Light Dark
December 21, 2016 By Luke Sully 3 min read
Banking & Finance
Fraud Protection

Financial institutions, real estate brokers, law firms and other organizations with an interest in trust-based transactions will be swarming blockchain in 2017, and you can bet regulators will be right behind them.

The end of 2016 marks blockchain’s evolution from niche curiosity to corporate up-and-comer as institutions seek ways to benefit from reduced cycle times, fewer intermediaries and increased control. IBM recently launched its Hyperledger ecosystem to reflect growing interest in its global family of blockchain solutions. IBM also recognizes, however, that enthusiasm will be met with caution on the part of the government and industry organizations charged with maintaining order. That’s why it is critical to work with regulators.

Working With Regulators

Financial regulators around the world broadly police the conduct of institutions, protect consumers and ensure the health of the entire system. These regulators have every reason to be cautious about blockchain. For one thing, blockchains negate the need for parties such as transfer agents and clearing agencies, which have traditionally provided important windows into the systems regulators police. Many regulators fear that losing that transparency will make their role as enforcers more complicated.

In reality, though, blockchain could be a regulator’s best friend. Its underlying distributed ledger technology creates a detailed digital record of every transaction. Authorized parties can audit a blockchain with complete confidence in its validity. There is no way to modify or corrupt the chain without leaving muddy footprints. Instead of being on the outside looking in, regulators can become members of the blockchain and conduct real-time monitoring. Just think what that can do to protect against systemic risk, moral hazard and misuse.

Regulating Blockchain

Another problem is that blockchain is like nothing regulators have ever seen. Early this year, Securities and Exchange Commission (SEC) chair Mary Jo White stated in a keynote address that her agency is investigating “whether blockchain applications require registration under existing Commission regulatory regimes.”

In July, the Financial Stability Oversight Council’s annual report lauded blockchain’s cost benefits but cautioned that such innovations “may also embed risks … It is possible that operational vulnerabilities associated with such systems may not become apparent until they are deployed at scale.”

New York was the first state to adopt formal blockchain regulations in mid-2015 with its code known as BitLicense. According to CoinDesk, North Carolina instituted its own law this summer, which is widely seen as friendlier to users of digital currencies. An even more inclusive set of regulations took effect in Illinois on Dec. 1, combining rules with a plan to integrate blockchain into government operations.

While regulators are keeping an open mind, industries that embrace blockchain will still need to educate them on the nuances of this new breed of transaction manager to avoid compliance purgatory.

One risk is that blockchain could become too closely associated with virtual currency, such as bitcoin. In fact, many applications of blockchain have nothing to do with money. For example, law firms that use the technology to exchange contracts don’t want to be classified as money lenders. Regulators, however, will want to verify that contracts are compliant, placing the onus on the lawyers to become more technology-oriented.

The Time Is Now

The time to be proactive is now. U.S. federal law is currently “a patchwork of bitcoin-specific guidance and rulings” from a variety of federal agencies with little consensus and no teeth, wrote Duke University School of Law graduate student Trevor I. Kiviat in an excellent examination of the regulatory landscape for the Duke Law Journal.

We can assume that situation won’t persist for long. Federal regulators have yet to weigh in, and Europe is currently exploring its own regulatory options. It will likely take years for government agencies to untangle the complexities of global enforcement, however. The intervening period is an opportunity for blockchain practitioners to demonstrate that this technology has efficiency and business transformation value that benefits not only the organizations that use it, but also the ones that oversee it.

Blockchains require adaptation of both regulatory practices and regulatory standards, all while leveraging new methods and forging closer working relationships within the industry. While these are all positive changes, this process will be years in the making.

 |  |  |  |  |  | 
Luke Sully
Associate Partner, IBM

More from Banking & Finance
March 13, 2024

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

March 7, 2024

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

January 26, 2024

DORA and your quantum-safe cryptography migration

5 min read - Quantum computing is a new paradigm with the potential to tackle problems that classical computers cannot solve today. Unfortunately, this also introduces threats to the digital economy and particularly the financial sector.The Digital Operational Resilience Act (DORA) is a regulatory framework that introduces uniform requirements across the European Union (EU) to achieve a "high level of operational resilience" in the financial services sector. Entities covered by DORA — such as credit institutions, payment institutions, insurance undertakings, information and communication technology…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature