The financial industry has become increasingly reliant upon information sharing between institutions to gather sufficient data to fight various forms of financial crime, including fraud and anti money laundering (AML). The Future of Financial Intelligence Sharing Research (FFIS) program at the Royal United Services Institute (RUSI) is interested in the processes, organization, and partnerships of information sharing. Nick Maxwell and his team at FFIS recently published the study A Survey and Policy Discussion Paper: “Lessons in private-private financial information sharing to detect and disrupt crime.” Here, Maxwell discusses the different types of private/private information sharing: how financial institutions can collaborate to share information in privacy preserving ways that protect sensitive information.
Sharing information amongst financial institutions is extremely important in countering economic crime. Those involved in money laundering and financial crimes do not just target one financial institution; they deliberately open and maintain many accounts at different financial institutions. Without information sharing, it is difficult for financial institutions to recognize whether transactions are part of an economic crime because banks cannot connect their customers’ transactions within the overall pattern of transactions at other banks to know if any illegal activity is occurring.
Within the economic sector, risk and insights sit across many different organizations. The average American has relations with 6-7 different financial institutions, and the typical American millennial has relations with 30-40 different financial providers. This means that any single financial services organization dealing with the customer’s transactions does not fully know the customer. This fact draws the question: how does a financial institution mitigate customer risk for a customer it doesn’t truly know?
In response to these issues, a whole new class of technologies has arisen to address industry needs. Duality has been championing the combination of cryptography and data science within the sharing of sensitive data. There are many new platforms like the Duality privacy preserving data collaboration platform that aim to combat anti-money laundering and fraud prevention. Historically, detection systems have been siloed in individual institutions, and it has been challenging to break the status quo. Only recently has there been innovation on information sharing platforms. Maxwell’s study surveys the growth and expansion of these types of services, as there are many different types of platforms each using different technologies.
Though there has been innovation in the field, the General Data Protection Regulation (GDPR) restricts what organizations can do with data. GDPR is a data-minimalist regime meaning that only what is necessary is shared. Anti-money laundering, on the other hand, is a data-maximalist approach. With this idea, you take as much data as possible to more effectively recognize the economic risk. Though there is tension between the two at a conceptual level, platforms have developed under GDPR regulations.
What Enterprises Can Learn from Private/Private Financial Information Sharing
Within data sharing, there are many paths that a financial institution can choose, and there are very legitimate justifications for sharing this data. Data sharing can protect the business, the customers, and even national security. Before going ahead with data collaboration, the institution must ask what laws govern this collaboration, and what business policies allow or disallow sharing information. Once these strategic questions have been answered, the more tactical issues can be raised, such as , what information can I share, who am I sharing it with, and how do I want them to use it? What’s the minimum I need to share in order to get the results that I want?
Having this strategic vision is essential. A company must know what it hopes to get out of the data sharing from the start. At the same time, policymakers need to consider how their jurisdiction can help attain effective and efficient results while maintaining individual privacy. As seen with Duality’s AML data collaboration network, technology has been able to achieve greater security of the data while addressing non-technical issues. Governments need to change regulations to support collaboration because it is not yet the international standard. For privacy enhancing collaboration tools to become widely used, a legal basis must be established.
To watch the entire webinar, click below.