Although central banks are among the most cautious institutions in the world, they are, perhaps surprisingly, among the first to implement and experiment with blockchain technology. Central banks have been quietly researching its possibilities since 2014. Over the past two years, the beginning of a new wave has emerged as more central banks launch large-scale pilots and research efforts, including rapid and complete cross-border interbank securities.
The Blockchain and Distributed Ledger Technology team at the World Economic Forum interviewed dozens of central bank researchers and analysed more than 60 reports on past and current research efforts. The findings were released today in a white paper, Central Banks and Distributed Ledger Technology: How are Central Banks Exploring Blockchain Today?
“As the blockchain hype cools, we are starting to see the real use cases for blockchain technology take the spotlight,” said Ashley Lannquist, Blockchain Project Lead at the World Economic Forum. “Central bank activities with blockchain and distributed ledger technology are not always well known or communicated. As a result, there is much speculation and misunderstanding about objectives and the state of research. Dozens of central banks around the world are actively investigating whether blockchain can help solve long-standing challenges such as banking and payments system efficiency, payments security and resilience, as well as financial inclusion.”
It is not widely known, for instance, that the Bank of France has fully replaced its centralized process for the provisioning and sharing of SEPA Credit Identifiers (SCIs) with a decentralized, blockchain-based solution. SEPA, or Single Euro Payments Area, is a payment scheme created by the European Union and managed on a country-by-country basis for facilitating efficient and secure cross-border retail debit and card payments across European countries. The solution is a private deployment of the Ethereum blockchain network and has been in use since December 2017. It has enabled greater time efficiency, process auditability and disaster recovery.
The fact that dozens of central banks are exploring, and in some cases implementing, blockchain technology is significant, according to the white paper. It is an early indicator of the potential use of this emerging technology across financial and monetary systems. “Central banks play one of the most critical roles in the global economy, and their decisions about implementing distributed ledger and digital currency technologies in the future can have far-reaching implications for economies,” Lannquist said.
Top 10 central bank use cases
Following interviews and analysis, how central banks are experimenting with blockchain can be highlighted by 10 top use cases.
Retail central bank digital currency (CBDC) – A substitute or complement for cash and an alternative to traditional bank deposits. A central-bank-issued digital currency can be operated and settled in a peer-to-peer and decentralized manner, widely available for consumer use. Central banks from several countries are experimenting, including those from the the Eastern Caribbean, Sweden, Uruguay, the Bahamas and Cambodia.
Wholesale central bank digital currency (CBDC) – This kind of digital currency would only be available for commercial banks and clearing houses to use the wholesale interbank market.Central bank-issued digital currency would be operated and settled in a peer-to-peer and decentralized manner. Central banks from several countries are experimenting, including those from South Africa, Canada, Japan, Thailand, Saudi Arabia, Singapore and Cambodia.
Interbank securities settlement – A focused application of blockchain technology, sometimes involving CBDC, enabling the rapid interbank clearing and settlement of securities for cash. This can achieve “delivery versus payment” interbank systems where two parties trading an asset, such as a security for cash, can conduct the payment for and delivery of the asset simultaneously. Central banks exploring this include the Bank of Japan, Monetary Authority of Singapore, Bank of England and Bank of Canada.
Payment system resiliency and contingency – The use of distributed ledger technology in a primary or back-up domestic interbank payment and settlement system to provide safety and continuity in case of threats, including technical or network failure, natural disaster, cybercrime and others. Often, this use case is coupled with others as part of the set of benefits that a distributed ledger technology implementation could potentially offer. Central banks exploring this include the Central Bank of Brazil and Eastern Caribbean Central Bank.
Bond issuance and lifecycle management – The use of distributed ledger technology in the bond auction, issuance or other life-cycle processes to reduce costs and increase efficiency. This may be applied to bonds issued and managed by sovereign states, international organizations or government agencies. Central banks or government regulators could be “observer nodes” to monitor activity where relevant. Early implementation is being conducted by the World Bank with their 2018 “bond-i” project.
