Tag Archives: bitcoin

The Opportunities in Blockchain

Blockchain and smart contracts have enabled the development of new approaches in the insurance industry, as they begin to replace outdated business models (with excessive paperwork, communication problems, multiple data operating systems and duplication of processes and the inability of syndicates to mine their data). By digitizing payments and assets—thus eliminating tedious paperwork—and facilitating the management of contracts, blockchain and smart contracts can help cut operational costs and improve efficiency. Smart contracts also allow for automation of insurance claims and other processes as well as privacy, security and transparency. It is estimated that roughly one-third of blockchain use cases are in the insurance industry.

How Blockchain Is Used in Insurance

How will blockchain and smart contracts transform the insurance industry?

  • Quick and efficient processing and verification of claims, automatic payments—all in a modular fashion, thus minimizing paperwork.
  • Transparency, minimizing fraud, secure and decentralized transactions, reliable tracking of asset provenance and improving the quality of data used in underwriting. Besides improving efficiency, this also reduces counterparty risks, ensuring trust and safety both from the insurer’s and customer’s perspective. By computing at a network, rather than individual, company level, the consumer is reassured that the process was completed appropriately and as agreed upon. From the perspective of the insurance company, this fosters trust, as well, and encourages consistency, as the blockchain provides transparent and permanent information about the transactions.

The insurance industry has traditionally been associated with tedious administration, paperwork and mistrust; the incorporation of blockchain, however, has the ability to transform this image by bringing operational efficiency, security, and transparency. The long-term strategic benefits of blockchain are thus clear.

Top insurance blockchain projects:

AIG (American International Group) – Smart contract insurance policies

HQ: New York

Description: AIG, in conjunction with IBM, has developed a “smart” insurance policy utilizing blockchain to manage complex international coverage.

Blockchain network: Bitcoin

Deployment: In June 2017, AIG and IBM announced the successful completion of their “smart contract” multinational policy pilot for Standard Chartered Bank. It is said to be the first such policy to employ the blockchain digital ledger technology.

Fidentiax – Marketplace for tradable insurance policies

HQ: Singapore

Description: As “the world’s first marketplace for tradable insurance policies,” Fidentiax hopes to establish a trading marketplace and repository of insurance policies for the masses through the use of blockchain technology.

Blockchain network: Ethereum

Deployment: Fidentiax succeeded in raising funds for the project through its Crowd Token Contribution (CTC, aka ICO) in December 2017.

See also: How Insurance and Blockchain Fit  

Swiss Re – Smart contract management system

HQ: Zurich, Switzerland

Description: Swiss Re, a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer, has partnered with 15 of Europe’s largest insurers and reinsurers (Achmea, Aegon, Ageas, Allianz, Generali, Hannover Re, Liberty Mutual, Munich Re, RGA, SCOR, Sompo Japan Nipponkoa Insurance, Tokio Marine Holdings, XL Catlin and the Zurich Insurance Group) to incorporate and evaluate the use of blockchain technology in the insurance industry. The Blockchain Insurance Industry Initiative (B3i) hopes to educate insurers and reinsurers on the employment of the blockchain technology in the insurance market. It serves as a platform for blockchain knowledge exchange and offers access to research and information on use case experiments. As of yet, there have only been individual company use cases in the industry. B3i is working to facilitate the widespread adoption of blockchain across the entire insurance value chain by evaluating its implementation as a viable tool for the industry in general and customers in particular. The initiative envisions efficient and modern management of insurance transactions with common standards and practices. To this end, it has developed a smart contract management system to explore the potential of distributed ledger technologies as a way to improve services to clients by making them faster, more convenient and secure.

Blockchain network: Ethereum

Deployment: B3i was launched in in October 2016. On Sept. 7, 2017, B3i presented a fully functional beta version of its blockchain-run joint distributed ledger for reinsurance transactions. On March 23, 2018, the B3i Initiative incorporated B3i Services company to continue to promote the B3i Initiative’s goal of transforming the insurance industry through blockchain technology.

Sofocle – Automating claim settlement

HQ: Northern Ireland, U.K.

Description: Through smart contracts, AI and mobile apps, Sofocle employs blockchain technology to automate insurance processes. All relevant documents can be uploaded by customers via mobile app, thus minimizing paperwork. Use of smart contracts allows for a far more efficient and faster settlement process. Claims agents can verify insurance claims, which are recorded on the blockchain in real time. The smart contracts allow for verification of a predetermined condition by an external data source (trigger), following which the customer automatically receives the claims payment.

Blockchain network: Bitcoin

Dynamis – P2P Insurance

HQ: U.K.

