Part 2 - Smart contracts, blockchain and distributed ledger technology: implications for business

Thursday, April 13, 2017


Smart contracts, blockchain and distributed ledger technology (DLT) are new technologies with the potential to radically transform our economic and social systems.

In Part I of this article, we outlined smart contracts, blockchain and DLT, and what the potential benefits of each are for business (and lawyers). 

In Part II, we discuss some of the risks (technology, legal and regulatory) and challenges posed by smart contracts, blockchain and DLT, current examples of smart contracts in practice and DLT platforms and the implications for business (and lawyers). We also consider the future of this disruptive technology.

Risks and challenges for smart contracts, blockchain and DLT

The evolving smart contracts, blockchain and distributed ledger technologies bring a number of potential risks (including governance, deployment, risk management, regulatory and legal), and challenges. These risks and challenges, and how they are managed, will fundamentally underpin market confidence in the technology.

The risks and challenges include:

  • Governance: Despite its decentralised approach, blockchain and DLT still requires a set of common rules by which all participants operate, in order to ensure its accuracy and trustworthiness. The decentralised model poses challenges when you need to change the rules, because those changes need to be agreed and accepted by all participants for DLT to function consistently. A governance framework is vital to implement and sustainably operate blockchain and DLT, and needs to take into account oversight and monitoring functions, rule setting, and acceptance and change control management.
  • Uniform protocols: The need for uniform computer protocols (in the form of an algorithm) constituting the rules for how each party processes data in relation to a smart contract.
  • Market confidence in the system: The need for markets (and participants) to have confidence in the technology, and the legal and regulatory environment.
  • Deployment: The success of DLT (or any new technology) depends on whether it can be implemented practically. We outline the key deployment risks and challenges below.
  • Computing resources and performance: The computing resources and performance required for transaction processing, validation and fraud detection will determine which banking, financial and payment services it can best be applied to.
  • Interoperability: Ensuring interoperability between different DLT networks, between ledgers within the same network, and between DLT and current (non-DLT or legacy) systems. In other words, so they can talk to one another.  What is the cost to achieve that?
  • Scalability: The fact that each node in the network must know about every single transaction that occurs globally may create a significant drag on the network. The goal is to perform all transactions with a higher efficiency, but in a way that doesn’t sacrifice the decentralisation and security that the network provides.
  • Risk management: Introducing any new technology inevitably introduces new types of risk. DLT is no different. For example:
    • Cyber security: Even when an asset owned by a participant is protected by the participant’s digital certificate, and no changes can be made to the information without the correct digital signature, current cybersecurity risks (denial of access and other cyber attacks) still apply;
    • Confidentiality: Will the encryption maintain confidentiality (of transactions and parties)?
  • Money laundering and sale of illegal goods: Unpermissioned (or public) DLTs may be seen as having a heightened risk of money laundering, as facilitating the sale of illegal goods, and as supporting the ransomware payment model, given the anonymous nature of participants.
  • Privacy/data protection: Data privacy issues need to be addressed when personal information is stored in DLT. For example:
    • Information stored in DLT cannot be altered or deleted once added. Any application will need to address how to comply with the data protection principles of accuracy and an individual’s right to correct data;
    • Some DLT applications may be implemented across multiple jurisdictions without a single entity responsible for their operation in any jurisdiction.Any application will need to address cross-border data flows, and wider legal questions of enforceability, liability, dispute resolution, discovery and extraterritorial application.
  • Regulatory: In regulated industries like banking, financial services and insurance, the sector’s use of technology is already open to scrutiny by regulators (financial and privacy) – so any move to a game changing technology is likely to trigger further regulatory scrutiny and intervention. Regulators will need to consider what activities should be regulated and who should be responsible for compliance.  The key consideration for regulators will be setting a framework for participants to operate in, without stifling innovation.
  • Legal: Smart contracts raise a number of challenging legal questions, including:
    1. Contract formation: Has a legally binding contract been formed, or is a particular smart contract even a contract at all?  nNot all smart contracts are contracts in the traditional sense.  Whether a smart contract is legally binding will depend on a number of factors, including the specific use case, the type of smart contract being used (e.g. fully encoded or a “split” contract), and the applicable law.  The electronic nature of smart contracts is unlikely to be a barrier to establishing contractual formation in many (but not all) jurisdictions.  The requirement of certainty might not be satisfied, as not all smart contracts (particularly those that automate a particular process in a contract) operate in conjunction with natural language contract terms. How will the parties to a smart contract get notice of its terms (which are in computer code), and when will they get to see those terms – prior to, or after, the smart contract is agreed and “executed”? How will we address those contracts that are required, by law, to be in writing? Is computer code sufficient?How do we deal with the formal execution requirements for deeds (i.e in writing and signed by specified individuals/roles)?
    2. Jurisdiction and applicable law: Meeting the technical legislative requirements in some jurisdictions may be difficult achieve.
    3. Liability and enforceability: Liability and enforceability will be an issue where, in a permissionless DLT, there is no central authority and no obvious defendant to pursue through the courts.
    4. Disputes: How should disputes be addressed? These could emerge because a party refuses to recognise the validity of a smart contract or argues that the automated system has worked incorrectly. Even if the smart contract includes some form of non-court dispute resolution process that courts would recognise (e.g. arbitration), how would this work across multiple jurisdictions? If courts do need to become involved, will they be able to apply principles of contractual interpretation to computer code?
    5. Transparency: Blockchains generally involve a level of transparency. But what if the parties don't want the details divulged?  How do you keep parts of the contract private and retain the other benefits of blockchain?
    6. Changes: How do you unwind transactions that shouldn't have happened, for example, if there has been duress or it is a contract that is for some reason (or is somewhere) illegal or in breach of regulatory requirements?  This has already occurred on the Ethereum platform, with a technical “hard fork” response (a split in the blockchain where non-upgraded nodes cannot validate blocks created by upgraded nodes following new consensus rules).
    7. Coding limitations: Contracts (and particularly the more complex contracts with future-looking obligations) often deal with the unknown and have clauses that aren't easily reduced to code or that can execute automatically as a simple "if this, then that" procedure. Force majeure is a good example. Contracts often include concepts of subjective judgment, reasonableness and acting in good faith – none of which readily translate into logic statements.
    8. Liability for mistake, error or fraud: If something does go wrong with the execution of the contract and someone suffers a loss, who do they go to for recourse?  With a distributed ledger system, it could be difficult to work out where the problem happened and who caused it, let alone pursuing that person for compensation.

