FL Explainer

Fraud
Detection

Federated Machine Learning for Fraud Detection in Bank Transactions

Industries

Banks, Payment Systems, FinTech, Fraud Prevention and Detection

Technique

Horizontal Federated Learning (HFL)

Data Types

Tabular

ML Models

Random Forest (RF) and Gradient-Boosted Decision Trees (GBDT)

ML Objectives

Fraud detection in bank card transactions

PPML tasks

  • Ensuring that participant data is kept confidential
  • Training the model on data from different organizations (banks, payment systems)
  • Cryptographic protection of gradients and hessians

Customers

The bank is interested in preventing card fraud to protect customer funds, minimize its own financial losses and increase customer trust.

The payment system aims to ensure the security of transactions, reduce reputational risks associated with fraudulent transactions, and maintain user confidence in its services and the banking system as a whole.

General Customer Characteristics
  • Protecting the confidentiality of customer data is a critical task for both the bank and the payment system, especially in the context of stricter regulation of personal data processing.

  • Striving to reduce financial losses and minimize risks through the implementation of effective fraud prevention technologies.

  • Strengthening customer confidence by enhancing the safety and reliability of financial transactions.

Challenges

Business challenge: detecting fraudulent activities involving bank cards in the transaction process.

The main objective is to improve the accuracy of real-time fraud detection while protecting personal data.

Technical challenge: designing and implementing a federatively trained ML model for fraudulent transaction detection based on joint bank and payment system data.

The model should:

  • Be trained on data distributed between the bank and the payment system without compromising confidentiality.
  • Remain up-to-date with the ability to be updated when new transaction data becomes available.
  • Automatically detect suspicious bank card transactions, minimizing false positives and increasing the accuracy of the analysis.

Random Forest and Gradient-Boosted Decision Trees (GBDT) are considered as machine learning models that provide high accuracy and reliability in fraud detection tasks.

Federated Learning for a minimum of 2 participants

The data does not leave the owner profile. The ML specialist and resources are inside the data owner framework

Secure synchronization of local and global model parameters with the server

Quality check of the final model

Application of the model within the data owner framework and interpretation of the results obtained

Solution

As part of a collaboration between banks and payment systems, Guardora demonstrated the practical value of federated machine learning (FL) technology in detecting fraud in bank transactions.

FL participants have different pipelines for generating feature spaces. For the features that form the intersection of these spaces, retrieval and preprocessing schemes have been harmonized.
In order to provide open peer auditing, the FL process was deployed in a private cloud with two client servers and one aggregation server.

The specificity of the fraudulent transaction detection task lies in the enormous class imbalance. About 0.01-0.001 transactions represent frauds in the real data stream. This prevents the widespread adoption of ML algorithms to solve such a problem.

Small financial organizations that do not have a sufficiently representative dataset are particularly susceptible to fraud. Often, transaction classification is done by building complex rule sets ("rule based").

Participants reported that datasets included groups of transaction characteristics such as payer data, time and financial data, payment information, geographic information, network information, device information, profiled behavior, and others.

Description of datasets

data_Adata_B
Number of attributes9393
Number of legal6934129141
Number of frauds843859
Percentage of frauds0.0120.029

A characteristic class disparity can be seen. Participants decided to use decision tree-based models, thus the performance of Random Forest (RF) and Gradient-Boosted Decision Trees (GBDT) models was compared.

The dataset on which the trained model was tested was generated and fixed by randomly selecting 20% of each set. Due to the significant imbalance, the PR-AUC metric was used, which calculates the area under the curve that represents the Precision to Recall ratio at different classification thresholds. Confusion matrix was used to visualize the classification ability of the trained model at threshold 0.5.

Test results of RF models trained only on local datasets.

data_A

data_B

Guardora has developed a federated version of the RF and GBDT models.

RF and GBDT models were federatively trained with the same hyperparameters as in the local training cases.

Thus, according to the PR-AUC metric, the RF model performed better.

The output of the model is the probability that a transaction belongs to a fraud class. This allows the decision boundary to be set depending on which type of risk is preferred.

The figure shows the correlation between false positives and false negatives on the test set at different thresholds.

Equal Error Rate (EER) values, as a measure of model performance, can also be seen in the figure.

EER of the local model102
EER of FL model67

For the Random Forest model, using FL improves the PR-AUC quality metric to 0.848 (relative to 0.738 for data_A, 0.750 for data_B).

Let us analyze typical ways of solving the problem of data scarcity of a particular class, using data_B as an example set with a higher fraud rate.

  • Local - the result achieved by RF model on the original dataset by a single participant.
  • Downsampling - A data balancing technique in which redundant instances of a larger class are randomly removed to equalize the ratio between classes.
  • CTGAN (Conditional Tabular GAN) - Adapted for tabular data synthetic instance generation by training a generative-adversarial network.
  • SMOTE (Synthetic Minority Over-sampling Technique) - A method to increase the amount of data in a minority class by generating synthetic instances.
  • FL - the result of the RF model formed as an output of federated learning of the generic model..

Customers of smaller organizations deserve identical fraud protection, too.

FL allows such organizations to band together, leverage payment system data and, as a result, build models comparable in quality to the largest players.

For payment systems, the use of FL allows them to significantly reduce fraud losses, increase trust in the payment system itself, reduce risk, and monetize the knowledge extracted from their data through collaborative machine learning with small and medium-sized businesses.

Results

Model improvement on the PR-AUC metric was about 10 points compared to local training.

Reduction of false positives by more than 50% at a threshold of 0.5.

