Collaborative AI

---

The Soteria Initiative believes that AI and Machine Learning (ML) are positive, essential forces in the collaborative fight against financial crime. We actively advocate for the adoption of AI technologies—specifically Collaborative AI such as Federated Learning—to detect complex crime patterns that isolated systems at individual institutions often miss. We must resolve the information asymmetry between criminals and defenders. Just as criminal networks operate across borders and institutions, financial crime fighting must also become a multi-entity effort.

Federated Learning is an established technology with a proven track record in sectors like healthcare. It allows multiple institutions to create a shared AI model by aggregating knowledge (model updates) rather than sharing raw customer data. This enables the detection of financial crime patterns across different banks without compromising the privacy of individual clients. The Soteria Initiative Standard Working Group on Federated Learning has published a self-contained, free, and open-source federated learning demonstrator for institutions to experiment with federated learning. The demonstrator highlights the detection accuracy improvement of up to 60% and leveraged the goAML standard to enable easy testing with internal data records.

Yes. To enhance privacy further, Federated Learning can be combined with Differential Privacy. This approach ensures that while financial crime threat patterns are shared, the specific data remains obscure. Eventually, this technology aims to allow the privacy-preserving sharing of threat actor characteristics that are specific enough to identify criminals without exposing innocent individuals' private data.

We believe it significantly reduces privacy invasion. Currently, poor-quality models generate high volumes of false positives, leading to the manual investigation of millions of innocent people annually. This storage and examination of personal data create a massive attack surface for data leakage and insider threats. Collaborative AI increases model accuracy, thereby reducing the need for intrusive investigations into innocent parties and "outfighting" the privacy risks inherent in the current system.

Collaborative AI systems must be operated securely to prevent manipulation. Aggregated detection models should only be shared among KYC-verified parties (potentially restricted to partial contributors). This restriction prevents criminals from accessing the models and training "adversarial AIs" to evade detection.

A key requirement for applying advanced Collaborative AI is a harmonized data format. Data standards do more than just help computer systems communicate; they help investigators clearly understand the characteristics of illicit activity. Without standardized data, sharing intelligence effectively is impossible.

When we discuss data standards, we advocate for the standardization of:

• Data Format: e.g., JSON, XML, and encodings like UTF-16.
• Data Attributes: e.g., standardized fields for "First Name" or "Transaction Beneficiary."
• Data Types: e.g., harmonizing values so that "Customer Type" (retail vs. corporate) or "Occupation" have the same semantic meaning and value lists across institutions.
• Data Structure: Defining how relationships (Entity-to-Account, Account-to-Account) are structured.

Creating new standards from scratch is difficult. We advocate for tightening and strengthening the existing goAML data standard, currently used for Suspicious Activity Report (SAR) filings in over 70 countries. We aim to harmonize data value types within goAML to the point where a detection input standard for entities, transactions, and relationships can be derived directly from the filing format. The Soteria Initiative Standard Working Group has fully adopted goAML and created data generation tools that leverage the goAML standard specification.

We encourage vendors, regulators, supervisors, legislators, and obligated entities to adopt these formats. Just as tire manufacturers must adhere to technical safety standards for the safety of all road users, financial crime prevention systems should be required to meet technical data standards to compete in the market. We explicitly call on the FATF to publish an input/filing data standard and include data standardization in their country evaluation recommendations.

A key requirement for any AI system is a reliable ground truth to measure success. We encourage the adoption of two main feedback loops:

Regulatory Feedback: Regulators and Financial Intelligence Units (FIUs) should provide timely, detailed feedback (within days, not months) on whether filings were actionable or related to criminal investigations.

Active Adversarial Controls Testing (AACT): Implementation of adversarial testing to continuously validate model performance similar to how penetration testing (aka Red Teaming) is performed on cyber-crime controls.

The Executive Director of the Soteria Initiative has published an opinion paper on how AACT might be conducted in GRC Outlook.

The current publication of typology reports (descriptions of evasion methods for sanctions, AML, fraud or CTF controls) often aids criminals, as they can adapt faster than defenses at institutions are updated. We suggest a model similar to CERT (Computer Emergency Response Team) in cybercrime: typology reports should be more detailed and reproducible, including  example data, but then distributed only to trusted, KYC-verified industry participants. Widespread public distribution should be discouraged until detection software has been updated to mitigate the new threat.

Inspired by cyber security penetration testing (aka Red teaming), active adversarial controls testing involves actively simulating financial crime scenarios to test defenses. This, combined with passive testing (like Basel III type stress testing of running test data through internal systems), identifies which controls work and which human or automated processes fail. We support hybrid approaches using end-to-end adversarial testing and automated simulations to determine meaningful control effectiveness ratings.

The threat landscape is changing. Detection should not be limited to financial institutions but must incorporate legal and technology professionals. We identify online games, legal service platforms, trade facilitators, and online marketplaces, including those for virtual assets such as cryptocurrencies, as sectors especially vulnerable to abuse and crucial to the collaborative defense network.

The Soteria Initiative is a Swiss charity non-profit organization with the mission to significantly increase cost to illicit financial crime activity. We operate globally and engage with public and private stakeholders to advocate for the use of AI, data standards and active adversarial controls testing (aka financial crime penetration testing/red teaming).

You can donate to Soteria through our website by clicking on the 'Donate' button on the homepage.

Not yet, we are currently completing the necessary registration steps with authorities to enable tax-deduction status of your donation.

The Soteria Initiative maintains strict independence. It is solely governed by its voting members and governance bodies. While we accept donations from corporate members, we are independent of the entities that are donating.

We offer memberships to both corporations and individuals. However, only individual members have voting rights. This ensures that the initiative remains driven by professional expertise and community consensus rather than corporate interests.

Our volunteers come from diverse backgrounds—regulators, financial services, academia, technology, and government. This diversity often means individuals who normally compete in the market collaborate here in the spirit of fighting financial crime. All volunteers must strictly adhere to confidentiality and policy requirements regarding their present and past employers.

Soteria Initiative collects member fees and donations and its board decides which activities to prioritize and fund. Activities include primarily public and private stakeholder engagement regarding the mission objective, working group facilitation and publication of demonstration software, data standards, research and opinion papers. Stakeholder engagement and working groups typically are small group conversations, industry events, studies or research collaborations which may either be sponsored by one or more corporate members or the board directly. Activities are mostly conducted by Soteria Initiative members volunteering for the activity.

Soteria Initiative is funded through individual and corporate memberships and donations.

• Donations: Will be tax-deductible. Donors may remain anonymous to the public but must be KYC-verified internally. 
• Memberships: Corporate memberships are declared to all internal governance bodies to ensure transparency and may vary from individual membership fees.

We maintain a Reference Library containing technical explainers, vendor documentation, and research. Key resources include:

• Bank of International Settlement Aurora (Federated Learning Evaluation)
• A Primer on Federated Learning
• Federated Machine Learning Effectiveness (Nature, 2022)
• AML Transaction Benchmark Data (SynthML)
• Established Technical Frameworks (IEEE Multi Entity Federated Learning Standards)

For more information, visit our Reference Library.