News

Thought leadership: Sharing financial information while ensuring that data is secure

Sally Sfeir Tait, CEO of RegulAItion, explains some of the challenges in automating compliance at financial services firms and outlines how her company aims to overcome the tension between reporting and keeping financial data private.

Financial firms have to show that they are compliant with regulation. They also need to collaborate on preventing financial crime. To achieve both of those things, they share sensitive information.

But collecting and analysing information safely and correctly is difficult and expensive. It is estimated that regulatory compliance costs UK banks up to £4.5bn a year.

Can technology make it possible to share the right information with the right people in a secure way, and without exposing sensitive data?

Sally Sfeir Tait, the Chief Executive Officer of RegulAItion, says its AIR Platform can provide secure, multiparty computation that is machine-executable, real-time, and does not share underlying data.

“I am absolutely paranoid about data,” says Tait. “That was one of the reasons why we developed this platform. “Data anonymisation doesn’t work.”

Why banks must work together on compliance problems

Tait says banks working together on compliance problems like know your customer (KYC) and combatting money laundering (AML) can be like people in a dark room examining an elephant.

One has the trunk, another the tail, the third a tusk. Only by working together can they know what they are dealing with.

Tait says RegulAItion’s AIR platform can solve the elephant problem by “tracking patterns in data across banks without any bank having to share data”.

This is underpinned by artificial intelligence and machine learning. One of the most important ingredients in the magic sauce is homomorphic encryption.

Data security and data privacy

Homomorphic encryption is a new technology, described as the “holy grail” of encryption, which allows a third party to carry out complicated processing of data without being able to see it. (Or the owner having to de-encrypt it).

RegulAItion also uses differential privacy. That is a way of ensuring that the output of statistical analysis doesn’t allow any insight into individual datasets – no matter unusual any one dataset might be.

The third strand is federated learning. Federated learning is a form of collaborative machine learning in which the data is not stored centrally, or shared.

The AIR platform uses blockchain to enable portability and traceability.

Tait says regulators and central banks are the most active on the platform because they need to share insight on systemic risk and on climate change.

She says global systemically important financial institutions are engaging with RegulAItion to try to solve financial crime and regulatory reporting challenges – including the need to provide different information to different regulators.

Working with data silos

Banks built up their data systems over decades. That means they often have data silos and batch processing. And they can struggle to bring together structured and unstructured data.

To make the most of the ability of machine learning to find patterns in data, the algorithms have to be fed with a lot of data. However, datasets do not necessarily use the same taxonomy – ie assets may not be classified in the same way.

Nor do they necessarily use the same ontologies – ie the concepts and categories applied to a particular area, and the way they are assumed to inter-relate, may not be the same.

That can make it difficult for financial services firms to compare apples with apples. And it becomes particularly tricky when artificial intelligence models want to combine data from different domains as, for example, in tackling climate change.

“Banks don’t need to step away from their old silos to work with RegulAItion,” says Tait. “It doesn’t rely on data models, or on domain specific language.”

The platform automates the application of rules. To what extent collaborators on the platform follow all of the rules of, say, GDPR, is set by each individually. They then give the algorithm access to the relevant encrypted documents.

A massive market

Tait says the firm has revenues. “Break-even is a function of how much you spend and there is no way we are not spending on technology,” she says.

“There has been no full-on bid for the company, but we are on a few radars,” she says. “We’re not ready to sell and we’re not sure what the exit plan is. We know that our market opportunity is massive.”

The AIR platform is due to launch in 2021 and named collaborators include:

  •  the Financial Conduct Authority (FCA)
  • the lawyers Ashurst
  • University College London (UCL), and
  • Loughborough University.

Innovate UK have invested £1.67m in the project.

Related content