Mining Financial Data Without Actually Seeing It Can Detect Fraud

Quite interesting.  

 Mining Financial Data Without Actually Seeing It Can Detect Fraud  By Arnout Jaspers, Commissioned by CACM Staff, September 9, 2021

Large-scale data sharing is a potential goldmine for research, health, and security, but until recently this goldmine was largely inaccessible, due to privacy considerations. Now, banks are starting to use secure Multiparty Computation (MPC) to detect potentially fraudulent transactions while protecting the privacy of their customers.

MPC distributes computations on data between several parties in such a way that none of the parties can see the raw data, but the desired result can still be computed. Software to achieve this has been developed over the past years. A similar concept is homomorphic encryption, which guarantees that certain classes of computations performed on encrypted data give the same result as computations on the raw data.          

TNO, the Netherlands organization for applied scientific research, is working closely with two large Dutch banks, ABNAmro and Rabobank, on a pilot project to detect suspicious financial transactions using MPC and an algorithm inspired by Google's page-rank algorithm. The basic idea is that networks of financial transactions can be analyzed in similar fashion to how a search engine determines the importance, or rank, of a website. A website is 'important' if other 'important' websites link to it; although this is a self-referential definition, the page-rank algorithm can, after a number of iterations, produce a consistent ranking of websites. 

In this case, bank accounts are the nodes in the network, and two accounts are linked if a money transfer between them has taken place. Other than in the Internet page ranking, a link can have a weight, depending on how often and how much money was transferred. An account gets a high risk score, for instance for money laundering, if another high-risk account transferred money to it.

Each bank can create such a 'risk propagation network' for the accounts of its own clients because it has their financial transaction data, but many transactions happen between different banks. Risk scoring would improve significantly if the algorithm could add those external accounts to the network, but banks are hesitant to share these data because of their potential impact on privacy. Said Tjebbe Tauber, business developer for innovation and design at ABN AMRO's Detect Financial Crime unit, "We are carefully looking at what is, and what is not possible under the European privacy law."  .... '