Using Blockchain to Solve Regulatory and Compliance Requirements
Since the financial crisis in 2008, the speed and breadth of regulatory change has consumed resources and increased spending on compliance creating and ever-present challenge for financial firms. While financial firms have been consumed with compliance, the financial industry has been threatened by a flurry of innovation and increased competition from new fintech firms applying technology to finance to provide new innovative products and services to meet the needs of an ever-demanding digital savvy customer base. To stay competitive, financial firms must drive down costs and improve the efficiency and effectiveness of their operational processes.
Regtech has emerged to address these and other challenges. Regtech is defined as: — ‘the use of new technologies to solve regulatory and compliance requirements more effectively and efficiently.’
The same technologies being used to disrupt the financial services industry can be used to add value. For example, being able to get a customer up and running more quickly, and having more accurate AML screening will have a significant impact on efficiency and customer satisfaction. These technologies — including data analytics, cloud computing, blockchain, machine learning and biometrics can be deployed by both regulators and financial firms to enable better compliance solutions while increasing efficiency and profitability.
This paper focuses specifically on how distributed leger technologies (DLT) or blockchain can be applied to support regulatory compliance and will focus on three areas: regulatory reporting, KYC processes for AML compliance and the use of Smart Contracts.
Distributed Ledger Technologies (DLT)
A distributed ledger is an asset database that can be shared across a network of multiple sites, geographies and institutions. One key feature of blockchain technology is that a distributed database only allows to ‘append’ operations not ‘amend’ or ‘delete’. All participants within the network can be guaranteed to have an identical copy of the ledger. The primary objective of blockchain based applications is to establish a shared source of truth for all actors on the network even if they have conflicting agendas. One powerful consequence of this is disintermediation — by removing the entity in the middle, faster delivery, enhanced trust, a lower cost per transaction, a better customer experience and improved bottom line is achievable.
Gaining Efficiency in Regulatory Reporting
Since the financial crisis, several new regulations have required structured, well-defined and complete risk data reporting. Basel II and Solvency II requires extensive reporting of portfolio risk data and Recovery and Resolution Planning under the Financial Stability Board (FSB)’s Key Attributes of Effective Resolution17, BRRD (UK, EU) and Dodd-Frank (US), require systemically important FIs to report in detail their main counterparty exposures and institutional structure. OTC derivative transaction reporting is also required in most jurisdictions.
While keeping up with the constantly changing regulatory environment can be challenging and costly, aggregating and automating this data is also often problematic for financial firms due to the use of legacy IT systems and ‘siloing’ of information in different systems due to regulatory and legal impediments. Consequently, there is still a heavy reliance on manual processes and archaic partially automated processes, particularly in smaller firms.
In some cases, the regulators on the receiving end of these datasets are ill-equipped to manage them impacting their ability to provide effective data analysis, surveillance and a timely effective review process. Some regulators still use paper forms such as PDFs to receive information.
Distributed ledger technology (DLT) or blockchain has the potential to take away several pain points for financial institutions and regulators. Since blockchain data is shared by design, regulators would not have to collect, store, reconcile and aggregate the information themselves. All transactions are documented immutably on the distributed ledger providing a comprehensive, secure, precise, irreversible, and permanent financial audit trail. Having one shared permanent record would elevate the need for both regulators and financial firms to keep their own replicated records which would be a tremendous cost saving to the entire industry. It would also vastly improve the speed and quality of regulatory review process since there would no longer be a need for reconciliation.
Financial firms would benefit from a more efficient regulatory reporting process since the distributed ledger would act as both an execution platform and a mechanism to store transactional information. The use of blockchain would significantly improve an organization’s ability to resolve compliance issues, react to new regulatory and compliance obligations and address internal audit requirements.
Faster Identity Checks Using Blockchain
Another regulatory field where blockchain will play an important role is in the know your client (KYC) process and for anti-money laundering (AML) compliance. Often, the KYC tasks are repetitive in nature resulting in data inconsistencies and duplicate processes. Added to the challenge is the use of disparate systems — internal and external — which often leads to the implementation of manual solutions being used to bridge end-to-end operational procedures. Client onboarding is an important part of AML compliance requiring extensive document requests and proof of identity. Consumers are often frustrated by repetitive requests for the same information and delays due to the time it takes for banks to confirm and verify their information.