Description: Dynamis’ Ethereum-based platform provides peer-to-peer (P2P) supplementary unemployment insurance, using the LinkedIn social network as a reputation system. When applying for a policy, the applicant’s identity and employment status is verified through LinkedIn. Claimants are also able to validate that they are seeking employment through their LinkedIn connections. Participants can acquire new policies or open new claims by exercising their social capital within their social network.

Blockchain Network: Ethereum and Bitcoin

Deployment: The goal of Dynamis is the creation of a decentralized autonomous organization (DAO) to restore trust and transparency in the insurance industry. Its community-based unemployment insurance employs smart contracts and runs on the Ethereum blockchain platform. Using social networking data and validation points, Dynamis verifies a claimant’s employment status among peers and colleagues. It also depends on Bitcoin-powered smart contracts to automate claims.

Conclusion

Recognizing the benefits of blockchain and smart contracts, the insurance industry has begun to explore their potential. With the traditional insurance model, validating an insurer’s claim is a lengthy, complicated process. Blockchain has the ability to combine various resources into smart contract validation. It also offers transparency, allowing the customer to play an active role in the process and to see what is being validated. This fosters trust between the insurer and the customer. Despite the obvious benefits of blockchain for insurers, reinsurers and customers, the industry has yet to adopt blockchain on a large scale. The primary reason for this is that blockchain adoption has until now required in-depth knowledge and skills in blockchain-specific programming languages. The limited number and high cost of hiring blockchain experts have rendered the technology out of reach for many businesses in the industry. Without access to the technology, exposure to blockchain and the ability to reap its benefits will remain limited for insurance companies.

How can these obstacles be overcome? The key is accessibility to enable all parties within the insurance ecosystem to reap the benefits of blockchain and smart contracts. There is a dire need for a bridge between the blockchain technology and these industry players. This is the role that the iOlite platform fulfills. iOlite provides mainstream businesses with easy access to blockchain technology. iOlite is integrated via an IDE (integrated development environment) plugin, maintaining a familiar environment for programmers and providing untrained users simple tools to work with. The iOlite platform thus enables any business to integrate blockchain into its workflow to write smart contracts and design blockchain applications using natural language.

How it works? iOlite’s open-source platform translates any natural language into smart contract code available for execution on any blockchain. The solution utilizes CI (collective intelligence), in essence a crowdsourcing of coder expertise, which is aggregated into a knowledge database, i.e. iOlite Blockchain. This knowledge is then used by the iOlite NLP grammar engine (based on Stanford UC research), the Fast Adaptation Engine (FAE), to migrate input text into the target blockchain executable code.

See also: Blockchain – What Is It Good for?  

The future of blockchain in insurance

With a clear direction of blockchain adoption for the future, insurance companies will be forced to adapt or be left behind. The adoption of blockchain by the insurance industry is no longer a question of if but how.

Blockchain: Bad Tech, Worse Vision

Blockchain is not only lousy technology but a bad vision for the future. Its failure to achieve adoption to date is because systems built on trust, norms and institutions inherently function better than the type of no-need-for-trusted-parties systems blockchain envisions. That’s permanent: No matter how much blockchain improves, it is still headed in the wrong direction.

This December, I wrote a widely circulated article on the inapplicability of blockchain to any actual problem. People objected mostly not to the technology argument, but, rather, hoped that decentralization could produce integrity.

Let’s start with this: Venmo is a free service to transfer dollars, and bitcoin transfers are not free. Yet, after I wrote an article last December saying bitcoin had no use, someone responded that Venmo and Paypal are raking in consumers’ money, and people should switch to bitcoin.

What a surreal contrast between blockchain’s non-usefulness/non-adoption and the conviction of its believers! It’s so entirely evident that this person didn’t become a bitcoin enthusiast because he was looking for a convenient, free way to transfer money from one person to another and discovered bitcoin. In fact, I would assert that there is no single person in existence who had a problem he wanted to solve, discovered that an available blockchain solution was the best way to solve it and therefore became a blockchain enthusiast.

The number of retailers accepting cryptocurrency as a form of payment is declining, and its biggest corporate boosters, like IBM, NASDAQ, Fidelity, Swift and Walmart, have gone long on press but short on actual rollout. Even the most prominent blockchain company, Ripple, doesn’t use blockchain in its product. You read that right: The company Ripple decided the best way to move money across international borders was to not use Ripples.

A blockchain is a literal technology, not a metaphor

Why all the enthusiasm for something so useless in practice?

