In July 2019, we held a week-long Global Anti-Money Laundering and Financial Crime TechSprint to attempt to find better ways of increasing the detection and prevention rates of financial crime.
This issue is highlighted by every year, there being 800,000 people trafficked into slavery, while around 40 million people are estimated to live under a form of modern slavery, including forced labour and prostitution. Vast sums are also generated each day through the sale of illicit drugs and the illegal wildlife trade. The profits from these activities are laundered and legitimised through the global financial system – around $1.6 trillion a year or more, according to the United Nations, or between 2 – 5% of the world’s Gross Domestic Product. $90 billion through the UK alone.
The event focused on how encryption techniques known as privacy enhancing technologies (PETs) can facilitate the sharing of information about money laundering and financial crime concerns, while remaining compliant with data security laws. We are now sharing the progress made during the event.
Over 140 active participants at the FCA’s offices and at a satellite office in Washington came together to develop solutions, using PETs, to the below use cases:
- How can a network of market participants use PETs and data analytics to interrogate financial transactions stored in databases within institutions to identify credible suspicions without compromising data privacy legislation?
- How can market participants rapidly and accurately codify typologies of crime, in a way that allows them to be quickly disseminated and implemented by other market participants in their financial crime controls?
- How can a market participant check that the company or individual they are performing due diligence on hasn't raised flags or concerns within another market participant, and/or verify that the data elements they have for the company or individual match those held by another market participant?
- How can technology be used to assist in identifying an ultimate beneficiary owner (UBO) across a network of market participants and a national register?
The solutions developed
10 teams presented their solutions to an audience of regulators, academics, technology companies and financial institutions. To inject a competitive element into the event, prizes were awarded by a judging panel, with the teams being assessed on criteria including potential market readiness and effectiveness, creativity and the quality of their presentation.
The teams and solutions developed were:
Citadel (comprising Westpac, Citi Bank, Bureau van Dijk, Companies House, Data Robot, Oracle, Privitar, FCA Advanced Analytics and FinTech Sandpit – awarded first prize) – a solution, using privacy enhancing technologies and machine learning, to allow financial institutions to manage new obligations under MLD5 by aggregating validation of Ultimate Beneficial Ownership accuracy using a network of regulated entities.
Neighbourhood Watch – (Enveil, EY, BAE Systems, Refinitiv, HSBC, Barclays and ING -awarded second prize) – a solution to allow queries to be made among banks, using homomorphic encryption, about higher risk customers to identify discrepancies in customer due diligence.
Tech Launderers (Microsoft Research, CryptoExperts, Data 61, JP Morgan, LexisNexis and Experian – awarded third prize) – a solution to allow banks, using homomorphic encryption, to differentiate between good and bad actors by asking each other questions when onboarding clients.
Breaking Bad Actors – (Partisia, Sedicii, Goldman Sachs, Ex Ante Advisory, UBS and Deloitte) – a solution, using multi-party computation, to allow the real-time assessment of outbound and inbound payments to identify mismatches between account names or other risk factors.
Catch the Chameleon – (Abducere, Santander, Commonwealth Bank of Australia, Lloyds Banking Group, Natwest and Barclays) – a solution developing a way in which firms can potentially detect bad actors that move around Financial Institutions (FIs) undetected, through the use of a decentralised network of FIs, facilitating the cross-referencing of non-readable (pseudonymised and hashed) customer data (businesses and their main controllers), and highlighting areas where the FI might want to perform further investigations.
Datashare Team (Cybernetica, Data Miner, RBS, Societe Generale and PWC) – a solution, using multi-party computation, that creates a system where financial institutions can upload encrypted data about a customer and receive predefined information about that customer from other institutions.
Looming Threat – (IBM, NICE Actimize, ING, PWC and FCA Advanced Analytics) – a solution, using federated learning technologies, to facilitate the sharing of typologies between multiple banks to improve risk assessments.
Secret Computers – (Inpher, Goldman Sachs, Standard Chartered and Eversheds) – a solution, using secure multi party computation, to identify suspicious transaction networks across multiple institutions in order to identify patterns that an individual institution would not see.
Simba – (Duality Technologies, Lloyds Banking Group, HSBC, the Cyber Defence Alliance and Team8) - a solution, using homomorphic encryption, to enable financial institutions to uncover money-laundering networks by sharing and analysing sensitive information.
Webs of Suspicion – (Grant Thornton, Solidatus, Ashurst LLP, Fujitsu, Solace, Barclays and HSBC) – a solution, using homomorphic encryption, to develop a standard for identifying existing financial crime typologies and disseminating new typologies across financial institutions and others.
We are continuing our dialogue with industry, tech firms, academics and international regulators to better understand the potential for PETs, in particular the solutions developed at the TechSprint, to make a material difference in this area.
We consider the tangible outcomes of a TechSprint to be the solutions that the PoCs develop. Those solutions may then become commercial products, add value for consumers of financial services and possibly support FCA objectives.
It isn’t possible to have developed a fully operational and ready for market solution within the course of the TechSprint and so further work to develop the solutions in to a commercially viable PoC is required.
It is important that the solutions first developed at the TechSprint are able to develop further and to do so they need the support of financial institutions. Some financial institutions may already be participating in one or more of the PoCs as a result of the TechSprint but this does not preclude participation in further PoCs (provided any potential conflicts of interests are managed).
If you’d like to get involved in one or more of the solutions then email [email protected] with the details of which PoCs you are interested in. The FCA will then provide you with contact details for the PoCs in which you are interested.
We are also interested in hearing from any companies who are interested in discussing any relevant solutions they may be working on. Contact [email protected].
We will publish a paper in Q1 2020 detailing the progress we have made since the TechSprint.
Listen to our Inside FCA podcast
During the TechSprint, Nick Cook, HSBC’s Global Head of Financial Crime Threat Mitigation, Jennifer Calvery, and 11:FS’s Co-Founder and CEO, David Brear discussed how new technologies can be used to prevent and detect financial crime. Download and listen to the podcast.