Having the ability to quickly and inexpesively verify individuals identity would vastly improve the KYC process. Singapore is in the process of creating a national KYC utility. The utility, will allow for the verification of personal details stored in the government ‘myinfo’ database to the financial industry for KYC verification. The government will run a ‘myinfo’ pilot with two banks in Q1 2017 before scaling up and expanding to more sophisticated user cases.
The immutability, immediacy and transparency of information captured within a blockchain means that all necessary data can be recorded in shared ledgers and made available in near real time. Many of the steps required to verify and confirm identity could be eliminated if the information existed already in a secure, tamper-resistant database. Any changes to customer data will be distributed to participants in the blockchain immediately including the individual whose identity is being verified which will keep the process honest. It would also mean that KYC performed by one bank (Bank A) can be leveraged by another bank (Bank B) operating in the same jurisdiction. This model requires consensus among participating banks on the validation process to maintain the trust and integrity of the system.
Using blockchain will also allow the regulators to oversee the process since all the steps are easily traceable on the blockchain.
One important pre-requisite for any digital identity or automated KYC utility is that personal information must be protected according to the laws on the use of personal information within the jurisdiction.
Embedding Rules into Smart Contracts
Streamlining the onboarding process would be a positive first step towards better AML compliance however, the blockchain technology also has the potential to improve monitoring through increased automation and the implementation of real-time alerts. AML compliance monitoring involves continuous screening of clients’ personal and transaction information. With ‘smart contracts’ (software embedded in blockchain) rules can be ‘hard-coded’ into a smart contract producing a trigger or alert. An AML example would be: stopping a transaction by generating an alert during a trade transaction where there is sanctions risk on the counterparty.
The use cases for this technology are still in a nascent stage however the technology has huge potential due to its ability to modify or prevent actions if certain pre-defined conditions are met. Managing pre-described limits such as capital and liquidity limits or restrictions on the re-hypothecation of assets are other potential user cases worth exploring.
Although there is enormous efficiency to be gained in using smart contracts, a strong governance and operational structure would need to be in place to manage the ‘unlocking of hard-coding in response to regulatory changes. Regulators or other trusted parties could potentially be given this responsibility.
Regulation of Tomorrow
Distributed ledger technologies have the potential to change the current financial system, whether in terms of reduced costs, greater reliability or more transparency. To create a successful ecosystem, it is necessary to have, or have access to, the right ingredients for success. These include: suitable use cases, the talent to deliver, the right business environment to assist those who will bring the solutions, government and especially regulator support, and of course access — to customers, and other ecosystems.
To fully reap the benefits of blockchain and other technologies, it is important to open the dialogue between the industry and the regulators to ensure market solutions are developed that suitably address regulatory compliance, governance and legal issues while providing a distinct efficiency and cost advantages to the financial ecosystem. Regulators that are fully engaged now will be able to better address the possibilities of tomorrow.
“ Regulators need to be part of the Regtech solutions adopted by industry and need to be prepared to innovate along side the industry. Regtech solutions using blockchain or new centralized utility models will allow both industry and regulators to reduce costs and improve oversight. I look forward to seeing these changes come forward.”
Maureen Jensen, Chair and CEO of the Ontario Securities Commission (OSC)
“Regtech should be top of mind for both regulators and the private sector. The reason is simple. The regtech sector has enormous potential to help organisations build a culture of compliance, identify learning opportunities and save time and money relating to regulatory matters. It is for this reason that regulators the world over are also seeing the potential of regtech to complement the work they already do.
There is no doubt that blockchain is an exciting technology that can underpin many regtech ideas and it is important to understand why blockchain has the potential to transform regulatory compliance.
I see four reasons. First, efficiency and speed. Blockchain holds the potential to automate processes that can often take days or weeks. Second, disintermediation. Blockchain automates trust; it eliminates the need for ‘trusted’ third-party intermediaries. With blockchain, the decentralised ledger offers this trust. Third, reduced transaction costs. With increased speed and automation costs reduce. Finally, improved market access. Because of the global nature of blockchain, global markets have the potential to become even more transparent and easily accessible to investors and issuers through the use of technology such as this.”
