Trust in blockchain technology

Adrian Keller Partner and Leader Audit for Blockchain, PwC Switzerland 20 Apr 2019

Blockchain is revolutionising the world of finance. In five years, more than 50% of finance products are likely to be digital. A novel product experience is emerging for the customers. The providers, on the other hand, are faced with completely new tasks. As an independent examiner, PwC ensures a trust-building framework.

For quite some time now, blockchain technology has no longer been hype. It is a reality, even though its immense disruption potential has not yet fully unfolded. It will take another two to three years before it becomes mainstream. Whereas the world of finance has access to interesting solutions in the area of digital securities – known as security tokens.

Finance industry on the move

In Switzerland, only a few banks and securities dealers are offering blockchain services, i.e. trading in cryptocurrencies. Around 10 to 15 small and medium-sized banks are working on a blockchain solution for their customers. Additionally, five new, well-capitalised blockchain institutions are applying for a bank or securities dealer license from the financial market authority (FINMA). We expect the first FINMA-licensed providers to roll out their blockchain offerings during the current year. In Liechtenstein, Bank Frick has already launched a security token in collaboration with Bitcoin Suisse, a financial services provider specialising in crypto assets. This is increasing the pressure on the existing institutions to expand their product range accordingly.

Custody the ‘key’ to success

The SIX Digital Exchange (SDX) is not yet live. However, the first blockchain-based trading and custody solutions are likely to be launched on the market in autumn 2019. Besides the SDX, other market participants are also working on custody solutions for crypto securities. The foundation for their success is the well-conceived, secure and reliable management of private keys. These keys ensure access to and ownership of digital assets.

Public versus private

Blockchain solutions can be publicly accessible or can be designed based upon private schemes. Public blockchains – such as Bitcoin blockchain – are usually distinguished by the fact that they are validated and recorded by a large number of participants so-called ‘miners’, and as such they are more secure and more robust. However, for publicly accessible blockchains, many problems relating to performance, energy consumption and governance have only been resolved to a certain extent. Private blockchains still require a central location. This means they can be better monitored and controlled, and they perform better. Private blockchains are interesting for all areas where public systems still do not offer a decisive solution (such as in the areas of data protection and high transaction throughput) and also for cases where they must be managed according to a controlled blockchain pattern.

Rules and legislation are lagging behind

The Federal Council is currently working on legislative reform that is aimed at resolving the present legal problems of ledgers managed on a decentralised basis (also known as distributed ledger technology or DLT – the fundamental principle according to which each blockchain system is built). The efforts are centred around the electronic registration of securities and segregation in the event of bankruptcy. Little has been done so far internationally at regulatory level. No clear rules exist, neither in terms of accounting treatment nor for capital backing, even though the latter are of fundamental importance for the financial institutions. FINMA has defined transitional rules in Switzerland.

The future of financial products is digital

More than 50% of financial products to be digital in the intermediate term

We assume that in five years, more than half of all financial products will be offered in digital form. Today, the institutions that are actively handling blockchain solutions on the financial market are already spending a total of around CHF 5 to 7 million per month in order to achieve their FINMA licensing goal.

Fewer risks, quicker execution

There are ideas and approaches for automating blockchain products. These are associated with lower risks for the counterparty and would significantly speed up the implementation of digital financial products from (capital) cost considerations. Processing in zero time – i.e. T+0 (transaction date plus zero days for transaction processing) – might also considerably reduce the current costs in many cases.

The momentum of the ecosystems

Financial matters are being processed increasingly within digital ecosystems. One example of this is WeChat covering the Asia region. The original chat system has now evolved into a widespread payment system. New options are emerging with blockchain systems, which themselves also ensure the custody of the assets. These systems enable the users to save amounts directly in ‘mobile wallets’ (a crypto wallet on their smartphone), from where they can spend it. Larger amounts are usually held in offline storage areas (known as cold wallets), such as a specially designed memory stick protected in a safe.

Distributed ledger technology (DLT) is becoming increasingly important in applications. It offers new possibilities for product experiences and business solutions. 

New opportunities, new risks

Understanding the framework conditions and establishing controls

Fact: Blockchain offers interesting opportunities – but with these come just as many challenges. What is considered to be trustworthy should not be left to chance by the institutions. Instead they should understand the opportunities by observing and assessing them from a neutral perspective. This means keeping a close eye on the following four areas of risk.

  • Peer-to-peer trading sidelines financial controls: When assets are transmitted digitally to the next owner without an intermediary, there are no intermediary financial controls. With the digital peer-to-peer transmission of assets, the risk of money laundering increases when there are no corresponding compensating controls.
  • Custody of assets affects security: Assets in digital wallets are flexible and quick to set up. However, they are not linked to the person who owns the asset. If the account key is lost, the asset is also lost, especially if it was not secured specifically in advance (for example, using a designated schema with several keys). Additionally, different security levels for custody are technically complex and comprise risks for non-IT experts, if the solution for secure custody is incorrectly implemented or misunderstood.
  • Smart contracts offer opportunities but also comprise risks: Smart contracts are software components that create the contracts, they digitalise and automate procedures such as those of a contract. Smart contracts are only as good as the information upon which they make automated decisions (known as oracles). Furthermore, experience has shown that smart contracts have vulnerabilities as a result of careless programming, which can be exploited by hackers.
  • Assessing expectations correctly: The issuing of security tokens will make borrowing cheaper and more flexible. This requires framework conditions in order that these forms of financing do not raise false hopes or expectations and in the worst case lead to legal claims.

Responding with robust standards and framework conditions

Integrating an identification mechanism

Various providers are working intensively on identification mechanisms for digital wallets and the associated keys. If such protocols are installed, larger values can only be transferred if both the sender and the recipient are identified. Everyday payments should not be affected by this, however.

Establishing user-specific security

Forms of asset custody must meet different customer requirements, depending on the purpose. A wallet for ‘loose change’ is replaced by the traditional wallet. If the owner forgets his password (private key), the money is lost, similarly to if he lost his actual wallet. For larger assets, specialist service providers will take over the custody of the private key.

Ensuring digital governance

In privately held blockchains, programming errors can be rectified by a centralised unit. In public systems that are managed and improved by many users, this only works if digital governance mechanisms, such as a consensus mechanism, have been established. The degree to which these mechanisms are defined differs depending on the blockchain system.

Enabling ratings

The purchase of digital share certificates for the local bakery to secure its future is a generous donation for some and a financial investment for others. We believe that it is not just the price of a token that determines its quality. Categories, limits and the monitoring of major projects can establish the necessary trust here.

Reviewing the value of digital securities

Blockchain technology is boosting the digital revolution, particularly in the current world of finance. The cryptographic chain method in a centralised or decentralised accounting system opens up access to completely new domains for financial services providers. However, it also brings with it new kinds of risks.

Those who establish clear rules and a robust framework can harness the huge potential of blockchain. For this purpose, the companies should introduce standards for projects with large values and establish secure framework conditions. With corresponding controls in place, they can avoid errors, loss of trust and misunderstandings.

Whatever a blockchain project looks like, expert advice with sound IT knowledge of tokens, smart contracts, redeem scripts and other payment and contract logic definitely pays off. We also recommend that companies active in blockchain arrange for their annual accounts, crypto securities, smart contracts and token programmes to be reviewed by an independent examiner.


Contact us

Adrian Keller

Adrian Keller

Partner and Leader Audit for Blockchain, PwC Switzerland

Tel: +41 58 792 23 09