区块链在监管科技中的应用案例研究（英文版）.pdf

March 2020 (19:1) | MIS Quarterly Executive 19 The Financial Crisis and the Emergence of “Regtech” 1 Regulatory technology, or “regtech,” is a relatively new term used to describe the emergence of new technologies designed to ease the increasing burden of regulatory compliance and effective risk management placed on organizations in recent years, often as a response to organizational failures and malfeasance. 2 Regtech has its roots in the 2008 financial crisis and the resulting “tsunami” of regulations introduced globally as a response. Key contributing factors to the crisis included the rapid growth of credit extension (typically in residential mortgages), which fueled property price booms accompanied by looser credit standards (subprime mortgages) and the related reduction in interest rates on investments deemed “risk-free.” This created strong desires amongst investors to offset the decline in interest rates by earning as much as possible above the risk-free rate. 3 To satisfy this increased demand for higher yields, the speed of financial innovation increased and led to an increase in the volume and complexity of financial products, including those backed (securitized) by mortgages and often referred to as mortgage-backed securities (MBSs). However, keeping track of the different types of mortgages packaged into MBSs was nigh on impossible, which meant the related risks became increasingly opaque. Frequently, credit rating agencies misjudged the risks associated with MBS, and clear conflicts of interest existed where rating agencies helped develop new such products and rate them. Poor understanding of the systemic and underlying risks inherent in MBSs and other securitized products, and in collateralized debt obligations (CDOs) and related credit default swaps (CDSs), were major contributory factors to the global financial crisis of 2008 and the resultant depression. 4 The chairman of the U.K. regulator (at that time the Financial Services 1 Rajiv Sabherwal is the accepting senior editor for this article. 2 Examples include Sarbanes-Oxley Regulations introduced as a response to Enron, Worldcom and other corporate failures, and recent data protection and privacy regulations such as the EUs General Data Protection Regulation (GDPR). 3 The Turner review: A regulatory response to the global banking crisis, Financial Services Authority, March 2009, available at webarchive.nationalarchives.gov.uk/20090320232953/fsa.gov.uk/pubs/other/turner_review.pdf. 4 Ibid A Case Study of Using Blockchain Technology in Regulatory Technology This article explores the potential for applying blockchain technology for regulatory compliance and for reducing compliance costs and easing regulatory burdens. We describe the development of the Project Maison proof-of-concept blockchain system for regulatory reporting of mortgages in the U.K. This case study identified use cases and also the risks of increased supervision and loss of control and the governance challenges and trade-offs inherent in applying a decentralized approach to regulatory reporting. 1 Daniel Gozman University of Sydney (Australia) Jonathan Liebenau London School of Economics (U.K.) Tomaso Aste University College London (U.K.) DOI: 10.17705/2msqe.0002320 MIS Quarterly Executive | March 2020 (19:1) misqe | 2020 University of Minnesota A Case Study of Using Blockchain Technology in Regulatory Technology Authority) observed, just after the crisis, that across global markets there was an assumption that by, “slicing and dicing, structuring and hedging, using sophisticated mathematical models to understand and manage risk, we can create value by offering investors combinations of risk and return which are more attractive than those available from direct purchase of the underlying credit exposures.” In response to the crisis, financial regulators worldwide set about tightening the regulation of financial companies and products. One observer of the industry estimates that by 2020 over 300 million pages of regulatory documents will have been published in the U.K. alone. 5 These regulations require greater transparency and reporting of organizational governance and related financial and nonfinancial risks, which has inevitably resulted in higher levels of bureaucracy and costs. 6 Globally, banks are now spending over $270 billion per year on compliance and regulatory obligations and between 10% and 15% of their employees are focused on compliance. Across the U.S. and Europe, banks are now spending as much as $20 billion a year on technologies for regulatory compliance. 7 As a result, the cost of compliance has risen considerably for many financial services firms. There is a negative correlation between a banks size and the proportionate costs of compliancei.e., smaller financial organizations spend a greater proportion of their expenses on compliance than larger ones. Overall, the cost and complexity of regulatory compliance and related risk management activities are an important barrier to entry for new fintech players 8 and so may act to dampen competition. 