Introduction

Before the COVID-19 crisis, it was projected that by 2022, the blockchain based business would be worth $10 billion¹. Gartner also listed records management as 1 of 4 key blockchain business initiatives² saving on costs and providing opportunities to generate revenue³. The technology has the potential to impact all record management processes and extend its capabilities⁴.

In this article, I’m going to outline specific challenges with records management and how blockchain can help to solve these. Then, I will present a scenario where multiple parties to a transaction voluntarily enter into a smart contract. Further, I will propose a technology infrastructure that synchronizes the smart contract with the digital records, workflows, and signatures stored in an enterprise records management portal.

Finally, I will review recent literature from the World Economic Forum (WEF) that suggests that the COVID-19 crisis has revealed a general lack of connectivity and data exchange built into our global supply chains. The WEF concludes that future resiliency will depend on building blockchain-enabled transparent, inter-operable and connective networks. Blockchain may be a vital element of a post COVID-19 recovery.

The Challenge

Security and Confidentiality

The number of data breaches increased more than 400 percent in 2018, exposing almost 15 billion records, according to the identity intelligence company 4iQ⁵. The Average cost of a security breach is $17 million⁶. 88% of companies surveyed feel they are losing control over their data⁷.

Enterprise records need to be secure while ensuring that parties to a transaction have maximum privacy and confidentiality and can access records solely on a need to know basis. Centralized databases expose a single point of failure and are prone to costly security breaches.

Data Regulatory Compliance

There’s been a significant growth of global cross-industry regulations over the past ten years⁸. For government or industry regulatory compliance, or e-discovery, organizations may have to prove to auditors or the courts that there has been no malicious or negligent corruption of digital records, workflows, and logs.

Business Efficiencies

Reconciling transactions across individual and private ledgers takes a lot of time and is prone to errors. Distributed records management systems involving multiple parties are experiencing slow processing, high cost, high risk of errors, and often result in unreliable and inconsistent data.

Digital signature technologies come at a high cost, and the certificates are difficult to acquire⁹. Additionally, there’s also uncertainty around the impartiality of the third party provider. Also, this is the era of smart contracts¹⁰, transactional elements of a legal agreement executing as code on the blockchain. How do we reconcile the smart contract with the corresponding digital contract records?

As the industry moves towards the execution of smart contracts, contract professionals (including lawyers and auditors) may need to be able to read and decipher them, if not learn how to write them.

The Solution

Blockchain provides a trusted, independent, and cost-efficient mechanism for multi-party transactional records management. There are inherent problems with the public DLT, particularly around the pseudonymity of the parties identities, as well as privacy and confidentiality. We can leverage additional enterprise technologies to mitigate this. I’ll cover this in the solution architecture.

Blockchain stores a cryptographic hash of the data, workflow processes and signatures for each record, rendering them effectively immutable, more valid, more authentic and more reliable. Blockchain is appealing to auditors and litigators as it effectively certifies corrupt free data as proof or record.

Blockchain technology could also be used to verify the workflow steps that a record went through during its creation and management. The technology can create a cryptographic hash of each step effectively creating an immutable proof of process for the record.

Blockchain is an essential technology for records management professionals to understand because it has broad implications for securing and authenticating intellectual property at lower cost and higher efficiency. It’s important to point out that a records repository can store any digital object including audio, video or even software. A cryptographic hash of the record can be stored on the blockchain together with a time stamp, serving effectively as proof of copyright.

Blockchain also provides for an advantage over legacy centralized digital signature technologies. The signatures, fingerprints, time stamps created for authentication purposes, are stored on the distributed ledger providing proof of data integrity and authenticity without the need of a third party.

Scenario

This is a simple workflow that describes how the proposed solution architecture can be leveraged to synchronize the smart contract with the contract records for multiple parties.

1. Ann uploads a contract record into the records management repository, essentially a document library and generates a URL (hyperlink) for the document.

2. Ann digitally signs the contract using a blockchain API and generates a unique cryptographic hash for the document.

3. Ann configures a workflow as the contract proposer and configures Bob as the reviewer.

4. When Ann clicks SAVE, a smart contract proposal is created on the permissioned distributed ledger. She includes as properties, the cryptographic hash and document URL as unique references.

5. Bob receives an email notification with a link to review the contract record. Bob is prompted to accept or reject the contract proposal.

