Federated Learning Architecture for Privacy-Preserving Risk Assessment in Cross-Border FinTech Systems

Cross-border FinTech risk assessment is constrained by data residency, bank secrecy, and heterogeneous regulatory regimes, which limits centralized model training despite escalating fraud and compliance exposure. A privacy-preserving federated architecture is presented that integrates jurisdiction-local harmonization, secure aggregation, differential privacy, and local calibration for decision robustness. Across five jurisdictions, the full protocol improves mean AUROC from 0.848 to 0.901 and mean AUPRC from 0.534 to 0.607, with AUPRC lifts between 8.3% and 17.0% depending on corridor volatility and label timeliness. Privacy utility behavior remains deployable under differential privacy, where increasing the noise multiplier from 0.6 to 1.4 reduces mean AUROC from 0.906 to 0.884 and mean AUPRC from 0.612 to 0.589, while cross-jurisdiction variability remains bounded with AUROC standard deviation rising only from 0.010 to 0.014. Calibration materially improves governance stability, reducing expected calibration error from 0.052 to 0.034 and Brier score from 0.168 to 0.154, while decreasing triage decision churn under a ±0.03 threshold perturbation from 9.6% to 6.1%. Communication experiments indicate stable convergence within approximately 60 rounds under typical participation, with partial participation delaying the plateau to about 68 rounds and dropout stress to about 72 rounds, accompanied by limited degradation of −0.006 AUROC and −0.008 AUPRC under partial participation and −0.012 AUROC and −0.015 AUPRC under dropout stress. Ablation results show that secure aggregation preserves utility while improving confidentiality, and that the full protocol achieves the lowest normalized expected operational cost (0.89) and best calibration profile (ECE 0.034), supporting production readiness for cross-border deployments requiring auditable privacy controls and consistent threshold-based decisioning.