5 Groenfeldt, T. Financial Regulations Will Surpass 300 Million Pages by 2020 Says JWG, Fintech News and Analysis, April 16, 2018, available at regulations-will-surpass-300-million-pages-by-2020-says-jwg/. 6 Graeber, D. The Utopia of Rules: On Technology, Stupidity, and the Secret Joys of Bureaucracy, Melville House Publishing, 2015. 7 Mesropyan, E. RegTech The Greatest Opportunity in FinTech, MEDICI Global, Inc., June 5, 2018, available at gomedici. com/regtech-the-greatest-opportunity-in-fintech/. 8 Firms that provide computer systems and other technology used to support or enable banking and financial services. Using Blockchains for Regtech Applications Spotting an opportunity, entrepreneurs are developing new ways to help financial organizations and regulators automate and simplify compliance and thus reduce costs, often through innovatively using and combining emerging technologies such as blockchain. 9 Blockchain technology, originally used as the architecture for Bitcoins, 10 emerged just a year into the financial crisis and was a technological response to some of the many kinds of dissatisfaction with financial services. 11 Not only did it seem that some organizations, such as the largest banks and insurance companies, were “too big to fail,” it also seemed that the regulators were too ill-equipped to monitor and too weak to enforce compliance. Furthermore, it seemed clear that the technologies used by financial firms and the architectures into which they were designed were exacerbating the problem and leading, many claimed, to systemic risk through loss of discretion and hard-coded inflexible processes. 12 Enterprise blockchains are seemingly eminently suited for addressing some of the unique problems in mortgage lending and tracking risk. Blockchain architectures offer almost real-time decentralized sharing of information across organizations where trust is scarce, (e.g., between the regulated and the regulator and among competing banks). They also provide ways in which the veracity of compliance data can be trusted and they create an immutable audit trail that can be easily accessed. 13 Thus, blockchains facilitate the reporting of transactions in a way that does not necessarily 9 Gozman, D., Liebenau, J. and Mangan, J. “The Innovation Mechanisms of Fintech Start-Ups: Insights From SWIFTs Innotribe Competition,” Journal of Management Information Systems (35:1), March 2018, pp. 145-179. 10 Nakamoto, S. “Bitcoin: A Peer-to-Peer Electronic Cash System,” 2008, available at bitcoin/bitcoin.pdf. 11 Gozman, D. and Currie, W. “The Role of Investment Manage- ment Systems in Regulatory Compliance: A Post-Financial Crisis Study of Displacement Mechanisms,” Journal of Information Tech- nology (29:1), March 2014, pp. 44-58. 12 Danielsson, J. Global Financial Systems: Stability regulation is a serious barrier to entry that prohibits innovation in other sectors. Product Mapping (Regulator benefit) A problem primarily for the FCA when banks have different implementations of the FCA rules (which are easy to misinterpret and misunderstand24 MIS Quarterly Executive | March 2020 (19:1) misqe | 2020 University of Minnesota A Case Study of Using Blockchain Technology in Regulatory Technology Once the regulator receives the data from different lenders it performs its own process of collating, validating, and reconciling the data from different banks, which further delays a holistic understanding of the mortgage sales reported. Often this process will reveal errors and queries, which require feedback from the relevant banks. Data is stored in the regulators business intelligence data warehouse. This data warehouse is accessed by teams within the FCA, including the data quality team, which provides feedback on processing activities and, ultimately, the datas veracity. The FCAs system also interfaces with other industry participants that are required to analyze mortgage data, including the Bank of England and the Council of Mortgage Lenders. Overall, the architecture described in Figure 1 is centralized with all banks reporting into the FCAs system, which then acts as a conduit hub to other industry participants. This approach requires data from disparate systems from numerous banks, all operating different technologies with separate data schema, to be drawn together. Much time and resources are needed to unwind the complexity created by processing data from multiple systems, some of which may be legacy. Our interview participants described many problems with this approach, as summarized in Table 1. A key assumption of the U.K. regulators (the FCA and PRA) and the Bank of England is that improving the transparency of the mortgage market through improving the frequency and accuracy of regulatory reporting will lead to better understanding of systemic risks, not least, those created by MBSs, CDOs, and related CDSs. However, the FCAs head of Regtech and Advanced Analytics emphasized that reporting was becoming increasingly problematic for firms, given the greater supervisory intensity and new rules introduced since the financial crisis. He explained, “We know that firms face challenges in how they meet their obligations to report information to us. We think theres a real opportunity for technology and innovation to reform how they do that.” Development of the Prototype Project Maison System The FCA began to address the problems of the current regulatory reporting procedures at its 2016 TechSprint. 