People have made a number of implausible claims about the future of blockchain—like that you should use it for AI in place of the type of behavior-tracking that Google and Facebook do, for example. This is based on a misunderstanding of what a blockchain is. A blockchain isn’t an ethereal thing out there in the universe that you can “put” things into; it’s a specific data structure, a linear transaction log, typically replicated by computers whose owners (called miners) are rewarded for logging new transactions.

There are two things that are cool about this particular data structure. One is that a change in any block invalidates every block after it, which means that you can’t tamper with historical transactions. The second is that you only get rewarded if you’re working on the same chain as everyone else, so each participant has an incentive to go with the consensus.

The result is a shared definitive historical record. What’s more, because consensus is formed by each person acting in his own interest, adding a false transaction or working from a different history just means you’re not getting paid and everyone else is. Following the rules is mathematically enforced—no government or police force need come in and tell you the transaction you’ve logged is false (or extort bribes or bully the participants). It’s a powerful idea.

So in summary, here’s what blockchain-the-technology is: “Let’s create a very long sequence of small files — each one containing a hash of the previous file, some new data and the answer to a difficult math problem — and divide up some money every hour among anyone willing to certify and store those files for us on their computers.”

See also: How Insurance Can Exploit Blockchain

Now, here’s what blockchain-the-metaphor is: “What if everyone keeps their records in a tamper-proof repository not owned by anyone?”

An illustration of the difference: In 2006, Walmart launched a system to track its bananas and mangoes from field to store. In 2009, Walmart abandoned the system because of logistical problems getting everyone to enter the data, and in 2017 Walmart re-launched it (to much fanfare) on blockchain. If someone comes to you with “the mango-pickers don’t like doing data entry,” “I know: let’s create a very long sequence of small files, each one containing a hash of the previous file” is a nonsense answer, but “What if everyone keeps their records in a tamper-proof repository not owned by anyone?” at least addresses the right question!

Blockchain-based trustworthiness falls apart in practice

People treat blockchain as a “futuristic integrity wand”—wave a blockchain at the problem, and suddenly your data will be valid. For almost anything people want to be valid, blockchain has been proposed as a solution.

It’s true that tampering with data stored on a blockchain is hard, but it’s false that blockchain is a good way to create data that has integrity.

To understand why this is the case, let’s work from the practical to the theoretical. For example, let’s consider a widely proposed use case for blockchain: buying an e-book with a “smart” contract. The goal of the blockchain is, you don’t trust an e-book vendor, and the vendor doesn’t trust you (because you’re just two individuals on the internet), but, because of blockchain, you’ll be able to trust the transaction.

In the traditional system, once you pay you’re hoping you’ll receive the book, but once the vendor has your money the vendor doesn’t have any incentive to deliver. You’re relying on Visa or Amazon or the government to make things fair—what a recipe for being a chump! In contrast, on a blockchain system, by executing the transaction as a record in a tamper-proof repository not owned by anyone, the transfer of money and digital product is automatic, atomic and direct, with no middleman needed to arbitrate the transaction, dictate terms and take a fat cut on the way. Isn’t that better for everybody?

Hmm. Perhaps you are very skilled at writing software. When the novelist proposes the smart contract, you take an hour or two to make sure that the contract will withdraw only an amount of money equal to the agreed-upon price, and that the book — rather than some other file, or nothing at all — will actually arrive.

Auditing software is hard! The most heavily scrutinized smart contract in history had a small bug that nobody noticed — that is, until someone did notice it and used it to steal $50 million. If cryptocurrency enthusiasts putting together a $150 million investment fund can’t properly audit the software, how confident are you in your e-book audit? Perhaps you would rather write your own counteroffer software contract, in case this e-book author has hidden a recursion bug in his version to drain your ethereum wallet of all your life savings?

It’s a complicated way to buy a book! It’s not trustless; you’re trusting in the software (and your ability to defend yourself in a software-driven world), instead of trusting other people.

Another example: the purported advantages for a voting system in a weakly governed country. “Keep your voting records in a tamper-proof repository not owned by anyone” sounds right — yet is your Afghan villager going to download the blockchain from a broadcast node and decrypt the Merkle root from his Linux command line to independently verify that his vote has been counted? Or will he rely on the mobile app of a trusted third party — like the nonprofit or open-source consortium administering the election or providing the software?

These sound like stupid examples — novelists and villagers hiring e-bodyguard hackers to protect them from malicious customers and nonprofits whose clever smart-contracts might steal their money and votes?? — until you realize that’s actually the point. Instead of relying on trust or regulation, in the blockchain world, individuals are on-purpose responsible for their own security precautions. And if the software they use is malicious or buggy, they should have read the software more carefully.

