How to Make Public Blockchains Safe for Enterprise Use

safety_helmets
6 September 2018

Paul Brody is EY’s global innovation leader for blockchain. The views expressed are his own.


At the beginning of this year, I wrote a column predicting that companies would find the allure of public blockchains irresistible. While a world of private blockchains provides many enterprises, regulators and central banks with the comfort that there are accountable, centralized entities involved, these permissioned networks will never match the innovation or network effects that public, permissionless networks offer.

If the world of enterprise commerce remains committed to private networks, then they will have only substituted one intermediary (financial institutions) for another (software companies and hosting organizations). However, it is possible, and essential, to bring these two worlds together, and to do so on public, permissionless and decentralized networks.

In order for public networks to deliver on their promise, two key things must happen. First, regulators must provide a clear set of rules around how tokens, assets and smart contracts that exist on public blockchains will be assessed. And second, companies must implement these regulatory rules in the decentralized environment of the public networks.

The first of these is off and running. Regulators in the U.S., Europe and around the world are defining what is an asset, a currency or a security. It shouldn’t be expected that all regulators will come to precisely the same conclusions, but it does look like some early convergence is taking place: Utility Settlement Coins are being characterized as securities while cryptocurrencies are being treated more like currencies or assets.

One gap that we regard as particularly important going forward is how tokenized fiat currency will be regulated: If you have a $1 token on a public blockchain, and that is backed by one U.S. dollar in an escrow account, will that be a security or a currency and what rules might apply? So far, no regulator has specifically addressed this emerging category of blockchain tokens.

The second is that whatever the regulatory rules are, they must be implemented in tokens and smart contracts. In particular, it’s important that while the blockchain as a whole may be decentralized, a central bank should be able to issue and cancel its own currency on a blockchain and companies should be able to manage their own assets when they are tokenized.

Know your carton?

To illustrate how important this is, let’s come back to the question of how companies will do business with each other on public blockchain networks: The exchange of product or asset tokens for money tokens. Once a company starts to tokenize its inventories and assets and use those in contracts and financial services, they are disintermediating traditional financial entities. They are also, consequently, taking on some of the regulatory responsibilities of those intermediaries.

Tokens, if they have value, can be moved around as easily as money, for example. While a consumer packaged goods (CPG) company may never have had cause to think about this before, once they tokenize packages of detergent, those tokens have an effective exchange rate with real money and other goods that makes them perfectly suitable for any kind of deal, legal and otherwise. That means even CPG companies will become responsible for know-your-customer (KYC) and anti-money-laundering (AML) compliance.

Is this a deal-breaker for public networks and enterprises? No, it isn’t.

One of the great benefits of smart contracts and blockchain tokens is that they are programmable. Going forward, audit, KYC and AML regulations can and will be written into smart contracts and tokens. Combined with exchange controls and other checks, it will be possible to control how and when tokens are used on public blockchains without resorting to the centralization of the blockchain as a whole. This will even include canceling and issuing new tokens to handle theft and loss.

There are, no doubt, many who will mourn the end of public blockchains as systems wholly outside of regulatory control. For blockchains to deliver on their promise, this is inevitable, but how this happens matters a great deal.

If regulatory compliance is delivered through centralization, then there will be a great loss to innovation and we may see the dream of a re-decentralized internet die. I didn’t call my original paper on blockchain technology “Device democracy” for nothing. It’s my dream, too.

There is another option, however: regulatory compliance within a decentralized framework. An opt-in model based on voluntary agreement to smart contracts means that companies can use blockchains for business without embracing undue risk. But at the same time, individuals and startups can continue to pursue radical experiments without having to ask anyone for permission.

Hardhats image via Shutterstock