Blockchain Reaction. The Financial Sector’S View Of Blockchain – Post Dao Attack. Reflections From The Blockchain Summit, Melbourne 2016

Blockchain Summit 2016

 

The IQPC Blockchain Summit in Melbourne last week brought together a melting pot of excellence. Top executives from both domestic and international financial institutions rubbed shoulders with the start-up founders whose sole mandate was to disrupt them. Venture Funds loitered in the wings only too willing to lubricate this gladiatorial battle, whilst regulators tried to make sense of it all as they continue to play their never-ending game of catch-up. Whilst the conference had the potential for wide-ranging friction and conflict, there was, instead, a sense of unification, a sense of sharing, of learning, of understanding about the use, misuse and implementation of the irreversible tour de force that is the Blockchain.

Having had time to reflect on the conference overall, for me, there were five key take-aways that demonstrate how the blockchain is being viewed from a practical perspective on regards assessment, adoption and integration. These takeaways clearly demonstrate the shifting sands of opinion on the blockchain given the recent events associated with the DAO attack.

Takeaway #1 – The Importance Of Trust

Financial Institutions rely upon one core feature that is indelibly stamped within their very DNA – trust. It is the very cornerstone of their raison d’etre; their very essence. Financial institutions look after our collective funds; they are the established custodians of wealth creation, protectors from outward threats, the pillars that support the very foundations of our economic and financial stability. But as Peter Stephens APAC CTO at UBS very aptly remarked :

“Trust is a perishable commodity”

To support this further, Oscar Wilde once said, “Confidence is like virginity – you lose it only once.” If Finance Institutions provide even the vaguest hint of their customers’ money being under threat, they are out of business. The historic runs on banks globally in the past have been a testament to this. The loss of trust is an absolute, non-negotiable for finance institutions. Anything that has the vaguest hint of contaminating the trust that institutions have spent perhaps one hundred years building up is cut out like a cancerous growth. The importance of trust became a recurring theme throughout the conference, with the recent DAO attack bringing the issue of trust and the blockchain firmly centre stage.

Two weeks ago the blockchain space was rocked deeply by its first significant, and potentially game-changing, challenge since it had eased its way into the mainstream corporate zeitgeist. At $168m, the DAO, the self-governing venture fund, allocating funds directly by immutable computer code and the collective wisdom of the crowd, was the world’s largest crowdfunding campaign that most people have never heard of. It was to be the ultimate use case for smart contracts; it was to be the ultimate disruptor for corporate governance; it was to be the ultimate showcase that computer code alone could drive decision making. This wide-eyed testament to the brave new world was, however, undermined by a very smart, yet simple, opportunistic attack that started to drain the DAO of the equivalent of $42 m one “recursive loop” at a time. The attack leveraged a tiny, but critical flaw, in the immutable “smart contract” code identified by “white-hat” academic members of the cryptocurrency community only a week prior to the attack.

A dramatic game of cat-and-mouse ensued, made worse by a ticking clock hanging over the DAO like a Damaclesian sword. Permanently built into the smart contract code were instructions to automatically release funds in a 27 day time period, against a given set of criteria determined by the code. The flaw in the code has created a ticking clock to automatically release funds to the attacker on July 14 2016. The problem is that it is far more than the funds themselves that are under attack; it also includes the very adoption of the blockchain and its associated protocols by the contagion effect.

The mere thought of a $42 m financial loss sends many a financier into a state of apoplexy. When this is combined with the reliance upon immutable computer code in a young, and ever evolving technology, its a recipe for risk of such gargantuan proportions that it just doesn’t stack up. Whilst the possibility of substantial financial loss is still yet to be formally resolved as at the date of this post, the blind reliance on smart contracts and the immutability of the computer code associated with the blockchain itself has been brought deeply into question.

Whilst the open source nature of public blockchains have great potential to speed up the development of a youthful technology associated with its built-in peer to peer review and improvement methodologies, the peers themselves lack one feature that ensures adoption by the Financial Services Sector – they are not peers that are trusted by the Institutions themselves. Bad actors have been seen with the public blockchain, especially with the DAO, and the talk of the conference gravitated firmly towards private, not public blockchains.