The entire worldview underlying blockchain is wrong

You actually see it over and over again. Blockchain systems are supposed to be more trustworthy, but in fact they are the least trustworthy systems in the world. Today, in less than a decade, three successive top bitcoin exchanges have been hacked, another is accused of insider trading, the demonstration-project DAO smart contract got drained, crypto price swings are 10 times those of the world’s most mismanaged currencies and bitcoin, the “killer app” of crypto transparency, is almost certainly artificially propped up by fake transactions involving billions of literally imaginary dollars.

Blockchain systems do not magically make the data in them accurate or the people entering the data trustworthy; they merely enable you to audit whether the chain has been tampered with. A person who sprayed pesticides on a mango can still enter onto a blockchain system that the mangoes were organic. A corrupt government can create a blockchain system to count the votes and just allocate an extra million addresses to cronies. An investment fund whose charter is written in software can still misallocate funds.

How then, is trust created?

In the case of buying an e-book, even if you’re buying it with a smart contract, instead of auditing the software you’ll rely on one of four things, each of them characteristics of the “old way”: Either the author of the smart contract is someone you know of and trust, the seller of the e-book has a reputation to uphold, you or friends of yours have bought e-books from this seller in the past successfully or you’re just willing to hope that this person will deal fairly. In each case, even if the transaction is effectuated via a smart contract, in practice you’re relying on trust of a counterparty or middleman, not your self-protective right to audit the software, each man an island unto himself. The contract still works, but the fact that the promise is written in auditable software rather than government-enforced English makes it less transparent, not more transparent.

The same for the vote counting. Before blockchain can even get involved, you need to trust that voter registration is done fairly, that ballots are given only to eligible voters, that the votes are made anonymously rather than bought or intimidated, that the vote displayed by the balloting system is the same as the vote recorded and that no extra votes are given to the political cronies to cast. Blockchain makes none of these problems easier and many of them harder—more importantly, solving them in a blockchain context requires a set of awkward workarounds that undermine the core premise. So we know the entries are valid, let’s allow only trusted nonprofits to make entries—and you’re back at the good old “classic” ledger. In fact, if you look at any blockchain solution, inevitably you’ll find an awkward workaround to re-create trusted parties in a trustless world.

A crypto-medieval system

Yet absent these “old way” factors—supposing you actually attempted to rely on blockchain’s self-interest/self-protection to build a real system—you’d be in a real mess.

Eight hundred years ago in Europe — with weak governments unable to enforce laws and trusted counterparties few, fragile and far between — theft was rampant, safe banking was a fantasy and personal security was at the point of the sword. This is what Somalia looks like now–and what it looks like to transact on the blockchain in the ideal scenario.

Somalia on purpose. That’s the vision. Nobody wants it!

Even the most die-hard crypto enthusiasts prefer in practice to rely on trust rather than their own crypto-medieval systems. 93% of bitcoins are mined by managed consortiums, yet none of the consortiums use smart contracts to manage payouts. Instead, they promise things like a “long history of stable and accurate payouts.” Sounds like a trustworthy middleman!

See also: Collaborating for a Better Blockchain

Same with Silk Road, a cryptocurrency-driven online drug bazaar. The key to Silk Road wasn’t the bitcoins (that was just to evade government detection), it was the reputation scores that allowed people to trust criminals. And the reputation scores weren’t tracked on a tamper-proof blockchain, they were tracked by a trusted middleman!

If Ripple, Silk Road, Slush Pool and the DAO all prefer “old way” systems of creating and enforcing trust, it’s no wonder that the outside world had not adopted trustless systems either!

In the name of all blockchain stands for, it’s time to abandon blockchain

A decentralized, tamper-proof repository sounds like a great way to audit where your mango comes from, how fresh it is and whether it has been sprayed with pesticides. But actually, laws on food labeling, nonprofit or government inspectors, an independent, trusted free press, empowered workers who trust whistleblower protections, credible grocery stores, your local nonprofit farmer’s market and so on do a way better job. People who actually care about food safety do not adopt blockchain because trusted is better than trustless. Blockchain’s technology mess exposes its metaphor mess — a software engineer pointing out that storing the data as a sequence of small hashed files won’t get the mango pickers to accurately report whether they sprayed pesticides is also pointing out why peer-to-peer interaction with no regulations, norms, middlemen or trusted parties is actually a bad way to empower people.

