About a-team Marketing Services
The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Protecting Data Privacy in the Fight Against Financial Crime

Subscribe to our newsletter

By Ronen Cohen, VP of Strategy at Duality Technologies.

A primary goal for financial institutions is to generate revenue while understanding and mitigating risk. Tackling financial crime and compliance issues, including fraud, cybercrimes and money laundering, is critical to achieving this goal and remains among the most challenging tasks for the industry.

The perpetual problem is the fragmented nature of data across multiple silos – both internally across borders and externally between providers – making it difficult to share and interact with it in a timely manner. Fundamentally, firms need access to the appropriate data so they can derive insights and make decisions; to do so, they need to collaborate and jointly analyze it.

A typical customer will have multiple accounts with different providers as well as relationships with separate divisions within the same provider. As a result, the end user’s financial life is broken up to the point that an institution is unable to truly understand them as a customer. In fact, an institution may only see 15% to 25% of its own customers’ activity, which means it cannot effectively protect itself nor its customers from risk and fraud.

USA Patriot Act

Collaboration between firms is crucial and regulation has gone some way to encouraging this. The USA Patriot Act (specifically Section 314(b)) allows financial institutions to share information with one another so they can identify and report to the federal government activities that may involve money laundering or terrorist financing activity, including predicate offenses.

Other regulators and government organizations around the world have joined the cause. The Financial Action Task Force (FATF), Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Financial Conduct Authority (FCA), Monetary Authority of Singapore (MAS), and of course Financial Crimes Enforcement Network (FinCEN), have continued calling for more information sharing and collaboration among regulated entities to better fight financial crimes and terrorism. However, while Section 314(b) has been well-received, it remains underutilized and, therefore, still far from reaching its full potential.

Barriers to collaboration

The problem is that firms can only share appropriate data if they can preserve privacy, confidentiality, and regulatory compliance. Too much transparency would fuel competitive concerns, as revealing details of a key account, for example, could expose valuable information to the market. Firms must also respect their country’s privacy laws, which in some cases outside the US prohibits them from declaring they have a business relationship with a specific party.

Many existing approaches cannot offer privacy guarantees. In financial crime, previous efforts have included the creation of utilities and consortia but, typically, these have leant on manual approaches and the sharing of strategies rather than actual data, which only goes so far.

Other efforts have lacked automation and proven to be inefficient. Often, participants don’t share all the available data due to privacy issues and protections around that information, and the manual nature of these efforts are difficult to scale. The processes required to share data on a one-to-one basis don’t work when it comes to sharing data with an entire network.

A third approach, which is used across the industry, is implementing transaction monitoring systems. These go a long way to helping understand risk and suspicion, but the challenge with these systems is that they rely on data that the firm or jurisdiction already has, so they don’t actually address the data sharing and collaboration problem.

Blockchain and hashing

More recent approaches to tackle financial crime are based on blockchain or hashing. With blockchain, however, the problem is that its key benefit is also its downfall – transparency. Even in a closed network, any participant can see the data being shared, which compromises privacy and security, and reveals information about competitors’ customers and transactions.

As a result, firms are often reticent to join blockchain initiatives or avoid contributing their most valuable data, making the solution incomplete and ineffective. Essentially, blockchain does not adequately address these regulatory and competitive concerns, which hampers how effective these solutions can be.

Alternatively, hashing has enabled simple comparisons, but the problem is it is easy for criminals to circumnavigate these checks. In trade finance fraud, for example, a fraudster trying to hide duplicate financing can easily use different purchase order numbers or change data across documents to make them seem different and evade searches for matches or similarities. Firms need technology that is fit for purpose and able to detect the more complex tactics that criminals deploy.

Protecting data privacy

If financial institutions could have the privacy and security guarantees that ensure the protection of their data and customers, as well as regulatory compliance, they would be more open to sharing information.

A new approach in the field of financial crime and money laundering has emerged – leveraging privacy enhancing technologies (PETs). The term covers an array of technologies, including homomorphic encryption, which allows financial institutions to perform computations on encrypted data without ever decrypting it first. This means they can share and analyze sensitive data without revealing the underlying information.

Using homomorphic encryption software deployed in a ‘hub and spoke’ model is allowing firms to tackle financial crime in real-time. For example, one institution can ask others about a specific alert or case and gain insights into any potentially fraudulent activity. The data itself remains decentralized so does not move across parties. Homomorphic encryption also means the firm’s customer relationship is never revealed and any answers cannot be attributed back to a specific financial institution, thereby preserving competition.

Digitalization has clearly accelerated within the financial sector and continual innovations in this area will prove pivotal in helping firms tackle the ongoing threats. However, it is collaboration that stands to have the greatest impact – and in this data-driven world, technology is finally emerging to enable this in ways that have not previously been possible.

Subscribe to our newsletter

Related content

WEBINAR

Upcoming Webinar: Perpetual KYC: compliance as the source of better business

Date: 15 September 2022 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Perpetual KYC (pKYC) opens the door for financial institutions and corporations to improve customer onboarding & monitoring processes, reduce operational costs, ensure regulatory compliance, and better understand risk exposures in real time. Unlike traditional or periodic KYC, pKYC continually...

BLOG

Cboe Global Markets Selects Snowflake for Next Leg of Journey to Cloud

Cboe Global Markets is working with Snowflake to migrate its corporate data and analytics from on-premises systems to the cloud. The adoption of Snowflake’s data cloud continues Cboe’s journey to cloud and is expected to transform the company’s data and analytics infrastructure into a modern cloud architecture, bringing speed, scalability, and efficiency to its handling...

EVENT

RegTech Summit Virtual (Redirected)

The RegTech Summit Virtual is a global online event that brings together an exceptional guest speaker line up of RegTech practitioners, regulators, start-ups and solution providers to collaborate and discuss innovative and effective approaches for building a better regulatory environment.

GUIDE

ESG Data Handbook 2022

The ESG landscape is changing faster than anyone could have imagined even five years ago. With tens of trillions of dollars expected to have been committed to sustainable assets by the end of the decade, it’s never been more important for financial institutions of all sizes to stay abreast of changes in the ESG data...