What advantages would the military have in giving commercial banks & fintechs the ability to maintain the highest levels of privacy while transacting egregious amounts of money abroad? perspective
DARPA announces the Provably Private and Performant Payment Paradigms (P5) program to see if payment systems could be made quicker, more efficient, and guarantee financial privacy at high volumes internationally.
On December 19, 2025, the US Defense Advanced Research Projects Agency (DARPA) put out a request for information (RFI) for its P5 program, which seeks “information on the current state of the art and possible technical innovations required to achieve provably private and performant international payment systems.”
The P5 program is aimed at increasing “the financial and geopolitical resilience of American financial institutions operating internationally.”
“This RFI seeks information on the fundamental tradeoffs between financial privacy and transaction volume and efficiency – if they exist – and what technical barriers – if any – would have to be overcome to guarantee privacy (modulo a precisely specified threat model) while meeting or exceeding current international-financial-system-scale payments volume and speed”
DARPA, Provably Private and Performant Payment Paradigms (P5) RFI, December 2025
According to the RFI, “No existing payment technology guarantees its users’ privacy. This is obvious for SWIFT and international clearing and settlement networks, with which large financial institutions must create attributed accounts, but is also true for ‘privacy-conscious’ payment solutions such as many cryptocurrencies.”
The P5 RFI acknowledges that blockchain-based alternatives to SWIFT, such as Ripple, Tether, and Circle “offer entirely new paradigms and architectures for transferring value internationally.”
Additionally, the authors say that it is “well-established that it is possible to deanonymize Bitcoin transactions, and there is evidence that Monero and Zcash – so-called ‘privacy coins’ – can be deanonymized as well.”
“A notional secure-but-not-private payment system could be a central bank digital currency. A notional private-but-not-secure payment system could be the multi-hop transfer of bags of unmarked, nonsequential bills between distant lands by multiple distinct contracted third parties”
DARPA, Provably Private and Performant Payment Paradigms (P5) RFI, December 2025
With the US military getting deep into the international payments space, its research and development funding arm is asking respondents to answer at least one of the following questions:
- What is an appropriate definition of privacy for a payment system? For example, receipt of a very large amount of capital in some sense can never be completely private if it translates to a large increase in net worth of the receiver. (Respondents to this RFI are free to disagree with this – or any – assertion in this SN [Special Notice], as long as such disagreements are backed up by coherent arguments and evidence.)
- Are there fundamental tradeoffs between financial privacy, transaction volume and marginal cost, and payment security?
- A basic distinction between privacy and security in a payment systems context: security is prevention of undesired access to payment value, e.g., diversion of payment to unauthorized recipients; privacy is prevention of payment system operator or other third-party attribution of value transfer.
- A notional secure-but-not-private payment system could be a central bank digital currency. A notional private-but-not-secure payment system could be the multi-hop transfer of bags of unmarked, nonsequential bills between distant lands by multiple distinct contracted third parties.
- What is an appropriate privacy threat model? Appropriate for which classes of payment system users? Is an appropriate security threat model identical to one used for, e.g., enterprise cloud services, or is a different security threat model appropriate?
- Are there any fundamental differences between security and privacy in a payment system’s context as opposed to a more general computer networking context? Do aspects of the payment systems context make security or privacy more challenging or easier to achieve?
The above questions are modelled on what is called the “Heilmeier Catechism,” which is used to assess and think through every proposed research program at DARPA.
The Heilmeier Catechism consists of eight questions:
- What are you trying to do? Articulate your objectives using absolutely no jargon.
- How is it done today, and what are the limits of current practice?
- What is new in your approach and why do you think it will be successful?
- Who cares? If you are successful, what difference will it make?
- What are the risks?
- How much will it cost?
- How long will it take?
- What are the mid-term and final “exams” to check for success?
George Heilmeier ran DARPA from 1975-1977, and today his method is “used by some the most innovative research organizations around the world,” according to the DARPA website.
Leading P5 are DARPA program managers Dr. David Dewhurst and Michael Lack.
Before joining DARPA as a program manager in April 2024, Dr. Dewhurst served as a technical advisor for government research and development programs at the agency and was a Capstone Fellow at the Yale Jackson School of Global Affairs, according to his bio.
There are 23 Senior Fellows at the Yale Jackson School of Global Affairs for 2025-2026, including:
- Chris Christie: Former governor of New Jersey and US presidential candidate
- Ivan Duque: Former president of Colombia
- Theresa May: Former prime minister of the UK
- General David Petraeus (ret): Former director of the CIA
A fan of beginning sentences with lowercase letters, Dr. Dewhurst worked on DARPA projects in various roles during his almost three-year tenure at Charles River Analytics, according to his LinkedIn profile.
