Estonian rude awakening spurs tech startup activity

Banks in Estonia are evaluating anti-money laundering (AML) software from a local startup after the Baltic state made global headlines when Danske Bank was found to have transferred more than €200bn of suspicious money through its tiny branch in Tallinn.

Danske Bank’s transaction-focused AML-detection apparatus proved sluggish in identifying account, money transfer divergence issues and anomalies at the branch in Estonia’s capital.

The situation has created fertile ground for new technology companies in Estonia, where startups are betting on society’s increasing focus on topics such as identity verification, fraud detection and anti-money laundering (AML).

Taavi Tamkivi, founder of AML technology firm Salv, is on a mission “to beat financial crime”.

In October 2020, Salv brought together the four largest banks in the country to pilot its platform, which enables information exchange between the banks about suspicious customers and transactions within the limitations of bank secrecy and the European Union’s General Data Protection Regulation (GDPR). So far, laws have prevented this in most countries.

“It’s quite incredible that we managed to get the whole gang around the same table – not to resolve the previous problems or deal with the consequences, but to put our heads together to figure out what we can do to improve the situation. This is a signal from Estonia to the wider audience that we’re not only suffering, but actually, we’re leading,” Tamkivi said.

The biggest banks in Estonia – Swedbank, SEB, LHV and Luminor – are validating the technology, legal constraints and business value.

“This is a signal from Estonia to the wider audience that we’re not only suffering, but we’re leading”

The cost of doing nothing can be high, with banks potentially facing heavy fines for failing to prevent such activity. For example, in March this year, regulators in Sweden and Estonia imposed fines totalling €347m on Swedbank for breaching money laundering laws.

In the Netherlands, ING was fined €775m in 2018 after the regulator said the bank had failed to prevent the laundering of hundreds of millions of euros between 2010 and 2016.

Tamkivi, who was fighting fraud at Skype and led the compliance team at Transferwise before launching Salv, said he started to work on the problem months before the situation made headlines, not knowing its magnitude.

Tamkivi described the situation which first led him to analyse the data within the financial sector. “Salv was born simply because people in the banking sector, friends of mine, were worried about their own bank’s capability and level of crime fighting and anti-money laundering,” he said.

Salv takes data such as customer information, name, address and date of birth, and combines it with transactional information such as payments, amount of money coming in and going out, currency exchanges and movements of some assets, and organises this data inside the software, allowing the AML teams to work with the state.

While some institutions still do this manually, using Word documents and Excel spreadsheets to record the actions, several large technology providers now offer similar technology to Salv’s first product.

But in the new pilot, Salv believes it creates a new market where there are not yet any real rivals, as the limitations of bank secrecy acts and GDPR have been limiting data exchange between the banks even when talking about suspicious payments.

“Estonia is seen as an opinion leader when it comes to e-government solutions, so perhaps Estonia could also become an opinion leader in the prevention of money laundering”

“There is also a new category that is being created right now, and we are at the front line of this category,” said Tamkivi. “We’re giving the banks another layer or tool which allows them to get to the same level as the criminals.

“It’s like the brain – if you think about how the brain works, and different cells and they want to connect, connect these cells, and then this brain can react to the external signals and interpret them and put them into context,” he said.

To enable the new solution, Salv’s pilot programme cooperates with all key regulators in the sector – the Financial Supervisory Authority, Financial Intelligence Unit and Data Protection Inspectorate.

“Estonia is seen as an opinion leader when it comes to e-government solutions, so perhaps Estonia could also become an opinion leader in the prevention of money laundering. The biggest challenge isn’t so much in the technology’s capabilities, but in how to conduct the pilot in full compliance with data privacy regulations,” said Erki Kilu, CEO of LHV Bank and chairman of the Estonian Banking Association.

The Salv pilot tests a similar solution to X-road Estonia, Estonia’s centralised e-platform where, instead of storing data in a centralised location, technology instead enables data to be kept in the hands of the originator and accessed securely from there. This ensures maximum immunity against cyber attacks and robust personal data protection. AML Bridge will only allow a bank to access another bank’s intelligence if there’s a reasonable basis according to the Money Laundering and Terrorist Financing Prevention Act.