As a result of the joint training, each participant received an identical version of the model, is now able to conduct independent inference, and, if necessary, rounds of refresher training at specified intervals, or as new data are accumulated.

Preserving privacy while increasing fraud detection efficiency.

Savings by participating in a mutually beneficial secure scheme.

Accelerating model updates by responding quickly to new types of fraud.

FAQ

What is federated learning for bank card fraud detection?
Federated Learning (FL) for fraud detection is a configuration where multiple financial organizations — typically banks and payment systems — jointly train an ML model on their combined transaction data without sharing the underlying customer records. Each organization keeps its data inside its own perimeter and contributes only encrypted model updates (gradients and hessians) to a coordination server. The trained global model captures fraud patterns visible across all participants — which no single organization could detect from its own data alone. Result: better fraud detection accuracy AND full data privacy AND regulatory compliance (GDPR, PCI DSS, banking secrecy laws) simultaneously.
How does HFL differ from VFL in fraud detection contexts?
Horizontal Federated Learning (HFL) is used when participants share the same feature schema but have different customer/transaction records. In this case study, the bank and payment system both observe bank card transactions with overlapping feature sets (payer data, financial data, geographic, network, device, profiled behavior) — but their customers are largely different. HFL combines these into a stronger model on the same feature space.
Vertical Federated Learning (VFL) — Guardora's other product — is used when participants share overlapping customers but have different features about them (e.g., a bank and credit bureau both observing the same customer but with different attributes). Fraud detection between bank + payment system is naturally an HFL problem.
What are the PR-AUC results from this FL fraud detection case?
Concrete benchmarks. Two participating datasets:
data_A (93 features, 69,341 legitimate transactions, 843 frauds, 0.012 fraud rate) and data_B (93 features, 29,141 legitimate, 859 frauds, 0.029 fraud rate).
Local Random Forest: PR-AUC 0.738 on data_A, 0.750 on data_B.
Federated Random Forest: PR-AUC 0.848 — a 10-point improvement over both local models.
Federated GBDT: PR-AUC 0.821.
Equal Error Rate (EER): local 102 → federated 67 (a 34% reduction).
False positives at threshold 0.5: reduced by more than 50%. Random Forest outperformed GBDT in the federated configuration.
How does FL fraud detection compare to CTGAN, SMOTE, and downsampling?
Class imbalance (fraud rate of 0.01–0.03) is the central technical challenge in fraud detection. Standard solutions for a single participant: Downsampling removes redundant majority-class examples. CTGAN (Conditional Tabular GAN) generates synthetic minority-class examples using a GAN. SMOTE (Synthetic Minority Over-sampling Technique) interpolates between existing minority examples to generate new ones. FL sidesteps the imbalance problem differently — by pooling data from multiple organizations, the absolute count of fraud examples in the training set rises substantially, often more than what synthetic generation can produce reliably. The comparison on data_B shows FL outperforming all three single-participant techniques on PR-AUC.
Can small banks benefit from this federated learning approach?
Especially small banks. Small financial organizations are precisely those most vulnerable to fraud due to insufficient representative fraud data — they often resort to expensive, brittle rule-based systems ("rule-based" classifiers). FL lets small banks federate with larger players or payment systems, leveraging the combined data pool to train models comparable in quality to what a top-tier institution could achieve alone. The case study explicitly highlights this: "Customers of smaller organizations deserve identical fraud protection. FL allows such organizations to band together, leverage payment system data and, as a result, build models comparable in quality to the largest players." This is the democratizing aspect of FL applied to financial security.
How is class imbalance (0.01–0.03 fraud rate) handled in FL?
Class imbalance is fundamental to fraud detection — fraud is statistically rare. Three layers of solution in this case study.
1. Metric choice: PR-AUC (Precision-Recall Area Under Curve) is preferred over ROC-AUC because PR-AUC is more sensitive in highly imbalanced datasets.
2. Model choice: Random Forest and GBDT (decision tree-based ensembles) handle imbalanced data better than parametric models.
3. FL data pooling: the strongest mitigation — by combining multiple participants' fraud examples, the absolute count of training examples for the minority class rises, reducing the need for synthetic generation. Confusion matrix at threshold 0.5 visualizes classification ability at the standard decision boundary.
What data privacy guarantees does this FL solution provide?
Three concrete guarantees.
1. Data residency: transaction records never leave the originating organization's infrastructure. ML training happens locally on each participant's data within their own perimeter.
2. Cryptographic protection of model updates: gradients and hessians transmitted to the coordinator server are cryptographically protected — eavesdroppers cannot extract input data from intercepted updates.
3. Identical model distribution: each participant ends up with an identical copy of the trained model and can perform independent inference within their own infrastructure. No party — neither bank, payment system, nor Guardora — has visibility into other parties' raw data at any stage. Compliant with GDPR, PCI DSS, banking secrecy regulations, and Russian Federal Law 152-ФЗ on personal data.
How can my bank or payment system adopt this Guardora approach?
For a similar deployment, contact Guardora for a scoping session. Production deployment typically involves:
(a) Selecting the FL configuration (HFL for fraud detection, VFL for cross-domain feature combination, FHE for end-to-end encrypted training).
(b) Harmonizing feature schemas across participants (the case study notes that "FL participants have different pipelines for generating feature spaces; for the intersection features, retrieval and preprocessing schemes have been harmonized").
(c) Selecting the model family (Random Forest, GBDT, or others).
(d) Defining update cadence (continuous, scheduled rounds, or new-data-triggered).
(e) Deploying the FL infrastructure (private cloud with one aggregation server and N client servers, as in this case). Guardora provides the full PPML platform and integration support.