While financial regulators increasingly call for information sharing within the industry, data privacy compliance poses barriers to inter-institutional and cross-border collaboration. In this challenging situation, new Privacy-Enhancing Technologies (PETs) can help enable secure data sharing without compromising privacy, security, and regulatory compliance.
We brought industry experts together for a fireside chat on Financial Intelligence Sharing under GDPR to explore three different information sharing implementations across the financial crime lifecycle: Customer Due Diligence, Transaction Monitoring, and Fraud and Cybercrime Investigations.
Here’s what we learned:
In each case presented during the discussion, privacy-protected collaboration provided financial institutions access to data held by other entities, leading to valuable insights which each individual institution couldn’t have gained alone. PETs were successfully used to alleviate GDPR compliance and competitive concerns, enabling banks to cooperate throughout the financial crime and compliance cycle in ways which were previously impossible.
Customer Due Diligence: DANIE consortium
The DANIE Project is a UK-based consortium of banks and data providers whose objective is to improve the quality of their client reference data by benchmarking data with peers. Banks upload encrypted data to the consortium application where the data remains protected by PETs at all times, preventing it from being re-identified or attributed to a data source.
Transaction Monitoring Netherlands
Transaction Monitoring Netherlands (TMNL) consists of five Dutch banks that combine transaction data and monitor it collectively to gain a complete view of criminal money flows and networks.
Each bank uploads data to the central data store where the consortium combines these transactions, monitors them, and reports potentially suspicious patterns. Sensitive information is encrypted and viewed only when suspicions of money laundering or terrorist financing arise.
Financial Fraud and Cyber Crime Investigations: Cyber Defence Alliance (CDA)
The CDA is a consortium of EU/UK banks and law enforcement agencies whose mission is to facilitate collaborative fraud and cybercrime investigations.
Through the CDA, institutions send encrypted queries to one another, inquiring about suspicious actors and activities – e.g. account ownership, account balances, and relationships between entities – without ever revealing the subjects of these investigations. By utilizing Duality’s PET solution based on Homomorphic Encryption (HE), institutions can analyze data while keeping sensitive information private.
As in other jurisdictions, the co-existence of European Anti-Money Laundering Directives (AMLD) and the EU privacy regulation – the GDPR – creates conflicting compliance obligations for financial institutions. Collaboration and information sharing remain a grey area, with a number of terms lacking clear definitions, including:
It is time for regulators to provide a clear code of conduct that delineates each term and its application in anti-financial crime processes. Explicit practical guidance and legal certainty will help drive innovation and encourage institutions to explore new modes of collaboration proactively.
National legislators can and must play a crucial role by creating AML frameworks that provide clarity regarding the above points and how GDPR should be enforced in the context of financial crime prevention.
Regulatory collaboration is also important. Inter-governmental bodies such as the FATF and the European Commission are important organizations that can help reduce friction and harmonize heterogenous AML frameworks, in turn enabling impactful AML collaborations between different jurisdictions.
In this contradictory and unclear regulatory context, PETs provide institutions a way to move forward. Different technologies enable secure collaborations along the entire financial crime prevention lifecycle and promise to:
In summary, PETs are paving the way for increased financial intelligence sharing, during times of growing globalized financial crime.
Over to you! Tell us how your organization can benefit from secure information-sharing.
Share your challenge so we can help identify how PETs can significantly enhance your way of working.
Did you miss our fireside chat? You can watch it here at your convenience.
Our thanks go to our panelists and moderator: