Financial institutions, real estate brokers, law firms and other organizations with an interest in trust-based transactions will be swarming blockchain in 2017, and you can bet regulators will be right behind them.

The end of 2016 marks blockchain’s evolution from niche curiosity to corporate up-and-comer as institutions seek ways to benefit from reduced cycle times, fewer intermediaries and increased control. IBM recently launched its Hyperledger ecosystem to reflect growing interest in its global family of blockchain solutions. IBM also recognizes, however, that enthusiasm will be met with caution on the part of the government and industry organizations charged with maintaining order. That’s why it is critical to work with regulators.

Working With Regulators

Financial regulators around the world broadly police the conduct of institutions, protect consumers and ensure the health of the entire system. These regulators have every reason to be cautious about blockchain. For one thing, blockchains negate the need for parties such as transfer agents and clearing agencies, which have traditionally provided important windows into the systems regulators police. Many regulators fear that losing that transparency will make their role as enforcers more complicated.

In reality, though, blockchain could be a regulator’s best friend. Its underlying distributed ledger technology creates a detailed digital record of every transaction. Authorized parties can audit a blockchain with complete confidence in its validity. There is no way to modify or corrupt the chain without leaving muddy footprints. Instead of being on the outside looking in, regulators can become members of the blockchain and conduct real-time monitoring. Just think what that can do to protect against systemic risk, moral hazard and misuse.

Regulating Blockchain

Another problem is that blockchain is like nothing regulators have ever seen. Early this year, Securities and Exchange Commission (SEC) chair Mary Jo White stated in a keynote address that her agency is investigating “whether blockchain applications require registration under existing Commission regulatory regimes.”

In July, the Financial Stability Oversight Council’s annual report lauded blockchain’s cost benefits but cautioned that such innovations “may also embed risks … It is possible that operational vulnerabilities associated with such systems may not become apparent until they are deployed at scale.”

New York was the first state to adopt formal blockchain regulations in mid-2015 with its code known as BitLicense. According to CoinDesk, North Carolina instituted its own law this summer, which is widely seen as friendlier to users of digital currencies. An even more inclusive set of regulations took effect in Illinois on Dec. 1, combining rules with a plan to integrate blockchain into government operations.

While regulators are keeping an open mind, industries that embrace blockchain will still need to educate them on the nuances of this new breed of transaction manager to avoid compliance purgatory.

One risk is that blockchain could become too closely associated with virtual currency, such as bitcoin. In fact, many applications of blockchain have nothing to do with money. For example, law firms that use the technology to exchange contracts don’t want to be classified as money lenders. Regulators, however, will want to verify that contracts are compliant, placing the onus on the lawyers to become more technology-oriented.

The Time Is Now

The time to be proactive is now. U.S. federal law is currently “a patchwork of bitcoin-specific guidance and rulings” from a variety of federal agencies with little consensus and no teeth, wrote Duke University School of Law graduate student Trevor I. Kiviat in an excellent examination of the regulatory landscape for the Duke Law Journal.

We can assume that situation won’t persist for long. Federal regulators have yet to weigh in, and Europe is currently exploring its own regulatory options. It will likely take years for government agencies to untangle the complexities of global enforcement, however. The intervening period is an opportunity for blockchain practitioners to demonstrate that this technology has efficiency and business transformation value that benefits not only the organizations that use it, but also the ones that oversee it.

Blockchains require adaptation of both regulatory practices and regulatory standards, all while leveraging new methods and forging closer working relationships within the industry. While these are all positive changes, this process will be years in the making.

More from Banking & Finance

Cost of a data breach 2023: Financial industry impacts

3 min read - According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15% more than in 2020. In response, 51% of organizations plan to increase cybersecurity spending this year. For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28% higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies…

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other malware strains, such as Ursnif (Snifula) and Vawtrak/Neverquest. Now, in a recent campaign, Gozi has set its sights on banks, financial services and cryptocurrency platforms,…

The rise of malicious Chrome extensions targeting Latin America

9 min read - This post was made possible through the research contributions provided by Amir Gendler and Michael  Gal. In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting  Latin America with a focus on financial institutions, booking sites, and instant messaging. This trend is particularly concerning considering Chrome is one of the most widely used web browsers globally, with a market share of over 80% using the Chromium engine. As such, malicious…

BlotchyQuasar: X-Force Hive0129 targeting financial institutions in LATAM with a custom banking trojan

16 min read - In late April through May 2023, IBM Security X-Force found several phishing emails leading to packed executable files delivering malware we have named BlotchyQuasar, likely developed by a group X-Force tracks as Hive0129. BlotchyQuasar is hardcoded to collect credentials from multiple Latin American-based banking applications and websites used within public and private environments. Similar operations conducted in late 2022 have also been noted delivering an earlier variant of this modified QuasarRAT by likely Spanish-speaking actors. BlotchyQuasar, which X-Force describes as…