting. It automates reconciliations, proposes fixes to variances and makes financial closes “96% faster.”

🧠Stacks has some well known UK-centric clients like Cleo, Freetrade and Bloom & Wild. That’s some meaningful traction for a Series A company. There have been plenty of these platforms in the US, but the UK has been late to the game arguably.

3. Inscope - The financial reporting for finance nerds platform

Inscope helps finance teams and accountants autoroll-forward, format, link and sync various data sources to remove mundane tasks. It has AI assistants to catch errors and inconsistencies. 

🧠There’s a lot of nuanced features here. Like, insert “audit ready tables” or SEC-ready tables. The AI will suggest disclosures based on underlying data, and it’s checking and double checking references between pages nad sources for consistency.

4. Dots - The simpler payouts API

Dots is the developer, start-up friendly payouts platform that has a fully whitelabel UI for user onboarding, the ability to payout through 300+ payments rails globally and, will automatically detect when tax information is required. The platform is designed to be easy to embed in existing products, through a simple API interface

🧠 Lots of companies offer payouts as a feature, or they’re older. Dots is a younger company, that’s stripped back and dedicated to payouts. A sort of Payoneer for 2026. Sometimes just being new with no legacy is interesting in its own right.

1. Revolut granted full UK Banking Licence after 4 year wait.

Revolut, the Neobanking giant with 70 million customers and a $75bn valuation has received approval from the Prudential Regulation Authority (PRA) for a full banking licence, allowing it to offer deposit (checking) accounts for retail and business customers.

Regulators worried about accounting issues, problems with other EU regulators, and an aggressive corporate culture said to focus more on growth than risk.

🧠 The accounting issues looked bad. Revolut's 2021 accounts were delayed until March 2023, featuring a "qualified opinion" from BDO auditors who could not verify £476.9m of reported revenue. This will have had to be fully resolved to the PRA’s liking to get the full licence.

🧠 It also had six share classes that had to be collapsed into one. This included a full restructuring with Softbank. Many of their recent raises no doubt helped to buy out some previous investors.

🧠 The AML concerns are a critical factor. The PRA and FCA scrutinized Revolut’s ability to manage risks, particularly concerning anti-money laundering (AML) checks and the handling of suspicious transactions. When you have 13m customers and you’re a full bank, this has to be gold standard. And, given Revolut has often been locked out of much of the information sharing the large banks do, they’ve had to come from behind to make this right.

🧠 Revolut finally loses the asterisk; no matter how well it did, people questioned why it didn’t have a licence in its home market. In the UK it has 13m customers, it offers everything from current accounts to, deposits, loans, crypto, investments and payment acceptance. But it was capped at a £50,000 deposit taking limit.

🧠 Now they’ve arguably passed the toughest test. The PRA's decision this week ripples outward — not just into mortgages and loans in Hammersmith, but into boardrooms in Washington and Singapore where the same application is sitting in a queue.

🧠 There's UK politics here too. Rachel Reeves tried to broker a meeting to speed this up but Bank of England governor Andrew Bailey blocked it.

🧠 The big UK banks once dismissed Revolut as an FX app that loses money. They miscalculated. The big 4 high street banks woke up to a massive competitor who can do everything they can now.

🧠 I have come 180 on Revolut (a revolut’ion if you will). There was a time when the open secret was that Revolut was the known-bad-actor in the UK fintech space. Focussed more on growth than risk. Today that’s far from true. They’re now the crown jewel of UK tech. Never mind Fintech.

🧠 Where next for Revolut? They applied for the US charter. And just as the UK banks dismissed Revolut initially, the US banks would be foolish to do the same. So far Revolut has tried numerous times and failed to get traction. But I’ve learned one thing watching them for the last decade or so. Never bet against Revolut.

2. CFTC Issues Prediction Markets Advisory — DCMs Are Now Formally "Front-Line Regulators"

The CFTC's Division of Market Oversight issued a formal advisory reminding Designated Contract Markets like Kalshi of their surveillance and enforcement obligations for event contracts.

🧠 The timing is everything. This drops two weeks after Kalshi's MrBeast insider trading bust, the KPMG wallet anomalies on Polymarket, and suspected insider trading ahead of the Iran strikes. The advisory explicitly names insider trading — "misappropriation of confidential information" — as a prosecutable violation under Regulation 180.1.

🧠 "Front-line regulators" is now formal guidance, not a press quote. When Selig called exchanges the "first line of defense" after the MrBeast bust, it sounded like spin. Now it's codified. DCMs must conduct real-time monitoring, investigate anomalies, and evaluate whether third parties have safeguards against premature data leaks. That last part reads like it was written with the KPMG situation in mind.

🧠 This is the CFTC trying to get ahead of the "LeBron James rebounds" problem before it becomes a scandal. Contracts that settle on the actions of a single individual or small group — injuries, officiating calls, unsportsmanlike conduct — get flagged as heightened manipulation risks. DCMs are told to engage with sports leagues and their integrity units.

🧠 Assassination, war, and terrorism contracts remain banned. But notably, the Iran-style contracts were on Polymarket (offshore), not US-regulated DCMs. The advisory's real teeth only reach Kalshi and its peers. Polymarket's offshore exchange remains in regulatory no-man's-land.

🧠 The big question: is guidance enough? An advisory isn't a rule. It doesn't have the force of law. It's the CFTC saying "we're watching" without yet saying "here are the consequences." The gap between this advisory and actual enforcement capacity — with a 21.5% staff reduction — is where the story gets interesting.

How to sell to AI Agents

The entire history of the economy is about capturing attention, from billboards to Google ads, but agents optimize for outcomes. Agents won’t read marketing pages, they’ll look for uptime, price, at latency. This changes when an agent can build code itself exceptionally well. Build in house gets 100x cheaper, and buying becomes better when an API or service can offer data or an outcome at a lower cost, faster speed, or both. General agents can scrape the web, but it could take minutes and cost $0.10, vs a specialist service that takes 0.003 seconds and costs about that too. 

This means every service should be discoverable for agents, price belongs in the protocol, not on a webpage, and authentication needs to be as automated and streamlined as possible. 

Remember, if you're enjoying this content, please do tell all your fintech friends to check it out and hit the subscribe button :)

Want more? I also run the Tokenized podcast and newsletter.

(1) All content and views expressed here are the authors' personal opinions and do not reflect the views of any of their employers or employees.

(2) All companies or assets mentioned by the author in which the author has a personal and/or financial interest are denoted with a *. None of the above constitutes investment advice, and you should seek independent advice before making any investment decisions.

(3) Any companies mentioned are top of mind and used for illustrative purposes only.

(4) A team of researchers has not rigorously fact-checked this. Please don't take it as gospel—strong opinions weakly held

(5) Citations may be missing, and I’ve done my best to cite, but I will always aim to update and correct the live version where possible. If I cited you and got the referencing wrong, please reach out