To start a new section, hold down the apple+shift keys and click to release this object and type the section title in the box below. Regulation and governance Security and privacy Regulations have always struggled to keep up with While cryptocurrencies like Bitcoin offer pseudonymity advances in technology. Indeed, some technologies like (Bitcoin transactions are tied to ‘wallets’ rather than to the Bitcoin blockchain bypass regulation completely to individuals), many potential applications of the blockchain tackle inefficiencies in conventional intermediated payment require smart transactions and contracts to be indisputably networks. One of the other challenges of the blockchain linked to known identities, and thus raise important approach, which was also one of its original motivations, is questions about privacy and the security of the data stored that it reduces oversight. and accessible on the shared ledger. Centralised systems, particularly in financial services, also Some argue that while no technology is completely secure, “act as shock absorbers in times of crisis” despite their no one has yet managed to break the encryption and 35 36 challenges and bottlenecks. Decentralised networks decentralised architecture of a blockchain. Identities can be much less resilient to shocks, which can impact created within a blockchain would be unique and offer participants directly, unless careful thought is given to their a higher level of assurance that the party was who they design. claim to be. But these claims do not take away from the need for every organisation adopting the technology to There is thus a strong argument for blockchain applications consider how privacy and security can inform the design. to work within existing regulatory structures not outside In particular, driving public acceptance of blockchain of them, but this means that regulators in all industries applications will likely mean proactively framing the have to understand the technology and its impact on the discussion of privacy around concepts of value, security businesses and consumers in their sector. and trust. Key questions every leader should ask: Key questions every leader should ask: • How do current regulations impact our application of • How are we applying security to our application and is blockchain? privacy a priority? • Where are current regulations lacking? • Who has access to the ledger and how is access controlled? • What will a regulator want to know about our application? • How are updates to the software or application agreed and made? • How do we work with the regulator to bring our application to market? • Have we thought about what our customers think about our application beforehand? • What else might we have to do alongside the existing rules to keep regulators happy? • How are we engaging with our customers? 12