 clarified that its concern isn't with blockchains being public but rather with the fact that these networks are permissionless. The distributed governance model of permissionless blockchains is a significant source of concern for banking systems, according to the BCBS paper.){kind=link}
The Basel Committee on Banking Supervision (BCBS) has addressed concerns surrounding permissionless blockchains that can be accessed by the public. In an official blog post, the body that sets the international standards for global banking stated that its problem is not that these blockchains are public, but that the concerns arise because these networks do not require permission. The authors who have contributed to this blog published by the BCBS have addressed the concerns and offered viable solutions to mitigate the risks surrounding the use of permissionless blockchains by financial institutions.
Understanding permissionless blockchains
Permissionless blockchains allow anyone with an internet connection to join the network and process financial transactions, view the blockchain code, operate a node, and even participate in network governance. Bitcoin, Ethereum, and BNB smart chains have been included among the permissionless blockchains by Binance Academy.
BCBS paper lists concerns about permissionless blockchains
The paper describes permissionless blockchains as networks that do not limit who can participate in the consensus process used to validate transactions and data. They are decentralized between unknown parties. The distributed governance model of permissionless blockchains is a major concern for banking systems, according to the BCBS paper.
“This distributed governance may pose challenges in addressing security bugs or vulnerabilities and increase the risk of loss associated with assets that exist on these blockchains,” the paper notes. “Depending on the degree to which governance is decentralized, banks may struggle to conduct effective third-party due diligence and oversight.”
Other issues with permissionless blockchains listed by the BCBS include the risk of being technologically attacked, legal and compliance risks, exploitation for money laundering and financial terrorism, and foreseeable failures in settlement processing.
Proposed solutions to mitigate risks
Business continuity planning (BCP) has been identified as a key mitigant to address issues related to permissionless blockchains. BCP helps establish rules and protocols to prevent and recover from system failures, such as cyberattacks or data loss.
The BCBS suggests that technology-based controls could be implemented to manage issues related to these blockchains, specifically to monitor transactions and address risks related to privacy, confidentiality and consumer protection.
“Permissionless blockchains generate risks that fall into existing risk taxonomies: primarily operational risk, and to a lesser extent liquidity risk and market risk. Banks have experience managing these types of risks, but permissionless blockchains present some novel challenges that may require new or additional methods for managing risk,” the paper states.
The financial institution has acknowledged that risk mitigation practices for permissionless blockchains are still in development. These practices will need to be tested to ensure they perform as expected under stressful situations.
“While technological solutions to these risks are not yet mature, rapid advances may generate new solutions (and risks) that could benefit from further examination,” the document adds.