Banks don’t trust anyone, and it’s expensive. Blockchain and DLT can change that
Antony is a star contributor for Tech in Asia and publishes exclusive, high-value content that serves the Asian tech community. Read more from star contributors here.
While most people think banks are stable and trusted, they actually operate based on a zero-trust assumption (or simply trust no one). Every employee is constantly under check and control (there have been too many stories of insider hacks, misuse of customer money, and money laundering).
Regulators like MAS or HKMA enforce multi-layer risk control mechanisms, generally known as the three lines of defense. The first line is the process owner or the department manager who executes each transaction and follows bank policies. The second is a centralized or independent risk management department. Risk managers do not execute daily operations but oversee the overall operating environment and set risk parameters, operating procedures, and advise first-line managers on risk mitigation strategies.
The third line is what I was doing—risk assurance. Auditors verify high-risk transactions and give their independent opinion to the board.
All three parties and numerous checks and control build a strong risk management mechanism internal to the bank. There are two other layers external to the bank that ensure critical risk controls are not circumvented: third-party independent auditors (PWC, EY, etc.) and financial regulators.
So, one customer transaction at a bank branch could have five different teams reviewing it (line managers, risk managers, internal auditors, external auditors, and regulators). This explains why there are so many transaction records, signatures, approvals, and a huge paper trail when you simply deposit US$100 in your personal account.
Running a zero-trust organization is costly and inefficient, and internet banking doesn’t solve this crucial and fundamental problem (in some cases, it even amplifies distrust). But blockchain, when taken together with distributed ledger technology (DLT), can. This sets the backdrop for my second post on why blockchain matters.
The problem blockchain is trying to solve is how to run a trusted system with trustless people. (Note: I’m not implying that people are trustless or that we live in a trustless world, but a rotten apple spoils the bunch.)
To be more precise, a trusted system refers to a transactional system that produces results according to a rule book. It’s not always legal (i.e. in compliance with the law), but it has to be resilient and stable/predictable. A trusted system gives a consistent truth that can be verified without relying on another system.
Transactions in a trusted system can’t be repudiated—which depends on record immutability—and are irrevocable. However, immutability in software before DLT was vulnerable because of the human factor (e.g. system administrator misconducts). System administrators had all-access rights and were able to alter system parameters.
But a system can only be as good as the people running them in terms of their trustworthiness, diligence, and capabilities. A few malicious or careless human actors can circumvent all advanced security controls. They are the Achilles heel of a secure system.
Immutability alone does not produce a trusted system; it has to decouple from the operating team. Humans, with souls and feelings, are just too erratic to produce consistent and predictable results.
Blockchain and DLT
Blockchain and DLT together eliminate the vulnerability of human interference, as a system built with both technologies can operate without having to trust system administrators.
DLT solves this administrator problem with a decentralized and consensus approach. A DLT network or infrastructure is still run by people but not by one person or team (like employees receiving paychecks from the same boss). “Distributed” means the software is running on multiple independent operating systems by total strangers without any filtering or selection. Anyone with a computer and a network connection can join and contribute to the DLT—no registration, financial deposit, or ID verification needed.
There is also no hierarchy of users in a DLT system, no super-administrators or privileged accounts that can delete transactions in the system. Each transaction must be endorsed by other users. The system follows self-governance according to the rules defined by the software developers.
But how can hundreds of trustless people achieve self-governance and build a trusted system together?
Let us simplify the above question by using a story.
A group of students were on a weekend camping trip. They returned late and missed a midterm exam. The students told the professor that they couldn’t come back on time because they had a flat tire. So, the professor said she would give them an extension if they could give the same answer (without consultation) to one question: Which tire?
In this situation, the students have a common goal to answer the question correctly and share the same benefit. Each of them plays the same role—there are no leaders or people with a privilege to answer twice. If all students cooperate and give the same answer, everyone gets a second chance to take the midterm exam (the reward).
Without a central body and coordination, the students do not need any external enforcement, as it is in their self-interest to work together. In game theory, this is a self-enforcing agreement.
In his talk at the Taipei Ethereum Meetup, Ethereum co-founder Vitalik Buterin said that economic incentives “encourage desired properties to hold into the future.” This means that economic incentives entice each user to behave in a predictable way. Users in a DLT network share the same economic incentive if the DLT is secure and trusted, making each of them act independently and rationally to protect their own benefits.
This economic incentive can exist in many forms: monetary, reputation, etc. In bitcoin, for example, the incentive is generating new coins. Users of the bitcoin DLT are rewarded with a new coin when they fulfill their duty by validating that bitcoin transactions are executed following the bitcoin protocol. The reason new bitcoins are rewarded to users is to encourage them to follow this protocol. (Note: More on this at the bottom of the article.)
Mathematical formulas and cryptography ensure that what happens cannot be altered (immutability), and rewards via the “proof of work” protocol (in bitcoin) ensures the same behavior will be followed by users in the future. Once the system starts, there is no need for central administration.
Drawbacks and risks
Now, we have a system that is traceable and predictable, governed by each user in the system with equal responsibility. Since it is not dependent on human intervention, employing a third party to do independent reviews does not provide additional assurance.
When bank transactions run a blockchain and DLT system, the three lines of defense described at the beginning of this article are no longer necessary. Users trust that the transactions are executed securely, and not because of bank employees, auditors, or even regulators like HKMA or MAS.
But there are also risks in using blockchain and DLT.
Consider the flat tire example again. What happens if there were only two students riding on a motorcycle? There are only four possible permutations and a 50 percent chance that both students will guess the same answer and get another chance to take the exam.
The four possible answers are:
- Student A answers front wheel, student B answers front wheel. (Pass)
- Student A answers front wheel, student B answers rear wheel. (Fail)
- Student A answers rear wheel, student B answers front wheel. (Fail)
- Student A answers rear wheel, student B answers rear wheel. (Pass)
It’s not wise for the professor to use the same test. In the case of bitcoin, what happens if only two computers are running the bitcoin protocol? Even though they are independent, it is possible that they make the same error.
One crucial property of DLT is decentralization, which becomes vulnerable if there are only a few independent participants. The risks associated with blockchain and DLT are totally different from the traditional risks of confidentiality, integrity, and availability.
Blockchain creates record immutability (past records are safe) and DLT protects immutability from human interference. Game theory enforces the DLT rules by appealing to the self-interest of each individual user (future records are highly likely to be safe).
With these together, we can build a trusted system with decentralized cryptography without relying on third-party auditing. Trust is moved from the auditors to the software infrastructures (one reason why I’m not an auditor anymore).