FedGuard: A Robust Federated AI Framework for Privacy-Conscious Collaborative AML, Inspired by DARPA GARD Principles

Abstract

The fight against money laundering requires collaborative analysis of financial data across institutions, yet privacy regulations and security concerns create debilitating data silos. While federated learning (FL) offers a privacy-preserving framework for decentralized model training, its application to Anti-Money Laundering (AML) is acutely vulnerable to specialized AI security threats, such as model poisoning and privacy inference attacks. To address this, we introduce FedGuard, a robust FL framework for collaborative AML, inspired by the security-first principles of the DARPA GARD program. FedGuard integrates a dual defense mechanism. First, a Dynamic Contribution-Aware Robust Aggregation module counters model poisoning by evaluating client updates via reputation scoring and statistical filtering, ensuring the global model's integrity. Second, a calibrated Differential Privacy scheme is applied to local updates, providing a mathematical guarantee against membership inference and data reconstruction attacks. This design operationalizes the GARD tenets of "evaluable robustness" and "defense-in-depth" within a practical FL system. Our comprehensive evaluation on financial transaction datasets demonstrates that FedGuard maintains high AML detection accuracy (AUC-ROC, F1-Score) comparable to standard FL in benign settings. Under attack, it shows superior robustness, reducing model poisoning success rates by over 70% compared to vulnerable baselines, while simultaneously preserving privacy by lowering inference attack accuracy to near-random levels with a manageable utility cost. FedGuard provides a deployable solution that enables secure, cross-institutional collaboration, directly supporting national financial security initiatives and regulatory goals for safer data sharing.