Takeaway #2 – Private Blockchains vs Public Blockchains

Private blockchains are about providing the control necessary to maintain the reputation of trust. Unlike the Bitcoin or Ethereum networks, where anyone can become a miner on the network, and therefore play a key part in the maintenance of the security of the network itself, Private Blockchains instead rely upon parties that are (already) known to each other. These known parties are mostly other Financial Institutions; known parties, who have been trusted over many, many years of financial dealings together and who have the same commitment to the maintenance of the trusted protocol. In a nutshell the Nick Groves, executive manager, from ANZ summarised this well in his presentation:

“I know you; you know me; and we both know that we know each other.”

In this way, external parties, other than selected partners and vendors with trusted reputations, are excluded from supporting the network. In this way, consortia of banks have their own network of trust. by working together with a mutual commitment to protect and serve each other, to ensure a controlled network is seen, and is seen to be administered by trusted parties known to all. Such examples of these consortia are R3 and Digital Assets Holdings, amongst others.

Whilst consortia members may have competing interests in traditional markets, they have unified, mutual interests within the Private Blockchain, with issues that affect them all. Indeed, the private blockchain comprised trusted parties helps deal with takeaway #3 – the growing recognition that regulation needs to change.

Takeaway #3 – Changing Regulation

Regulation is the necessary evil of the Fintech ecosystem; keeping the good actors honest and weeding out the bad ones. But by its very nature, regulation will always lag dramatically behind new technologies, so much so that the regulators can never hope to truly keep up. This so often leads to early adopter white collar bad actors abusing the naivety of so many unsuspecting marks, coaxing them into making an unregulated, fast buck that so often never materialises.

On the other side of the equation, however, professional Fintech companies are keen to drive financial disruption and change through innovation and understandably feel a sense of frustration when faced with overburdening regulation.

Pragmatically, however, when innovation meets regulation only one party is going to win – those that are there to protect. But at the same time, too much regulation can stifle innovation – as has been seen with the Bittrade licence of New York State – where many start-ups, including well-funded start-ups, have now pulled out of the state. Somewhere there has to be a balance, and that balance is beginning to be drawn within certain jurisdictions, worldwide.

David Rountree from the Australian law form, Allens, one of the sponsors of the conference, highlighted that The Financial Conduct Authority (UK), the Australian Securities and Investment Commission (Australia) and the Monetary Authority of Singapore (Singapore) are all examples of regulators that have recognised this dichotomy by setting up “sandboxes” – where new fintech ideas can be freely tested, with real live customers but in a very limited way and within very strict guidelines and frameworks.

These sandboxes give Fintech start-ups the opportunity to test their hypotheses of new-to-market products without compromising the wider market and without damaging wider consumer confidence. Typically, fintech start-ups can test products and are given within predtermined time constraints, do not require full financial services licencing. These regulatory sandboxes are all at different stages of implementation. In many ways they almost represent the MVP (Minimum Viable Product) for fintech regulation. It’s about

Risk tolerance, not risk aversion.

These sandboxes are further being supported by enhanced engagement with the fintech ecosystem. Certainly, here in Australia, for example, regulators are actively and proactively engaging with the ecosystem – as seen by the presence of Bradley Brown from AUSTRAC (the Counter-terrorism funding body here in Australia) being on the same panel as myself discussing regulation. In addition, over recent months, multiple regulators have come together at the same time at fintech ecosystem networking events – not only to discuss the ongoing developments in the regulation space, but also to hear directly from the ecosystem of any frustrations, observations and feedback as to how they can improve. Personally, I find this very refreshing that the potential for over-regulation is recognised as an inhibiting factor, with it very positive to see government working closely with the ecosystem symbiotically.

Whilst it may not be perfect for fintech start-ups, it’s a very significant first step of a long journey; a journey into deep change and fast moving innovation, and will be very interesting to follow in the coming months.

