Consider a concrete scenario, simplified for illustration but faithful to patterns that appear in real casework. An organization wants to move $40,000 of illicit proceeds into the U.S. financial system. It knows that any single cash deposit over $10,000 will generate a Currency Transaction Report. It knows that a sequence of structured cash deposits in a single account will trigger monitoring thresholds at any competent institution. So it does what sophisticated operators have done for decades: it spreads the deposits across multiple institutions.
Eight community banks, each receiving a single deposit of $4,800. Eight different individual "smurfs" walking into eight different branches on the same Tuesday morning. From the perspective of any one of those eight institutions, what they observe is a single cash deposit of $4,800 from either a long-standing customer or a new customer, for an amount that is well below any reporting or alerting threshold. It is, for any single institution, indistinguishable from a tax-refund deposit, a small inheritance, a used-car sale, or a thousand other mundane things.
None of those eight institutions — no matter how sophisticated their monitoring — can detect the coordinated pattern from the inside. The pattern does not exist inside any of them. It exists in the aggregate, and no single institution has access to the aggregate.
This is the structural blind spot at the heart of the modern AML detection problem. It is not a failure of detection. It is a failure of the detection boundary. Every single-institution monitoring system — every product in this market — is bounded by the same wall, because the law, the privacy expectations of customers, and the operational constraints of interbank information sharing have all historically made the wall solid.
The argument we want to make here is that that wall is becoming penetrable, in a specific and carefully-bounded way, and that the consequences for community banks in particular are unusually large.
Why the problem concentrates in community banks
The coordinated-cross-institution pattern is a problem for every bank, but it is a disproportionate problem for community banks, for three reasons that are worth naming.
First, large banks have internal aggregation capacity that community banks do not. When a laundering operation splits activity across five branches of the same large institution, that institution's monitoring system can see the aggregation because the data is all in one data warehouse. The same operation split across five different community banks is invisible to each of them — community banks do not share a warehouse.
Second, adversarial adaptation has pushed coordinated laundering activity toward exactly the tier of institutions that lack the tooling to detect it. Organized criminal networks are rational allocators of operational risk. They have moved activity away from institutions with strong detection, which has meant moving it into community banks and credit unions — precisely the institutions we discussed in the previous article as being structurally under-tooled. The most sophisticated laundering pattern has concentrated in the tier of institutions least equipped to see it.
Third, community banks have historically had fewer mechanisms to collaborate on intelligence than large institutions. Tier-1 banks have bilateral relationships, industry working groups, and the staffing to participate in 314(b) information-sharing arrangements in a sustained way. Community banks file 314(b) requests, but participation is episodic and resource-limited. The infrastructure for sustained, systematic, cross-institution intelligence has simply not existed at this tier.
The combination of these three factors is why the structural blind spot matters more for community banks than the raw illustration suggests. The activity is there, disproportionately, and the detection capacity is not.
What 314(b) already permits, and what it doesn't enable
Section 314(b) of the USA PATRIOT Act establishes a legal safe harbor for financial institutions to share information with each other, on a voluntary basis, for the specific purpose of identifying and reporting activities that may involve terrorist financing or money laundering. It is a meaningful provision. It is also, operationally, far more limited than its statutory language suggests.
In practice, a 314(b) exchange looks like this: BSA officer at Bank A suspects a particular individual may be laundering. She files a 314(b) information-sharing request with Bank B, asking whether Bank B has relevant activity on the same individual. Bank B's BSA officer reviews, responds, and the exchange is logged. This works — but it works at human speed, on a case-by-case basis, initiated by suspicion that already exists. It does not enable detection of patterns that no single institution has suspected yet.
The 314(b) framework, in other words, is a bilateral information-sharing tool for confirmed suspicion. It is not, and was not designed to be, a multilateral pattern-detection mechanism. The legal permission to share exists; the technical infrastructure for systematic, secure, multilateral detection does not. Our argument is that that infrastructure is what is now becoming feasible — and that 314(b)'s legal framework supports it in a way that was not envisioned when the statute was drafted but is plainly within its text.
The cryptographic primitives, explained for non-cryptographers
The technical foundation for secure cross-institution detection is a family of cryptographic techniques that have matured significantly in the last decade. We will describe them at a level of detail suitable for a compliance officer or an investor; the rigorous treatment is available in the academic literature, and the engineering-grade specifics are shared with qualified partners under NDA.
The central idea is that it is mathematically possible to answer certain questions about the combination of two or more institutions' data without any institution having to expose its underlying data to the others. The techniques that make this possible include secure multi-party computation (often abbreviated MPC), homomorphic encryption, and zero-knowledge proofs. Different techniques are appropriate for different problem shapes, and a production system uses a combination tuned to the specific questions being asked.
