How financial crime collaboration infrastructure works in practice

Ten years ago, the idea of regulated institutions exchanging financial crime intelligence in real time seemed implausible. Legal risks felt insurmountable. Trust between banks was fragile. Most collaboration happened at events, working groups or through personal networks (or not at all).

Today, that’s shifting fast. Regulators are mandating cross-institution intelligence sharing in 2027. Networks like Salv Bridge, which has now been live for four years, are proving that nationwide and cross-border intelligence sharing can be done. What began as a niche technical challenge that was often debated will become a central pillar of financial crime strategy.

To see how far we’ve come, Criminologist Dr Nicola Harding sat down with Salv CEO Taavi Tamkivi to explore how a maths nerd ended up building financial crime collaboration infrastructure for Europe and beyond.

This article shares the core takeaways from that conversation, which you can watch or listen to in full here as part of Follow the Money, Salv’s interview series with fincrime builders and industry leaders. Let’s get into it.

What €10 losses at Skype revealed about systemic weaknesses in fraud detection

In 2005, Skype was a unicorn on the rise. When it launched paid services, the company became a prime target and credit card fraud surged. Taavi recalled that “The money lost to the fraud was enough that they could rent a Boeing 767 and constantly drive around the world.”

Taavi moved away from maths and machine learning studies to join Skype’s new anti-fraud team as a Data Analyst, helping to tackle fraud losses where each incident was small but massively scalable.

“Fraudsters back then were already able to automate their processes,” he said. With tens of millions of transactions a day and typical fraud amounts around €10, the scale was daunting. “It was a huge data problem,” he said. “The loss of each single fraud case was super small, but together, massive.”

The moment internal data stopped being sufficient

A turning point came when Taavi encountered Ethoca, a platform enabling early-stage intelligence sharing for chargebacks. “Official chargeback submission and processing took three, four months actually,” he explained. “But as soon as the information was submitted by the victim to the bank, Ethoca was engaged… and it was possible to learn from these fraud patterns really quickly.”

This rapid, high-suspicion signal helped sharpen models and served as an early lesson in the importance of intelligence moving between institutions, not just within them.

When cold-calling banks exposed a systemic flaw

Taavi joined Wise (then TransferWise) as employee #40, where he saw APP fraud for the first time, long before the name was invented. One case involved Swedish retirees unknowingly sending funds to a fake furniture seller, with the money quickly routed overseas.

“There was no legal way to compensate these people,” he said. “And we weren’t able to detect those cases too well.”

Worse, there was no way to warn the receiving banks. A colleague coined the idea of a ‘Poolside Margarita’, which Taavi explained:

“If we can build trust and connections between fraud people in banks to transfer this kind of critical information… then we can all sit back and relax and actually all the fraud is gone.”

The information they needed to share was extremely sensitive: details of suspicious transactions, account identifiers, and fraud signals that could allow another bank to intervene quickly. But there was no structured channel to exchange it.

Unfortunately, this vision wasn’t yet shared by fellow crimefighters in other banks. When the Wise team reached out to spread the word about a fraudulent case, the response was one of confusion.

“They were trying to call to warn them about stolen money that had landed in their accounts,” Taavi said. “And the reaction was to physically drop the call.”

How financial crime collaboration infrastructure is actually built

After years of building internal systems at Skype and Wise, Taavi left to solve the problem he saw everywhere: financial institutions trying to fight financial crime in isolation. “I have a bit of knowledge about how to fight financial crime,” he said. “How can I help other companies, other financial institutions not to overspend their internal resource on these things, which are not their core focus?”

Salv would become the catalyst for a much bigger ambition: to bring the idea of financial crime collaboration to life as operational infrastructure. Initially, the company focused on AML tools like screening, monitoring and risk scoring. But a breakthrough came in Estonia, where Salv is headquartered, back in 2020. With leading, local institutions, Salv was involved in a series of structured pilots, grounded in three parallel workstreams:

• Technical: Designing secure, compliant ways to exchange intelligence
• Legal: Drafting frameworks alongside banks, the FIU, and the Data Protection Inspectorate
• Use cases: Mapping the most valuable information flows across fraud and AML

“We spent about three months trying to figure out everything,” Taavi said. “We had 15 different use cases and 15 different user stories around data sharing.”

The UK played a parallel role in shaping the model. At the same time Salv was collaborating with Baltic banks and also Mastercard’s Lighthouse Programme, the FCA in London organised a hackathon that brought banks, lawyers, and technologists together to prototype intelligence sharing systems. These early signals made it clear the need and appetite was real.

From the outset, governance, trust-building, and community participation were treated as essential. “It’s not only about product and tech,” Taavi said. “It’s about people who need to trust each other.”

As Dr Harding added: “There are way more key stakeholders than you might think at the beginning. It’s not just financial institutions. It’s governments, regulators, and the public too.”

The Estonian pilot became Salv Bridge, a live intelligence-sharing platform that launched in 2021, acting as critical infrastructure for tier 1 institutions in Estonia and Latvia, with many more institutions connected for specific use cases across Europe and the UK.

