When a company issues a digital currency to raise capital and have token holders use its token to validate intrinsic value and trade on a secondary marketplace, corporate boards of such issuers need to consider various disparate risks that directors are exposed to, including some of the following:
1. Cybersecurity Risks: Blockchain code is still in its infancy stage and might be liable to presently obscure security vulnerabilities. For example, the Ethereum (ETH) contract language is relatively new and there may be zero-day attacks that programmers could misuse. Blockchain also imposes the real risk for a double-spending attack whereby an attacker effectively generates more than one transaction while utilizing only one token and bringing about the discrediting of the “fair” exchange. Private key holders of each account are the ones on which the reliability of each entry rests. The partial reestablishment of the agent is done through private blockchains. A private blockchain is a permissioned blockchain. Establishing rules that are maintained by either the starter of the system or by the starter of the network enables nodes in a private blockchain network to be validated and thereby require invitations. The board should ensure proper and regular oversight for the management of this recurring obligation.
2. Insider Trading Surveillance: Smart contracts such as Ethereum can be written so that rules and regulations are enforced at the token (asset) and protocol (technology) level. This is a significant benefit for both companies wanting to interact with digital assets and regulators seeking compliance. Smart contracts can not only remove the need for continuous compliance surveillance but are able to eliminate the need for regulatory compliance monitoring to start. For example, assume a company raises capital with ‘Company Security Token’ (CST). Your legal and regulatory counsel has advised that you utilize Rule 504 of Regulation D, which provides an exemption to the normal securities registration requirements assuming certain conditions are satisfied. One of those conditions is that CST qualify as a restricted security. This means it cannot be resold for at least six months to a year without going through the traditional securities registration process with the SEC. In the current state of the digital asset market, preventing all participants of the CST offering from violating this 6 to 12-month restricted lockup rule is a difficult and labor-intensive process. Smart contracts can solve this problem. Instead of issuing CST directly to users’ personal digital asset wallets, which gives way to track or prevent assets from being transferred or sold unlawfully, CST can be distributed directly into a smart contract that locks the asset’s movement for a specified period. This ensures that your company and its employees comply with Rule 504 of Regulation D. This can prevent the excess sale or dumping of security tokens on a digital asset exchange, thereby minimizing downward pressure on token price and liquidity.
3. Proxy Voting: Blockchain will provide for secure and accurate proxy voting. Proxy voting is a complicated process for corporations and often result in flaws, incomplete ballot distributions, imprecise voter lists, and problematic voter tabulation. With blockchain, this cumbersome and unsecured process of proxy voting can be completely revamped. Using the issuer’s digital currency or tokens, shareholders will have tokens representing their voting power. Votes are cast and secured on the secure blockchain network and voters can observe the ongoing voting process. Blockchain will enable corporate voting to become more accurate, and strategies such as ‘empty voting’ that are designed to separate voting rights from other aspects of share ownership, may become more difficult to execute secretly. This minimizes voting fraud or corruption and adds an important layer of integrity to the voting process. The greater speed, transparency, and accuracy of blockchain voting could also motivate shareholders to participate more directly in corporate governance and demand votes on more topics and with greater frequency. This may enable wider shareholder engagement, especially among special interest groups (e.g., Socially Responsible Investing (SRI), Corporate Social Responsibility (CSR), or Environmental & Social Governance (ESG)), voting at AGMs and other meetings.
- Transparency: Through disintermediating transactions via the DLT, blockchain ensures a more transparent and effective audit trail. This will help to reduce or eliminate corporate corruption. The use of DLT could provide unprecedented transparency in allowing investors to identify the ownership positions of debt and equity investors and overcome corruption by insiders, boards, regulators, broker-dealers, market makers, exchanges, and listed issuers. Authenticating a shareholder’s digital identity allows the blockchain to use an embedded trust component. This means that a shareholder doesn’t need to be physically present to prove their identity. By extension, by ensuring the democratization in corporate governance, blockchain provides opportunities for companies to manage their assets directly. In a KPMG study (2016-2017) of selected blockchain projects, it was estimated that a 20-40 percent increased efficiency of data and digitisation from single source of truth was realized from the blockchain. Digitization of data can unlock efficiencies, and consequently, incremental shareholder value.
