Page 16 - Risk Management Bulletin April-June 2022
P. 16

RMAI BULLETIN APRIL - JUNE 2022


             make its mark in many other industries and in many  people and are open to error and interpretation, smart
             different ways.                                  contracts rely on data and data alone. The terms and
                                                              penalties agreed at the start are clear and accessible
             So, what’s to stop the risk and compliance sector  to all parties, and the contract is automatically
             benefitting, too?                                enforced, without the need for a middleman. And
                                                              because versions of the contract are distributed across
             Third-party risk management: the                 the network, there’s no danger of losing it.
             blockchain advantage
                                                              For smaller vendors looking to do business with
             There’s good reason to believe that blockchain could  enterprise companies, blockchain could be a game-
             help resolve some of the biggest challenges posed by  changer. These firms typically spend thousands of
             third-party risk management. Key benefits include data  dollars in their quest to meet the exacting compliance
             transparency and immutability, real-time access to  requirements of the large enterprises they partner
             data, as well as enhanced security and improved  with. Sometimes the cost and effort mean that they’re
             automation of repetitive tasks, ultimately leading to  forced to walk away from contracts. The good news is
             greater efficiencies.                            that blockchain could help level the playing field,
                                                              allowing smaller players to keep up with the big guys.
             With blockchain, compliance teams would have easy  Exhaustive questionnaires, which third parties have to
             access to up-to-date background information on third  complete every year for every enterprise they work
             parties. Imagine how much time that would save on  with, would be consigned to history, replaced with a
             research, making it quicker and easier to shortlist the  robust digital ledger. Every time there’s a change or an
             right vendor in the first-place.                 update, say a new security certification earned or new
                                                              HR policy introduced, this would be updated in the
             Exhaustive, time-consuming risk assessment       ledger for everyone on the blockchain to see.
             questionnaires would also become a thing of the past.
             These documents can be several hundred pages long  Blockchain and third-party risk: the
             and put a massive strain on resources, arduous for
             third  parties to complete and organizations to  barriers
             administer and verify. Instead of completing one-off  Clearly blockchain has a lot going for it, but using a
             assessments, blockchain would make it possible for  nascent technology isn’t going to be problem-free.
             organizations to track compliance benchmarks on a
             decentralised ledger in real-time. In fact, all the  Gartner sees long-term potential in the technology, but
             information required for screening an individual or firm  in its seven mistakes to avoid in blockchain use, it
             could be held on the blockchain – created once and  highlights that most blockchain offerings today are too
             used many times.                                 immature for large-scale production.

             The integrity of the data is another massive plus point.  While data security is supposedly one of the key
             The fact that the data on the blockchain can’t be  benefits of blockchain, the technology isn’t risk-free.
             modified or tampered with, either by external parties  One of the most recognised security issues are so-
             or the vendor themselves, means that compliance  called 51 percent attacks, which occur when one, or
             professionals can put their trust in it. The data, or  several, malicious entities gains majority control of a
             digital ledger, could also act as a secure, immutable,  blockchain’s nodes. The entity then has the power to
             time-stamped audit trail to evidence compliance  both prevent valid transactions from taking place as
             activities, all saved in a single place.         well as reverse transactions that have already
                                                              happened on the blockchain.
             Also worthy of attention is blockchain’s ability to
             execute smart contracts, which promises greater  Speed and scalability are also cited as a problem.
             transparency and efficiency for third-party      Basically, the more people that join the network the
             relationships. While traditional contracts are reliant on  slower it becomes. And there’s the skills aspect to

                                                           14
   11   12   13   14   15   16   17   18   19   20   21