20 The Project Maison prototype system was developed during this event. The FCAs head of Regtech and Advanced Analytics explained that the purpose of the TechSprint was to address how data provision could be made more efficient and effective, and thus better allow the FCA to better understand a banks compliance practices and determine risks to its statutory objectives. The FCAs director of Strategy and Competition also commented on TechSprints purpose: “TechSprint is a really good way of bringing together some of the established players in the market, fintech players, some of the most interesting tech companies that we deal with, and regulators in an atmosphere of collaboration. One of the things we want to try and do here is really unlock the potential that there is in regulatory reporting and try and find collaborative solutions that are more efficient for the future.” Given TechSprints focus on collaboration between different players, including regulators, tech firms, financial institutions, and fintechs, it was natural for the participants to explore the use of blockchain technology to improve regulatory reporting and data sharing. Two top-tier U.K. mortgage lenders (both banks) collaborated and created a joint team comprised of members of each banks emerging technology/ innovation teams. They named their effort to build a blockchain system for mortgage reporting “Project Maison.” The project addressed the obligation for regulated mortgage lenders and 20 Starting in 2016, the FCA began running a series of “Tech- Sprints,” described as, “ two-day events that bring together participants from across and outside of financial services to develop technology-based ideas or proof of concepts to address specific industry challenges. These events help the FCA to shine a light on issues and expand the discussion and awareness of potential solu- tions.” The FCAs TechSprints have been directed at different themes including “consumer access” and “financial services and mental health,” and two sprints have focused on “regulatory reporting.March 2020 (19:1) | MIS Quarterly Executive 25 A Case Study of Using Blockchain Technology in Regulatory Technology administrators to submit statutory forms 21 containing data that enables the FCA to understand how a banks lending impacts their business profile. 22 21 The FCA requires regulated mortgage lenders and administrators to submit a Mortgage Lending and Administration Return (MLAR) form every three months, 20 business days after the reporting period end date. Each MLAR outlines data on a banks mortgage lending activities. Regulated mortgage lenders must also submit a PSD001 (Product Sales Data) form within 20 working days of the end of each calendar quarter, and also a PSD007 (Product Sales Data Perfor- mance) form within 30 working days from the end of each calendar half-yeari.e., January, to June 30 and July 1 to December 31. 22 Source: Financial Conduct Authority, R3 and the two banks involved in the Project Maison team. The Project Maison application is based on R3s DLT (distributed ledger technology) 23 platform. Founded in 2014, R3 is a consortium of about 80 corporations, many of them financial institutions, collaborating to build a blockchain- based platform (called Corda Enterprise) 24 for the finance industry. R3 describes Corda as being able to “record, execute and manage institutions financial agreements in synchrony, with point- to-point communication to ensure the privacy 23 DLT is an umbrella term applied to a variety of concepts and ideas, including blockchain. For more information, see Rauchs, M., et al., op cit., August 2018. 24 R3 describes Corda Enterprise as “an open source blockchain platform” ( Figure 2: The Project Maison System Has a Decentralized Architecture 22 Bank 1 Mortgage Records Node Bank 2 Mortgage Records Node Bank 3 Mortgage Records Node Bank and Financial Conduct Authoritys Network: Processing, Consolidation and Review at Each Node Financial Conduct Authority Node Con- trol Mortgages Sold Near Real-time or Weekly/Monthly/ Quarterly Reporting Maison DLT Network Land Registry Surveyor Solicitor Council of Mortgage Lenders (CML) Bank of England (BoE) FCAs Business Intelligence Data Warehouse Supervision Team Mortgage Sector Team Data Quality26 MIS Quarterly Executive | March 2020 (19:1) misqe | 2020 University of Minn