What does it take to turn cross-bank intelligence sharing from a promising idea into national infrastructure?

Even with pilots underway, collaboration remained fragile. “Some large banks… they’re even shy to share these learnings with others,” Taavi said. “They’re afraid that they sound immature or give the impression they don’t know what they’re doing.”

These were the very institutions engaged in Bridge pilots. Legal and technical frameworks were in place—but trust was still a hurdle.

Dr Harding pointed to a broader challenge: “Bad intelligence or immature tooling… it just hasn’t come from experience. It can really be quite damaging in that battle against fraudsters and financial institutions.”

The three pillars of effective crime-fighting systems

As Salv evolved, Taavi articulated a model for resilient collaboration. “If I’m thinking in the structural ways,” he said, “it’s three components.”

Reliable data: “It has to be fresh. It has to be accessible. It has to be unobfuscated.”

Decision engines: “Learning from your own mistakes and successes, learning from others, training your models.”

Real-time actions: “Suspending payments, suspending accounts, submitting extra questions to customers… or asking peers to take some actions if the money is already gone.”

Without these pillars in place, collaboration breaks down. Signals stay siloed. False positives flood review queues. And criminals move faster than the system designed to catch them.

What PSR Article 83 and AMLR Article 75 change

New regulation is reshaping the rules. “The Payment Services Regulation says that financial institutions and payment service providers shall connect to their domestic and international networks,” Taavi said. “And by law, this ‘shall’ as I just learned means must.”

The same is true of AMLR Article 75, which formalises pan-European obligations to exchange intelligence.

“Now it falls into the same basket with ‘I shall do KYC’ and ‘I shall do AML monitoring’… I shall connect with network providers,” Taavi said.

These obligations will sit alongside foundational requirements. In a couple of years time, it will no longer be enough to tell regulators that you share intelligence. They will want to know how you do it.

From tools to infrastructure

Regtech is evolving fast. “We’re becoming more and more like an infrastructure provider,” Taavi explained. He drew a comparison to telecoms and payments: “The GSM network… SWIFT… SEPA. Someone is running and hosting all of that.”

He positioned Salv in similar terms: “We are clearly taking a role right now to be this GSM network for the fincrime teams across Europe.”

Salv Bridge is the result—where Poolside Margarita becomes real-world infrastructure.

Closing the structural gap with criminals

While financial institutions scale cautiously, criminals move quickly. “Still criminals are ahead of the crime fighters,” Taavi said. “And my job is to reduce the gap or get closer to the criminals. It’s not vice versa.”

Nicola agreed, noting that “criminals need infrastructure to communicate too.” But unlike regulated institutions, they build and adopt it fast. “The key thing is we need that reliable, trustworthy infrastructure on our side,” she said.

That’s what Salv is aiming to provide: shared resilience through a common infrastructure.

---

FAQs

What is financial crime collaboration infrastructure?

Financial crime collaboration infrastructure enables regulated institutions to securely exchange intelligence about fraud, scams, and suspicious activity in near real time. It includes the technical systems, legal frameworks, and community governance needed to share sensitive data across institutions. Salv Bridge is an example of this infrastructure, live in multiple countries and designed to support high-signal intelligence flows between banks and fintechs.

How do banks share intelligence to fight fraud?

Banks can share intelligence through structured data exchange platforms that are secure, auditable, and compliant. These platforms allow institutions to submit and receive alerts about fraud cases, suspicious entities, or sanctions hits. Trust and governance are key: collaboration often starts with pilots, use case mapping, and legal agreements before going live at national scale.

What does PSR Article 83 require from financial institutions?

Under the proposed EU Payment Services Regulation (PSR), Article 83 states that financial institutions and payment service providers shall connect to domestic and international networks for financial crime intelligence sharing. This “shall” indicates a mandatory obligation, positioning intelligence exchange as a regulatory requirement rather than a nice-to-have.

What is AMLR Article 75 and how does it affect AML teams?

Article 75 of the EU Anti-Money Laundering Regulation (AMLR) formalises requirements for intelligence exchange between regulated entities. It calls for the use of trusted networks and infrastructure to share risk-relevant information—such as suspicious patterns, transaction context, and customer indicators—across institutional boundaries, helping AML teams collaborate at ecosystem level.

Why is fraud collaboration becoming mandatory in Europe?

Fraudsters already operate across borders and institutions using automated, scalable tactics. For years, financial institutions lacked secure ways to coordinate, often relying on personal networks or cold calls. New regulation like PSR and AMLR shifts this from optional to mandatory, requiring structured, secure intelligence sharing to protect consumers and reduce systemic risk.

What are the pillars of effective financial crime systems?

According to Salv’s operational model, effective financial crime systems rest on three interdependent pillars:

• Reliable data — fresh, accessible, and unobfuscated
• Decision engines — based on human or machine intelligence, using internal and shared learnings
• Real-time actions — including suspending payments, flagging accounts, or coordinating with peers when money has already moved

Together, these allow crime-fighting teams to act quickly and reduce the structural gap between them and the criminals they pursue.