blog

Privacy-preserving computation – enabling compliant data collaboration in financial services

Written by Partisia | 2025.11.04

 
Financial institutions are under growing pressure to share intelligence, detect crime faster, and comply with evolving data regulations. But most AML, fraud, and compliance systems still rely on data centralization — a model that often conflicts with privacy law and customer trust.

Privacy-preserving computation changes this. It enables multiple parties to analyze data collectively without revealing the underlying information. Instead of moving or exposing data, calculations are performed securely within cryptographic protocols.

For compliance leaders, this isn’t just a technology choice. It’s the key to unlocking regulatory cooperation, secure analytics, and proof of compliance under frameworks such as FATF, DORA, and the EU AML Directives.

What privacy-preserving computation means in practice

At its core, privacy-preserving computation allows institutions to perform joint data analysis while keeping each dataset private and under local control.
It ensures that only the result of a computation is visible — not the inputs.

Key methods include:

  • Multi-Party Computation (MPC): allows multiple entities to compute shared insights without exposing raw data.
  • Homomorphic encryption: enables encrypted data to be analyzed without decryption.
  • Zero-knowledge proofs (ZKP): verify a statement as true without revealing any of the underlying data.
  • Federated learning: trains AI models across decentralized datasets.

These techniques create a new foundation for secure collaboration — particularly in regulated industries where data sensitivity prevents traditional sharing.


Confidential computing supports privacy-preserving collaboration

While privacy-preserving computation focuses on cryptographic protection of data during analysis, Confidential Computing extends that protection to the underlying hardware and processing environment.
It ensures that sensitive data remains encrypted even while being processed in memory, preventing unauthorized access by system administrators, insiders, or malicious software.

Together, the two technologies provide end-to-end protection for data in all states — at rest, in transit, and in use.
This combined model is gaining traction across financial institutions and regulators because it bridges the technical and legal requirements of privacy, security, and accountability.

Practical applications include:

  • Secure multi-party analytics: combining Multi-Party Computation (MPC) with confidential data to process shared data safely.
  • AML and fraud model execution: enabling joint analytics between institutions on encrypted data.
  • Regulatory sandbox collaboration: allowing regulators to audit algorithms without viewing the underlying data
  • Cross-border compliance: protecting data sovereignty while supporting FATF and DORA cooperation frameworks.

Confidential Computing reinforces trust in privacy-preserving computation — not just mathematically, but operationally — ensuring that compliance systems remain secure from both external and internal threats.

Related: Read FATF Compliance Technology to understand how cryptographic and infrastructure-level security work together in global AML compliance.


Why it matters for financial compliance and risk management

Regulatory frameworks such as the FATF Recommendations, EBA AML Guidelines, and DORA all emphasize collaboration between institutions and supervisory authorities. But until recently, compliance teams had to choose between two bad options: share data and risk a privacy breach, or keep data siloed and risk regulatory gaps.

Privacy-preserving computation resolves that tension. It enables:

  • Cross-institution fraud detection without breaching data protection law.
  • Joint risk modeling between banks, regulators, and law enforcement.
  • Secure KYC and Customer Due Diligence (CDD) collaboration.
  • Confidential whistleblower reporting under DORA and AMLD6 frameworks.
  • Data integrity verification across borders without duplication.

Related: Read [FATF Compliance Technology] for how automation supports global AML performance, and See [Regulatory Technology (RegTech)] for the infrastructure enabling privacy-preserving compliance.

How regulators view privacy-preserving technology

Supervisory authorities increasingly recognize that data privacy and transparency can coexist if handled with the right technology.
The European Banking Authority (EBA) and Financial Action Task Force (FATF) have both noted privacy-enhancing technologies as critical tools for balancing data protection and financial integrity.

According to the FATF Report on Digital Transformation 2023:

“Privacy-enhancing technologies offer new opportunities for data sharing that protect confidentiality while supporting more effective AML/CFT collaboration.”

In this context, privacy-preserving computation represents a strategic shift — from data centralization to privacy-led interoperability.

 

Applications across financial operations

Privacy-preserving computation supports a range of compliance and business use cases, including:

  • Fraud detection and transaction monitoring: secure data matching between PSPs and banks.
  • AML and CTF intelligence sharing: confidential cross-border investigations between institutions and FIUs.
  • Perpetual KYC (pKYC): continuously verifying customer data across trusted sources without exposing it.
  • Transaction Risk Analysis (TRA): aggregating behavioral data for fraud scoring without revealing identity.
  • Regulatory reporting: providing verifiable audit trails that demonstrate compliance while maintaining anonymity.

Each application reinforces a central theme — compliance and privacy are no longer opposing objectives.


Challenges and adoption barriers

Despite clear benefits, adoption of privacy-preserving computation in financial services remains early-stage.
Institutions cite challenges such as:

  • Technical complexity: cryptographic methods require specialized expertise.
  • Integration with legacy systems: most compliance platforms weren’t built for decentralized computation.
  • Regulatory uncertainty: limited official guidance on how results are treated as evidence.
  • Performance scalability: heavy computation loads for large data models.

However, these barriers are rapidly shrinking as regulators, including the EBA, begin formal consultation on privacy-enhancing technology frameworks within AML and operational resilience standards.


“We’ve reached a point where the only way to collaborate safely is not to share data at all. Privacy-preserving computation delivers that — secure, lawful, and scientifically verifiable collaboration.”
– Mark Medum Bundgaard, CPO, Partisia

This sentiment reflects the growing consensus: privacy technology is becoming the new compliance infrastructure.


Partisia’s perspective

Partisia is a pioneer in privacy-preserving computation. Its platform uses Multi-Party Computation (MPC) to enable secure collaboration across financial institutions, regulators, and technology partners.

With Partisia, organizations can:

  • Detect financial crime jointly without exposing underlying transaction data.
  • Collaborate with regulators under FATF and DORA while maintaining full privacy compliance.
  • Execute AML and fraud detection algorithms on encrypted data.
  • Support ongoing Customer Due Diligence and Perpetual KYC (pKYC) safely.

Partisia’s approach turns privacy into a strength — proving that transparency and confidentiality can reinforce, not contradict, one another.
View full post