Post-trade financial services company Depository Trust & Clearing Corporation (DTCC), along with Accenture, recently published a whitepaper on the governance of distributed ledger technology (DLT) networks. The aim is to manage the risk associated with permissioned blockchains and promote enterprise adoption.
“A financial system is only as strong as the governing practices and institutions of its participants,” says an IMF/World Bank paper titled ‘Financial Sector Governance: The Roles of the Public and Private Sectors’.
The document acknowledges that once blockchain technologies mature, there may be opportunities for enterprises to adopt public permissionless networks. In the meantime, permissioned networks require governance in part to establish a common set of standards and practices. And participants need to agree on what happens when there are “unexpected circumstances” or something goes wrong.
“It’s really not about the technology when it comes to blockchain,” explained Accenture’s Blockchain co-lead, David Treat. Talking to Nasdaq about the new whitepaper he explained: “It really is about, if you’re going to have multiple corporates, enterprises, or governments cooperate in a shared data, shared business logic environment, how do you share? These are not necessarily players that are used to sharing or cooperating. And so the whole ability to form a healthy well-governed efficient and effective ecosystem is really at the core of what this is all about.”
The DTCC identified three sets of participants in the network — a governing entity, a network operator and members of the network.
The paper then highlights eight distinct aspects of a governance model, starting with the top-level “governance”:
- Governance
- Participant lifecycle
- Runtime (network) operations
- Data governance
- Third-party(vendor) management
- Platform (technology) management
- Infrastructure
- Legal/Finance
The governance of a DLT network encompasses four distinct advisory bodies — a Steering Committee, a (business) Functional Working Group, a Technical Working Group and Change Management.
The second aspect the paper discusses is the “participant lifecycle”. This includes KYC for new members and ensuring that the member meets the eligibility criteria. Plus it involves the technical onboarding and operations including training and support.
The governance model also encompasses “runtime operations” i.e. managing day-to-day tasks of the DLT, both technical and operational. The management of change releases is a critical component.
The fourth part of the model is “data governance” in a DLT network. This covers permission and privacy models, key management, reference data, and managing the intellectual property related to data.
Managing third party providers is the fifth aspect of the model. Nodes are often hosted or managed by third parties, and data may come from external sources. The paper discusses how platform and node vendors should be brought under the ambit of the governing entity. The reason is that regulators and industry associations may impose requirements, standards and other practices on a DLT network.
Another component to be governed is “platform management”. In essence, this is everything related to code. Compared to internal software development, there is a long list of additional considerations for DLT. One is the evolution of the underlying DLT platform, which will require upgrades. The firms also noted the high risk of DLT vendor failure and the need to have risk mitigation policies.
The next model component is infrastructure which includes network management, security, operational environment, resiliency and compliance with regulatory requirements.
Last but not least, the paper discusses the legal and financial aspects. There are several risks, including rights ownership and licensing. Related issues include patent risks and open source licensing issues.
Perhaps alluding to some of the hype around blockchain, the paper concludes that “the real-world model of how systems actually run is not magic. It involves people designing models, writing code and implementing systems.” It believes the paper will help to provides some real-world answers.
Both the authoring companies have extensive DLT experience. The DTCC is working on its updated credit derivatives Trade Information Warehouse (TIW) which is in the advanced stages. And Accenture is consultant to numerous high profile enterprise blockchain projects, ranging from Canada’s Central Bank Digital Currency initiative, to the RiskStream Collaborative and surety bonds for Zurich Insurance.