Like the farmer’s market or the organic labeling standard, so many real ideas are hiding in plain sight. Do you wish there was a type of financial institution that was secure and well-regulated in all the traditional ways, but also has the integrity of being people-powered? A credit union’s members elect its directors, and the transaction-processing revenue is divided up among the members. Move your money! Prefer a deflationary monetary policy? Central bankers are appointed by elected leaders. Want to make elections more secure and democratic? Help write open source voting software, go out and register voters or volunteer as an election observer here or abroad! Wish there was a trusted e-book delivery service that charged lower transaction fees and distributed more of the earnings to the authors? You can already consider stated payout rates when you buy music or books, buy directly from the authors or start your own e-book site that’s even better than what’s out there!

Projects based on the elimination of trust have failed to capture customers’ interest because trust is actually so damn valuable. A lawless and mistrustful world where self-interest is the only principle and paranoia is the only source of safety is a not a paradise but a crypto-medieval hellhole.

As a society, and as technologists and entrepreneurs in particular, we’re going to have to get good at cooperating — at building trust and at being trustworthy. Instead of directing resources to the elimination of trust, we should direct our resources to the creation of trust—whether we use a long series of sequentially hashed files as our storage medium or not.

Cyber: No Protection Against Complacency

Cybersecurity insurance appears to be enjoying a heyday. While it’s been around for some time, the perceived need for it has never been greater, as DDoS attacks and major hacks grab headlines and fray nerves.

As recently reported in The Hill, Lloyd’s of London approximates that “average cloud service events of varying severity range from $4.6 billion in total damages for a ‘large’ attack to $53.1 billion for an ‘extreme’ one. In the vulnerability example, the average costs range from $9.7 billion for a large event to $28.7 billion for an extreme one.”

Lloyd’s suggests that we ought to insure cyberattacks as we do natural disasters. Ransomware imposes its own sort of multiplier effect, measured in business loss, damage to reputations and (customer) privacy and, of course, in out-of-pocket outlays paid handsomely in Bitcoin.

But in treating cybersecurity insurance as an essential check-off item for organizations, the last thing underwriters, businesses and consumers need is complacency. We rightly regard insurance as protection; we pay for it, and may or may not alter our behavior to actually diminish the threat of the event itself.

And that’s the risk that insurance doesn’t mitigate against; indeed, it can aggravate it, by conferring on businesses a false sense of, pardon the term, security. Cloud security isn’t like filling out a job application; it’s not a matter of checking boxes and moving on. Piecemeal approaches to security never work. Patching a hole or fixing a bug, and then putting it “behind” you – that’s hardly the stuff of which effective security policies are made. Because security is a moving target, scattershot repairs ignore the hundreds or even thousands of points of vulnerability that a policy of continuing monitoring can help mitigate. And that insurance can address only after the fact of potentially catastrophic loss.

See also: 2018 Predictions on Cybersecurity 

Cloud security policies must be in place before, during and after the ink is dry on any cybersecurity insurance policy. Any cloud provider worth its salt brings to the task a phalanx of time-tested tools, procedures and technologies that ensure continuous uptime, regular backups, data redundancy, data encryption, anti-virus/anti-malware deployment, multiple firewalls, intrusion prevention and round-the-clock monitoring. So while data is considerably safer in the cloud than beached on equipment under someone’s desk, no cyberinsurance policy can substitute for active vigilance – accent on active, because “vigilance” is definitely a verb.

Absent both the right mindset and proper policies and guidelines, cybersecurity insurance can prove pointless.

About that mindset: Sound security planning requires assessing threats, choosing tools to meet those threats, implementing those tools, assessing the effectiveness of the tools implemented – and repeating this process continually. Security is a process, not an event.

On the premise that the best defense is understanding the real nature of the offense – or, in this case, offenses, because cybersecurity insurance addresses a multi-front battleground – it may be helpful to think in terms of a basic four-tier model that defines the broad steps businesses can take to maximize their safety. With that model, it’s possible to match the level of protection to the class of threat a given organization faces. Users need to be familiar with online threats and at least somewhat conversant with tools to arrest them; no single system can circumvent vulnerabilities that haven’t been patched.

Below, this prototypical four-level gauntlet:

First line of defense: The first line consists of a firewall supported by intrusion detection and prevention technology, along with anti-virus and anti-malware software, which is limited to blocking items downloaded over unencrypted protocols.

Second line of defense: The second line centers on the trained, educated user – someone sufficiently cognizant of threats to think before executing a link or downloading an attachment: a user, in other words, who is attuned to the real and present danger inherent in viruses and malware, and who acts accordingly.

Third line of defense: The third line is composed of patch management and locally installed anti-virus and anti-malware software, working together to effectively block attacks. Proper implementation of third-line defense means fewer bugs and optimized performance.

