EU Cybersecurity Agency Advises Financial Institutions How to Deal With Blockchain

The European Network and Information Security Agency, hereinafter ENISA, an independent government agency which serves the European Commission and EU states, released a paper on Blockchain to assist banks and financial institutions in developing and implementing Blockchain technology.

Essentially, the goal of the ENISA is to establish a base roadmap or a strategy for companies to follow in the process of implementing Blockchain technology with partner firms.

Currently, the majority of financial institutions and banking groups are looking into the development and integration of Blockchain technology through partnerships with Blockchain startups like R3CEV, Axoni and Ripple. In collaboration with competing institutions, banks work in a consortium-like ecosystem wherein partner banks cooperate with each other to implement cross-bank and cross-border Blockchain-based financial networks.

Security

Over the past two years, in spite of over $1 bln being spent on a yearly basis to fund Blockchain projects and operations, the Blockchain and the traditional financial industries have struggled to see the emergence of a commercially successful Blockchain.

Although many banks have claimed effective testing of the technology, they were not able to utilize Blockchain technology to help optimize operations for the benefits of average consumers.

Two major issues arise when a bank or a financial institution is attempting to implement Blockchain technology. The first is the problem of security because banks are focused on the development of permissioned networks wherein administrators have the authority to alter or manipulate transactions. The permissioned or centralized characteristics of bank-Blockchain platforms lead to serious security issues that can not be resolved without replicating legitimate cryptographic work found in cryptocurrencies like Bitcoin & Monero.

Susan McLean, attorney for Morrison & Foerster LLP, says:

“Although the appetite for Blockchain remains, firms are aware of the potential risks and challenges with the technology which will need to be addressed before the technology is adopted. Particularly given the regulated nature of the sector and the potential size and scale of transactions that could be processed, security remains a key concern.”

Regulation

The second issue revolves around conflicts between banks and regulators. The financial industry is arguably the most heavily regulated market across all industries. In order for banks to obtain approval for the deployment of new technologies that will underpin the entire banking system, they are required to undergo an extensive process of licensing and verification.

“In addition to a focus on anti-money laundering and fraud tools, the report raises the issues of interoperability of protocols and legal provisions and tools for implementing privacy compliance. In particular, it recommends the financial services industry in cooperation with the regulators to define what is to be kept confidential in order to remain compliant with regulatory requirements,” adds Susan McLean.