Privacy-preserving computation – balancing compliance, collaboration, and confidentiality
Financial institutions are under growing pressure to share intelligence, detect crime faster, and comply with evolving data regulations. But most AML, fraud, and compliance systems still rely on data centralization — a model that often conflicts with privacy law and customer trust.
Privacy-preserving computation changes this. It enables multiple parties to analyze data collectively without revealing the underlying information. Instead of moving or exposing data, calculations are performed securely within cryptographic protocols.
For compliance leaders, this isn’t just a technology choice. It’s the key to unlocking regulatory cooperation, secure analytics, and proof of compliance under frameworks such as FATF, DORA, and the EU AML Directives.
For compliance leaders, this isn’t just a technology choice. It’s the key to unlocking regulatory cooperation, secure analytics, and proof of compliance under frameworks such as FATF, DORA, and the EU AML Directives.
What privacy-preserving computation means in practice
At its core, privacy-preserving computation allows institutions to perform joint data analysis while keeping each dataset private and under local control.
It ensures that only the result of a computation is visible — not the inputs.
Key methods include:
It ensures that only the result of a computation is visible — not the inputs.
Key methods include:
- Multi-Party Computation (MPC): allows multiple entities to compute shared insights without exposing raw data.
- Homomorphic encryption: enables encrypted data to be analyzed without decryption.
- Zero-knowledge proofs (ZKP): verify a statement as true without revealing any of the underlying data.
- Federated learning: trains AI models across decentralized datasets.
These techniques create a new foundation for secure collaboration — particularly in regulated industries where data sensitivity prevents traditional sharing.
Confidential computing supports privacy-preserving collaboration
While privacy-preserving computation focuses on cryptographic protection of data during analysis, Confidential Computing extends that protection to the underlying hardware and processing environment.
It ensures that sensitive data remains encrypted even while being processed in memory, preventing unauthorized access by system administrators, insiders, or malicious software.
Together, the two technologies provide end-to-end protection for data in all states — at rest, in transit, and in use.
This combined model is gaining traction across financial institutions and regulators because it bridges the technical and legal requirements of privacy, security, and accountability.
Practical applications include:
It ensures that sensitive data remains encrypted even while being processed in memory, preventing unauthorized access by system administrators, insiders, or malicious software.
Together, the two technologies provide end-to-end protection for data in all states — at rest, in transit, and in use.
This combined model is gaining traction across financial institutions and regulators because it bridges the technical and legal requirements of privacy, security, and accountability.
Practical applications include:
- Secure multi-party analytics: combining Multi-Party Computation (MPC) with confidential data to process shared data safely.
- AML and fraud model execution: enabling joint analytics between institutions on encrypted data.
- Regulatory sandbox collaboration: allowing regulators to audit algorithms without viewing the underlying data
- Cross-border compliance: protecting data sovereignty while supporting FATF and DORA cooperation frameworks.
Confidential Computing reinforces trust in privacy-preserving computation — not just mathematically, but operationally — ensuring that compliance systems remain secure from both external and internal threats.
Related: Read FATF Compliance Technology to understand how cryptographic and infrastructure-level security work together in global AML compliance.
Related: Read FATF Compliance Technology to understand how cryptographic and infrastructure-level security work together in global AML compliance.
Why it matters for financial compliance and risk management
Regulatory frameworks such as the FATF Recommendations, EBA AML Guidelines, and DORA all emphasize collaboration between institutions and supervisory authorities. But until recently, compliance teams had to choose between two bad options: share data and risk a privacy breach, or keep data siloed and risk regulatory gaps.
Privacy-preserving computation resolves that tension. It enables:
Privacy-preserving computation resolves that tension. It enables:
- Cross-institution fraud detection without breaching data protection law.
- Joint risk modeling between banks, regulators, and law enforcement.
- Secure KYC and Customer Due Diligence (CDD) collaboration.
- Confidential whistleblower reporting under DORA and AMLD6 frameworks.
- Data integrity verification across borders without duplication.
Related: Read FATF Compliance Technology for how automation supports global AML performance, and See [Regulatory Technology (RegTech)] for the infrastructure enabling privacy-preserving compliance.
How regulators view privacy-preserving technology
Supervisory authorities increasingly recognize that data privacy and transparency can coexist if handled with the right technology.
The European Banking Authority (EBA) and Financial Action Task Force (FATF) have both noted privacy-enhancing technologies as critical tools for balancing data protection and financial integrity.
According to the FATF Report on Digital Transformation 2023:
The European Banking Authority (EBA) and Financial Action Task Force (FATF) have both noted privacy-enhancing technologies as critical tools for balancing data protection and financial integrity.
According to the FATF Report on Digital Transformation 2023:
“Privacy-enhancing technologies offer new opportunities for data sharing that protect confidentiality while supporting more effective AML/CFT collaboration.”
In this context, privacy-preserving computation represents a strategic shift — from data centralization to privacy-led interoperability.
Applications across financial operations
Privacy-preserving computation supports a range of compliance and business use cases, including:
- Fraud detection and transaction monitoring: secure data matching between PSPs and banks.
- AML and CTF intelligence sharing: confidential cross-border investigations between institutions and FIUs.
- Perpetual KYC (pKYC): continuously verifying customer data across trusted sources without exposing it.
- Transaction Risk Analysis (TRA): aggregating behavioral data for fraud scoring without revealing identity.
- Regulatory reporting: providing verifiable audit trails that demonstrate compliance while maintaining anonymity.
Each application reinforces a central theme — compliance and privacy are no longer opposing objectives.
Challenges and adoption barriers
Despite clear benefits, adoption of privacy-preserving computation in financial services remains early-stage.
Institutions cite challenges such as:
Institutions cite challenges such as:
- Technical complexity: cryptographic methods require specialized expertise.
- Integration with legacy systems: most compliance platforms weren’t built for decentralized computation.
- Regulatory uncertainty: limited official guidance on how results are treated as evidence.
- Performance scalability: heavy computation loads for large data models.
However, these barriers are rapidly shrinking as regulators, including the EBA, begin formal consultation on privacy-enhancing technology frameworks within AML and operational resilience standards.
“We’ve reached a point where the only way to collaborate safely is not to share data at all. Privacy-preserving computation delivers that — secure, lawful, and scientifically verifiable collaboration.”
– Mark Medum Bundgaard, CPO, Partisia
This sentiment reflects the growing consensus: privacy technology is becoming the new compliance infrastructure.
How a new approach to financial crime could stop
fraud in its tracks
The proof-of-concept 2019 changed the frame: instead of judging each payment on its own, it followed how money travels across accounts and institutions. That shift revealed patterns single-transaction systems miss.
The scale is staggering. Financial institutions together spend an estimated $200 billion a year on compliance and AML, and yet fraud losses remain stubbornly high-costing banks and customers tens of billions annually.
What's inside?
-
Seeing the whole network
- A shared defense with measurable impact
and more...
Partisia’s perspective
Partisia is a pioneer in privacy-preserving computation. Its platform uses Multi-Party Computation (MPC) to enable secure collaboration across financial institutions, regulators, and technology partners.
With Partisia, organizations can:
With Partisia, organizations can:
- Detect financial crime jointly without exposing underlying transaction data.
- Collaborate with regulators under FATF and DORA while maintaining full privacy compliance.
- Execute AML and fraud detection algorithms on encrypted data.
- Support ongoing Customer Due Diligence and Perpetual KYC (pKYC) safely.
Partisia’s approach turns privacy into a strength — proving that transparency and confidentiality can reinforce, not contradict, one another.