- Enhanced access to documents: The existence and immutability of the DLT means that access to documents by directors is quick and efficient. Directors can easily manage insider stock ownership data to guard against trading anomalies (e.g., insider trading profits evidenced through trade surveillance tools) and the real-time and equal transmission of public information to all shareholders.
- Smart contracts will improve transparency: Smart contracts help to mitigate the risk of fraud for organisations by providing an immutable audit trail. They will dramatically reduce the costs of identity verification and contract enforcement.
- AGMs will empower shareholders: Voting can be slow and fraught with human error at an AGM. Blockchain technology can deliver faster and more reliable voting results that give shareholders a higher level of trust and confidence in voting outcomes. This should empower rather than embolden shareholders to contribute to decision-making that is in the best long-term best interests of the corporation.
- Real-time financial reporting streamlined: Consumers of financial statement information would not need to rely on the judgment of independent third-party external auditors and the integrity of managers. Instead, users of financial statements can trust with certainty the data on the blockchain and impose their own accounting judgment to make their own non-cash adjustments such as depreciation or inventory revaluation.
- Board dependency is reduced via permissioned access: A permissioned blockchain a network that requires permission to gain access. Only authorized users can join and start verifying. The blockchain can offer lower costs of trading and more transparent ownership records, while permitting visible real-time observation of share transfers between owners. DLT bolsters the audit trail/record keeping function by using blockchains to record stock ownership. This could solve many challenges related to issuers’ inability to keep accurate and timely records of shareholder ownership.
Board Inquiries of Management About Blockchain
Given the nascency of blockchain technology, boards must understand the risks and opportunities associated in using blockchain as part of their corporate strategy. The following are questions that boards should be asking management in using blockchain.
1. Competition: What are our direct and indirect competitors using as it relates to blockchain for their business?
2. Cost-Benefit Analysis: Has management considered the advantages and disadvantages of using blockchain?
3. Risk Management: What are the cybersecurity and privacy risks and other mitigating factors, in using blockchain? Do we have a Business Continuity Plan (BCP) or Disaster Recovery Plan (DRP) if the blockchain goes down or is temporarily disrupted?
4. Protocols: Would the company deploy a permissioned or permissionless blockchain protocol? Which vendor (if any) would be used and its cost?
5. Infrastructure: Do we have the systems and technology to support the blockchain technology? What internal controls are there to manage and mitigate such infrastructure risks?
6. Strategic Integration: How does blockchain fit into our data protection strategy?
7. Auditing: How can we independently audit the technology to ensure it can be trusted? This is especially pervasive in the financial services sector and supply chain management, two leading use cases of blockchain.
8. Regulatory Compliance: What are the regulatory compliance issues to satisfy if blockchain was deployed?
9. Accounting: What accounting issues should we consider in using blockchain?
10. Taxation: Where a digital currency applies, what tax issues should we consider in using blockchain?
- KPMG, “Blockchain for technology, media, and telecom (TMT) companies: What COOs, CFOS, CIOs, CISOs, and other executives should understand about blockchain”, 2019, p.1.
- If the organization is storing transactions, that is an expense. The method by which it stores such transactions, however, will determine the cost. PoW (Proof-of-Work) requires that the entire blockchain and history be contained on each node (server) that is responsible for transaction processing. This means an infinite amount of storage space is required to store its history over time for each node. PoW is expensive to store the data because the full history must reside on each node. The continual tension for companies using the blockchain is choosing between speed versus storage. A blockchain running at 50,000 tps (transactions per second), for example, would consume 385 TB (TeraBytes) of storage annually. The solution is to have an archive node which would cost nearly $180K. If a company is running a permissioned blockchain, then it is more advantageous and cost-effective to archive transactions off-chain to avoid the infinite growth of PoS (Proof-of-Stake). PoS can be configured so that it can be archived and the full blockchain does not have to reside on every node. The implication for companies and management is that it is a more efficient way to operate.