Table of Contents
The Basel Committee on Banking Supervision (BCBS) has raised concerns about permissionless blockchains that are open to the public. In an official blog post, the body that sets international standards for global banking stated that the problem does not lie with the fact that these blockchains are public, but rather that concerns arise because these networks are permissionless. The authors who collaborated on this blog posted by the BCBS have expressed their concerns and offered workable solutions to mitigate risks surrounding the use of permissionless blockchains by financial institutions.
Understanding Permissionless Blockchains
Permissionless blockchains are also known as trustless or public blockchains, which are open networks that anyone can access. These networks have fewer restrictions to guide users towards ethical financial practices. As explained by the Federal Reserve Board, a “permissionless blockchain network is a system of physically distributed computers running a copy of a shared ledger and using the same software rules that allow all network participants to read, submit, and validate transactions.”
Permissionless blockchains allow anyone with web connectivity to join the network and process financial transactions, view the blockchain code, operate a node, and even participate in the governance of the network. Bitcoin, Ethereum, and BNB Smart Chains are by Binance Academy.
BCBS paper raises concerns about permissionless blockchains
The paper describes permissionless blockchains as networks that impose no restrictions on who can participate in the consensus process used to validate transactions and data. They are decentralized across unknown parties. The distributed governance model of permissionless blockchains is a major concern for banking systems, according to the BCBS article.
“This distributed governance can pose challenges in addressing bugs or security vulnerabilities and increase the risk of asset loss on these blockchains,” the article states. “Depending on the degree to which governance is decentralized, banks may have difficulty conducting effective due diligence and third-party oversight.”
Other issues with permissionless blockchains cited by the BCBS include the risk of technological attacks, legal and compliance risks, abuse for money laundering and financial terrorism, and foreseeable shortcomings in settlement processing.
Proposed solutions to mitigate risks
Business Continuity Planning (BCP) has been identified as a key mitigator for addressing issues with permissionless blockchains. BCP helps establish rules and protocols to prevent and recover from system failures, such as cyberattacks or data loss.
The BCBS proposes that technology-based controls can be implemented to manage issues surrounding these blockchains, particularly to monitor transactions and address risks related to privacy, confidentiality and consumer protection.
“Permissionless blockchains create risks that fall within existing risk taxonomies – primarily operational risk and to a lesser extent liquidity risk and market risk. Banks have experience managing these types of risks, but permissionless blockchains introduce some new challenges that may require new or additional methods to manage risk,” the article reads.
The financial institution acknowledged that risk mitigation practices for permissionless blockchains are still in development. These practices need to be tested to ensure they perform as expected under stress.
“While technology-based solutions to these risks are not yet mature, rapid developments may generate new solutions (and risks) that may benefit from further investigation,” the document said.
