On 13 July 2021, a fraud analyst in Estonia spotted a phishing pattern moving through SmartID logins. They sent a warning to a neighbouring bank, where an agent found seven matching accounts within minutes. €45,000 stayed out of criminal hands that afternoon.
That was the first message sent through Salv Bridge. Five years on, that same flow — one bank flagging a risk to another — has become routine. One mid-sized bank has averaged 60 of these messages a day, every working day, for five years.
Banks have always warned each other about risks. It just used to happen informally, as Taavi, one of Salv’s founders, put it:
“Fincrime fighters compare notes over coffee, or send a ‘you might want to take a look at this customer’ message to a former colleague. That’s suspicion passed on quickly, with good intentions. But quietly, informally, and outside policy.”
— Taavi Tamkivi, CEO and Co-founder, Salv
Every bank has its own defences. What has been missing is a fast, compliant, secure way to see what the bank next door already knew. The same customer could be flagged as a risk at one institution and look completely clean at the next.
It started with one bank asking a question
Bridge wasn’t built because banks needed more technology. It was built because a customer had a problem: “I know this information is useful to another bank you work with. But I’ve got no compliant way to share it.”
That request became a pilot, and the pilot became a network. Its first real stress test came when Russia invaded Ukraine and sanctions cases quadrupled almost overnight. The network had to prove it could hold up under real pressure, and it did.
What started with four banks in Estonia — Swedbank, SEB, Luminor and LHV — now spans banks across 16+ countries, including a dedicated cross-border cluster serving a pan-European and UK fintech group. Some markets got there the way Estonia did, banks organising themselves directly. Others got there through a bank association acting as the connecting body. Both routes ended up in the same place.
What five years of sharing fraud and AML data tells us
Across those 16+ countries, banks have collaborated on 75,000+ joint investigations spanning fraud, sanctions and AML, and run 200,000+ joint screening queries. Fraud cases shared through Bridge carry an 84% true-positive rate. The median response time from one bank to another sits at 17 minutes. Roughly 80% of cases see at least partial fund recovery.
This isn’t a pilot anymore. It’s a live network that fincrime teams have been routing real cases through, daily, for half a decade.
There’s a piece of timing worth noting too. In 2022, Salv’s first Bridge whitepaper predicted EU-wide rules mandating this kind of cross-bank data sharing “as early as 2024.” The estimate was a little optimistic on timing, not direction: AMLR Article 75 brings mandatory AML information-sharing from July 2027, and PSR Article 83a is expected to bring the equivalent for fraud from early 2028, once the final transitional arrangements are confirmed. Later than the original guess, but the same bet.
Five years isn’t the finish line
We’re still here, still evolving, still adding new banks and consortia to the network. Every institution in Europe will eventually face the question Estonia’s banks faced in 2021. The difference is they can follow a path — there are five years of learnings and results to look at first.
As Siiri Grabbi, Sanctions and CTF Officer at Coop Pank in Estonia, said:
“Bridge proves that collaboration works.
It helps us respond faster, protect more customers and, most importantly, build trust between people who once worked in isolation. Every message shared strengthens that trust. Every quick response shows why it matters. When people know the person on the other side, cooperation becomes instinctive. The best operation is cooperation!
— Siiri Grabbi, Sanctions and CTF Officer, Coop Pank
Five years ago, this journey started with one bank asking a question. We’d like to think the next five look much the same, but with more banks and many more cases solved.