Know-your-customer (KYC) and anti-money-laundering (AML) – Digital KYC/AML processes that leverage distributed ledger technology to track and share relevant customer payment and identity information to streamline processes. This may connect to a digital national identity platform or plug into pre-existing e-KYC or AML systems. Central banks exploring this include the Hong Kong Monetary Authority.
Information exchange and data sharing – The use of distributed or decentralized databases to create alternative systems for information and data sharing between or within related government or private sector institutions. Central banks exploring include the Central Bank of Brazil.
Trade finance – The employment of a decentralized database and functionality to enable faster, more efficient and more inclusive trade financing. Improves on today’s trade finance processes, which are often paper-based, labour-intensive and time-intensive. Customer information and transaction histories are shared between participants in the decentralized database while maintaining privacy and confidentiality where needed. Central banks exploring this include the Hong Kong Monetary Authority.
Cash money supply chain – The use of distributed ledger technology for issuing, tracking and managing the delivery and movement of cash from production facilities to the central bank and commercial bank branches; could include the ordering, depositing or movement of funds, and could simplify regulatory reporting. Central banks exploring this include the Eastern Caribbean Central Bank.
Customer SEPA Creditor Identifier (SCI) provisioning – Blockchain-based decentralized sharing repository for SEPA credit identifiers managed by the central bank and commercial banks in the SEPA debiting scheme. This is a faster, streamlined and decentralized system for identity provisioning and sharing. It can replace pre-existing manual and centralized processes that are time- and resource-intensive, as seen in the Bank of France’s Project MADRE implementation.
Emerging economies may benefit most: Cambodia, Thailand and South Africa and others experimenting
The National Bank of Cambodia will be one of the first countries to deploy blockchain technology in its national payments system for use by consumers and commercial banks. It is implementing blockchain technology in the second half of 2019 as an experiment to support financial inclusion and greater banking system efficiency.
The Bank of Thailand and the South African Reserve Bank, among others, are experimenting with CBDC in large-scale pilots for interbank payment and settlement efficiency. The Eastern Caribbean Central Bank is exploring the suitability of distributed ledger technology (DLT) to advance multiple goals, from financial inclusion and payments efficiency to payment system resilience against storms and hurricanes.
“Over the next four years, we should expect to see many central banks decide whether they will use blockchain and distributed ledger technologies to improve their processes and economic welfare,” Lannquist said. “Given the systemic importance of central bank processes, and the relative freshness of blockchain technology, banks must carefully consider all known and unknown risks to implementation.”
Ten Ways the C-Suite Can Protect their Company against Cyberattack
Cyberattacks are one of the top 10 global risks of highest concern in the next decade, with an estimated price tag of $90 trillion if cybersecurity efforts do not keep pace with technological change. While there is abundant guidance in the cybersecurity community, the application of prescribed action continues to fall short of what is required to ensure effective defence against cyberattacks. The challenges created by accelerating technological innovation have reached new levels of complexity and scale – today responsibility for cybersecurity in organizations is no longer one Chief Security Officer’s job, it involves everyone.
The Cybersecurity Guide for Leaders in Today’s Digital World was developed by the World Economic Forum Centre for Cybersecurity and several of its partners to assist the growing number of C-suite executives responsible for setting and implementing the strategy and governance of cybersecurity and resilience. The guide bridges the gap between leaders with and without technical backgrounds. Following almost one year of research, it outlines 10 tenets that describe how cyber resilience in the digital age can be formed through effective leadership and design.
“With effective cyber-risk management, business executives can achieve smarter, faster and more connected futures, driving business growth,” said Georges De Moura, Head of Industry Solutions, Centre for Cybersecurity, World Economic Forum. “From the steps necessary to think more like a business leader and develop better standards of cyber hygiene, through to the essential elements of crisis management, the report offers an excellent cybersecurity playbook for leaders in public and private sectors.”
“Practicing good cybersecurity is everyone’s responsibility, even if you don’t have the word “security” in your job title,” said Paige H. Adams, Global Chief Information Security Officer, Zurich Insurance Group. “This report provides a practical guide with ten basic tenets for business leaders to incorporate into their company’s day-to-day operations. Diligent application of these tenets and making them a part of your corporate culture will go a long way toward reducing risk and increasing cyber resilience.”
