No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Best of 2016: How Blockchain Can Revolutionize Regulatory Compliance

by Cliff Moyce
December 28, 2016
in Compliance
Best of 2016: How Blockchain Can Revolutionize Regulatory Compliance

As 2016 draws to a close, we’re taking a look back at some of the most valuable insights our authors have shared.  In case you missed it, this is one of the articles our readers couldn’t get enough of this year.

Blockchain is currently one of the hottest topics in financial services and capital markets. The technology has the potential to transform many business processes, making the data used in those processes more available, transparent, immediate and secure.  It could also strip out large amounts of cost, delay and error handling/rework.  Possible use cases include trade reporting; clearing, confirmation, validation and settlement; recordkeeping; monitoring and surveillance; risk management; audit; management and financial accounting; and regulatory compliance (including – but by no means limited to – financial crime prevention). The immutability, immediacy and transparency of information captured within a blockchain means that all necessary data can be recorded in shared ledgers and made available in near real time.  In such a world, stakeholders will no longer be simple recipients of post-hoc reports; instead they can be part of the real-time process.

Blockchain first emerged as the technology that powers the cryptocurrency bitcoin.  However, since its first appearance in 2009, blockchain’s potential uses have far exceed cryptocurrency applications.  By necessity, blockchain technology is complicated in its implementation, but the underlying idea is simple: it is a distributed ledger or database running simultaneously on many (possibly millions) of nodes that can be distributed geographically and across many organizations or individuals. What makes blockchain unique is its cryptographically assured immutability, or irreversibility.  For example, when transactions on the ledger are grouped into blocks and written to the database, they are accompanied by cryptographic verification, making it nearly impossible to alter fraudulently the state of the ledger. Another way to think about blockchain is as trust/consensus technology: the changes in the data are recorded into the blockchain when network participants agree that a transaction is legitimate in accordance with shared protocols and rules.

Interest in blockchain in financial services and capital markets continues to grow – and will accelerate as live solutions make their way to market.  Many organizations – including banks, exchanges and fintech firms – have announced initiatives in 2016, while the list of possible use cases being proposed in articles and forums is lengthening.

Applications in Compliance

One of the most exciting features of blockchain from the compliance perspective is its practical immutability: as soon as data is saved into the chain, it cannot be changed or deleted. That is why blockchain is used as the document or proof for the transfer of any digital asset, for example bitcoins or other digital currencies. By the same token, it can be used as record of ownership of physical property – an approach currently undergoing testing by Sweden’s national land survey, where a blockchain-powered system for registering and recording land titles is attempting to digitize real estate processes.  Blockchain’s immutability also lends itself to the application of proof-of-process for compliance.  Blockchain could be used to keep track of the steps required by regulation. Recording actions and their outputs immutably in a blockchain would create an audit trail for regulators to verify compliance.  Almost as importantly, regulators could have read-only, near real-time access into the private blockchain of financial organizations.  This would allow them to play a more proactive role and analyze information in real-time mode.  In other words, this brings them closer to becoming participants in – rather than customers of – the process. Such a change could reduce dramatically the time and effort (and therefore cost) that financial institutions spend on regulatory reporting, as well as improving the quality, accuracy and confidence of and in the process.

Another regulatory field where blockchain could play an important role is in KYC (know your customer) and AML (anti-money laundering). Banks and other financial institutions have to complete many tasks and steps as a part of the onboarding process for new clients. In addition to data collection, there are important rules around validation, confirmation and verification to be completed before new clients can be onboarded.  In some markets, the process can take several months.  Many of the steps could be eliminated if the information existed already in a secure, tamper-resistant database – an immutable blockchain. Any changes to customer data will be distributed to participants in the blockchain immediately. The chain would provide records of procedures and compliance activities for each client.  Blockchain would play the role of proof-of-process, so all that steps are easily traceable and regulators can be confident about the veracity of the information. Moreover, individuals would be co-custodians of the information on the blockchain, which could provide additional protection against identity theft (impacting or even disintermediating businesses like credit-monitoring services).

A further possible extension is blockchain as a digital identity management grid, with all information required for screening and compliance being held about individuals and/or firms in a chain.  This would reduce KYC/AML processes to simple automated checks of a blockchain-powered, marketwide utility.  It is likely that sharing sensitive information about customers between financial organizations will start to become the norm once trust is established in a blockchain-enabled ecosystem.  Interestingly, SWIFT has announced that their own KYC registry, which already includes more than 1,000 member banks, will be shared with trusted partners and customers in the future.  This is one of the early steps to fully trusted digital identities in the industry – which must be the target business and legal outcome.

Smart Contracts

It is hard to explore potential applications of blockchain without mentioning smart contracts. In short, smart contracts are custom, self-executing programs (distributed applications) that run on a blockchain and are triggered by some external data or event that lets them modify some other data; if certain conditions are met, a smart contract can update the blockchain according to predefined rules (e.g., transfer digital assets from one participant to another).  Once this technology gathers enough momentum, its proponents believe smart contracts will be no less revolutionary than the invention of HTML, which transformed the internet and, subsequently, the entire world economy. The appeal of smart contracts is undeniable, as they could potentially replace many functions currently executed by costly or inefficient intermediaries.  However, smart contract technology clearly isn’t ready for prime time yet, as evidenced by the recent much-publicized DAO debacle, where a poorly formulated contract allowed a savvy user of Etherium, a popular public blockchain, to obtain millions of dollars’ worth of digital currency. Smart contracts need to become much more robust to reach the comfort level necessary for widespread adoption by industry.

