sb-eu logo
Story image

DTCC and Accenture unveil research on blockchain governance model

09 Sep 2019

The Depository Trust & Clearing Corporation and have published a whitepaper, Governing DLT Networks, introducing a distributed ledger technology (DLT) governance operating model to manage risks and consequences of an evolving DLT landscape, to ensure the safety and soundness of the network for the benefit of all participants and to better enable DLT to reach its full potential.

DLT has attracted global attention for its potential to modernise and improve corporate and enterprise operations.

The model proposed in the paper addresses the responsibilities and critical functions in operating and maintaining a DLT platform, including a governing function to make decisions that will affect activity, connectivity, software changes, contractual agreements and transaction finality for every participant across the entire network.

“The financial services industry has seen unprecedented growth in data and processing power over the last 50 years,” says DTCC chief technology architect Robert Palatnick.

“Distributed ledger technology, with its built-in consistency, security and privacy, holds great promise to transform the digital landscape, but DLT’s full potential will only be realised with the implementation of a strong and transparent governing model.”

The whitepaper introduces a DLT Governance Model (DLT-GM) for operating and maintaining a private, permissioned DLT platform including eight functional areas:

  1. Governance, providing the highest-level risk and control oversight, and strategic decision-making functions for the DLT network community with four distinct areas of responsibility: Steering Committee, Functional Working Group, Technical Working Group, Change Committee.
  1. Participant Lifecycle, including the management and operations of every aspect of onboarding a new network member, all the interactions during that member’s participation in the network and the steps to off-board a member.
  1. Runtime Operations, covering the day-to-day execution of the DLT implementation including major functions focused on DLT runbook operations such as monitoring, reporting, support, change and release management.
  1. Data Governance introduces new concepts around participant entitlement and confidentiality models, and reference data controls.
  1. Third-Party Management, highlighting the function assigned to supervise service providers and/or vendors connected to the Network.
  1. Platform Management, which is the DLT ecosystem version of the traditional “application development” model, adjusted to support the multiple layers of DLT.
  1. Infrastructure, to address oversight of the core network management functions, including managing third-party providers and defining ownership responsibility for ongoing infrastructure operations.
  1. Legal and Finance, to address areas including but not limited to vendor and licensing risk, patent risk, open-source risk and risk associated with crossing global borders, where tax models and reporting have yet to be discussed.

Accenture capital markets managing director Wynn Davies says, “The power of DLT can deliver significant operational efficiencies to the industry which will only be fully realised if we ensure that we all know how to play and reap the benefits together.”

“Working in collaboration with DTCC, Accenture has developed a governance model to manage the risks and consequences of a distributed ledger landscape, and we believe this governance paper is the beginning of a critical dialogue that needs to continue.

“Research, experimentation and learning about the challenges and potential for DLT-based governance processes will be essential as these platforms become more widely adopted.”

The DLT Governance Model (DLT-GM) outlined in the whitepaper is a critical component of DTCC’s Trade Information Warehouse (TIW) initiative to migrate an existing central, industry-wide ledger for Credit Default Swaps (CDS) from a legacy mainframe database to a DLT platform leveraging cloud.

DTCC is a post-trade market infrastructure for the global financial services industry.

From operating facilities, data centres and offices in 16 countries, DTCC, through its subsidiaries, automates, centralises and standardises the processing of financial transactions, mitigating risk, increasing transparency and driving efficiency for thousands of broker/dealers, custodian banks and asset managers.

Industry-owned and governed, the firm simplifies the complexities of clearing, settlement, asset servicing, data management, data reporting and information services across asset classes, bringing increased security and soundness to financial markets.

Story image
One in five employees download commercially sensitive files onto personal devices
Of these respondents, 40% admitted that the devices either had no password protection or no up-to-date security installed.More
Story image
Gartner names ThreatQuotient a representative vendor for SOAR
The company is listed in Gartner’s 2020 Market Guide for Security Orchestration, Automation and Response Solutions.More
Story image
How are industrial enterprises faring with the rise of cyber threats?
The majority of industrial enterprises face an increase in cyber threats since the COVID-19 pandemic began, according to a new report from Claroty titled The Critical Convergence of IT and OT Security in a Global Crisis.More
Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More