Real-time payments have reshaped financial services, enabling money to move across accounts and borders in seconds. That same speed, however, has fundamentally altered the dynamics of fraud.
While transactions settle almost instantly, responses to suspicious activity can still take days, creating a dangerous mismatch that criminals are quick to exploit, claims Salv.
This imbalance was the focus of Joining the Dots: Breaking the Fraud Chain, a discussion examining how financial crime intelligence sharing could help institutions respond at the pace fraud now demands.
For Salv CEO and co-founder Taavi Tamkivi, the timing of the conversation was particularly significant. The session coincided with European institutions reaching agreement on the new Payment Services Regulation, which introduces mandatory reimbursement for fraud victims and formally establishes sector-wide intelligence-sharing obligations across financial services. The regulatory shift signals a clear expectation that institutions must collaborate more closely when tackling financial crime.
Tamkivi described today’s fraud ecosystem as a highly efficient and increasingly globalised operation. Scam typologies spread rapidly, with criminal groups replicating successful tactics across jurisdictions with near franchise-like precision. Yet financial institutions often remain siloed, each seeing only a fragment of the wider picture. This fragmentation allows fraud to move seamlessly from one institution to the next, exploiting gaps in visibility and response times.
At the centre of this system is what Tamkivi referred to as the fraud chain. Large retail banks typically hold accounts for victims, who are deceived into sending instant payments. Those funds often land in mule accounts at domestic FinTechs or smaller banks before being pushed offshore through remittance providers, global payment platforms or crypto exchanges. In many cases, criminals can cash out long before victims realise anything is wrong. Outside traditional banking, real-time consumer lenders further accelerate losses, as victims take out loans to fund payments to fraudsters, compounding their financial harm.
That reality was echoed by Paysera AML Team Lead Toma Bingeliene, who shared a frontline perspective on the threats institutions now face. She explained that investment fraud remains the dominant risk, driven by highly polished fake platforms, convincing phone calls and dashboards displaying imaginary returns. Victims often start with small investments, only to be persuaded to send increasingly large sums until their funds are completely drained.
Bingeliene also highlighted the rise of fake job schemes proliferating on social media. Victims are promised easy money for simple tasks such as liking videos and are paid small amounts to build trust. They are then drawn into group activities where they must deposit funds to unlock higher rewards, unaware that they are effectively paying each other while fraudsters skim the proceeds. Sitting “in the middle” of the fraud chain, Paysera frequently processes transactions linked to both victims and mule accounts, with instant payments leaving almost no margin for error.
Operational friction remains a major obstacle to effective collaboration. Polling during the session showed widespread frustration with slow, manual communication methods such as emails, phone calls, WhatsApp messages and customised Swift requests. These channels are inconsistent, poorly documented and ill-suited to stopping live fraud. As Bingeliene put it, “If I have a question, I need the answer now, especially if we are talking about freezing money.”
Tamkivi argued that breaking the fraud chain depends on two core approaches. The first is real-time request-for-information exchange, where a fraud alert at one institution immediately notifies the next, enabling funds to be frozen before they move on. The second is suspicious entity pooling, allowing institutions to share encrypted identifiers such as IBANs, wallets and mule accounts so that high-risk activity can be detected before a payment is executed. With shared standards, training and automation, he said, institutions can recover more than 50% of fraud proceeds.
Regulatory momentum is reinforcing this shift. Alongside the Payment Services Regulation, the AML Regulation’s Article 75 formalises intelligence sharing in money-laundering cases, while instant payment requirements and ISO 20022 adoption will further reshape how institutions communicate. As fraud becomes ever more networked, the industry’s response must do the same, built on speed, trust and structured intelligence.
Copyright © 2025 RegTech Analyst
Copyright © 2018 RegTech Analyst
