Credit risk models are a critical decision-support tool for financial institutions, yet tightening data-protection rules (e.g., GDPR, CCPA) increasingly prohibit cross-border sharing of borrower data, even as these models benefit from cross-institution learning. Traditional default prediction suffers from two limitations: binary classification ignores default timing, treating early defaulters (high loss) equivalently to late defaulters (low loss), and centralized training violates emerging regulatory constraints. We propose a Federated Survival Learning framework with Bayesian Differential Privacy (FSL-BDP) that models time-to-default trajectories without centralizing sensitive data. The framework provides Bayesian (data-dependent) differential privacy (DP) guarantees while enabling institutions to jointly learn risk dynamics. Experiments on three real-world credit datasets (LendingClub, SBA, Bondora) show that federation fundamentally alters the relative effectiveness of privacy mechanisms. While classical DP performs better than Bayesian DP in centralized settings, the latter benefits substantially more from federation (+7.0\% vs +1.4\%), achieving near parity of non-private performance and outperforming classical DP in the majority of participating clients. This ranking reversal yields a key decision-support insight: privacy mechanism selection should be evaluated in the target deployment architecture, rather than centralized benchmarks. These findings provide actionable guidance for practitioners designing privacy-preserving decision support systems in regulated, multi-institutional environments.

翻译：信用风险模型是金融机构的关键决策支持工具，然而日益严格的数据保护法规（如GDPR、CCPA）逐渐禁止借款人数据的跨境共享，尽管此类模型能从跨机构学习中获益。传统的违约预测存在两个局限：二分类忽略了违约时间，将早期违约者（高损失）与晚期违约者（低损失）等同对待；集中式训练则违反了新兴的监管约束。我们提出了一种基于贝叶斯差分隐私的联邦生存学习框架（FSL-BDP），该框架能够对违约时间轨迹进行建模，而无需集中敏感数据。该框架在提供贝叶斯（数据依赖）差分隐私（DP）保证的同时，使各机构能够共同学习风险动态。在三个真实世界信用数据集（LendingClub、SBA、Bondora）上的实验表明，联邦学习从根本上改变了隐私机制的相对有效性。虽然在集中式设置中经典DP的表现优于贝叶斯DP，但后者从联邦学习中获益显著更大（+7.0% 对比 +1.4%），达到了接近非私有性能的水平，并在大多数参与客户端上优于经典DP。这种排名逆转揭示了一个关键的决策支持洞见：隐私机制的选择应在目标部署架构中评估，而非基于集中式基准。这些发现为从业者在受监管的多机构环境中设计隐私保护决策支持系统提供了可行的指导。