See also: How to Eliminate Cybersecurity Clutter  

Fourth line of defense: In the event that malware or ransomware hits a system, it’s possible to restore the server via application-consistent snapshot technology on a storage area network, a rollback process that takes just minutes and restores the server to its exact state prior to the attack.

It may be helpful to treat these lines as concentric circles. Remember that the human element remains the most important social engineering piece of this construct. It’s always best to stop a problem early, before it festers and productivity suffers; think smoke detectors vs. sprinkler systems. And just as regular brush clearance in fire zones is a necessary precursor to maintaining fire insurance coverage, so these measures prepare businesses for cybersecurity insurance – and underscore the wisdom of making that purchase.

Distributed Ledgers in the Risk Markets (Part 3)

In the opening segment of this series on complexity, I discussed the three network graphs that have emerged in the risk markets and which business models embody them.

For quick reference:

In the second segment, we discussed the emergence of P2P insurance, which will formalize the three core functions of the risk markets that currently exist in a “black market,” unformalized state. These functions are:

  • Risk transfer;
  • Escrow of funds for a defined purpose; and
  • Management of reallocation of escrowed funds.

This formalization will occur via the emergence of a platform that enables all of these functions to be accomplished by the users of the platform, bringing the existing P2P economic activity out of its black market state and into the light of day.

Risk is the killer app for distributed ledgers!

The focus of the blockchain community on banking has been an interesting side effect of the timing of the Bitcoin innovation that coincided with the collapse of the U.S. banking industry. The blockchain technology software went open source in January 2009, while the markets (DJIA, S&P 500 and NASDAQ) bottomed out in March 2009.

The term “distributed ledger” is synonymous with blockchain. Both refer to the technology of a shared digital ledger, upon which transactions are validated by a distributed set of servers using chronological, public and cryptographically secure methods. I prefer the term “distributed ledger” because, at its core, this technology is an accounting tool that enables a set of capabilities not previously attainable.

In a distributed ledger:

  • All transactions — or, in accounting vernacular, “ledger entries” — are validated using a distributed method, without requiring users to trust in a central authority who has control over all entries on the ledger.
  • There will be lower transaction costs — both in terms of less time and lower labor costs — because there will no longer be a need to coordinate a multitude of private, centralized corporate ledgers.
  • It will create an ability for end users to publicly escrow value on a platform that enables them to connect directly with each other, creating a P2P distributed graph and enabling both the trusted communication of and individualized control over the reallocation of their escrowed value.

I would like to introduce the idea of a “risk ledger,” which is any ledger where value is escrowed as a hedge against a risk so that the risk can be safely carried through time. Currently, insurance carriers operate risk ledgers as they escrow money against a risk over a segment of time. (I wonder if this is why insurance companies are called “carriers.”) The same goal can be easily accomplished using distributed ledger technology, albeit with some advantages over private, opaque, centrally controlled corporate ledgers.

See also: 5 Steps to Profitable Risk Taking  

Distributed ledgers enable individuals to escrow value in the light of day against a risk, carrying the risk safely through a segment of time until a loss event necessitates the reallocation to the user who experienced a loss event and the removal of that value from the distributed ledger. Risk is the killer app for distributed ledger technology; as such, I believe the timeline for adoption in the risk markets will be shorter than observed in the banking markets, where the technology itself needed time to mature.

Trust is a fundamental ingredient in all financial services, and trust is something that distributed-ledger technology has a unique ability to enable. Because all money that is escrowed on a distributed ledger as well as the movement of that money is visible to all, users can trust in the system without needing to trust any single validator, company or peer participating in the network.

It must be understood that all distributed ledgers are, inherently, a network. There are many distributed ledger networks out there, but I will use Ripple’s to exemplify how a P2P distributed risk ledger platform may look. Thankfully, Ripple spearheaded acceptance by international regulatory bodies on issues associated with distributed ledger technology. Another reason I choose to use Ripple is because of its two technical features: 1) It has built-in “trust lines,” which enable individuals to create an explicit network of other peers whom they trust, and 2) it has the built-in ability of order books, which can be used to make markets between different stores of value. There are other technical advantages of Ripple, but these two elements combine to make a powerful and open-source solution.

Trust lines function as roads upon which value can move around the ledger. If I trust you, then you can send me value. If I do not trust you, then you cannot send me value because there is no path for the value to travel upon. This capacity for individuals to control who they are willing to trust enables individual peers to self-assemble a “trust graph” mirroring and to document the reality of who is trustworthy. Because all financial services are predicated on trust, this can be thought of as the finance industry’s equivalent to Google’s link graph, Facebook’s social graph and LinkedIn’s colleague graph, etc. Whoever ends up building this “trust graph” will likely be capable of creating much more value for society than those other graph types because of the significant role that finance plays in society.

