Use Case Overview: Confidential Computing Workshop in May 2021
#0 Introduction and Next Steps
#1 Creating Transparency about Systemic Pay Inequality in Switzerland with Cross-Organisational Data
#2 Advancing the Swiss Anti-Money Laundering Procedures through Confidential Computing
#3 Optimizing Decision-Making for Cybersecurity Spending through Data-Exchange
With Leap - the platform for multi-stakeholder innovation in Switzerland - and with the support of Swisscom and Decentriq, we conducted a Digital Infrastructure Workshop focusing on Confidential Computing. The goal was to understand what data-sharing alliances could be pursued together. Therein, we've focused our collective brainpower to answer the following question:
How might we collaborate on cross-organisational datasets?
The workshops resulted in three promising ideas for collaborative projects, which we've summarised for you. Below, you get detailed information on each use case and at the end of this page, you can express your interest in having an initial exchange. Thank you for bearing with us while we gather all your interests to find common focus.
We look forward to deep dive into the use cases with you!
Learn more about Leap by visiting our website or reach out to us at firstname.lastname@example.org. Kindly note that a digitalswitzerland member organisation needs to be in the lead for the collaborative project in order to receive Leap Support. All Leap projects are open for non-member organisations to contribute.
Use Case #1:
Creating Transparency about Systemic Pay Inequality in Switzerland with Cross-Organisational Data
“How might we compare cross-organisational data to develop a national benchmark on gender pay gap?”
Transversal Problem: Across the Swiss private sector, the average gender pay gap is 19.0% (CHF 1512). 44.3% of this gap cannot be explained by objective factors. This amounts to CHF 684 per month (8.2%), according to the Federal Office for Gender Equality. In response to this systemic inequality, a revised Gender Equality Act “Gleichstellungsgesetz” (GlG) has come into force on July 1, 2020. According to this law, Swiss organisations with more than 100 employees need to conduct an internal Equal Pay Analysis (EPA) by June 30th 2021. The EPA has to be verified by an auditor by June 30th 2022 and then shared with employees and stakeholders b June 30th 2023. Most companies are progressing ahead of this schedule. That said, two transversal challenges need to be addressed to unleash the full benefit of the revised Gender Equality Act. First, a national benchmark is needed for firm-specific analysis to be meaningful. Indeed, the law dictates that the results of EPA need to be disclosed solely to the employees and shareholders of the firm in question. As long as the EPAs are conducted in isolation, the results may not lead to the systemic change envisioned. Second, a new approach is needed to incentivise small organisations, who are exempt from the Gender Equality Act, to participate voluntarily.
Collaborative Approach: To unleash the full benefit of the revised Gender Equality Act, a collaborative approach is needed. We suggest the formation of a “Data Cooperative for Gender Pay Equality” that consists of an alliance of civil society actors, academics and private organizations, which aggregates valuable EPA data to serve as a basis for concrete actions. It would be the world's first data cooperative with the purpose of eliminating the systemic gender pay gap. Through collaboration in the Swiss private sector, this could be achieved in several ways for instance by:
- developing a national benchmark of EPAs to make firm-specific analysis meaningful
- leading the development of guidelines for how to conduct EPAs for industries and economic sectors
- incentivising small organisations to participate voluntarily by leveraging confidential computing
- certifying organisations that share data with an “Equal Pay Aware” label
Systemic Impact: The Data Cooperative for Gender Pay Equality is ideally positioned to build on existing efforts to bring meaningful transparency to the systemic gender pay inequality in Switzerland and serve as a global role-model.
Do you want to create transparency about systemic pay inequality in Switzerland with us?
Fill out the form below!
Use Case #2:
Advancing the Swiss Anti-Money Laundering Procedures through Confidential Computing
“How might we collaborate on cross-organisational data in the Swiss financial industry in order to prevent money laundering?”
Transversal Problem: In March 2021, the Swiss Federal Council voted in favour of a reform of the anti-money laundering legislation. The primary goal of the revision is to allow Switzerland to pass its next FATF country audit in 2022. The Swiss financial industry still has widespread concerns about the steady increase in Suspicious Activity Reports (SARs) and lack of processing capacity at Switzerland’s Money Laundering Reporting Office (MROS). The latest Basel AML Index “Ranking money laundering and terrorist financing risks around the world” places Switzerland only 93rd out of 141 countries. The reasons for this poor ranking are cited as lack of transparency in transactions and inadequate anti-money laundering precautions.
Collaborative Approach: Despite the criticisms regarding lack of transparency, the MROS is still faced with a mountain of SARs, which exceeded 7,000 in 2019 alone. In Switzerland, approximately 90% of suspicious activity of money laundering originates from the financial sector. This is not a true reflection of the entire money laundering scene as there are more institutions facing the risk of money laundering such as legislators and supervisory authorities to name a few. That said, there is widespread consensus that the Swiss Anti Money Laundering procedures need to be improved. Through collaboration in the Swiss financial industry, this could be achieved in several ways for instance by:
- tapping into cross-organisational datasets to improve KYC profiles to provide more complete information (e.g. origin of assets)
- conducting efficiency and effectiveness tests in transaction monitoring with other financial service institutions
- comparing cross-organisation data against sanctions lists to enable a machine-learning algorithms to attain a lower false positive rate and to cut costs by speeding up the clarification process
Systemic Impact: Enable confidential data exchanges and benchmarking across the Swiss financial industry to prevent the unsustainable growth of SARs and significantly advance the Anti-Money Laundering Procedures in Switzerland.
Do you want to advance the Swiss anti-money laundering procedures with us?
Fill out the form below!
Use Case #3:
Optimizing Decision-Making for Cybersecurity Spending through Data-Exchange
“How might we compare cross-organisational data to develop a benchmark on IT security budgets that allows organisations to make better IT spending decisions?”
Transversal Problem: As organisations continue to undergo digital transformation, their growing dependence on cyber infrastructure makes them more exposed to cyber attacks. Consequently, Swiss organisations have started to substantially increase their spending on cyber security. In 2019 alone, the Swiss ICT security expenditure hit a record CHF2.35 billion. At present, it’s notoriously difficult for CIOs to judge how much cybersecurity spending is appropriate given their organisational context. Currently, companies spend about 10% of the IT budget on cybersecurity, yet the spectrum varies widely. When deciding the amount of IT spending on cybersecurity, CIOs take into account a range of factors including company size, industry standards, and type of data protected. At present, this decision-making process is only supported by internal data and fundamentally lacks the external reference values from peers.
Collaborative Approach: There is a shared interest among CIOs across organisations to collaborate on data to substantiate their individual decision on cybersecurity spending. We propose the formation of a lean data-sharing alliance revolving around “Swiss Cybersecurity” where CIOs could anonymously exchange key factors that underpin their decisions without the risk of exposing sensitive organisational data. This could entail a number of data points, including company size, overall IT budget, and number of distinct IT systems to be protected. For the vast majority of organisations, cybersecurity efforts are a core function and not a strategic differentiator. Hence, CIOs are likely to be more forthcoming in sharing this data with each other. Each CIOs would benefit from this alliance equally by receiving an external reference point which will inform their individual cybersecurity decision, complementary to their internal analysis.
Systemic Impact: The lean data-sharing alliance revolving around “Swiss Cybersecurity” would benefit Swiss organisations by optimizing their decision-making process for IT spending on cybersecurity. It could serve as the starting point to exchange additional IT spending data at a later stage (e.g. cloud services, backup and disaster recovery cost, etc.) to empower the IT function in Switzerland to make smart buying decisions.
Do you want to optimize decision-making for cybersecurity spending with us?
Fill out the form below!