The French regulator, ACPR Banque de France, organized a TechSprint to promote the use of Privacy Enhancing Technologies (PETs) to improve Anti-Money Laundering and Combat the Financing of Terrorism (AML/CFT). PETs enable Financial Institutions to pool their data while respecting privacy and data protection regulations like the GDPR. The TechSprint goal was to demonstrate that the pooled data yields models with better predictive power to combat financial crime and reduce false positives to mitigate manual review processes.
In its Call for Applications, the ACPR published a list of requirements for the privacy-preserving data science workflow including the ability to: pool distributed secret data, privately join using fuzzy matching, train machine learning models on combined datasets and run inferences while also supporting more traditional rule-based models. Participants were also asked to provide performance measurements, security proofs and the assumed threat model of their solutions.
Of the 10 TechSprint participants, several also showcased a live demo of their solution, including Inpher. Two scenarios were demonstrated using the commercially available XOR Platform.
The first scenario involves two banks that securely pool their data to jointly compute a better fraud detection model. First, XOR was used to privately join each banks’ transactions without sharing or exposing the underlying sensitive data. Then a logistic regression model was trained on the pooled data including predictive features from each bank to run secure predictions using the trained model as well as other rule based methods. The performance metrics demonstrated that this is a viable real-world solution with the ability to train 176,000 records with 7 features in 79 seconds and run sub-second predictions. These capabilities can be evaluated for fraud detection and other use cases with the free XOR Trial offering.
For the second AML scenario, a novel graph-analysis method (see Real-World Crypto in 2020) was implemented in XOR to identify split transactions using mule accounts spread across several banks. Secure fuzzy matching identifies common entities across the banks even if there is not an exact string match and generates unique anonymized identifiers for them. Then subsequent privacy-preserving operations are used to combine the adjacency matrices of each bank and compute their structural similarities without revealing them. The banks do not see each other’s data yet the mule accounts are flagged and the respective bank is notified to take action if needed.
Inpher continues to engage with financial services customers in a collaborative effort to fight fraud and financial crime. To learn more, please send an inquiry to [email protected]