Taavi Tamkivi, Founder and CEO of Salv: “Collaboration between financial institutions, or rather lack of it, has traditionally been a challenge”

If you ever wanted to hear a down-to-Earth explanation of how cyber attackers target banks, and end users, this interview is it. Not only does Taavi Tamkivi, the Founder and CEO of Salv, explain the modes of attack but what can be done about it.

“In the past, [cyber] crime fighters have often sat in silos and financial institutions have not really worked together, like criminals do,” he says. But that’s now changing, with one fraud victim having 50,000 euros returned to him “because the banks using our platform were able to share data and alert each other of the issue”.

Or let’s talk AI. “[A] fraudster could send a message which sounds like the voice of your child saying they are in trouble and need you to send them money,” Taavi explains. So how do banks fight this? You’ll have to read to the end to find out…

Naturally, Taavi’s company, Salv, has a potential role to play. He set it up in 2018 based on a decade of experience developing compliance, AML and fraud solutions at Wise and Skype. He contributed significantly to their evolution from local startups to global unicorns.

Our huge thanks to Taavi for taking the time to answer our questions in such depth.

Recommended reading: Fintech 2024 shows green shoots with backing from Alphabet and Uber

Please introduce yourself and explain how you ended up working in fintech.

I’m Taavi Tamkivi and I’m the Co-Founder and CEO of Salv. My story started at university where I studied mathematics and statistics and ended up being a PhD drop-out from my machine learning studies.

Somewhere in the middle of my research, I was asked to join Skype, which went on to become the first European unicorn serving a third of international calls. Back in the middle of the 2000s, Skype had a problem with e-commerce and credit card fraud. I was brought in as a data scientist, or back then it was just called data analyst.

I really enjoyed working with huge datasets of customer profiles, their payments and calls, to find crime patterns and to find out which transactions might be fraudulent, which of the customer accounts might be taken over and which of the messages might be scams. So I was analysing large datasets and building models, and there I learnt how to fight crime and how to stop fraud in real-time and at high volumes.

After Skype I joined Transferwise (now just Wise) to take the lead and build the compliance operations and products, and to be responsible for regulatory compliance and AML. I was also covering fraud, but my job was to make sure we met regulatory expectations in the tens of countries across the world we operated in.

So after leaving there, I had a lot of experience using data to stop financial crime and also experience from the compliance and AML world that provided a good basis to build up my own company to help financial institutions beat financial crime using big data and intelligence sharing.

Tell us about Salv and how it differs from similar companies in the financial crime space.

We’re a mission-driven company – we came together to beat financial crime. At the same time, we keep in mind that it’s not enough for the financial sector to be successful at beating financial crime. Financial institutions also need to be compliant with the regulatory expectations. So we’re building SaaS products which help financial institutions focus on criminal activity while maintaining compliance and keeping their customers happy through faster-automated fraud checks and a lower cost of service.

We’re also championing collaborative crime fighting through data and intelligence sharing across financial institutions, and domestic and international networks of private and public institutions. In the past, crime fighters have often sat in silos and financial institutions have not really worked together, like criminals do. That’s a huge challenge that puts crime fighters at a disadvantage. More people are now recognising the need for more collaboration, but more importantly, their need for technical and legal readiness and that’s why we’re focusing our products on the collaboration aspect of fighting financial crime.

To give an example, our platform was able to help return 50,000 euros to a victim of an authorised push-payment scam because the banks using our platform were able to share data and alert each other of the issue.

Related reading: The biggest challenges for Fintech in Africa in 2024

What are some of the biggest regulatory challenges affecting the financial crime space?

Regulations are getting harder and harder and tighter and tighter due to the pace of innovation, the ever-changing tactics of criminals and the expectations of publicity. The intention of the regulation is good because it should save us from crime, help prevent money laundering and enable us to implement sanctions against the criminals.

But the volume of regulation around the world — the pages and pages of documents — is growing almost exponentially, which means regulated financial institutions need to invest more into understanding what’s expected of them. It’s getting more and more complex.

I’ve had discussions with people from banks who are saying that 80% of their technology investment goes into being compliant and only 20% goes into new financial products that they want to build for their customers.

In what ways is artificial intelligence impacting the fintech sector?

Using AI to help stop financial crime is exciting but at the same time, AI is also really worrying because it can be used by criminals as well. With authorised push-payment fraud, the quality of scam messages and videos is getting much, much better.

For instance, a fraudster could send a message which sounds like the voice of your child saying they are in trouble and need you to send them money. Financial institutions are really worried about this because they know there is already a standard call centre-based fraud like this happening, which is working effectively, so the situation can only get worse.

While criminals are exploiting AI, regulators in Europe have made it difficult for financial institutions to use such technologies to fight back. In the AML space, for example, the use of AI for crime detection has been held back because regulators and auditors want to see why a specific transaction was flagged as suspicious and what the human logic was behind the algorithm.

It was hard to achieve years ago when AI technology was often a “black box” where the logic behind certain decisions made by end users wasn’t explainable in human language. But now with large language models that might begin to change as AI can explain in human language why a decision is made, so that is more encouraging, but things have been held back by hard regulations.

Recommended reading: Top ten breakthrough fintech companies

How has the role of the finance department changed with the advent of fintech?

It depends on what area you are looking at. When it comes to compliance, financial institutions still have to rely largely on manual processes rather than technology for audit reasons.

For instance, they spend about 20% of their whole company’s cost base on AML compliance. But within that compliance spend, three quarters is still going on people and just a quarter is going on technology. You might expect that in today’s world with fintech it should be the opposite but financial institutions quite often can’t build up more efficient processes because auditors expect them to rigidly follow the AML laws as they are written down.

When Salv builds products we think about three dimensions — regulator expectations, end-user expectations and how to stop crime. How criminals behave and how to stop them is quite separate from the regulator’s expectations. But we need to cover all of them in our business and I always recommend financial institutions to focus on this three-dimensional approach.

What are some of the biggest challenges the fintech sector is experiencing as a whole?

Collaboration between financial institutions, or rather lack of it, has traditionally been a challenge. Often when there are revolutionary companies coming out, legacy providers either don’t notice these newcomers or they are not bothered by them.

The legacy institutions think banking is so complex, that there’s no chance that some random guys from Eastern Europe will come in and disrupt them. But then the next stage is they see that these newcomers can actually do something in a really scalable way, so they start to become afraid and they start attacking or trying to take them down.

The next stage is acceptance.

Then the final stage is collaboration, and that’s what we are starting to see more of now. That’s why we’re building up a collaborative crime-fighting network with large banks and fintechs to work together to fight against financial crime — that is a big challenge the financial sector as a whole is experiencing, and collaboration can help solve it.

More interviews worth a read

• James McQuiggan, Security Awareness Advocate at KnowBe4: “Ironically, attack methods have remained unchanged over the past twenty years”
• Solace Kidisil, Group COO of Nsano: “The difference between traditional finance and fintech is the questions we ask”
• Michael Bayer, CFO, Wasabi Technologies: “We need to invest now in the jobs and infrastructure of the future”