Blockchain: Financial Reporting Integrity on Steroids?
By Nick Roquefort-Villeneuve, Global Marketing Director — Amalto Technologies
What is it that you await with much anticipation and sometimes anguish once every three months? Spoiler alert: The answer has nothing to do with the beginning of a new season, even though 35 percent of Americans regularly name the start of spring as their favorite moment of the year. Isn’t spring the season of love? It’s actually scientifically proven. Yep, it’s all about dopamine. Think about it. There are so many novelties in the spring: Brighter colors, new smells, people wearing less clothes… The brain is triggered and releases dopamine, which makes people more susceptible to love.
Of course, I was referring to quarterly earnings reports. You know, those quarterly filings prepared by public companies’ finance departments to report their performance (net income, earnings per share, earnings from continuing operations, net sales, etc.), which are then examined by auditors, who verify that statements are SEC regulation proof.
Now, how can Blockchain technology disrupt a process that is far from looking like a long and quiet river?
The Technology Behind Financial Reporting Today
The results a company reports to its shareholders are as accurate as the data used to generate those figures. I admit the latter is a pretty logical statement, and yet it is extremely important to acknowledge its pertinence. I am pretty sure you are familiar with the term “cooking the books.” Enron in 2001 (kept huge debts off the balance sheet), WorldCom in 2002 (inflated assets by $11 billion), AIG in 2005 ($3.9 billion worth of loans booked as revenue) Lehman Brothers in 2008 (hid over $50 billion in loans disguised as sales), and Saytam in 2009 (falsely boosted revenue by $1.5 billion) among many other corporate accounting scandals should ring a bell. The common denominator? Insider’s job. Today, given the level of technological sophistication available to businesses, what allows an insider to cook the books? We’re far from the time an eraser and a pencil used to do the job just fine. Nowadays, this type of fraud infers breaking into an accounting system to temper with stored data. You may ask, “Yes, but given the level of sophistication pertaining to software security, how can anyone even start compromising a system?”
Unless your financial data is already stored in the Blockchain, it’s kind of a walk in the park to cook the books from the inside. I assume your financial information lies in a centralized data warehouse. Such a data repository system involves the designation of an authority, who grants access to the database by providing users with credentials for authentication. For example, a database administrator can not only grant access but also create objects and issue database commands. Thus, this authority is in control of what happens with the database. If the security of the authority is compromised, the data can be altered or deleted. If the system that manages access to the database is compromised, then the data can also be altered, deleted or simply stolen. More precisely, the user of a conventional database has access to four data functions: Create, Read, Update, Delete. Logically, anyone with access credentials can utilize the Create, Update and Delete functions to compromise data. Read is only as good as the data which is read. That simple!
Naturally, fraud doesn’t have the monopoly on the reporting of erroneous figures, which ultimately mislead shareholders and the street. How about a discrepancy at the source, like an incorrect entry of manual data into a reporting system? We’re all humans, and 123 rekeyed manually can quickly become 132. Human errors are the result of an insufficient level of automation. Once the wrong data is pushed to the ERP system, it can create a detrimental ripple effect with dramatic accounting and therefore reporting consequences.
What Blockchain Brings to Financial Reporting
For two main reasons, (private or permissioned) Blockchains bring a degree of automation and data security that is far greater than what a centralized data repository system can offer.
First, a private Blockchain is a network of interconnected databases (nodes). Authority isn’t centralized. Each node has its own administrator. Each node also stores the exact same data for all participants to view at any time. A Blockchain network only allows for two functions: (Transaction) Validation, and (New Transaction) Writing. This means that unlike a centralized data repository, it is impossible to create, update, or delete a data inside the Blockchain. Instead, once a transaction occurs, the data associated to this transaction is pushed to the Blockchain to be validated through the solving of an algorithm. If validated, a block is added to the chain and the data is stored inside this block. Past and future entries are treated the same way. Past entries on the Blockchain always remain unchanged. They stay inside the Blockchain permanently and are available for all to see/read. This is why a Blockchain network is referred to as an immutable and as a distributed ledger. The stored and validated data is clean, because it is uncorrupted and unaltered.
Second, Blockchains store short computer programs called smart contracts. A smart contract enforces the execution of the contract according to the way it was set up by its creators. Therefore, all parties involved are bound by a digitally-produced but binding agreement. Smart contracts carry many advantages, one of which being that they facilitate business arrangements, without the formality and cost associated with traditional contracts. And that includes the costs associated to hiring intermediaries for their services. Lastly, smart contracts are immutable and for any participant in the network to view at all times.
Yet, are the benefits developed above sufficient to ensure the integrity of the corporate financial reporting process and its results? For example, could a transaction that is recorded in a Blockchain still be unauthorized, fraudulent, or illegal? The answer is no. Smart contracts in their structure (immutability, visibility) prevent such issues from arising. The latter also excludes any dysfunctions pertaining to transactions executed among related parties. Remember, a data is written in each node of the network. To that effect, if one database were to be compromised, the authority in charge of the other nodes would be instantly alerted and the compromised node and inherent data immediately flagged. Fraud tends to be the action of a very small group of individuals. Collusion always happens at a small scale. To corrupt an entire Blockchain network would necessitate collusion on a level that would reach far beyond the cheating organization. The participants in a Blockchain network include trading partners, financial institutions, regulators, among others. The level of automation would also make it impossible to classify incorrectly any information in financial statements. Again, the code behind the systems that make automation possible would not pass quality assurance, if it included such gross errors.
To Conclude: What Becomes of Auditors?
Blockchain technology is structured to eliminate intermediaries. When referring to publicly traded companies in the United States, auditors act as middlemen between the business’ financial reports and the submission of those reports to the SEC. There are two scenarios: Today and tomorrow. Today, an auditor can download the (clean) data from the Blockchain to match the information with the organization’s financial reports and confirm there is compliance with the SEC’s requirements. Tomorrow, the SEC will have its own node in the Blockchain network, which signifies that the regulator will have initially approved all the smart contracts, based on its requirements for compliance.
