Blockchain Financial Technology. An in depth background of FinTech and how it makes banking easier.
Credit Unions are of The People, by The People, and for The People – but Powered by Technology.
Part 2: Blockchain Financial Technology
Before we dive into blockchain financial technology (FinTech), I want to share a couple of comments I received from Part 1, A Historical Perspective. The most critical comments came from Friends and Family. One of my buddies from high school – we’ll call him “Red” to protect his identity and my ego – simply said, “I’m listening…” which is Red’s way of saying, “What kind of horse apples are you trying to sell people?” A family member – we’ll just use the acronym “MOM” for anonymity – told me she is disappointed that I am shilling “that internet funny money.” Apparently, the Crowd at the Senior Center is not impressed.
Perhaps this is a good backdrop for discussing a blockchain-based Credit Union (CU). Red and MOM are like a lot of people we are trying to educate about blockchain.
If we have any hope of gaining broad acceptance outside of an early-adopter group like our Government Blockchain Association (GBA), we need to engage people by explaining how the features of this new FinTech will deliver what banking customers are currently demanding from the market:
· Make banking easy, cheap, and fast with an excellent customer experience and simple user interface.
· Pay higher dividends on savings, charge lower interest on loans, and eliminate monthly charges and punitive fees.
· Provide products available at large retail banks and access to the latest FinTech products.
· Ensure that transactions are both secure and private.
Trust
Some argue that how banking technology works is less important than a customer’s trust that the technology does work – and works like customers expect it to work. Few readers really know how the banking core at their current CU or bank operates, but they trust that it does work because regulators have audited the code. They know that transactions made on their cell phone or laptop can be confirmed on their monthly statements or at their local branch. Trust in mobile and internet banking came over time – it was important that early adopters used it and proved that the systems function as advertised.
Trust is key in this discussion. Blockchain experts talk about creating a trustless system when they really mean creating a system in which the technology is trusted such that people are comfortable making financial transactions without an intermediary (teller, broker, lawyer, etc.).
Granting such trust is a big ask for many people at this early stage. Perhaps the only way to bridge the adoption gap to the far reaches of MOM and the Senior Center Crowd is through the Missouri Approach – Show Me. We thank our GBA Membership and the National Credit Union Administration (NCUA) for allowing the proposed Maven Federal Credit Union (p-MFCU) to do just that. I think we can still grab the attention of Red and others like him by explaining some of the underlying technology. Otherwise, there wouldn’t be much need for Part 2 of this series, would there? I’m really excited about Part 3 (Is a Credit Union a DAO?) as well. But I digress…
Definitions
Let’s start by defining some of the concepts needed to understand blockchain FinTech. I will relate these to Financial Institutions (FI) and the CU space as much as possible. I may sacrifice preciseness just a bit to keep this from becoming a deep dive into regulations and computer science.
Ledgers are the core records of any FI. These are the books updated to record all transactions executed within or by the FI. This can be a simple paper ledger, a spreadsheet on a laptop, or a complex financial database operated in an enterprise or cloud computing environment.
Most often these are centralized ledgers – a single ledger held and managed by the ledger owner. A transaction is validated by a teller, manager, ATM, central database process, etc., and recorded into the central ledger. Computer systems accomplish this using banking core software to update the central database ledger. Periodic audits determine the accuracy of these transactions and correct any mistakes made in the data recording process.
A regulatory body such as the NCUA also is centralized in that it creates policy and implements CU regulations for all U.S. CUs. These policies and regulations come from laws put in place by the U.S. Government. This system is necessarily centralized and authoritarian, ensuring that these are applied equally to all CUs.
Some FIs use Distributed Ledger Technology (DLT) as a risk management and continuity of operations strategy. According to TechTarget (see Figure 1), DLT is a digital system for recording transactions and their details in multiple places (network nodes) at the same time. Unlike traditional databases, distributed ledgers have no central data store or administration functions. Therefore, DLT is a decentralized system because the data on each distributed ledger node has equal authority and validity, and no single node can override the others. Each node operates from a complete copy of the ledger and processes and verifies every transaction, thereby generating a record of each item. Tee validation nodes participate in the consensus process (the vote) that determines a transaction’s legitimacy. DLT is self-auditing since the decentralized nodes (distributed ledgers) must agree that the transaction is accurate and valid before that item is written to the databases. All nodes can see who is using and modifying the ledger, so DLT provides a high level of trust among the participants and practically eliminates the chance of fraud from an insider trying to modify the ledger. Basically, every node witnesses any crime being committed, by whom, and can intercede to block the crime from happening. The structure of DLT ensures the security, transparency, and immutability of the distributed ledger.