The smart contracts issue reminds us that with all its promise, blockchain is still quite experimental and not without its challenges with regard to the use cases being discussed in the industry.  Some of the barriers to adoption that come to mind are privacy, performance and infrastructure.  Using blockchain for trade reconciliation, settlement and the like would require sophisticated privacy controls and the management of access to the information residing in the blockchain. Originally, blockchain was designed for precisely the opposite – namely, to enable every network participant to view the entirety of the data.  With Bitcoin, for example, anyone can view the entire ledger if they wanted to. Out of the box, private (permissioned) blockchains can provide two types of access control: read-only and read/write. Additionally, it is possible to introduce permissions to mine, receive or issue assets. However, real-world applications in capital markets and other sectors require more flexible and granular access management schemas; simply putting complete information about all transactions on a shared ledger open to anyone on the network is obviously something no market participants would agree to. In a perfect world, blockchain would allow enterprise companies to map their existing LDAP (Lightweight Directory Access Protocol) users/groups in it. This is a non-trivial problem that remains unsolved at this time, to the best of our knowledge.

Challenges

Speed is often cited as a big problem for the wider adoption of blockchain. Performance of blockchains is significantly slower than conventional databases, and with good reason: the cryptographic component, which is what gives blockchain its most attractive features, is very calculation-intensive. For example, the throughput capacity of bitcoin is only around seven transactions per second. This does not compare very well, for example, to the average of 2,000 transactions per second processed by the VISA payment system, with the peak capacity of 56,000 transactions per second (although they never actually use more than about a third of this, even during peak shopping periods). There are attempts being made to build blockchains capable of higher performance. Most notably, BitShares claims the ability to handle up to 100,000 transactions per second, which would be plenty fast enough if this were an apples-to-apples comparison.  However, the definitions of performance used by BitShares in their publicized explanations seem different from the accepted norm. These comparisons are further complicated by factors like collocation and the distributed nature of blockchains, but in the grand scheme of things, for now the performance gap remains unbridged.

Setting up and managing the infrastructure to support blockchain solutions is another challenge to organizations experimenting with the technology. As information security, operations, cloud and other teams start introducing blockchain as a new data/code layer in their firms, the process can be quite disruptive, in particular because there are no best practices available that would streamline the roll-out process. There are early attempts to improve the situation, like Microsoft’s Project Bletchley or Hyperledger, but they are not yet finalized for production use.

In summary, blockchain technology has the potential to revolutionize and improve many business processes in financial services and capital markets. Of the many processes that could be improved by the technology, it is regulatory processes such as KYC and financial crime prevention (e.g., AML) that may be early converts.  If this turns out to be the case, the benefits to the industry will be enormous.


Tags: Consumer Financial Protection Bureau (CFPB)GDPR
Previous Post

Best of 2016: Money Laundering Schemes in Real Estate

Next Post

Best of 2016: Survey Finds Potential Personal Liability Impacting Compliance Profession

Cliff Moyce

Cliff Moyce

Aug 10 - Cliff Moyce headshotCliff Moyce is Head of the Finance Practice at DataArt. Cliff has spent most of his career transforming organizations in financial services and capital markets. Everything from building and launching major new companies to automating trading at Europe’s largest derivatives exchange and setting up a UK private equity company for a large Japanese conglomerate. Prior to joining DataArt, Cliff was COO at Credit Market Analysis, where he led the company through a period of significant change, culminating in its acquisition by McGraw Hill Financial. Cliff is a regular press commentator on topics such as the future of banking, IT security, transforming legacy systems architectures and fintech. He is a Fellow of the Institute of Management Services and holds an M.Sc. in Organisational Psychology from Birkbeck, University of London.

Related Posts

gdpr

UK Resurrects Data Protection Reforms, EU Court Rules on GDPR in Civil Cases

by Jonathan Armstrong and André Bywater
March 15, 2023

Recent courtroom and legislative action in Europe will likely have ripple effects around the world for companies subject to regulations...

eu flag

Preparing Your Company for the Latest GDPR Data Transfer Developments & Upcoming Deadlines

by Kevin L. Coy
November 30, 2022

An EU court decision and legislative moves in the U.S. and UK make compliance with privacy regulations increasingly difficult. Arnall...

minidata_b

Honey, I Shrunk the Data: How to Keep Customer Info on a Need-to-Know Basis

by Parker Poe
November 30, 2022

It may be tempting to hoard the data you have gathered on your customers, but an increasing number of regulations...

uk ico data access

UK’s Data Protection Regulator Signals Crackdown on Access Request Violations

by Jonathan Armstrong and André Bywater
October 5, 2022

Data privacy laws in the EU and UK established the right of individuals to find out what personal information organizations...

Next Post
Best of 2016: Survey Finds Potential Personal Liability Impacting Compliance Profession

Best of 2016: Survey Finds Potential Personal Liability Impacting Compliance Profession

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT