Skip to content

Finance

Finance PET decisions are shaped by adversarial behavior, regulatory obligations, customer confidentiality, commercial sensitivity, and the need for auditable decisions.

Scenario Playbook

Scenario Primary PET Supporting PETs Why What can go wrong What to measure
Banks detect fraud across institutions MPC or federated analytics PSI, DP thresholds, clean-room audit Fraud patterns cross institutional boundaries Collusion assumptions fail, false positives rise, latency misses fraud windows Detection lift, false positives, latency, smallest released cohort
Institutions find overlapping risky entities PSI Output limits, audit logs, DP counts Nonmatches can remain hidden The intersection can reveal investigations Match precision, repeat-query controls, allowed use
Banks train a shared fraud model Cross-silo FL Secure aggregation, robust aggregation, DP Raw transaction data stays local Poisoned updates, entity-resolution mismatch, unfair outcomes Per-bank utility, drift, poisoning resilience, update leakage
Risk teams compare portfolio metrics Federated analytics or clean room DP, thresholds, governance Peer benchmarks can be computed without raw portfolio sharing Aggregates reveal business strategy Cohort sizes, query history, commercial sensitivity

Use This When

  • The collaboration has a specific fraud, AML, risk, or compliance output.
  • Parties can agree on entity resolution and permitted use.
  • Auditability matters as much as computation.
  • Malicious or strategic behavior is part of the threat model.

Avoid This When

  • The parties cannot agree on output policy or downstream use.
  • Low latency is required but the PET has not been benchmarked.
  • The design assumes all participants behave honestly.
  • Entity resolution is unsolved but treated as a minor preprocessing step.

For cross-bank fraud signals, start with PSI for overlap or MPC/federated analytics for joint metrics. Move to FL only when the real output is a shared model.

Failure Modes

  • A party uses repeated PSI queries to learn another party's customer base.
  • An aggregate reveals a bank's exposure or investigation focus.
  • A malicious participant poisons a shared model.
  • False positives harm customers and create compliance risk.
  • Vendor case studies overstate production maturity.

Evaluation Checklist

  • Are parties honest-but-curious, malicious, or strategically adversarial?
  • Is the match set itself sensitive?
  • What outputs are analysts allowed to act on?
  • Can the system explain false positives and disputed decisions?
  • Are query limits, logs, and abuse monitoring in place?