“The recommendation to foster internal and external partnerships is one of the most important, in my view,” said Sir Rob Wainwright, Senior Cyber Partner, Deloitte. “The dynamic nature of the threat, not least in terms of how it reflects the recent growth of an integrated criminal economy, calls on us to build a better global architecture of cyber cooperation. Such cooperation should include more effective platforms for information sharing within and across industries, releasing the benefits of data integration and analytics to build better levels of threat awareness and response capability for all.”
The Ten Tenets
1. Think Like a Business Leader – Cybersecurity leaders are business leaders first and foremost. They have to position themselves, teams and operations as business enablers. Transforming cybersecurity from a support function into a business-enabling function requires a broader view and a stronger communication skill set than was required previously.
2. Foster Internal and External Partnerships – Cybersecurity is a team sport. Today, information security teams need to partner with many internal groups and develop a shared vision, objectives and KPIs to ensure that timelines are met while delivering a highly secure and usable product to customers.
3. Build and Practice Strong Cyber Hygiene – Five core security principles are crucial: a clear understanding of the data supply chain, a strong patching strategy, organization-wide authentication, a secure active directory of contacts, and encrypted critical business processes.
4. Protect Access to Mission-Critical Assets – Not all user access is created equal. It is essential to have strong processes and automated systems in place to ensure appropriate access rights and approval mechanisms.
5. Protect Your Email Domain Against Phishing – Email is the most common point of entry for cyber attackers, with the median company receiving over 90% of their detected malware via this channel. The guide highlights six ways to protect employees’ emails.
6. Apply a Zero-Trust Approach to Securing Your Supply Chain – The high velocity of new applications developed alongside the adoption of open source and cloud platforms is unprecedented. Security-by-design practices must be embedded in the full lifecycle of the project.
7. Prevent, Monitor and Respond to Cyber Threats – The question is not if, but when a significant breach will occur. How well a company manages this inevitability is ultimately critical. Threat intelligence teams should perform proactive hunts throughout the organization’s infrastructure and keep the detection teams up to date on the latest trends.
8. Develop and Practice a Comprehensive Crisis Management Plan – Many organizations focus primarily on how to prevent and defend while not focusing enough on institutionalizing the playbook of crisis management. The guide outlines 12 vital components any company’s crisis plan should incorporate.
9. Build a Robust Disaster Recovery Plan for Cyberattacks – A disaster recovery and continuity plan must be tailored to security incident scenarios to protect an organization from cyberattacks and to instruct on how to react in case of a data breach. Furthermore, it can reduce the amount of time it takes to identify breaches and restore critical services for the business.
10. Create a Culture of Cybersecurity – Keeping an organization secure is every employee’s job. Tailoring trainings, incentivizing employees, building elementary security knowledge and enforcing sanctions on repeat offenders could aid thedevelopment of a culture of cybersecurity.
In the Fourth Industrial Revolution, all businesses are undergoing transformative digitalization of their industries that will open new markets. Cybersecurity leaders need to take a stronger and more strategic leadership role. Inherent to this new role is the imperative to move beyond the role of compliance monitors and enforcers.
Moving First on AI Has Competitive Advantages and Risks
Financial institutions that implement AI early have the most to gain from its use, but also face the largest risks. The often-opaque nature of AI decisions and related concerns of algorithmic bias, fiduciary duty, uncertainty, and more have left implementation of the most cutting-edge AI uses at a standstill. However, a newly released report from the World Economic Forum, Navigating Uncharted Waters, shows how financial services firms and regulators can overcome these risks.
Using AI responsibly is about more than mitigating risks; its use in financial services presents an opportunity to raise the ethical bar for the financial system as a whole. It also offers financial services a competitive edge against their peers and new market entrants.
“AI offers financial services providers the opportunity to build on the trust their customers place in them to enhance access, improve customer outcomes and bolster market efficiency,” says Matthew Blake, Head of Financial Services, World Economic Forum. “This can offer competitive advantages to individual financial firms while also improving the broader financial system if implemented appropriately.”
Across several dimensions, AI introduces new complexities to age-old challenges in the financial services industry, and the governance frameworks of the past will not adequately address these new concerns.