6. Bob accepts the contract proposal and is redirected to sign the contract record.

7. After signing the contract record, the original smart contract is archived and a new fully executed contract is created on the distributed ledger with the two parties having entered voluntarily into the contract.

8. The smart contract is now synchronized with the contract record, joined by a reference to the hash and the document URL.

Solution Architecture

The architectural components:

1. Smart Contract Workflow Functionality Blockchain Permissioned Distributed Ledger.
2. Smart Contract Application Functionality (Software as a Service).
3. Enterprise Records Management Portal (SharePoint Online or On Premise).

Smart Contract Workflow Functionality

Ideally this would be smart contract language for modeling rights and obligations for multi-party business processes in any business domain, providing high integrity and privacy guarantees. The smart contracts would encode the rights of the parties as choices that they can exercise, and obligations as agreements that they agree to.

A Permissionless distributed ledger technologies conducts transactions pseudonymously. Identities of parties can be hard to establish. Regulatory compliance dictates that parties to a transaction are identifiable. The smart contract workflow functionality provides for a permissioned ledger, reinforcing the essential properties of a smart contract:

1. Proof of Rights and Obligations
2. Confidential Execution
3. Evidentiary Trail
4. Formally Verifiable

The smart contract programming language should be intuitive, and support formal methods for catching design time errors. The language should also be accessible enough for lawyers and contract professionals to at least understand, if not write. The next illustration shows how a design time error is caught and displayed, warning the developer that the smart contract is not valid due to a missing authorization from the second party to the contract.

The solution architecture will ultimately be a next generation, secure, transparent and regulatory compliant infrastructure, synchronizing the records, workflow processes and signatures for the smart contract and contract records for multiple parties to a transaction.

Impact of COVID-19

In May 2020, the World Economic Forum published a paper entitled: "Why COVID-19 makes a compelling case for the wider integration of blockchain"¹¹. As an illustration, it noted how the transition to home working enforced by the pandemic was hampered by failures in global supply chains which "...caught suppliers large and small unprepared, off guard and exposed gaping holes in their ability to track purchases from one end of their supply chains to the other".

It observed that "...over the last three months [we have seen] a general lack of connectivity and data exchange built into our global supply chains... [that] we can track our Uber driver but not a shipment placed three weeks ago from a department store less than 10 miles from our home is startling, humiliating and needs addressing".

I fully endorse a conclusion that, if there were any remaining doubts over the need for blockchain platforms to improve the supply chain efficiency of separate, but connected, businesses that depend on the seamless integration of disparate networks; COVID-19 has virtually wiped them away. We must see the related problems encountered in this pandemic as a vital lesson that compels us to build transparent, inter-operable and connective networks that enhance the resilience of society and business to future shocks. They will come!

Notes:

1. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
2. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
3. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
4. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
5. Olenic, Doug. (2019). “Data breaches up 400 percent, 15 billion records compromised: report”.
6. Microsoft. (2019). “Microsoft 365 Security and Compliance Proactive Attack Prevention and Detection”.
7. Ernst & Young. (2016). “Global Information Security Survey”.
8. Stewart, Luke A. (2010). “The Impact of Regulation on Innovation in the United States: A Cross-Industry Literature Review”.
9. Aki, Jimmy.(2018). “DocuSign Will Add Ethereum Blockchain Integration to Verify Signatures”.
10. A smart contract is a program running on a blockchain that facilitates, verifies, and/or enforces arrangements between parties. Source: Dyer, Barrington. (2018). “Smart Contracts Explained (for Lawyers) part -1”.
11. AlMuhairi, Miriam Obaid.(2020).World Economic Forum. "Why COVID-19 makes a compelling case for the wider integration of blockchain".

© 2020 All Rights Reserved. Cecil John. May 2020.

This is an update of an article first published on 19 March 2019. The views expressed here are his own and do not necessarily represent the views of GovernanceQualityRatings.com.

Cecil is a US citizen and the founder and CEO of virtualdeveloper.com, LLC, a Microsoft Managed Partner, Goldman Sachs 10,000 Small Business alumni member and an International Monetary Fund (IMF) approved vendor. He invented and commercialized Formal Media™, a blockchain-enabled Digital Workplace (contract management system) which is accepted into Microsoft's IP Co-Sell commercial catalogue.

You can view his profile:

on LinkedIn here