4 min read

Financial crime intelligence sharing: the missing link that breaks the fraud chain

Jacob Story
Jacob Story
Head of Marketing

Real-time payments have transformed finance, but they have also transformed fraud. Money moves in seconds, yet responses to suspicious activity can take days. At our Joining the Dots: Breaking the Fraud Chain, we explored this imbalance — and how financial crime intelligence sharing can help teams respond in real time.

For our CEO and co-founder Taavi Tamkivi, the timing couldn’t have been more relevant. The webinar coincided with European institutions reaching an agreement on the new Payment Services Regulation, which introduces reimbursement liability for fraud victims and formalises sector-wide intelligence-sharing obligations across financial services.

The fraud chain

Taavi opened with a blunt assessment: today’s scam typologies are spreading at unprecedented speed. Criminal groups replicate successful scams across borders with almost franchise-like efficiency. Meanwhile, countries try to solve the problem independently, and each institution sees only part of the full picture.

He described the ‘fraud chain’ linking institutions. Large retail banks hold accounts for victims, who fall for scams and send payments instantly to the next link: mule accounts at domestic fintechs or smaller banks. From there, criminals push funds out of the country through remittance providers, global payment platforms or crypto exchanges. They can even cash out before the victim realises something is wrong.

Outside banking, another part of the chain accelerates losses: real-time consumer lenders. Victims often take out loans to send money to fraudsters, compounding their eventual financial harm. It’s a fast, layered, and highly adaptable structure — designed to exploit delays and blind spots between institutions.

A frontline view

Toma Bingeliene, AML Team Lead at Paysera, reinforced that with a frontline view. She said today’s dominant threat is investment fraud. People eager to grow their savings are tricked by polished platforms, convincing phone calls, and fake dashboards showing imaginary returns. They initially invest small amounts but are encouraged to send increasingly more until everything is gone.

A newer trend involves fake job opportunities spreading through social-media platforms. Users are promised payment for liking videos or other small tasks. After receiving a few euros as “proof”, they are invited into groups where so-called managers run games requiring participants to deposit money to get much larger rewards. In fact, participants are unknowingly paying each other while fraudsters skim the proceeds.

Paysera often sits “in the middle” of the fraud chain, processing transactions that either originate from victims or pass through mule accounts. Instant payments heighten the challenge: funds are credited within a minute, giving criminals immediate control. Without rapid intervention, the window to freeze funds closes almost instantly.

Why collaboration breaks down

Polling of webinar attendees showed broad agreement that institutions struggle with rising losses, limited intelligence, and the operational weight of slow, manual communication. Many still rely on WhatsApp messages, emails, phone calls or customised Swift messages to coordinate with peers. These are unpredictable, undocumented and too slow to disrupt a live fraud.

For Toma, time is the biggest barrier. “If I have a question, I need the answer now, especially if we are talking about freezing money,” she said. Days-long response times, or no response at all, make collaboration inconsistent when speed matters most.

Taavi outlined the two most effective patterns for breaking the fraud chain:

1. Real-time Request-for-Information (RFI) Exchange

A fraud detected by one institution triggers an immediate alert to the next. If the funds are still present, the receiving institution can freeze them to prevent onward movement. Instead of improvised channels, integrated APIs make the workflow instant, auditable and reliable.

2. Suspicious Entity Pooling

Institutions share encrypted identifiers, such as IBANs, wallets, devices, mule accounts. Members screen their own customers and transactions against this pool, catching high-risk activity before a payment is executed. This offers proactive prevention, instead of reactive loss mitigation.

Both approaches depend on shared standards, training and automation. With those in place, Taavi said, institutions can recover more than 50 percent of fraud proceeds.

A regulatory turning point

The fraud landscape keeps changing. Alongside the new Payment Services Regulation, the AML Regulation’s Article 75 formalises intelligence sharing across money-laundering cases. Instant payment requirements and the transition to ISO 20022 will further reshape institutional communication. Collectively, these changes will push the industry toward clearer standards, stronger governance and faster, more disciplined information exchange.

Fraud is, fundamentally, a networked problem. Criminals coordinate across platforms, borders and institutions with ease. The only viable response, the speakers argued, is for financial institutions to build networks of their own: ones defined by trust, speed and structured intelligence.

That’s where Salv Bridge comes in.

Every institution sees a different part of the puzzle; none can defeat the fraud chain alone. As the session concluded, the message was clear: breaking the fraud chain starts with joining the dots.

×
ISO/IEC 27001 logo
Aicpa logo
GDPR compliant logo
OWASP logo

We build security to our products and organisation from the start. We use security best practices (incl. ISO 27001, CIS etc.) to ensure that our security management system meets the highest standards.

Salv has an ISO/IEC 27001: 2022 certificate, as well as ISAE 3000 compliant SOC 2 Type 2 report.