Three Blockchain Data Management scenarios for Financial Services
Blockchain technology adds two unique capabilities to our information technology landscape. The first is the ability of two parties to participate in transactions without the need for a trusted third party — this capability forms the basis for cryptocurrencies and Blockchain supply chain applications. The second unique capability is the ability to create tamper-resistant data entries that cannot be redacted, repudiated, or disputed. This latter capability is what we call Blockchain Data Management.
Blockchain Data Management has gained less attention than Blockchain transactional capabilities, perhaps because it is not associated with the bubbly world of cryptocurrencies. However, Blockchain Data Management has sweeping implications across computer science, industry, and society: it allows us to be sure — for the first time — that a digital record cannot be tampered, backdated, or redacted.
ProvenDB is a database service that brings Blockchain Data Management within reach for enterprise applications. It combines the power and ease of use of a conventional database service, with the immutability and tamper-resistance of a public Blockchain.
In this post, I’ll look at three concrete use cases for Blockchain Data Management in the financial services industry.
Securing Credit risk documents
Financial institutions are required by regulators to assess and manage the risk that borrowers will default on loans. Compliance with appropriate regulations involves the collection of supporting documents such as business activity statements, evidence of collateral, income and expense information and so on.
The consequences of mismanaging loan risk are well understood — the Global Financial Crisis (GFC) remains a potent example of how much is at stake.
The subprime mortgage boom, which preceded the GFC, was associated with the creation by mortgage companies of fraudulent documentation supporting untenable loans such as the “Art Department” at Ameriquest that created phony W-2 tax forms (see this New York Times article).
More recently, investigations into banking behavior in other countries have revealed similar problems. For instance, an Australian Royal Commission into Banking was convened after widespread cases of file “reconstruction,” “sanitizing,” “doctoring,” and “falsification” were revealed. At least 20 executives and directors of financial institutions lost their jobs in the subsequent investigations.
In light of the GFC and other more recent revelations, Regulators have been taking a more rigorous approach to the auditing and validation of documents supporting loans and other transactions. Given demonstrated incidences of file tampering, Regulators are no longer prepared to take at face value documentation provided by a financial institution — they require proof that documents were on hand when the loan or transaction was approved. They need hard evidence that no tampering has occurred.
ProvenDB offers the ideal solution for storing and validating these documents. ProvenDB can generate a digitally signed Blockchain proof that can prove beyond doubt the documentation that was on hand when the loan finalized. Any suspicion of backdating or tampering can be definitively eliminated.
Open Banking
Many countries are mandating Open Banking standards that require financial institutions to provide software interfaces, which, amongst other things, allow customers to transfer their accounts between competing financial services providers more easily. These schemes generally require that banks implement standardized interfaces and data formats to allow export and import of customer personal and transactional data.
Open banking regulations generally have strong requirements for the recording of customer consent and auditing of all data transfers. There is furthermore a definite need for dispute resolution mechanisms and data reconciliation during the transfer of customer accounts using these interfaces.
In order to successfully respond to audits and disputes, a financial services provider should be able to prove the receipt of customer consents and be able to demonstrate the correct generation of customer transactions and personal information. The best way to demonstrate these is through the preservation of all service interactions in a persistent Blockchain-anchored database service such as ProvenDB.
Security
All financial services organizations have an enhanced responsibility for securing their customer data. Revealing customer personal information without consent is bad enough — stealing or manipulating a customer’s financial information is completely unacceptable.
Blockchain technology generally and ProvenDB specifically can improve security within financial institutions in at least two critical ways.
Firstly, data in a ProvenDB database is tamper-evident. Given appropriate permissions, data in the database may be modified in the style of any database system, but changes cannot be performed without changing Blockchain proofs that have been created. The solution, therefore, provides total transparency for data changes and makes unauthorized tampering evident.
In ProvenDB, updates to data do not delete old copies of data. As a consequence, an internal audit trail is maintained, which provides a built-in ability to respond to data audits and to provide forensic evidence in the event of a breach.
Secondly, the immutably of Blockchain records creates many opportunities for the hardening of secure systems, both in preventing and limiting the chance of a breach and in reacting and responding when violations occur.
For instance, the integrity of Security and Event logs are essential in detecting and remediating attacks. A Carbon Black threat report found that in 72% of cases, Incident Response professionals had encountered destruction of logs as a mechanism for concealing a Security Incident. Blockchain-backed logs can be made immune to such destruction.
As well as using Blockchain to protect Security Incident and Event logs, immutable Blockchain storage can be used to track and audit changes to access control and authentication configuration and to detect and prevent attempts to tamper with or destroy customer data.
Conclusion
Financial services are facing increasing pressures to ensure the integrity, auditability, and transparency of their data assets. These pressures are partially a result of revelations of wrongdoing in separate but disparate elements of the industry. They also result from increasing demands for data interoperability and optimization.
There is overwhelming evidence that trust in financial institutions is on a decline. For instance, this 2019 American Banker report showed that the number of banks with weak trust scores doubled between 2018 and 2019. The report found that this decline in reputation “translates into less willingness to buy a bank’s products.”
Blockchain Data Management is a crucial technology that helps address the challenges of data trust within financial institutions. By providing proof of data integrity and origin, it can build trust between financial institutions, between financial institutions and customers, and with regulators. The ability to ensure regulatory compliance and the improvement of consumer trust should be top priorities for all financial institutions. Therefore, Blockchain Data Management should be a key technology for those institutions.
ProvenDB uses Blockchain technology to provide the world’s first fully trustworthy database. Immutable versions of database state are anchored to the Blockchain, delivering an unparalleled level of data integrity. ProvenDB allows developers to build high-performance applications that include cryptographic proof of data integrity and provenance without having to understand Blockchain programming complexities.