DLT also ensures FI resiliency – an FI’s ability to continue or rapidly restart operations following a natural or man-made disaster. Each DLT network node contains a complete copy of the ledger, so if one node goes down or is compromised, then the FI can continue operating using the remaining nodes. If a node goes down and then rejoins the DLT network, it polls the other nodes to validate and copy the latest ledger, and then continues to participate. DLT nodes are usually geographically distributed and use different power and communications sources to reduce the risk of infrastructure failure through natural disasters or human interference. As long as a single node is available or recovered, the FI can completely regenerate itself and quickly restart operations.
Blockchain is a type of DLT with additional cryptography and a defined database structure. As the name implies, verified data is written in blocks that are chained together using cryptographic keys that ensure the blockchain distributed ledger remains intact and unaltered. This creates a chronological, immutable history of all transactions stored on every validation node. Even if the Blockchain is determined to have an error, that error can only be corrected by appending a new data block with the correction. No one can go back and change history.
I heard a good explanation of blockchain technology from Samson Williams. He and George Pullen have this example in chapter five of their book, Blockchain & The Space Economy (The Space Economy Series). To paraphrase:
I’m on a group text message with my five siblings. We decide to use the group text to track the money we borrow from each other. We each start with a message stating that we are in for $20. Then I text the group that I just sent Kathy $5 and Sue Ann $10. Kathy texts that she sent Andrea and Steven $10 each. Tony is looking for an extra $15, so he can spend $35 on a half-tank of gas. Tony looks back through the group text chain and sees that Kathy and I don’t have $15 left, so he needs to get it from one of the others. Each of us (the Family Members) acts as a node in the Family Network that validates the transactions. Steven certainly will inform us if the $10 Kathy sent didn’t show up. If Andrea needs to get a new phone because she dropped hers into Lake Superior again, she can get a complete copy of the most recent text message chain from any sibling and get right back to transacting money from her new phone. This group text message example is a simplified blockchain.
What if a CU chooses the operators of the validation nodes in a blockchain network, or operates the nodes themselves? Is that network really decentralized? Some call such a network a Private Blockchain. Blockchain Purists will say that a private blockchain network is under centralized control, so it is less trustworthy than a public blockchain that functions with independent, public validation nodes. It is hard to call a single node a network, either. But the network will grow as more members, vendors, and CUs are added. This will increase decentralization as well.
Public blockchains enhance transparency by allowing anyone to view certain information about a validated transaction. This may include the time and date stamp, the value, any fees paid, the public wallet addresses of the transacting parties, and the address of any Smart Contract used in the transaction.
A crypto wallet is just a piece of hardware or software used to store your private security keys and keep your cryptocurrency and tokens safe and accessible. It has a private address and at least one public address. Think about your crypto wallet as an electronic safe that allows you to send, receive, and spend cryptocurrencies (Bitcoin and Ethereum) and other tokens and digital assets (digital receipts for dollars on account). The public wallet address allows you to transact with some level of privacy without giving out the combination to the safe (the private address) or leaving the safe open so anyone can take your money (private security keys). Another way to think about it is that your public wallet address is like your credit card number – it identifies the account responsible for the money you spend. The private address is the security code on the back of the card, along with your zip code, that that you enter to tell the credit card company that it is you making the purchase.
A Smart Contract is just the computer code that allows a transaction to occur. For example, a Smart Contract for funds transfer from Person 1 to Person 2 might look like:
1. If Person 1 and Person 2 agree to the transaction of digital assets, and
2. If Person 1 and Person 2 have rights to their wallets that can send and receive the digital assets, and
3. If Person 1’s wallet contains enough of the digital assets to make the transaction, then
4. Transfer the agreed-upon digital assets from Person 1’s wallet to Person 2’s wallet.
5. Validate the transaction on the network, and
6. Make the validated digital assets available to Person 2 to transact unencumbered.
You can think of a smart contract as a paper contract with terms and conditions but without requiring a lawyer to execute it. Smart contracts are pre-written for common transactions or are automatically generated by the blockchain network.
You can see that blockchain technology, alone, is not cryptocurrency. It was made popular by the first protocol to become famous – Bitcoin – and its cryptocurrency, bitcoin. Still, many people who hear the word blockchain automatically think of bitcoin. I guess this is understandable, but I want to be very clear [Take note MOM and the Senior Center Crowd]: the p-MFCU will be built on blockchain technology, not Bitcoin. As is currently the case with all CU electronic transactions, Members of the p-MFCU will transact in digital receipts representing local fiat currency – the U.S. Dollar. Blockchain technology simply allows p-MFCU to handle CU transactions better than using a standard banking core and a centralized ledger database.