Takeaway #4 Identity

One of the nirvanas of the Blockchain space is that of identity; it will be core to all transactions and interactivity. Given the immutability of the blockchain the idea of being able to formally and permanently identify individuals and corporates, has great appeal. It will represent a cornerstone of so many applications. Garbage in, Garbage out is the old cliché and the confirmation of identity in all aspects of blockchain development will be critical – especially in financial services. This also extends to all other areas – especially provenance (for example confirmation of the ownership of film and video to prevent theft as our own business case of trying to remove theft and piracy). If we can formally and immutably identify an individual or a company it means we have a clear line of sight over our dealings with those individuals or companies. It was clear from delegates that this is an area that needs addressing – especially in regards the issue of potential fraudulent activity in financial services. Numerous identity models are being considered, with an interesting model presented by Hugo O’Connor from Bittrade Labs relating to a quasi peer to peer identity-based system, enabling quality corporates to re-affirm confirmation of your identity through their interaction with you. Given the underlying blockchain technology is constantly evolving to date, no-one as yet has really nailed the issue of confirming identity but plenty of hammers are being built, and this will be an interesting area of ongoing development.

Takeaway #5 Practical Implementation of the Blockchain

The Blockchain is at a critical stage of its development and adoption. There has been substantial media hype about its potential and now it is about delivery – about “crossing the chasm”. So how is this shaping up?

Anecdotally, 90% -95% of the blockchain media coverage is based around the Financial Services space, which is unsurprising given the first major use case of the technology has been bitcoin, which has been proven since 2009. At the conference, many proofs of concept were spoken about – Peter Stephens APAC CTO at UBS – was very open about discussing the processes for evaluating and assessing blockchain applications; to pushing the operational envelope.

The innovation team from Rabobank in their case studies openly detailed the reduction in the number of processes in products they were developing from loan syndications through to deposit based products. Each use case was seeking to prove a hypothesis of what is possible with blockchain technology. Proof of concepts show the potential of the technology, but the innovation divisions of the financial institutions are not those who have to roll out the product; it is the incumbent operational staff that have to deliver on the potential. And this presents a quandary for those that are seeking to implement the proofs of concept further.

Disruption means changing business models. Changing business models means changing processes with the end metric of reduced costs, and probably reductions in headcount. So those that are being asked to actually implement the changes are those that are facing the reality of extinction in the future – whenever that future may be. So where does this leave the implementation ? Will personal agendas influence the business implementation? Does this distort the potential changes that can benefit an organisation ?

The innovation team at Rabobank out of the Netherlands highlighted that blockchain was recognised as the future and that those whose jobs were under threat face a choice – either be obstructive in its implementation and suffer the self-fulfilling prophecy of job losses, or embrace the technology and recognise this will be the future strategic narrative. By upskilling, job protection and even job enhancement could potentially be seen.

The second area that was of interest, but at the same time surprising, was the proposed timescales of rollout. As the convenor of the interview with the Rabobank team I asked the question “how long would it be before proofs of concepts would be rolled out?” Proof of concepts that reduce processes, reduce manual intervention and reduce costs.

The body language said everything. The team gave each other that knowing look of frustration and resigned pragmatism. For those of us who have worked in Financial Institutions, this body language reflects our own experience of dealing with the back office operational teams. They do not necessarily share the same enthusiasm for disruptive technology. For them, it is business as usual, risk mitigation, protection and zero losses – after all that is what they are measured against. Embracing new ideas and new technology interferes with the daily activities, the daily mindset, and involves dealing with the issue of change – very slowly. Overall, it was estimated it could be 3 years at least before the proofs of concepts would be rolled out as direct use cases.

 

The conference was a great litmus test as to sentiment towards the adoption of the blockchain, its limitations and for the paramount, razor-focused interest in trust. For the financial services sector, it seems it is better to be trusted and have an ongoing, healthy business, than rollout nascent technology too soon and have the potential of undermining that longstanding trust with potentially catastrophic results. Perhaps it is just easier to invest in fintech start-ups that thrive on disruption, develop use cases, testing and re-testing without compromising the main trusted brand. All these are interesting questions, but in the end blockchain is here to stay but its shape is evolving. For the finance space, which was around 90% of the audience of the conference, trust has to be maintained. Without it there is no Financial Services Sector, and whilst disruption will happen it won’t be overnight like many in the cryptocurrency space believe..

__________________________

If you are interested in understanding more about the Blockchain, its power and its challenges, why not check out my new book Down The Rabbit Hole, a book for business & non-technical people, like you, to truly understand the Blockchain & to capitalize on its power. Its available on :

Amazon – Amazon.com: Blockchain: Down The Rabbit Hole: (Discover The Power Of The Bockchain) eBook: Tim Lea: Kindle Store

Down The Rabbit Hole


Leave a comment

Please note, comments must be approved before they are published