Alternative EOI E - Privacy-Preserving On-Chain AML and CFT Tooling
Title (paste-ready): Differential-Privacy AML and CFT for Tokenised Assets: Regulator-Auditable Open Tooling
EOI BODY (paste-ready)
The Financial Action Task Force Travel Rule and UAE supervisory guidance from CBUAE and SCA both require AML and CFT controls on tokenised-asset transfers. On-chain analytics tools used by regulators today are commercial and closed. Open alternatives exist but lack privacy guarantees, cryptographic provenance, or regulator-readable explanations. The result is a supervision gap. Compliance teams cannot audit the methods that flag a transaction. Researchers cannot replicate or extend the methods.
We propose dp-aml, an open MIT-licensed library for privacy-preserving AML and CFT analytics on tokenised assets. The library ingests on-chain transfers and known-bad-address feeds. It applies differential-privacy aggregation before any open data release. Verifiable signed alerts follow the Verifi methodology of Co-PI Youcheng Sun (IEEE TDSC 2024). Anomaly detection draws on extreme-value-theory tail methods plus graph-based propagation. The methodological foundations come from FRG23 anomaly detection at AUS plus AR-Pro counterfactual explanations (NeurIPS 2024) plus Verifi at MBZUAI. Foundation-model tools serve inference baselines only.
Specific aims: (1) Develop differential-privacy aggregation for on-chain AML signals. (2) Implement zero-knowledge signed alerts. (3) Deliver dp-aml under MIT by year 2. (4) Validate against three published red-team scenarios. (5) Train one UAE-based PhD plus host two workshops.
Application-readiness arc. Months 0-6 deliver the Applied baseline with privacy primitives and the FRG23 anomaly engine. Months 6-12 produce a working prototype with end-to-end DP-aggregated alerts. Months 12-18 reach Tech Development with the ZK signed-alert layer added. Months 18-24 demonstrate the first Validation step. A named user from CBUAE Fintech, ADGM RegLab, or the COST 19130 European regulator pool exercises dp-aml on a real or pilot stream by month 24.
PI Stephen Chan is at AUS Mathematics & Statistics in Sharjah, with the FRG23 anomaly substrate plus FRG24 price-impact substrate in place by May 2025. Co-PI Joerg Osterrieder chairs COST Action 19130 across 51 countries and coordinates the MSCA-DN Industrial Doctoral Network. Co-PI Youcheng Sun at MBZUAI Computer Science leads the verification and verifiable-federated-detection layer through his Verifi work. UAE delivery anchors at AUS plus MBZUAI through Co-PI presence. Two UAE-based PhDs are recruited, one at AUS under Stephen and one at MBZUAI under Youcheng. Capacity building includes a graduate course on Privacy-Preserving Compliance plus workshops at AUS in year 1 and MBZUAI in year 2. CBUAE Fintech Office and ADGM RegLab are the target regulator outreach during the May full-proposal phase. All code MIT, methods/datasets CC-BY where licence allows.