Now that we have the basic technical concepts defined, let’s start looking at the features we want in the p-MFCU.
Privacy
The balance between privacy and transparency is a real conundrum in the blockchain space. Public blockchains such as Bitcoin and Ethereum allow every transaction to be published using public wallet addresses. The U.S. and the E.U. have financial privacy laws protecting consumers’ transaction privacy in licensed FIs. Is the level of privacy provided by public wallet addresses sufficient to meet both legal and consumer requirements?
Maybe, but a better question is: can we create a system that meets legal requirements and allows the CU Member to decide what level of privacy they require and under what conditions they choose to release their privacy information? Your data – your decision. How can we make this happen? Read on…
When you open a CU account, you are required to present information to verify your identity and the CU is required to ensure that you are not being sanctioned or otherwise restricted from the U.S. financial system. This is part of the Know Your Customer/Anti-Money Laundering/Bank Secrecy Act (KYC/AML/BSA) screening process in the U.S. Of course, the IRS wants their pound of flesh as well. So, banks have to keep copies of all my personal information, right?
Not really. Once you go through the KYC/AML/BSA process, the CU does not have to store your privacy information in your account! The CU only needs the ability to retrieve this information and associate it with your account if needed. The CU only needs a record that the KYC/AML/BSA process was completed successfully. This can be accomplished with a Privacy Token!
The privacy token is cryptographically generated on a Privacy blockchain when the Member completes the KYC/AML/BSA process. Part of the privacy token is placed in the Member’s wallet and the other part is associated with the Member’s CU account on the CU Transaction blockchain. When a Member attaches their wallet to the CU Transaction blockchain, the Member’s privacy token and the CU’s privacy token for that member combine to create an encrypted connection between the Member’s wallet and the CU transaction blockchain. Neither part of the privacy token contains the Member’s privacy information and there is no username or password to remember!
Transactions and Compliance
Since the proposed MFCU will use Privacy Tokens, can we simply write all Member transactions to a Public blockchain, right? Maybe, but consider the following:
Companies like Chainalysis make a good living collecting data from public blockchains, analyzing it, and selling the results and conclusions to their clients. The detail that comes from such analysis is both surprising and impressive. But who are these clients? Why should they have our detailed information and what are they doing with it? It is in the Members’ interest for their transaction data to be protected using permissioned access. Let us close the window shades on Chainalysis and the other blockchain analytics companies to keep them from peeping into the private lives of our Members.
The p-MFCU will use blockchain automation to achieve 100% legal and regulatory compliance. Our job is to serve the best interests of our Membership in full compliance with regulations and the law. By using compliance algorithms rather than humans, the rules will be applied to the Membership equally – without discrimination or bias. This also makes it simple to provide law enforcement access to only the specific information authorized by court order.
Public blockchains are useful for some CU operations. CU information published by the NCUA should be available on a public blockchain. This includes the Annual Audit and Members Reports and the Quarterly Data Summary Reports that inform the public and prospective Members about a CU’s health and viability. Blockchain technology makes it possible to keep the CU reports up to date in near real-time. Instead of publishing static reports weeks after they are finalized, an active dashboard can present updated summary data almost as fast as transactions are validated on the network. Some operational information should be written to the public CU blockchain including Board and Committee actions and meeting minutes, vendor contract awards, expenditures, governance voting outcomes, etc.
Validation
The CU transaction validation schematic is shown in Figure 2. The CU network will have validation nodes to process transactions, security nodes to monitor the validation nodes for malicious activity, and storage nodes to store the blockchain. CU Members can choose to participate and earn additional dividends as follows:
· Buy or lease a computer server and stake funds to operate a validation node.
· Delegating shares to an existing node operator.
· Use a desktop or laptop (eventually just a cell phone) to help monitor the validation nodes for signs of malicious activities.
· Use spare disk space on a computer or cell phone to help store encrypted pieces of the blockchain.
Summary
I hope this basic knowledge of the FinTech behind p-MFCU helps you understanding why blockchain is so important to the banking industry. It all comes down to risk reduction – whether that comes from blockchain’s security, increased transparency, transaction immutability, or privacy protection. Risk reduction lowers operating costs and increases returns to the shareholders – the CU Members. This will reduce CU operating costs by as much as 60%, and may finally stop the rampant CU consolidation that was discussed in Part 1 of this series. In fact, the goal of implementing this FinTech is to cultivate a Renaissance in Community Banking, Community Development, and Personal Financial Sovereignty – led by the American Credit Union Movement.
In Part 3 of this series, we will look at Distributed Autonomous Organization (DAO) structures and talk about whether a CU can become a DAO. As always, I appreciate your comments (MOM, go easy this time…).