Explaining AI decisions
Some forms of AI are not interpretable even by their creators, posing concerns for financial institutions and regulators who are unsure how to trust solutions they cannot understand or explain. This uncertainty has left the implementation of cutting-edge AI tools at a standstill. The Forum offers a solution: evolve past “one-size-fits-all” governance ideas to specific transparency requirements that consider the AI use case in question.
For example, it is important to clearly and simply explain why a customer was rejected for a loan, which can significantly impact their life. It is less important to explain a back-office function whose only objective is to convert scans of various documents to text. For the latter, accuracy is more important than transparency, as the ability of this AI application to create harm is limited.
Beyond “explainability”, the report explores new challenges surrounding bias and fairness, systemic risk, fiduciary duty, and collusion as they relate to the use of AI.
Bias and fairness
Algorithmic bias is another top concern for financial institutions, regulators and customers surrounding the use of AI in financial services. AI’s unique ability to rapidly process new and different types of data raise the concern that AI systems may develop unintended biases over time; combined with their opaque nature such biases could remain undetected. Despite these risks, AI also presents an opportunity to decrease unfair discrimination or exclusion, for example by analyzing alternative data that can be used to assess ‘thin file’ customers that traditional systems cannot understand due to a lack of information.
The widespread adoption of AI also has the potential to alter the dynamics of the interactions between human actors and machines in the financial system, creating new sources of systemic risk. As the volume and velocity of interactions grow through automated agents, emerging risks may become increasingly difficult to detect, spread across various financial institutions, Fintechs, large technology companies, and other market participants. These new dynamics will require supervisory authorities to reinvent themselves as hubs of system-wide intelligence, using AI themselves to supervise AI systems.
As AI systems take on an expanded set of tasks, they will increasingly interact with customers. As a result, fiduciary requirements to always act in the best interests of the customer may soon arise, raising the question if AI systems can be held “responsible” for their actions – and if not, who should be held accountable.
Given that AI systems can act autonomously, they may plausibly learn to engage in collusion without any instruction from their human creators, and perhaps even without any explicit, trackable communication. This challenges the traditional regulatory constructs for detecting and prosecuting collusion and may require a revisiting of the existing legal frameworks.
“Using AI in financial services will require an openness to new ways of safeguarding the ecosystem, different from the tools of the past,” says Rob Galaski, Global Leader, Banking & Capital Markets, Deloitte Consulting. “To accelerate the pace of AI adoption in the industry, institutions need to take the lead in developing and proposing new frameworks that address new challenges, working with regulators along the way.”
For each of the above described concerns, the report outlines the key underlying root causes of the issue and highlights the most pressing challenges, identifies how those challenges might be addressed through new tools and governance frameworks, and what opportunities might be unlocked by doing so.
The report was prepared in collaboration with Deloitte and follows five previous reports on financial innovation. The World Economic Forum will continue its work in Financial Services, with a particular focus on AI’s connections to other emerging technologies in its next phase of research through mid-2020.
US Blacklist of Chinese Surveillance Companies Creates Supply Chain Confusion
The United States Department of Commerce’s decision to blacklist 28 Chinese public safety organizations and commercial entities hit at some of China’s most dominant vendors within the security industry. Of the eight commercial entities added to the blacklist, six of them are some of China’s most successful digital forensics, facial recognition, and AI companies. However, the two surveillance manufacturers who made this blacklist could have a significant impact on the global market at large—Dahua and Hikvision.
Putting geopolitics aside, Dahua’s and Hikvision’s positions within the overall global digital surveillance market makes their blacklisting somewhat of a shock, with the immediate effects touching off significant questions among U.S. partners, end users, and supply chain partners.
Frost & Sullivan’s research finds that, currently, Hikvision and Dahua rank second and third in total global sales among the $20.48 billion global surveillance market but are fast-tracking to become the top two vendors among IP surveillance camera manufacturers. Their insurgent rise among IP surveillance camera providers came about due to both companies’ aggressive growth pipelines, significant product libraries of high-quality surveillance cameras and new imaging technologies, and low-cost pricing models that provide customers with higher levels of affordability.
