The Potential Changes Coming
There’s still a significant amount of uncertainty around blockchain, but the technology is already proving transformational, and its use in the GRC field may just revolutionize the compliance and audit professions. Christian Auty offers several predictions about the impact blockchain will have on compliance.
The bloom is off the rose.
The uncertainty – regulatory and otherwise – that pervades blockchain technology is increasingly apparent. There are scams like Bitconnect, telegram-fueled pump-and-dumps and bad actors galore. But there is also, underlying it all, an absolutely revolutionary technology that will change certain industry and commerce irrevocably (check out DHL and Accenture’s new program to prevent pharmaceutical tampering).
Compliance professionals will play a critical role 1) to help these companies operate lawfully in a dynamic and changing regulatory environment and 2) because blockchains have the potential to change the way investigations and audits are completed.
We can and should expect to see distributed ledgers that have nothing to do with tracking value in the near future. What will they mean for compliance professionals? How will we interact with these databases? How will we use them to ferret out wrongdoing, make our companies more efficient or provide greater insight new data that sees farther? Below are my five predictions for blockchain and its application to compliance:
1. The Revolution Will Be Permissioned
One of the core objections you will hear to the application of blockchain to business processes is that it “doesn’t scale” or that the cost of running a full database at every node is prohibitive. There is certainly some truth to this. Truly distributed ledgers like Bitcoin have disadvantages. Only so many transactions can be processed on chain and the number is not nearly enough to support worldwide adoption. Very smart people are debating and creating solutions right now to scale worldwide distributed ledgers; some have been more successful than others.
But other ecosystems, like supply chains for example, do not have an infinite number of possible participants. The universe of buyers, sellers and distributors can be ascertained in advance. A permissioned blockchain – that is, a blockchain maintained and reviewable only by pre-selected participants – can offer all of the advantages of the blockchain without the scaling inefficiencies of larger chains. In most cases, a token isn’t even required since the parties are already doing business and are incentivized to communicate in the most efficient manner possible.
The first operational B2B blockchains will almost certainly be permissioned. They may use a backbone protocol like Ripple or Ethereum, but you and I will never be able to download the chain and monitor it in real time. Only the participants will be allowed to see it.
2. Audits Will Get Easier
From a compliance perspective, perhaps the most exciting attribute of a typical blockchain is the ability to “see” the entire provenance of a particular item/coin/good. A “bitcoin” is really just a series of transactions, from creation (“genesis”) to present. Blockchains are excellent at tracking custody because that was indeed the point of the first one. This can be applied to other goods and transactions in commerce: think shipping containers or pharmaceuticals. The ability to track items in this sort of granular and searchable detail across systems will speed audits greatly and make finding fraud that much easier.
3. The Revolution Will Be Open Sourced
If you think it is hard to hire cybersecurity talent, try to hire a blockchain dev. Fortune 20 companies are struggling in this area, and the problem will be worse before it gets better. Fortunately, the same concepts that attract brilliant people to this field also (and this is a generalization) call people to opensource collaborative environments. Organizations like Hyperledger and even consortia supported by corporate America will grow in prominence as people adapt freely available, provably secure technology to their needs or simply build on top of it. It is very hard to start from scratch, but fortunately, it is also generally unnecessary.
4. Significant Regulatory Events
This is the only one I’m sure about. The SEC has stated publicly that it has investigated “dozens” of ICOs and other blockchain-related ventures. A district court only very recently ruled, for the first time, that Bitcoin was a commodity. Wyoming has passed what is, by far, the most progressive and permissive state regulation to date. There is more to come as regulators learn about the vices and virtues of this new technology.
5. Compliance Professionals Will Show Value in Early Use-Cases
I enjoy playing Go, and my coach once told me that before I play a stone, I should always ask myself one question: “What wonderful thing does this do for my position?” Sometimes it is “stake out more territory,” other times it is “avoid catastrophe,” but there should always be an answer. When managers and the C-Suite ask “what wonderful thing will blockchain do for my company?”, the folks with their hands raised first may very well be compliance professionals. There are already exciting applications in areas including real-time audits, instantaneous payments through smart contracts, identity authentication of anyone from anywhere, etc. Compliance professionals will know what to do and may be the first to show the true value of this new technology.
Christian Auty is a Principal at law firm Much Shelist. An experienced litigator, Christian has an established reputation as a strong client advocate and is well-versed in issues on the intersection of law and technology, including data privacy and data breach response, electronic discovery, data storage and retention practices and information governance.
.
