About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Regulatory Data Use Cases for Privacy-Enhancing Technology

Subscribe to our newsletter

Privacy-enhancing technology (PET) is emerging as a new way for financial services firms to share and compare confidential data without compromising competitiveness or data privacy compliance. Several new use cases are emerging.

Improving MiFID II reference data

For example, a new industry initiative that uses advanced information security techniques looks set to enable European and US financial services firms to improve the quality of their reference data by sharing and comparing this data – without any of them actually having access to their competitors’ client records.

Under the Markets in Financial Instruments Directive II (MiFID II), firms have to report trade data to regulators, including dozens of reference data fields. It’s become clear that the reference data that firms hold on their clients is of varying quality, creating issues for both the firms and their regulators. This data quality problem could be solved if firms could compare the reference data they each hold for their clients, and better understand which data fields might be incorrect. However, no firm wants to share its client lists with its keenest competitors, and the new data privacy rules that are emerging also complicate data sharing considerably.

Some banks have turned to PET, through a company called Secretarium, which describes itself as an integrity and confidentiality crypto-platform. “All of these banks are actually pulling together their clients’ data in a fully encrypted way to this application,” says Bertrand Foing, a director at Secretarium. “The application is processing, and giving back, also in an encrypted way, to each participant, the quality measurements of their reference data.”

He continues: “Imagine you’ve got one client and you are trying to benchmark the quality of a reference data field that you have on this client. So, imagine there are 10 banks – all of them are sending in this reference data field for this particular client. Out of these 10 values that we have, we can see that eight banks have actually the same value, and two other banks have different values. So, we tell the eight banks that have shown the same value, ‘Well, there are seven banks that currently agree with you on this value, so you certainly have the correct value, but there are two banks that actually have something different, so either they are wrong or you are wrong. We can’t say because we don’t know which value is good, but just to let you know that two people have different values.” With this information, firms can decide whether they need to reconfirm key pieces of reference data to improve overall data quality.

To accomplish this, Secretarium has created a distributed, confidential computing platform, which uses a group of secured hardware computers, within which all of the data and activity is encrypted. The highly encrypted nature of the processing ensures that no one – not even Secretarium – has access to the data being analysed. The multiple computers ensure that the processing is robust – for example, for business continuity purposes.

Secretarium is part of Société Générale’s Greenhouse incubator programme, which is London-based. Cedric Wahl, co-founder of Secretarium, is currently head of IT tactical teams within structured credit derivatives at the bank. The company has also been working on developing solutions for the financial services industry using blockchain since 2014, and is supported by Swisscom Blockchain with engineers, business developers and infrastructure.

The partnership includes a comprehensive joint go-to-market agreement, as well as a mutual approach to engage with large institutions. Foing notes that using blockchain as a solution for data-sharing use cases is difficult because the technology does not allow for the levels of privacy that PET technologies can deliver.

Monitoring data for financial crime

The MiFID II reference data use case is just one of many, says Mark Davies, a partner at Element 22, a consulting firm that is working with Secretarium on the reference data project. He says there are also several financial crime use cases for PET, which the UK’s Financial Conduct Authority (FCA) explored in a July 2019 TechSprint. To fight financial crime, firms need to be able to share and compare data about their clients with each other without compromising data privacy laws or undermining competitiveness.

For example, the first place winner in the TechSprint was a project named Citadel. The team was composed of Westpac, Citi Bank, Bureau van Dijk, Companies House, Data Robot, Oracle, Privitar, FCA Advanced Analytics and FinTech Sandpit. The solution, which uses privacy enhancing technologies and machine learning, would enable firms to manage new obligations under the EU’s Fifth Money Laundering Directive by ‘aggregating validation of ultimate beneficial ownership accuracy using a network of regulated entities’. The concept is much the same as the MiFID II reference data use case discussed above.

The programme that won second prize was Neighbourhood Watch, created by Enveil, EY, BAE Systems, Refinitiv, HSBC, Barclays and ING. It is a solution that allows queries to be made among banks, using homomorphic encryption, about higher risk customers to identify discrepancies in customer due diligence.

“Pursuing ideas such as these is crucial, because we know that the exchanging of information needs to be conducted on a global scale,” said Megan Butler, executive director of supervision – investment, wholesale and specialists at the FCA, in a late October speech.

The FCA has said that it expects to publish a paper in the first quarter of 2020 updating the industry on the progress made in developing proof-of-concepts since the TechSprint. “If money laundering is happening across bank accounts across different banks, each institution is one part of puzzle,” Davies says. “If banks can provide information securely then together you start to get insights that you couldn’t get just looking at one organisation.” He adds: “PET can help to bridge the gap without making any one organisation disclose more than they feel comfortable with.”

He concludes: “We are seeing firms that are very keen to collaborate because PET is bringing a unique capability to put in valuable data, while ensuring that info is still secure, and derive insights they wouldn’t be able to get while operating on their own.”

Subscribe to our newsletter

Related content


Recorded Webinar: New solutions to the old problems of compliance with communications surveillance regulation

Communications surveillance is an integral element of trading at financial institutions, and its functions are clearly set out in jurisdictional regulations – to capture, record and retain all communications. Essentially, all business related communications must be recorded whatever the underlying mechanism – be it a work phone, personal mobile phone, text, video and so on...


Predictions 2023: A Year of Evolution and Adaptation

By Ludovic Blanquet, Chief Strategy & Transformation Officer, Xceptor. As the curtains begin to draw on 2022, financial institutions are anxiously navigating the challenges imposed by war in Ukraine, rampant inflation, and looming recessions. If it was hoped the diminishing threat of Covid would offer some respite, that hope was short-lived. However, advancements were made...


RegTech Summit New York

Now in its 6th year, the RegTech Summit in New York will bring together the regtech ecosystem to explore how the North American capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.


Regulatory Data Handbook 2022/2023 – Tenth Edition

Welcome to the tenth edition of A-Team Group’s Regulatory Data Handbook, a publication that has tracked new regulations, amendments, implementation and data management requirements as regulatory change has impacted global capital markets participants over the past 10 years. This edition of the handbook includes new regulations and highlights some of the major regulatory interventions challenging...