Technological and operational risks including cyber security risks

The DLT underlying crypto-assets may be beneficial for many applications. However, crypto assets, especially those that are decentralised and operate with limited or no formal governance structure, present particular technological and operational risks. As discussed further below, the particular application of DLT that underlies most crypto-assets is relatively nascent, and may be subject to technological errors and limitations. Technological limitations and network governance issues regularly arise in networks for different crypto-assets. These include the following:
There are concerns about the long-term viability of ‘mining’-based systems, not least because the energy consumption may not be sustainable if the size of the crypto-assets market grows.

• Similarly, returns to scale in mining can lead to the creation of concentrated mining pools that have substantial control over a crypto-asset. In other cases, there may be concentrated governance structures around network nodes or software standards.

• Many crypto-asset networks have limited bandwidth, or lack the ability to quickly process large numbers of transactions at the same time. This leaves them susceptible to operational challenges from both targeted attacks and relatively benign applications.

• Decentralisation and lack of or inadequate governance makes it difficult to resolve technological limitations or errors and may lead to uncertainty and “hard forks” by a subset of miners.
Crypto-asset trading platforms can be, and in some cases have been, vulnerable to fraud, hacking, and other cyber incidents for a variety of reasons, including weak custody and cyber security arrangements and in many cases operating without being registered as regulated exchanges. A number of trading platforms with poor security have collapsed after cyber incidents, with real losses for customers.