Peers can extend trust lines to other peers they personally know, trust and are willing to help. These trust line connections create a trust graph in the same way as friend connections on Facebook create the social graph. In this way, a P2P distributed trust graph can be self-assembled and emerge out of the actions of the individual peers. Building a distributed graph of roads and creating many paths upon which value can travel across the distributed risk ledger network is an example of a distributed managerial process.

To give some example of how escrowed funds would flow through this distributed trust graph, let’s look at a hypothetical loss event. When a loss event occurs, a user documents the loss, and other peers who trust that user can choose to send a small amount their own escrowed funds to help their friend. (There is a formalized financial model  I will not detail.) However, I was surprised to discover, after working out the model’s details, that the model actually existed 1,000 years before modern insurance methods came about in the mid-1600s.

Order books — and the ability to make markets — enable agents and insurance carriers to retain their relative roles as they exist in the industry today.

The platform can be set up in a way that agents can capture a fixed fee as a spread or a percentage of the money that flows through the users that trust the agent by extending the agent a trust line. This is akin to commissions.

The platform can be set up in a way that carriers can manage the funds, which users put on escrow, and can control which agents are allowed to access the carrier’s gateway. This enables carriers to essentially mirror the same function that the appointment process accomplishes today. Carriers can do this activity without invoking the regulatory burden of insurance laws; they only need to comply with MSB regulations. This would also enable carriers to earn float income on the newly escrowed balance.

Phase change innovations typically emerge to address an order of magnitude more complex than what preexisting methods could in the prior industrial age paradigm. Consider how much economic activity and the number of actors Uber can organize on a global scale versus the top-down methods of an industrial-age taxi company. In the risk markets, coming out of the industrial age, we can see many companies operating independently in each of the three graphs (which are intentionally siloed). To achieve an order of magnitude improvement, we must encompass and coordinate all three graphs structures onto a single platform.

See also: Are Portfolios Taking Too Much Risk?  

Currently, agents function as a hub of client trust. Agents enable clients to navigate the complicated insurance product space and achieve the distribution of insurance products backed up by carriers. On a Ripple ledger, the agent would be a centralized hub of trust lines, and the graph would show that many users trust the agent node.

Currently, carriers function as an access point and product provider, lifting the burden of regulatory compliance, administration and product creation from agents. Engaging with the platform, each carrier can independently escrow client money without hampering the client’s ability to connect with other peers who they trust but who may not be clients of the same insurance carrier. With order books, the carriers can trade escrowed funds to enable a user who has experienced a funded loss event to receive a single check from the carrier that that user does business with, even though many of the peers funding the coverage are not clients of that carrier and do not have funds escrowed with the carrier issuing the check. Via these order book connections, carriers’ relationships will create a decentralized graph on the platform.

Combining the peer-to-peer distributed trust line graph, the centralized graph that is the hub of trust connections surrounding the agent and the decentralized graph of carrier-to-carrier order book connections, the platform can facilitate the coordination of all three graphs within a single system — all while relinquishing ultimate control of the flow of funds to the individual peers of the platform. This achieves a distributed managerial method of the reallocation process applied to the escrowed funds. This also alleviates the cost of adjusting claims and the exposure to fraud from the participating carrier’s perspective, as well as the distribution of the costs associated with the adjusting process across the peers participating in the network.

As is explained in his book “Why Information Grows: The Evolution of Order from Atoms to Economies,” MIT’s Cesar Hidalgo argues that we are at a point when firms need to network if they desire to continue to create value for society in excess of what any single firm can create alone.

Via a distributed risk ledger network, many carrier firms can run the servers that maintain the whole ledger. This gives each carrier an equal vision into the ledger and removes the need for any carrier to submit control to another carrier that is tasked with running the entire system. Most importantly, these methods function as a shared back office so that no single firm bears the burden of the costs associated with managing all of the small loss events. Additionally, the cost of the system’s management does not need to be duplicated and absorbed by each participating firm. This is essentially how Ripple is being implemented in the banking industry to reduce the costs of international payments and increase the speed of international flow of funds.

Some examples:

  • Firms in the home and auto insurance business can network to facilitate a ledger with other home and auto insurance firms, helping homeowners who experience losses that are under the deductible or excluded from the policy form.
  • Life insurance firms can facilitate their own ledger networking with other life insurance firms, enabling coverage for clients who do not meet underwriting requirements, such as those over the age of 75 or with a terminal disease.
  • Firms in health insurance can network to facilitate a ledger with other health insurance firms to better enable users to cover high deductibles, only invoking their traditional insurance contracts for unexpected, large incidents.

