Today, financial institutions (FIs) store and share consumers' financial data for various reasons such as offering loans, processing payments, and protecting against fraud and financial crime. Such sharing of sensitive data have been subject to data breaches in the past decade. While some regulations (e.g., GDPR, FCRA, and CCPA) help to prevent institutions from freely sharing clients' sensitive information, some regulations (e.g., BSA 1970) require FIs to share certain financial data with government agencies to combat financial crime. This creates an inherent tension between the privacy and the integrity of financial transactions. In the past decade, significant progress has been made in building efficient privacy-enhancing technologies that allow computer systems and networks to validate encrypted data automatically. In this paper, we investigate some of these technologies to identify the benefits and limitations of each, in particular, for use in data sharing among FIs. As a case study, we look into the emerging area of Central Bank Digital Currencies (CBDCs) and how privacy-enhancing technologies can be integrated into the CBDC architecture. Our study, however, is not limited to CBDCs and can be applied to other financial scenarios with tokenized bank deposits such as cross-border payments, real-time settlements, and card payments.

翻译：如今，金融机构出于提供贷款、处理支付、防范欺诈和金融犯罪等多种原因，存储并共享消费者的财务数据。过去十年间，此类敏感数据的共享屡遭泄露事件。尽管某些法规（例如《通用数据保护条例》、《公平信用报告法》和《加州消费者隐私法》）有助于限制机构随意共享客户敏感信息，但另一些法规（例如1970年《银行保密法》）要求金融机构与政府机构共享特定财务数据以打击金融犯罪。这便在金融交易的隐私性与完整性之间形成了固有矛盾。过去十年间，构建高效隐私增强技术取得了显著进展，这些技术使计算机系统和网络能够自动验证加密数据。本文探究了其中部分技术，以识别其各自的优势与局限性，尤其针对金融机构间的数据共享场景。我们以央行数字货币这一新兴领域为案例，研究如何将隐私增强技术融入其架构。然而，本研究的适用范围不限于央行数字货币，亦可应用于其他涉及代币化银行存款的金融场景，例如跨境支付、实时结算及卡支付等。