Privacy Preserving Entity Cycle Detection for Decentralised Anti-Money Laundering
M. van Pelt (TU Delft - Electrical Engineering, Mathematics and Computer Science)
Z. Erkin – Mentor (TU Delft - Electrical Engineering, Mathematics and Computer Science)
M.M. de Weerdt – Graduation committee member (TU Delft - Electrical Engineering, Mathematics and Computer Science)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Money laundering is the act of processing criminal proceeds to hide their illicit origin. Banks and financial institutions employ anti-money laundering (AML) techniques to detect and prevent money being laundered. Whereas traditional AML is mainly conducted on the level of individual institutions, modern AML is shifting towards increased collaboration between banks and government agencies. Although greater collaboration is indeed required to combat sophisticated money laundering operations, the lowered legal threshold for sharing customers’ financial data raises serious concerns about the privacy of innocents. Privacy preserving anti-money laundering (PPAML) techniques address this problem by allowing banks to collaborate without explicitly sharing sensitive customer data. This work introduces a new PPAML protocol that detects money laundering patterns in a decentralised transaction network. The protocol uses privacy preserving entity resolution to detect money being moved between accounts that are different but owned by the same entity. Such entity cycles serve as a strong indicator for money laundering, and their detection can serve as a trigger for banks to further investigate the involved accounts. In the protocol, privacy of the involved entities is preserved by utilising a number of secure multi-party computation techniques. Most notably, partially homomorphic encryption is used to privately compute the distance between two entity identities. Messages in the protocol are unlinkable so that adversaries cannot learn about the topology of the network, making it secure against information leakage in the semi-honest model. Additionally, the protocol is secure against some attacks by covert adversaries. By only attempting to match accounts in the local neighbourhood that transfer money to each other, the protocol achieves runtime and communication complexities that are polynomial on the number of neighbours, being independent of the size of the network. Finally, the protocol is designed to be highly parallelisable, and evaluation shows that this quality leads efficient runtimes.