Use of blockchain technology in compliance: Fortior’s Managing Director questions the risk of reputational damage and consequences for Blockchain developers.
Blockchain technology has been in the headlines for quite some time. There are various uses to which it has been put, for example Bitcoin. Blockchain and cryptocurrencies were probably the most popular discussion topics at this year’s World Economic Forum and the events surrounding it. The general agreement is that blockchain technology is already disruptive and is going to be even more so in the future. It may provide solutions such as validation of transactions without third party intermediaries, use of self-executing escrow agreements, facilitation of crowdfunding and so forth.
But what are the risks? There have already been cases where both Bitcoin and Ethereum have been hacked causing perceivable reputation and financial damage to stakeholders. The victims are of course fully entitled to ask “Who is responsible?” or “Who do I turn to for compensation?”
You cannot sue the developers of Bitcoin, because no-one even knows who they are. There is no company or other intermediary in the traditional sense of the word against whom a cause of action could lie. You can sue, for example, a notary. He would normally carry a professional indemnity insurance. There is at least some sort of state guarantee that a notary, qualified pursuant to state-established rules, is properly qualified to do what he is doing and that the victims of his potential malpractice will get some sort of compensation. But how do you rely on a software whose developers are anonymous (and hence could in theory be anyone), for whose quality there is no guarantee, and in respect of whose failures there is no-one to sue?
It is these issues which, in the assessment of Fortior’s lawyers, will lead to global regulation of blockchain solution providers generally, and cryptocurrencies in particular. The regulation, in our assessment, would provide for some sort of qualitative controls, would designate individuals or companies responsible for potential failures and would require financial guarantees on the part of the developers to ensure that the rights of recourse are not useless. Regulation such as this, while understandably undesirable for developers, would ensure smooth and trusted further development of the technology, and would avoid situations analogous to 19th century wild-cat banking in the US.
We note the recent developments in South Korea in this respect. The government of this technologically advanced country stepped in to provide broader regulatory oversight over the trading of cryptocurrencies from anonymous bank accounts. Such a move, according to source, was designed to stop virtual coins from being used for money laundering and other illegal activities. In their official statement, the government called for policy makers around the world to introduce “tougher, coordinated regulation of cryptocurrency trading.”
Yet another are to which the blockchain technology has been put is compliance. In the course of the Caspian Week in Davos this year, it has been suggested that blockchain can be effectively used by banks and other financial institutions to conduct compliance checks. The suggestion is that the system issues compliance tokens for individuals and entities, assessing the perceived risk levels of dealing with them, on the basis of the information that the system has been able to collect. This appears to be a great idea. Only imagine how faster and cheaper banking could be if banks no longer had to pay thousands of people to run their KYC processes.
But imagine also the risks involved. What if people have similar names and one of them is reported to have been involved in a fraud. The other could in theory have his risk rating affected, with the result that he would be locked out of the banking system. What if a person is being publicly accused of fraud by his counterpart in order to blackmail him into making a payment, which is not in fact due to the blackmailer. This could likewise result in the person being accused being locked out of the banking system. In a traditional environment, one could go to a bank and explain that he is not the fraudster mentioned in newspapers, or that the accusations advanced against him are entirely unjustified. It would then be for the bank to decide whether or not to work with the person. But with the proposed “delegation” of the compliance function to software, the banks’ decisions would in effect be taken automatically, with the result that individuals and companies could be locked out of the system, and suffer substantial losses as a result, simply by reason of software failures.
When this question was asked at the Caspian Week, it transpired that there is currently no response to it. The answer is that “Yes, the issue exists”, but look at what others are doing. And, in any event, there are, for example, credit rating agencies which do similar things to blockchain.
Fortior respectfully disagrees. Credit agencies are frequently paid by those seeking to receive a rating. They might then analyse quantitative (i.e. financial) and qualitative (e.g. strategy) datа which they can only obtain with cooperation of those whom they rate. The companies being rated then know precisely what their rating is and can, in theory, provide further information which might affect their rating. But banks are not obliged to tell individuals or companies why they do not wish to deal with them. If they do not wish to deal with them because they did not pass their blockchain compliance check, then the company or individual in question may not even know. Given the importance of the banking system in people’s everyday lives, issues such as this might also require regulatory interference.
At Fortior, we have a substantial amount of experience in financial and other regulatory matters. While there may be no blockchain regulation in every country at the current time, such regulation is virtually certain to be put in place in the nearest future. Blockchain developers would be well advised to anticipate this, in order to avoid the potentially disruptive effects that regulatory changes could cause to their products. If you would like to discuss your projects with us, please contact us at [email protected] or get in touch with your usual contact at Fortior.