Fighting Financial Crime Together: The Role of Data Sharing

Financial crime continues to evolve at an alarming pace. Despite significant investments in advanced detection techniques, only a small fraction of these crimes is detected and stopped. Research highlights that as little as 1% of illicit financial flows are intercepted, leaving a staggering 99% to slip through the cracks. This is a strong reminder that while progress has been made, current efforts are insufficient to keep pace with the ingenuity of financial criminals.

The rise of Authorized Push Payment (APP)fraud exemplifies this challenge. Even with advancements in multi-factor and risk-based authentication, AI-based fraud detection systems, and "Verification of Payee" protocols, APP fraud persists by exploiting human trust and technological vulnerabilities. To combat this effectively, the financial ecosystem must embrace a paradigm shift — emphasizing collaboration among financial institutions and partnerships with Big Tech and social media companies, where a sizeable portion of payment fraud originates.

The current fragmented approach to financial crime detection leaves critical blind spots. Fraud identified by one financial institution often goes unchecked at another, allowing criminals to exploit systemic vulnerabilities. A centralized platform for sharing intelligence can bridge these gaps, enabling institutions to work collectively in identifying and preventing financial crime.
For example, an IBAN flagged for suspected money laundering in one country could be linked to an APP fraud case in another, providing a stronger basis for preventive action.

A centralized platform would securely facilitate the sharing of key indicators of suspicious activity, such as:

• Accounts (IBANs): Identifying suspicious account numbers, as well as generic, high-risk accounts tied to prepaid cards or cryptocurrencies. While often exploited by fraudsters (and thus giving a higher risk), these accounts cannot be outright blocked due to their legitimate use by other genuine customers.
• IP Addresses and Geo-Location: Flagging suspicious access patterns.
• MAC Addresses: Tracking devices linked to fraudulent transactions.
• Beneficiary Details: Flagging suspicious names and addresses
• BIC Lists: Identifying institutions or regions with higher risk profiles, such as those with poor reputations, lack of cooperation in investigations, or locations in high-risk countries.

Each of the above indicators can be reported one or more times by same or different financial institutions and would include:

• The reporting financial institution.
• Date and time of reporting.
• A confidence score assigned by the reporting institution.
• Post-feedback data, such as confirmations or false positives.

Additionally, the platform could integrate official blacklists from various networks and regulators (e.g. EBA or Swisscom), providing a comprehensive repository of reported indicators. By aggregating data from multiple sources, this system could detect patterns that would be invisible to individual institutions.

Traditional data sharing methods often rely on binary blacklists, but it is possible to create a platform which is much more nuanced. A collaborative platform can introduce a sophisticated scoring algorithms to analyze the shared data, allowing to assess risks with greater precision. The financial institution consuming the centralized platform would send the data of a payment to the platform, which would give back a suspicion scoring based on the matching between the input payment data and the shared (stored) indicators and scoring calculation based on:

• The number and type of matching indicators (e.g. account number, IP address, geo-location, MAC address…​).
• The scoring of each matching indicator, which is determined by the number of times the indicator was reported by different financial institutions, the date on which the indicator was reported, the credibility of the reporting financial institution, the confidence score provided by the reporting institution and the post-feedback data captured on the indicator.

The calling financial institution can then use the received scoring as an additional input for its internal systems, leaving the ultimate decision-making to block or not the payment with the financial institution.

One major obstacle to collaboration is the fear of exposing sensitive information. Advances in confidential computing technology alleviate this concern by ensuring that data remains encrypted—even during processing. This enables institutions to share insights securely, without compromising privacy.

Beyond detecting financial crime, a centralized platform can generate industry-wide insights, such as trends in financial crime, geographic hotspots, and emerging tactics.

To ensure the platform’s sustainability, various monetization models can be implemented, including:

• Per-transaction scoring fees.
• Paid services, such as aggregated reports or anonymized training data.
• Incentives for data-sharing institutions, such as discounted (of free credits for) scoring fees.

The fight against financial crime cannot be won in silos. By adopting secure, transparent, and collaborative solutions, the financial industry can dramatically improve detection rates. A shared platform for financial crime detection ensures no financial crime activity, however sophisticated, can evade collective scrutiny.

Together, financial institutions can protect customers, preserve trust, and build a safer financial ecosystem for all.

For more insights, visit my blog at https://bankloch.blogspot.com