blue digital circle

Perspectives

Blockchain risk management

Risk functions need to play an active role in shaping blockchain strategy

Is your organization prepared for the new risks posed by the introduction of a blockchain framework? The successful adoption and operation of any new technology is dependent on the appropriate management of the risks associated with that technology. This is especially true when that technology is more than an application and is part of the organization’s core infrastructure, as is the case of distributed ledger technologies, a.k.a. blockchain.

Blockchain framework

Risk practitioners across industries are very excited about blockchain's promise to help organizations minimize—and in some cases eliminate—the risks posed by current systems.

Blockchain is being viewed as the foundational technology for the future of risk management. However, as the technology continues to mature and many theoretical use cases begin to get ready for commercialization, it behooves the financial services industry to start focusing on a less discussed question: "Do blockchain-based business models expose the firm and market to new types of risk? And if so, what should firms do to mitigate these risks?"

It’s critical for firms to understand that while blockchain promises to drive efficiency in business processes and mitigate certain existing risks, it poses new risks to the firm and market. Additionally, it’s important to understand the evolution of regulatory guidance and its implications. Earlier this year, the Financial Industry Regulatory Authority (FINRA) issued detailed guidance1 on some of the operational and regulatory considerations for developing various use cases within capital markets. Firms need to ensure that these regulatory requirements are addressed in the blockchain based business models.

Types of blockchains and inherent risks

Blockchains fall under two types: permissionless and permissioned chains.

  • Permissionless blockchains: Permissionless blockchains allow any party without any vetting to participate in the network. Permissionless blockchains start out with a pool of crypto currency to pay service providers, or miners, to participate in the process.
  • Permissioned chains: Permissioned blockchains are formed by consortiums or an administrator who evaluates the participation of an entity on the blockchain framework.

Regardless of the type of blockchain, the business logic is encoded using smart contracts. Smart contracts are self-executing code on the blockchain framework that enables straight-through processing.

The blockchain peer-to-peer framework offers the potential to transform current business processes by disintermediating central entities or processes, improving efficiencies, and creating an immutable audit trail of transactions. This provides the opportunity to lower costs, decrease interaction or settlement times, and improve transparency for all parties.

Blockchain technology will transform business models from a human-based trust model to an algorithm-based trust model, which might expose firms to risks that they have not encountered before. In order to respond to such risks, firms should consider establishing a robust risk management strategy, governance, and controls framework.

blue digital circle
Did you find this useful?