A decade ago, the notion of regulated institutions sharing financial crime intelligence in real time felt far-fetched.
According to Salv, legal risks seemed impossible to navigate, trust between banks was thin, and most collaboration happened sporadically at industry events or through personal networks — if at all.
That landscape is changing rapidly. Regulators are set to mandate cross-institution intelligence sharing by 2027, and networks like Salv Bridge — now live for four years — are demonstrating that nationwide and cross-border intelligence sharing is not only possible but scalable. What was once a niche technical debate is fast becoming a central pillar of financial crime strategy.
To understand how far the industry has come, criminologist Dr Nicola Harding sat down with Salv CEO Taavi Tamkivi to explore how a mathematician ended up building financial crime collaboration infrastructure for Europe and beyond.
In 2005, Skype was a fast-rising unicorn. When it launched paid services, the company became an attractive target, and credit card fraud surged. Tamkivi recalled that “The money lost to the fraud was enough that they could rent a Boeing 767 and constantly drive around the world.”
Tamkivi pivoted from his studies in maths and machine learning to join Skype’s new anti-fraud team as a data analyst. The challenge was unlike anything traditional fraud prevention had tackled — each incident was small, but the scale was enormous.
“Fraudsters back then were already able to automate their processes,” he said. With tens of millions of daily transactions and typical fraud amounts hovering around €10, the sheer volume was overwhelming. “It was a huge data problem,” he said. “The loss of each single fraud case was super small, but together, massive.”
A pivotal shift came when Tamkivi encountered Ethoca, a platform enabling early-stage intelligence sharing around chargebacks. “Official chargeback submission and processing took three, four months actually,” he explained. “But as soon as the information was submitted by the victim to the bank, Ethoca was engaged… and it was possible to learn from these fraud patterns really quickly.”
That rapid signal helped sharpen detection models and planted a crucial lesson: intelligence needed to move between institutions, not merely within them.
Tamkivi later joined Wise (then TransferWise) as employee number 40, where he encountered authorised push payment (APP) fraud long before the term existed. One case involved Swedish retirees unwittingly sending money to a fraudulent furniture seller, with the funds quickly routed abroad.
“There was no legal way to compensate these people,” he said. “And we weren’t able to detect those cases too well.”
Compounding the problem, there was no mechanism to alert receiving banks. A colleague imagined what Tamkivi described as a ‘Poolside Margarita’ scenario: “If we can build trust and connections between fraud people in banks to transfer this kind of critical information… then we can all sit back and relax and actually all the fraud is gone.”
The information required to make that vision real — suspicious transaction details, account identifiers, fraud signals — was highly sensitive. No structured channel existed to share it safely. When the Wise team tried to alert a bank about stolen funds that had landed in one of its accounts, the response was striking. “They were trying to call to warn them about stolen money that had landed in their accounts,” Tamkivi said. “And the reaction was to physically drop the call.”
After years developing internal systems at Skype and Wise, Tamkivi set out to solve a problem he had seen everywhere: financial institutions fighting financial crime alone. “I have a bit of knowledge about how to fight financial crime,” he said. “How can I help other companies, other financial institutions not to overspend their internal resource on these things, which are not their core focus?”
Salv was founded to turn the concept of financial crime collaboration into operational infrastructure. Initially focused on AML tools such as screening, monitoring and risk scoring, the company reached a breakthrough in Estonia in 2020.
Working alongside leading local institutions, Salv ran structured pilots built around three parallel workstreams: technical design for secure, compliant intelligence exchange; legal frameworks developed jointly with banks, the Financial Intelligence Unit (FIU), and the Data Protection Inspectorate; and use-case mapping to identify the most valuable data flows across fraud and AML.
“We spent about three months trying to figure out everything,” Tamkivi said. “We had 15 different use cases and 15 different user stories around data sharing.”
The UK contributed a parallel thread. While Salv was collaborating with Baltic banks and Mastercard’s Lighthouse Programme, the Financial Conduct Authority (FCA) in London organised a hackathon bringing together banks, lawyers and technologists to prototype intelligence-sharing systems. Early signals made clear that both the need and appetite were genuine.
From the start, governance and community trust were treated as non-negotiable. “It’s not only about product and tech,” Tamkivi said. “It’s about people who need to trust each other.” Dr Harding reinforced the point: “There are way more key stakeholders than you might think at the beginning. It’s not just financial institutions. It’s governments, regulators, and the public too.”
That Estonian pilot became Salv Bridge — a live intelligence-sharing platform launched in 2021, which now serves as critical infrastructure for tier-one institutions in Estonia and Latvia, with further institutions connected for specific use cases across Europe and the UK.
Even with pilots underway, collaboration remained fragile. “Some large banks… they’re even shy to share these learnings with others,” Tamkivi said. “They’re afraid that they sound immature or give the impression they don’t know what they’re doing.” Legal and technical frameworks were in place, yet trust remained a stumbling block.
Dr Harding highlighted a broader risk: “Bad intelligence or immature tooling… it just hasn’t come from experience. It can really be quite damaging in that battle against fraudsters and financial institutions.”
As Salv matured, Tamkivi crystallised a model for resilient collaboration built on three components.
First, reliable data: “It has to be fresh. It has to be accessible. It has to be unobfuscated.” Second, decision engines: “Learning from your own mistakes and successes, learning from others, training your models.” Third, real-time actions: “Suspending payments, suspending accounts, submitting extra questions to customers… or asking peers to take some actions if the money is already gone.”
Without these pillars, collaboration breaks down — signals stay siloed, false positives flood review queues, and criminals move faster than the systems designed to catch them.
New regulation is reshaping the compliance landscape. “The Payment Services Regulation says that financial institutions and payment service providers shall connect to their domestic and international networks,” Tamkivi said. “And by law, this ‘shall’ as I just learned means must.”
The same obligation is embedded in AMLR Article 75, which formalises pan-European requirements to exchange intelligence. “Now it falls into the same basket with ‘I shall do KYC’ and ‘I shall do AML monitoring’… I shall connect with network providers,” Tamkivi said. Within a few years, it will no longer be sufficient for firms to tell regulators they share intelligence — they will need to demonstrate how.
RegTech is evolving at pace. “We’re becoming more and more like an infrastructure provider,” Tamkivi explained, drawing comparisons to telecoms and payments networks. “The GSM network… SWIFT… SEPA. Someone is running and hosting all of that.” He positioned Salv in similar terms: “We are clearly taking a role right now to be this GSM network for the fincrime teams across Europe.”
Financial institutions scale cautiously; criminals do not. “Still criminals are ahead of the crime fighters,” Tamkivi said. “And my job is to reduce the gap or get closer to the criminals. It’s not vice versa.”
Dr Harding agreed, noting that criminals also rely on infrastructure to communicate and coordinate — but unlike regulated institutions, they build and adopt it quickly. “The key thing is we need that reliable, trustworthy infrastructure on our side,” she said.
Salv Bridge represents the most concrete answer yet to that challenge — the moment where the ‘Poolside Margarita’ vision becomes real-world infrastructure.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