John Price, Commissioner, Australian Securities and Investments Commission (ASIC)
“I have said before that the FCA does not view blockchain as a panecea, but at the same time although still in its relative infancy, the development of Distributed Ledger Technology (DLT), and its application as blockchain, has the potential to offer genuinely innovative solutions to financial services.
DLT presents real opportunities in the regulatory space, as my colleague Megan Butler highlighted at the BBA Financial Crime and Sanctions conference on Tuesday. Opportunities such as helping firms meet Know Your Customer or anti-money laundering requirements more efficiently. But there are a number of issues to be considered. For example, how do individuals gain access to a distributed network and who controls this process? What data security exists for users?
We are engaged in discussions with government and industry on these issues.
As with all new technology, the development of DLT will be an iterative process. Our current thinking around what it can do will undoubtedly adapt and change as research and experimentation continues. So we will continue to monitor development of this technology, while remaining alive to any future risks it may pose.”
Christopher Woolard, Executive Director of Strategy & Competition, Financial Conduct Authority (FCA)
(Quote from speech on “The FCA’s role in promoting innovation” — https://www.fca.org.uk/news/speeches/our-role-promoting-innovation at the British Bankers Association (BBA) FinTech Banking Conference)
“Distributed ledger and blockchain technologies have the potential to change the current financial landscape, whether in terms of reduced costs, greater reliability and more transparency. Increased market efficiencies, realised in compliance with the post-crisis regulatory reforms, could solidify the foundations necessary to invigorate world economies.
In order to fully reap the benefits that these new technologies may bring, market participants must collaborate to establish common standards and ensure interoperability between distributed ledgers where appropriate. Regulators and other authorities should also be part of that conversation: they have a key role to play in providing legal certainty around the implementation of any new market practices, some of which may cross jurisdictional borders. Moreover, in the future, regulators could be tasked with ensuring the soundness of the governance built into code and turning the increased transparency into tangible intelligence on market stability.
To achieve this goal, regulators must today undertake to evaluate whether they have the resources needed to deliver on their mandate in a digital environment. These resources include not only IT infrastructure and applications, but also staff with the skillsets necessary to access, analyze and interpret code and data. Success also depends on regulators striving to establish ties with innovative market actors and building on a culture of organizational agility.”
Lise Estelle Brault, Senior Director, Derivatives Oversight, Autorité des marchés financiers (AMF)
Chami Akmeemana is the Fintech advisor to the Ontario Securities Commission. He is also the Executive Director of regulatory solutions at ConsenSys Inc. Chami is the Managing Director Global markets at the Global Risk Institute. He has a multi-faceted background that includes engineering, law enforcement, entrepreneurship with successful exits, and big data.
Joseph Lubin is the founder of ConsenSys, a company that develops applications and utilities for the next-generation decentralized web, and co-founder of Ethereum.
Donna Bales is a market structure and regulatory expert and founder of Balmoral Advisory Inc. Donna is the author of the Canadian “An Examination of the Regulatory Sandbox” position paper
Contributions from — R. Jesse McWaters, Project Lead — Disruptive Innovation in Financial Services World Economic Forum.
Jesse leads the World Economic Forum’s exploration of fintech and financial innovation. He is the co-author of the World Economic Forum’s groundbreaking “Future of Financial Services” report which establishes a taxonomy of fintech innovations and considers their implications on the financial services ecosystem. More recently, he co-authored an in-depth exploration into the potential of blockchain to revolutionize financial services (“The Future of Financial Infrastructure”) as well as an investigation of the importance of digitizing identity for the financial system (“A Blueprint for Digital Identity”).
 Institute of International Finance, “Regtech: exploring solutions for regulatory challenges,” Washington DC, October 2015
 Monetary Authority of Singapore, Singapore’s Fintech Journey -Where We Are — What is Next. http://www.mas.gov.sg/News-and-Publications/Speeches-and-Monetary-Policy-Statements/Speeches/2016/Singapore-FinTech-Journey.aspx
 Smart contract are custom self-executing programs that run on blockchain and allows for information to be transferred from one party to another in an efficient transparent manner.