CTC
an overview of how the lack of information encourages crime, money laundering, and financial terrorism
February 2024
Main Author: Germana Gianquinto
Co-Author: Mateo Djouadi
Finance Innovation Team
Identifying terrorist financing risks and malicious patterns within financial data has been the focus of the CTC – Cut the Cord project all along its journey.
While AI and data analysis hold great promise in preventing terrorist financing risks and identifying malicious patterns, it’s essential to address other concerns, ensure the transparency and accountability of the data evaluated, and implement robust governance frameworks to cover the gaps we identify while implementing the project’s activities.
The potential limits are manifold:
The lack of communication and sharing of financial information between banks.
The lack of communication and sharing of financial information between banks is one of the main obstacles to overcome.
Banks are hesitant to share financial information with competitors due to concerns about losing their competitive edge and the fear that sharing sensitive financial data could give competitors insights into their operations, strategies, and weaknesses. Also, regulatory frameworks impose strict rules on the sharing of customer data and financial information to protect customer privacy and prevent financial fraud, but this can limit the ability of the banks to exchange information freely, and sharing financial information with other banks could potentially expose them to data breaches or misuse of information. In addition to this, legacy systems and outdated technology infrastructure can hinder efficient communication and data sharing between banks. Banks use their solutions and integrate disparate systems while ensuring data security, which is complex and costly and leads to reluctance to share information.
CTC experience in addressing the "data dilemma” and lessons learned.
We already examined the gaps in communication and lack of sharing financial datasets in banking.
Though they can provide high value in fraud detection, there are still many publicly accessible synthetic databases on financial services since financial transactions are inherently private.
CTC tried to address such issues by collaborating with trusted partners and private banks to have the needed information but, unfortunately, with only limited results since the required data are considered too sensitive.
Considering this, CTC has leveraged a few open synthetic datasets, to define the most suitable parameters and features further to consider for synthetic data creation. The production of synthetic data refers to the creation of artificial data that mimics the statistical properties of real-world data without containing any sensitive or personally identifiable information. This synthetic data can be used for various purposes, including training machine learning models, conducting research, and testing software applications without risking the privacy and security of real individuals.
Best practices in data sharing.
The Netherlands and Australia have made significant efforts in data sharing, albeit in different contexts and with varying approaches.
The Netherlands has invested in building data infrastructure to facilitate data sharing across government agencies, research institutions, banks, and the private sector. Initiatives like the Dutch National Data Portal provide a centralized platform for accessing and sharing various datasets, promoting collaboration and innovation while all the information is protected by robust data protection laws, including the EU General Data Protection Regulation (GDPR).
Australia has established data governance frameworks to guide the responsible sharing and use of data across government agencies and sectors. Initiatives such as the Data Sharing and Release Act 2020 provide a legal framework for data sharing while protecting privacy and confidentiality.
Moreover, the Australian government has launched initiatives to promote data sharing among government agencies to improve service delivery, policy development, and decision-making. Projects like the Data Integration Partnership for Australia (DIPA) facilitate the linkage and analysis of government datasets to generate insights and inform policy. Australia has recently embraced the open data movement, making government datasets publicly available for reuse and innovation. Initiatives like the data.gov.au portal provide access to various government datasets, fostering transparency, accountability, and economic growth.
Even if those initiatives are mainly in use in data related to Health, in Smart Cities and Governments, both countries have recognized the value of data sharing in driving innovation, improving services, and addressing societal challenges.
These best practices must be replied to finance or, unfortunately, the tracing of AML/CTF won’t evolve much.
CTC mainly exploited the experience of the EU initiatives such as the Expert Group on European financial data space (E03763)[1], offering advice and expertise to DG Financial Stability and Capital Markets Union (FISMA) on the preparation of legislative proposals and policy initiatives in the field of data sharing in the financial sector.
The new Data Hub on the EU Digital Finance Platform[2], was created to assist the expansion of digital financial services across Europe and to link innovative financial enterprises with national supervisors better. The platform allowed businesses to work closely with regulatory agencies to acquire data for testing purposes, enhancing national innovation centers, regulatory sandboxes, and private-sector efforts by utilizing synthetic datasets based on actual data owned by the same regulatory bodies.
The GAIA-X Vertical Financial Data Space[3] seeks to realize the production and supply of Data Space in a single or several ecosystems. i.e., Ecosystems and providing the Gaia-X Association members the chance to network, cooperate, and find open standards relevant to certain domains while collecting cross-country use cases and sharing data space expertise.
CTC has exploited the first initiative to verify that the interaction with other data spaces and data-sharing were taking into consideration policy issues related to that. The second has enabled further analysis of testing scenarios, and the latter has enlightened how to consider open standards and see CTC solutions within the scope of a European Ecosystem.
Conclusions
Without initiatives like these, proper and real tracing, and identification of AML/CTF will be extremely complicated, and the outcomes of the research conducted in CTC, so far, have demonstrated the amount of significant information we are lacking. CTC project demonstrates that tracing money via algorythms/AI is already possible, and that the technology is set in place.
Legislators must push financial institutions to share the information they have, addressing and implementing robust governance frameworks, investing in data infrastructure, prioritizing privacy and security, leveraging data as a strategic asset while safeguarding individual rights and interests. Adequate measures will finally allow the tracking approach of the financial data, even if there is still a long journey to complete.
Heaven, W.D., ‘Synthetic data for AI, MIT Technology Review’, February 23rd, 2022
https://www.technologyreview.com/2022/02/23/1044965/ai-synthetic-data-2/
FATF (2012-2023), International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation –
www.fatf-gafi.org/recommendations.html
European Banking Authority – Guidelines on cooperation and information exchange for AML/CTF supervision purposes – JC 2019 81
– 16 dec. 2019 – Final report –
We invite you to delve deeper into the CTC project, exploring its website and engaging with our vibrant social media channels. Discover the remarkable work being done by dedicated individuals and organizations, united in a common purpose – to safeguard our digital world and protect it from the threats of terrorism financing. Together, we can continue to advance the fight against these illicit activities, ensuring that the digital realm remains a safe and secure space for all, now and in the future.
For more information about the project, please visit: https://ctc-project.eu/. You can also join the CTC Stakeholder Community by signing up in the following link: https://ctc-project.eu/community-signup/.