This is also not the first time that these two vendors have found themselves in the crosshairs of the U.S. government. In 2018, the U.S. initiated a ban on the sale and use of Hikvision and Dahua camera equipment within government-owned facilities, including the Department of Defense, military bases, and government-owned buildings. However, the vague language of the ban made it difficult for end users to determine whether they were just banned from new purchases of Dahua or Hikvision cameras or if they needed to completely rip-and-replace existing equipment with another brand. Systems integrators, distributors, and even technology partners themselves remained unsure of how they should handle the ban’s implications, only serving to sow confusion among U.S. customers.
In addition to confusion over how end users in the government space were to proceed regarding their Hikvision and Dahua equipment came the realization that both companies held significant customer share among commercial companies throughout the U.S. market—so where was the ban’s line being drawn for these entities? Were they to comply or not? If so, how? Again, these questions have remained unanswered since 2018.
Hikvision and Dahua each have built a strong presence within the U.S. market, despite the 2018 ban. Both companies are seen as regular participants in industry tradeshows and events, and remain active among industry partners throughout the surveillance ecosystem. Both companies have also attempted to work with the U.S. government to alleviate security concerns and draw clearer guidelines for their sales and distribution partners throughout the country. They even established regional operations centers and headquarters in the country.
While blacklisting does send a clearer message to end users, integrators, and distributors—for sales and usage of these companies’ technologies—remedies for future actions still remain unclear. When it comes to legacy Hikvision and Dahua cameras, the onus appears to be on end users and integrators to decide whether rip-and-replace strategies are the best way to comply with government rulings or to just leave the solutions in place and hope for the best.
As far as broader global impacts of this action, these will remain to be seen. While the 2018 ban did bring about talks of similar bans in other regions, none of these bans ever materialized. Dahua and Hikvision maintained their strong market positioning, even achieving higher-than-average growth rates in the past year. Blacklisting does send a stronger message to global regulators though, so market participants outside the U.S. will just have to adopt a wait-and-see posture to see how, if at all, they may need to prepare their own surveillance equipment supply chains for changes to come.
ADB Program to Help Improve Education and Health in Armenia
The Asian Development Bank (ADB) has approved a $10 million policy-based loan (in euro equivalent) to assist the Government of...
ICC gives greenlight for probe into violent crimes against Rohingya
Judges of the International Criminal Court (ICC) on Thursday authorized an investigation into alleged crimes against humanity, namely deportation, which have forced between 600,000 and one million Rohingya refugees...
EU chief prosecutor Laura Kovesi needs media freedom to do her job
Last month, Laura Codruta Kovesi, the former chief prosecutor of Romania’s National Anti-corruption Directorate, was officially confirmed as the first...
The Intellectual Doomsday Clock: 30 Seconds to Midnight?
As someone who has dedicated his entire professional career to higher education, to engaging young minds and striving to advance...
Hyatt Launches Three Global Initiatives to Significantly Reduce Single-Use Plastics
Hyatt Hotels Corporation is announcing a series of initiatives to reduce waste at Hyatt hotels globally, including introducing large-format bathroom...
Belt and Road Initiative: Challenging South and Southeast Asia
The euphoria about the Belt and Road Initiative (BRI) in Indonesia and elsewhere in South and Southeast Asia (SEA) has...
Russia, Africa and the Debts
Long seen as a strategic partner, Russia has opened a new chapter and started building better relations with Africa, and...
Europe3 days ago
Bulgarian far-right to shut down largest human rights NGO in Bulgaria
Europe2 days ago
Why German car giant Volkswagen should drop Turkey
Eastern Europe3 days ago
Strategic Black Sea falls by the wayside in impeachment controversy
Americas3 days ago
The coup in Bolivia shines yet more dark light on America
Energy2 days ago
What would it take to limit the global temperature rise to 1.5 °C?
Middle East2 days ago
Iran’s next parliamentary election hinges on economic problems, US sanctions effective
Europe3 days ago
The future of Brexit: Where will Boris Johnson’s “fatal strategy” lead Britain to?
Africa2 days ago
China’s ties with Africa go beyond the “debt trap”