“there’s essentially no financial privacy at all at the scale of large international transactions. does it really have to be this way?”
DARPA P5 Program Co-Manager Dr. David Dewhurst, LinkedIn, December 2025
“financial privacy matters — not just because Americans expect and deserve it but also because it can be our nation’s competitive advantage”
DARPA P5 Program Co-Manager Dr. David Dewhurst, LinkedIn, December 2025
Dr. Dewhurst has also headed other DARPA research programs, including:
- A3ML: Anticipatory and Adaptive Anti-Money Laundering — aimed at developing algorithms to sift through financial transactions graphs for suspicious patterns, learn new patterns to anticipate future activities, and develop techniques to represent patterns of illicit financial behavior.
- BPL: Business Process Logic — aimed at characterizing and resolving vulnerabilities in business logic systems to protect defense-critical workflows for government and business, such as manufacturing, infrastructure, and logistics.
- RSDN: Resilient Supply-and-Demand Networks — aimed at securing the Pentagon’s sources of materiel against both intentional—including adversarial—and unintentional disruptions.
Prior to joining DARPA as program manager in May 2023, Michael Lack was a chief scientist within STR’s Cyber and Physical Systems division, providing oversight and expertise to several privacy, cybersecurity, and networking research projects, according to his bio.
Before joining STR, Lack was the senior vice president of R&D at Two Six Technologies, where he oversaw a broad research portfolio in mobile security, data privacy, cybersecurity, applied math, data science and complex systems.
Lack also headed at least three other DARPA programs:
- PWND2: Provably Weird Network Deployment and Detection — aimed at developing formal models of emergent communication pathways (weird networks) to fundamentally improve how we deploy and detect robust and resilient hidden networks in the real world.
- RACE: Resilient Anonymous Communication for Everyone — aimed at exploring approaches to preserving privacy, such as secure multiparty computation and obfuscated communication protocols.
- MICE: Measuring the Information Control Environment — aimed at measuring how authoritarian regimes employ digitally repressive techniques, such as censorship, blocking, or throttling, at scale over the internet, as well as the technical capabilities used to enable such activities.
“A provably private, secure, and efficient payment system would increase the financial and geopolitical resilience of American financial institutions operating internationally, increasing American competitiveness in an age of adversarial economic statecraft”
DARPA, Provably Private and Performant Payment Paradigms (P5) RFI, December 2025
Dr. Dewhurst says that Americans expect and deserve financial privacy and that it “can be our nation’s competitive advantage,” but for whom exactly is this financial privacy?
P5 is focused on “large international transfers” for “American financial institutions operating internationally,” and DARPA considers this to be a matter of national defense by maintaining American competitiveness in this space.
Speaking of the fast payments space, there is a global push coming from organizations like the United Nations, the Gates Foundation, and the World Economic Forum (WEF), along with the European Commission, who are hell-bent on rolling out Digital Public Infrastructure (DPI).
DPI is a civic technology stack consisting of three main components: digital identity, fast payment systems, and data exchanges between public and private entities.
Meanwhile, the European Central Bank (ECB) is plowing ahead with the development of its own Central Bank Digital Currency (CBDC) — the digital euro — while simultaneously launching the EU digital identity wallet.
DARPA’s P5 RFI distinctly classifies a CBDC as being a “secure-but-not-private payment system.”
Afterall, CBDCs require some form of digital identity to operate.
Could DARPA’s P5 program positively contribute to global DPI rollouts? Could it disrupt them in any way?
What could the program’s effect be on stablecoins and the GENIUS Act?
“We are now waiting for the European Parliament to come up with final legislation that will give us the go-ahead for the [digital euro] pilot phase and then the launch”
Christine Lagarde, European Central Bank, December 2025
DARPA’s P5 program is looking for tradeoffs between privacy, transaction volume, and efficiency.
KYC and AML laws are already in place, and central banks all over the world are pushing for CBDCs linked to digital identity wallets.
Nevertheless, the research and development funding arm of the most powerful military known to humankind is looking to overcome any technical barriers in an attempt to guarantee financial privacy for American financial institutions working abroad.
What advantages would the military have in giving financial institutions likes commercial banks and fintechs the ability to maintain the highest levels of privacy while transacting in egregious amounts of money abroad?
What’s in it for the Pentagon, which has failed every annual audit since 2018?
Image Source: AI generated with Grok
