AML compliance, information sharing 4 min read

From writing EU sanctions to enforcing them: what AMLR Article 75 looks like in practice

Jacob Story
Jacob Story
Head of Marketing

Most people who work in financial crime compliance arrive via law enforcement, audit, or legal. Siiri Graabi arrived via the European Council, where she spent over a decade as an Estonian diplomat — including time in Brussels where she was in the room as EU sanctions packages were being negotiated and written.

Today, she is Sanctions and Counter-Terrorism Financing Officer at Coop Bank in Estonia. Siiri has a unique vantage point: she has seen why sanctions are designed the way they are (political urgency, diplomatic compromise, the pressure of a midnight deadline) and what it’s like to implement and enforce them.

In a recent episode of our Follow the Money podcast series, Siiri joined host Dr Nicola Harding to talk about her career, Estonia’s Salv-powered model of cross-institution intelligence sharing, and what the rest of Europe needs to understand before the AMLR Article 75 and PSR Article 83 deadlines arrive in 2027. Here are the key takeaways from the episode.

The intelligence sharing infrastructure Estonia built five years ago

Siiri shared how Estonia’s banks have been sharing financial crime intelligence using Salv Bridge for over five years. What started as an informal working group inside the Estonian Banking Association — banks comparing notes on sanctions hits, flagging fraud cases over messaging apps — became a real-time, structured, encrypted, legally-grounded system with a full audit trail.

Siiri chairs the sanctions working group at the Estonian Banking Association, which brings banks, supervisors, and regulators together monthly to align on implementation, share evasion patterns, and collectively work through new regulatory requirements. That group formed the foundation for what became the Salv Bridge intelligence sharing network.

There are several use cases in-play, and one that Siiri outlined works like this: A sanctions screening alert raises a potential name match. Siiri sends a request to another Estonian bank — date of birth, citizenship, place of residence. Within minutes, the answer comes back. Payment released or blocked, with a documented rationale. No SWIFT messages to payment teams, no waiting for emails, or trying to call specific colleagues at other banks. Just a fast, encrypted exchange that both institutions can point to in a supervisory review.

Fraud cases work the same way. When a bank identifies that a client has been defrauded and the funds have moved to another institution, a message goes out immediately. The receiving bank can block the account before the funds travel further. In several cases, money that moved through a virtual IBAN — accounts that typically drain out of Europe within hours — has been recovered. Millions of euros have been actively recovered through these joint investigations.

On the 2027 intelligence sharing deadline

Siiri was frank about timing during her Follow the Money chat with Nicola. AMLR Article 75 and PSR Article 83 require EU financial institutions to have structured intelligence sharing frameworks in place by 2027. Siiri believes that the timeline is already tight.

“You need the passionate crime fighters to build it. There needs to be somebody who provides the platform who has the mission to do something. Is there a legal ground in place in the country, or do they wait for the regulations to kick in? Are the politicians ready? How do they interpret GDPR? It’s so easy to say GDPR doesn’t allow [sharing], but not all data [falls under] GDPR.” — Siiri Grabbi, Sanctions and Counter-Terrorism Financing Officer, Coop Bank

The barriers she identifies aren’t primarily technical. They’re a combination of legal uncertainty, internal policy alignment, infrastructure readiness, and fundamentally a willingness to start before everything is perfectly resolved. Estonia didn’t wait for all the answers. It started, learned, and expanded.

The misconception Siiri hears most often

“That we all want to get the other banks’ clients to ourselves. But it’s not the case. I don’t want a criminal to become my client. I just want to receive the information and intelligence to know if my doubts are correct.” — Siiri Grabbi, Sanctions and Counter-Terrorism Financing Officer, Coop Bank

The competitive instinct that makes many institutions reluctant to share is, in Siiri’s experience, largely misplaced. Intelligence sharing doesn’t hand customers to rivals. It stops bad money from moving. That benefits every institution the money would otherwise flow through.

What the rest of Europe needs to do now

Siiri’s advice to a compliance officer at a mid-sized bank in another EU country: it starts with a shift in mindset. Intelligence sharing doesn’t add workload. It compresses investigation time, produces fuller reports, and creates the audit trail that supervisors are increasingly expecting to see.

Her message to public authorities is direct: stop treating the private sector as an adversary, engage the industry earlier in drafting regulations, and set the example by sharing intelligence themselves.

As for what Estonia did right, she sums it up in one sentence: “We started straight away.”

Watch the full episode on YouTube, follow Siiri on LinkedIn, or learn more about Salv Bridge.

×
ISO/IEC 27001 logo
Aicpa logo
GDPR compliant logo
OWASP logo

We build security to our products and organisation from the start. We use security best practices (incl. ISO 27001, CIS etc.) to ensure that our security management system meets the highest standards.

Salv has an ISO/IEC 27001: 2022 certificate, as well as ISAE 3000 compliant SOC 2 Type 2 report.