The practical consequence, translated out of cryptographic language: suppose eight banks want to collectively answer the question "is there a person who deposited between $4,000 and $5,000 in cash at more than three of our institutions in the last 72 hours?" They can compute the answer to that question — yes or no, plus a secure signal to the banks that had matches — without any of them learning who the other banks' customers are, what those customers' total account balances are, or any other detail beyond the specific answer to the specific question.
The mathematics that makes this possible is non-trivial. It is also, at this point, well-established. Variants of MPC are in production use in financial applications today — notably in interbank benchmark computation, in secure machine learning in healthcare, and in cross-jurisdictional regulatory reporting. The primitives work. The question for AML specifically is not whether the mathematics is sound. It is whether the system built on top of the mathematics is practical, defensible, and deployable at the community-bank tier.
What the detection shift actually looks like
Assuming the technical infrastructure works — and we are confident it does, because we are building it — the change in detection capacity is significant. Returning to the $40,000 structuring example: in a world with secure cross-institution detection, the eight banks in that scenario collectively receive a signal that a coordinated pattern consistent with structuring is present across their institutions. Each institution receives notification that it is one of the participating banks. Each BSA officer can then file a SAR on their own institution's portion of the activity, with the critical addition that their SAR narrative can cite the cross-institution pattern as the typology attribution.
Notice what has and has not changed. Each bank is still filing a SAR on its own customers' activity. No bank is learning who the other banks' customers are. No centralized authority is aggregating the data. The raw transactional detail stays within each institution, protected by the same controls and subject to the same privacy regime as it always was. What changes is that the institutions collectively acquire a view that none of them individually could have had — and that view is sufficient to identify patterns that were previously invisible.
The categories of financial crime that become detectable under this shift are specifically the ones that have been most problematic at the community bank tier: coordinated smurfing operations, trade-based money laundering networks that move through multiple institutions, funnel-account schemes, certain human-trafficking financial patterns, and elder-abuse networks that deliberately fragment activity across caregivers' bank relationships. None of these are new typologies. All of them have been known in the AML literature for decades. The difference is that they have been detectable, in practice, only by institutions with internal cross-branch aggregation capacity — i.e., large banks. Bringing this capability to the community bank tier closes a gap that has persisted for as long as the tier has existed.
The governance questions that matter
A system of this kind is not just a technical artifact. It is a governance structure, and the governance structure is at least as important as the cryptography. The questions that have to be answered credibly before a community bank can participate are familiar ones from any regulated technology deployment — who runs the system, who has authority over changes, who bears liability for errors, how are disputes resolved — but they are sharpened by the fact that the system crosses institutional boundaries.
The positions we hold on these questions, briefly:
No central data aggregator. The architecture must be genuinely distributed, not a centralized system with cryptographic window-dressing. The failure mode we are explicitly designing against is one in which participating institutions come to believe their data is protected when in fact a central operator has access to it. Cryptographic privacy has to be a property of the protocol, not a policy promise.
Participating institutions retain full control over their own data. At no point does the protocol require an institution to surrender custody of raw customer records. At no point does the protocol require trust in the good behavior of any other participant beyond the mathematically-guaranteed properties of the protocol itself.
Regulator-aligned by design. The protocol's outputs are structured so that they can be incorporated into SAR filings with clear provenance — i.e., an examiner reviewing a SAR that cites a cross-institution pattern can trace the signal through its governance and audit layers to the protocol that generated it. This is a design requirement, not an afterthought, and it shapes how the system is specified.
314(b) as the legal substrate. The protocol operates within the information-sharing safe harbor that 314(b) provides. It does not require new statutory authority; it requires a technical framework that makes existing statutory authority operationally useful at scale.
Why this is a meaningful shift, not a marginal one
It is worth being direct about the scale of what is being described here. Every single-institution monitoring system in the market today — every product we compete with, every product being sold to every community bank in the country — has the same structural ceiling: it can only detect patterns that exist within one institution's data. The most sophisticated detection model ever built cannot see what isn't in its input.
Cross-institution collaboration, done right, raises that ceiling. Not incrementally. Structurally. The set of detectable patterns expands to include everything that was previously invisible specifically because of the institutional boundary. For institutions serving populations that are more likely to have activity fragmented across banks — because of geographic realities, because of community structure, because of how local economies actually work — the expansion is especially meaningful.
This is what we mean when we say Phase 2 of Vigilic is not an extension of the single-institution product. It is a different category of capability, enabled by mathematics that was not tractable at this scale a decade ago and is tractable now. We treat it as the strongest argument for why community banks, specifically, should care about modern AML infrastructure — not because it makes an existing function cheaper, but because it makes detection of a known problem possible for the first time.