In an effort to help regulated entities and interested parties evaluate whether the use of distributed ledger technology (DLT) would enable them to meet their regulatory obligations and to fast-track its discussions with stakeholders, the Australian Securities and Investments Commission (ASIC) has released an information sheet, “Evaluating Distributed Ledger Technology” (INFO 219), offering guidance for entities licensed by ASIC and start-ups that are “considering operating market infrastructure, or providing financial or consumer credit services” using DLT or blockchain.
Noting the “intense interest in DLT” ASIC is seeing from a wide range of financial services market players in recent years, DLT’s deployment in a broadening array of use cases, and the anticipated “exponential” growth in the applications of DLT over time, the information sheet sets out the regulatory considerations regarding the use of DLT that ASIC has identified to date.
ASIC provides helpful guidance in the information sheet by affirming that the existing obligations established by its regulatory framework—which already requires licensed financial services entities to have adequate technological resources and risk management arrangements, as well as necessary human resources and organizational competence—are “technology neutral” and therefore apply to entities using DLT. Indeed, ASIC states that it believes the existing regulatory framework is able to accommodate all of the DLT use cases the regulator has encountered thus far, though it acknowledges that further regulatory considerations may arise as DLT matures.
ASIC licensees’ existing obligations, for example, include maintaining adequate and competent technological and human resources to provide the financial services for which they are licensed, an obligation that ASIC notes includes “having the appropriate personnel with the necessary skills and experience” with respect to the DLT to comply with their licence obligations.
Evaluating DLT: Six Considerations
The ASIC information sheet sets out six questions for consideration by both ASIC and entities evaluating the use of DLT for their business, which are further elaborated in an accompanying assessment tool:
- How will the DLT be used?
ASIC wishes to understand the problem the DLT is trying to solve and the context in which it is being proposed. It is also interested in the proposed rules for users to access the DLT-based service and other design features, including the information that will be housed on the DLT ledger, whether smart contracts will be used and how they integrate with the rest of the service, whether the DLT will be permissioned or permissionless (including assessment criteria for participation, if permissioned, and risk assessment, if permissionless), and whether the service requires immutability.
- What DLT platform is being used?
ASIC wishes to understand which DLT platform the entity has selected, its functionality, the reasons it was selected, and what testing with respect to the proposed use case has been done, with a view to assessing whether the proposed DLT platform is “robust, reliable and secure”. Consideration will also be given to applicable information standards (such as standards established by the International Organization for Standardization (ISO), International Swaps and Derivatives Association (ISDA), and FIX Protocol (FPL)) and to any interoperability with existing and other systems (e.g., payment systems) that the chosen platform may provide.
- How is the DLT using data?
ASIC wishes to know the source of the data used to populate the distributed ledger, as well as the rules and data security mechanisms applicable to authorizing various types of users (potentially including regulators themselves) to view the data or restricting them from doing so.
- How is the DLT run?
ASIC wishes to understand the governance model of the DLT-based service, including rules for user interaction and ownership and control arrangements, with a view to understanding potential risks to users and measures taken to mitigate those risks. This information would include the proposed consensus mechanism for dealing with any inconsistencies in the record. ASIC is also interested in assessing whether the DLT-based service’s participation conditions and rules are fair, transparent, and non-discriminatory.
- How does the DLT work under the law?
ASIC is interested in understanding the legal systems and issues applicable to DLT-based services, including whether the service creates property rights or contractual rights and obligations between participants. ASIC notes that in Australia, as in many other jurisdictions, there are situations in which the applicable legal and regulatory framework does not permit “enforcement of a contract solely on its terms”. As an example, ASIC notes that, under certain circumstances, insolvency laws provide for clawback of transactions notwithstanding that the transactions were contractually contemplated. DLT used by applicable entities will require the flexibility to accommodate such scenarios and to facilitate compliance with applicable laws and regulations.
- How does the DLT affect others?
ASIC wishes to understand the potential impact of proposed uses of DLT on others, noting that interaction with a “broader market environment” may result in a DLT-based service impacting people who do not directly use the service. As an example, ASIC points to the scalability of the proposed DLT use and any risk trade-offs that may be inherent in making the proposed solution scalable. In the same vein, ASIC wishes to understand any interoperability between the proposed DLT-based service and other services, as well as “whether consideration has been given to the management of a default by a customer, participant or the service provider” and to the DLT service’s potential to cause instability in the financial services ecosystem if it fails.
The View from Canada
Canada, like Australia, is home to both a thriving Fintech start-up sector and established banking incumbents that are examining potential uses of DLT to enhance and streamline their offerings. Even the Bank of Canada, the country’s central bank, is experimenting with interbank payment systems using DLT.
Canada’s securities regulators are, like ASIC, keenly aware of both the potential innovative applications of DLT and the need to ensure that it does not introduce undue risks to investors or to the financial services ecosystem. The Ontario Securities Commission (OSC), for example, recently issued a press release emphasizing that businesses that use DLT as part of their financial products or services may be subject to Ontario securities law requirements, such as the need to be registered or to file a prospectus. As with ASIC, the OSC is interested in working collaboratively with technology providers and other market participants to help them understand potential regulatory requirements. In support of this approach, the OSC established OSC LaunchPad, a team dedicated to providing direct support to eligible Fintech businesses as they seek to navigate regulatory requirements. The regulator recently hosted a regulatory “hackathon” and noted in a follow-up white paper that “the majority of the solutions presented by participants, including the three winning ideas, featured the use of [DLT] in some form”, demonstrating its power and potential to increase efficiencies and transparencies in capital markets.
Some Canadian securities commissions also participate in the International Organization of Securities Commissions (IOSCO), which examined the regulatory challenges associated with the use of permissioned and permissionless DLT in a recent report that may influence the approach some Canadian regulators take to DLT.
The ASIC information sheet, by setting out a list of questions and considerations for entities considering the use of DLT, is consistent with ASIC’s stated approach to Fintech developments, which combines a desire to “harness opportunities and economic benefits, not stand in the way of innovation and development” with a commitment to mitigating any potential risks arising from the use of new technologies and business models. As many securities regulators worldwide share similar goals and their concerns in assessing the use of DLT by their market participants are likely to be similar, the ASIC information sheet, by setting out a clear and detailed list of questions and considerations ASIC expects businesses to have considered, offers a useful tool for businesses considering the use of DLT in regulated markets around the world, including Canada.