Dec 17, 2019 Philip Burgess
Blockchain was one of the three technologies we mentioned that are helping companies strengthen anti-money laundering (AML) efforts. Graph-based databases and biometric identification also received recognition (no surprise there). But what distinguishes blockchain from the latter two technologies?
A survey from Let's Talk Payments and Infosys Finacle found 80 percent of bankers expect to adopt the technology at a commercial scale by 2020. In fact, half of respondents said they planned to invest in blockchain this year. Here's why financial institutions are staking a claim in blockchain.
How Blockchain Works
Blockchain operates as a distributed ledger that exists across multiple nodes. These nodes could be physical computers owned and operated by businesses, consumers, or whomever. The ledger stores the details of every transactions associated with the blockchain's participants. The World Economic Forum outlined how it works in practice:
- Sharon and Lou are part of a blockchain.
- Suppose Sharon wants to send money to Lou.
- The transactions is rendered as a block.
- Nodes across the blockchain receive a broadcast that the transaction is occurring.
- The blockchain nodes approve the transaction as valid.
- The block is added to the chain an indelible, conspicuous record of all transactions.
- Finally, Lou receives Sharon's money.
Medium explained that the distributed ledger is actually "a network of replicated databases" that are distributed across the internet. You can't make a change to one database without that same adjustment applying to the rest. The ledgers can either be private and restricted to certain members or public and accessible to anyone with an internet connection.
"U.S. banks spent $7 billion adhering to AML regulations in 2015."
With respect to cybersecurity, blockchain has a distinct advantage over traditional, centralized databases. For one thing, if a hacker were to try to infiltrate a block and change the data, the block's "hash" - a unique identifier - would change as well. That would send a message to all the nodes on the network that the block is fake.
Blockchain As an AML Tool
Alright, so how does blockchain fit into AML? Deloitte provided some examples of how the technology could help FIs enhance their AML compliance efforts.
Blockchain's applications go far beyond payments. A bank could, in theory, use a distributed ledger to develop customer risk profiles in accordance with the U.S. Financial Crimes Enforcement Network's (FinCEN's) AML rules.
For example, the second step of the risk assessment process, as outlined by the Federal Financial Institutions Examination Council, warrants a detailed analysis of all data an FI gathers during the identification stage of customer due diligence. The second stage involves determining:
- How many domestic and international funds occurred over the course of a certain time period.
- Whether the identified customer as any foreign correspondent accounts.
- What the customer does for a living, and what that job entails.
A blockchain could document each stage of the customer due diligence process and the subsidiary steps across those stages. It's a more cost-effective method of proving an institution's compliance. In 2015, U.S. banks spent $7 billion adhering to AML regulations developed and enforced by the international Financial Action Task Force, according to PYMNTS.com
Barriers to Adoption
The technology's promising, but it does come with its own set of challenges. For one thing, in order to implement blockchain for all it's worth, Deloitte noted banks will have to either make significant changes to or completely replacing existing technologies.
Ask any bank operations specialists who has facilitated a core system merger, and he or she will tell you how much of a headache it causes. Imagine going through the same process and implementing a distributed ledger.
There are also more than a few security concerns. Christopher Woolard, director of strategy and competition at the U.K. Financial Conduct Authority, brought up a key issue: How would individuals gain access to a blockchain, and who would facilitate that access? After they've acquired that access, how much information should each node be able to see regarding a transaction?
The latter question is particularly concerning, because in order to approve transactions across a distributed ledger, each node has to validate the transaction. In theory, everybody would be able to see how much money each person has in his or her account. It'll take some pretty clever engineering to solve this problem.
To be clear, blockchain isn't a panacea for AML compliance challenges. It's possible the technology's applications will not venture into payments in the near future.