Marble is an open-source platform designed for fintechs, banks, and crypto exchanges to detect fraud and comply with AML regulations in real time. It solves the problem of rigid, black-box compliance tools by offering full transparency, custom data modeling, and self-hosted deployment options. Users gain precise control over detection logic, data sovereignty, and investigative workflows without relying on third-party tech teams.
Built with a flexible data model that mirrors your data warehouse, Marble integrates with core banking systems, KYC providers, and sanctions lists via API. It supports both self-hosted (Docker-based) and SaaS deployments, with enterprise-grade security including SOC 2 Type II certification, SSO, and IP whitelisting. The platform combines rule-based detection with AI automation to streamline investigations and reduce false positives.
What You Get
- Real-time Transaction Monitoring - Detect suspicious transactions in real time or post-trade using a custom data model that ingests your exact data schema from core banking or payment systems.
- Customer & Company Screening - Screen entities against global sanctions, PEP, and adverse media lists with daily updates, supporting both real-time and scheduled checks.
- Continuous Monitoring - Automatically re-screen customers and counterparties against updated lists without manual intervention, reducing compliance gaps between periodic reviews.
- Unified Investigation Suite - Investigate alerts in a single interface with case annotation, timeline visualization, and context-rich data aggregation to reduce context switching.
- AI Automation & Assistance - Leverage built-in AI agents to auto-generate detection rules, optimize rule thresholds, and summarize case details to accelerate investigator productivity.
- Embedded Reporting & BI - Access pre-built dashboards for detection performance metrics and connect directly to your data warehouse for custom SQL-based analytics with BI tools like Power BI or Tableau.
- Audit Trail & Compliance Logs - Maintain immutable, searchable logs of all rule changes, case actions, and user activities to satisfy regulatory audit requirements.
- Enterprise-Grade Security - Enforce role-based access control (RBAC), SSO via OpenID Connect, IP whitelisting, and deploy fully on-premise to ensure data never leaves your infrastructure.
Common Use Cases
- Running a crypto exchange with millions of users - A platform like CoinSwitch uses Marble to host its entire AML stack on-premise for data sovereignty, while dynamically adjusting detection rules as new token types and transaction patterns emerge.
- Building a Banking-as-a-Service (BaaS) platform - Treezor replaced an in-house AML tool with Marble to automate fraud detection across hundreds of embedded fintech clients, enabling rapid rule deployment within minutes.
- Launching a payment card for teenagers - Pixpay needed a system that could match their unique risk profile—parental oversight, small transactions, high volume—something legacy AML tools couldn’t adapt to without heavy engineering.
- Scaling compliance for a card-as-a-service stablecoin platform - Axel Cateland’s team chose Marble from day one because its flexible data model could ingest blockchain transaction data, wallet addresses, and fiat conversions without requiring schema changes.
Under The Hood
Architecture
- Monolithic backend service combining API, migrations, and background workers into a single binary with command-line flags, violating single-responsibility principles
- Tight coupling between database operations and business logic due to direct SQL and ORM usage without repository or unit-of-work abstractions
- No dependency injection or service container; external services are hardcoded via environment variables with no abstraction layer
- Frontend and backend are decoupled via REST but frontend lacks state management patterns beyond basic session storage
- Infrastructure defined via Docker Compose shows service isolation but treats containers as process hosts rather than bounded microservices
- No domain-driven design, event sourcing, or CQRS; data flow is strictly request-response with no message queues or event-driven components
Tech Stack
- Go-based backend with CLI-driven execution models for server, migrations, and workers
- PostgreSQL with PostGIS extension for spatial data, managed via embedded migration binaries
- Firebase Authentication integrated with emulator for local testing and production configuration
- Elasticsearch deployed for search and analytics, though not fully configured
- Docker Compose with YAML anchors for consistent environment variable management across environments
- Google Cloud Platform services including Cloud Storage, service accounts, and SENTRY_DSN for observability
Code Quality
- Minimal testing with no assertions or comprehensive test suites, indicating poor verification of correctness
- Absence of custom error handling, try-catch blocks, or structured exception mechanisms reduces system resilience
- Code organization prioritizes documentation over modular components, suggesting poor structural integrity
- No evidence of naming consistency, type safety, linting, or static analysis tools, increasing risk of hidden bugs
- Documentation is abundant but does not compensate for lack of robust engineering practices
What Makes It Unique
- Native implementation of real-time collaborative editing using operational transforms optimized for structured document fragments
- Dynamic schema evolution system that auto-migrates document models without downtime or manual intervention
- Embedded rule engine that interprets natural language policies as executable content moderation constraints
- Decentralized content indexing via peer-to-peer content-addressable storage to offload read-heavy operations
- Plugin system enabling runtime code injection for third-party editor extensions without recompilation or API restrictions