By networking, firms can enable the existing P2P risk transfer behavior to occur with less friction and bring this important economic activity out of its black market state and into the light of day on a formalized platform. Once the economic activity is occurring on a formalized platform, one would expect to see, like was observed with Uber and AirBnB, a resulting boom in the aggregate amount of the economic activity, growing the entire risk market’s pie and improving the risk market’s value add to society.

See also: 4 Steps to Integrate Risk Management

In the next segment of this series, I will consider possible changes to the risk market’s current equilibrium state and what that equilibrium may look like after the phase change has occurred.

Future of Digital Transformation

Senior management have to come to grips with the fact that digital transformation is not an event but rather the operating environment of 21st century business.

Like music, photos, TV, and data, once something becomes digital it becomes a consumable and moves from the domain of the specialized expert to a public commodity. As with Blockbuster, Borders, Capital Records and newspapers, businesses based on non-digital product are the hand-crafted hobbies of the 21st century.  Craft markets will exist into the future, but they are generally not profitable and rather a labor of love.

Changing the way we work

Here’s the kicker. Digital transformation is now looking at not just the things we sell, which includes services, by the way, but how we do business. From crowd funding to network marketing to blockchain (how Bitcoin works), the basic principles of how we have traditionally gone about business are changing.

Crowd funding, where a population at large is directly involved in the creation of products, also has ramifications for invention and design. Brainstorming on steroids. Network marketing has wiped out traditional sales channels from cold calling and direct mail to bricks and mortar retailing. And blockchain has the capability to render capital-intensive industries obsolete. What Bitcoin did to money, people are now looking to use to undermine energy, insurance and infrastructure oligarchies. One day, blockchain may even be capable of fixing our political system.

See also: 4 Rules for Digital Transformation  

Understanding Digital Transformation

What really is digital transformation? Gartner, a leading authority on such things, defines digital transformation as “to leverage digital technologies that enable the innovation of their entire business or elements of their business and operating models.

So innovating is not just what we do, but how we do it, our “operating models.” In my last article, “Misunderstanding Innovation,” I wrote on how innovation is not invention but rather the application of invention as a solution to a practical need. As such, innovation is the backbone of digital transformation, just as audit is to compliance or controls are to risk.

Digital Transformation as an Operating Model

Back to my opening statement that digital transformation should not be thought of as an event but rather an operating environment, just as industrialization in the 18th century was not a single event but a period of continual transformation. From the introduction of the weaving loom through production lines to mass production, the transformation fed change that has continued for 200 years.

Senior management have to stop thinking of digital transformation as a passing fad, and embrace the fact that the world has changed.  As in the 18th and 19th centuries, change will drive change, and as the management in those times developed process management models (see, PDCA is NOT Best Practice) to drive the development of automated production, so, too, managers now have to develop transformation models to take account that disruption and innovation will drive further disruption and innovation.

Transformation as a Lifestyle Choice

The fact that you have transformed your operation today is only a temporary reprieve. You need to redefine your business model to be an agile platform continually identifying and innovating to improve end-customer quality of life: That’s your customer’s customer.

Women as the Mothers of Innovation

The current beat-up of getting more women involved in STEM (science, technology, engineering, math) misses the understanding that innovation has at its root, a deep empathy for the quality of life of others. Developing and elevating women’s inherent intuition as to the plight of others will do more to foster innovation than a plethora of inventions. Hundreds of inventions never see the light of day, yet a handful of innovations have changed the world. Again, please re-read my previous article on Misunderstanding Innovation.

If Malcolm Turnbull truly wants Australia to develop an innovative culture, we should be promoting more people into psychology, sociology, anthropology and statistics. These are the strategic vocations of innovation, while STEM and invention are the tactical solutions. Yes, stats is math, but it allows us to understand bias as well as predictive analytics, which identifies and prioritizes targets for innovation.

See also: Why You Need a Digital Leader  

Where to From Here?

Accepting the need to transform your business model is in itself an inherent risk. Just as a window cleaner straps on a safety harness before scaling a building, so having an active risk and compliance system operational is a mandatory prerequisite before embarking on any transformation. You will need systems that alert you to emerging issues and to give you continual insight, throughout the transformation process, without the need to go and look for it. The business graveyard is as full of those who lost their footing on the way as those who did nothing. This is not a shameless plug for what I do but rather the reason I do it.