Examples of DLT platforms

Some of the leading DLT platforms currently in the market are summarised below:

Bitcoin: Bitcoin is an unpermissioned DLT introduced in 2008 as a digital asset and payment system. It has its own digital currency called Bitcoin. Bitcoin has the following features:

  • Direct transactions without third party (or intermediary) involvement;
  • Non-reversible transactions;
  • Prevents double spending.Anyone can join the Bitcoin system by creating a “wallet” with a unique address from which transactions can be sent and received. The address also comes with a pair of cryptographic keys for signing and verifying transactions.

Anyone can join the Bitcoin system by creating a “wallet” with a unique address from which transactions can be sent and received. The address also comes with a pair of cryptographic keys for signing and verifying transactions.

Ethereum: Etherum is an unpermissioned DLT platform launched in 2015. Its purpose is to facilitate the operation of peer to peer smart contracts.  Etherum has a digital currency (ether) which is used to compensate transaction verification and block creation performed by validating nodes or miners.

Corda: Corda is a permissioned DLT system developed by R3, a distributed database technology company founded in 2014. R3 leads a consortium of more than 80 of the world’s biggest financial institutions and regulators in researching and developing the use of blockchain database technology in financial systems. Corda’s purpose is to manage, record and execute financial agreements between businesses. It does not have its own cryptocurrency. Although its development was inspired by blockchain concepts, it differs from many other DLT platforms in certain respects:

  • Ledger entries are recorded in structures that don’t follow the blockchain pattern.
  • Sharing of individual ledger data is limited to parties with a legitimate need to know and see the data within an agreement.
  • Consensus is implemented on individual deals (rather than on a system level).

In practice, businesses in a transaction may develop applications which draft business agreements in the form of smart contracts. Corda serves as the platform where the smart contracts can be executed. The agreement is validated and recorded in the ledger, then executed in Corda’s secure environment by designated validating nodes.

Hyperledger: Hyperledger (or the Hyperledger Project) is an open source, permissioned blockchain platform, started in 2015 to advance cross-industry blockchain technology. Hyperledger is a global cross-industries collaboration, and includes leaders in finance, banking, Internet of Things, supply chain, manufacturing and technology.  It does not have its own digital currency. The Linux Foundation hosts this as a collaborative project and participation is restricted to members only. Business transactions are coded in smart contracts which may be written in different computer languages.

Ripple: Ripple, founded in 2012, is a permissioned DLT developed for financial transactions. Its technology is designed to enable real time international bank to bank payments across networks to settle payments by instantly recording payment instructions and their execution. Ripple has its own digital currency called XRP. Ripple runs between different bank ledger systems and across national boundaries. Since banks are highly regulated, Ripple is designed to match bank infrastructure and practice by supporting risk management, compliance requirements, and the preservation of privacy. The confidentiality of transactions is preserved through the use of cryptographic technologies.

As DLT networks become more widely adopted and their applications diversify, the number of DLT platforms will inevitably increase.

Examples of smart contracts in practice

We discussed in Part I how smart contracts work. Now we turn to real examples of smart contracts and DLT in practice.

Banking and finance

  • The Commonwealth Bank, the National Australia Bank and Macquarie Bank have all invested in R3, a worldwide consortium of banks that are looking to establish protocols for a blockchain system to transfer funds to each other at low cost without the need to rely on central banks to act as intermediaries.
  • The Monetary Authority of Singapore has announced the trial of its own digital currency for interbank payments using blockchain technology.
  • FnConn, the financial services arm of Taiwan-based Foxconn (the world’s largest contract electronics manufacturer), and Dianrong, a Chinese online lending marketplace, have announced the market launch of Chained Finance, the first-ever blockchain platform for supply chain finance. The new platform leverages advanced financial technology to meet the needs of supply chain finance in China. 
  • SBI Ripple Asia announced, in March 2017, that a consortium of 47 banks successfully completed a pilot implementation of Ripple in Japan using a cloud-based payments platform. This platform, RC Cloud, is powered by Ripple’s solution and is the first in the world to enable real-time money transfers both domestically and internationally. As a result, the Japanese banking consortium has confirmed it will move into a commercial phase.

Supply chain and trade

  • Maersk and IBM announced in March 2017 that they are applying blockchain to container shipping. They will use Hyperledger to manage the supply chain for container shipping using digital records, allowing participants to track the shipment from point A to B as it makes its way through various stages of the shipping process.
  • Dubai Customs and Dubai Trade are collaborating with IBM as part of the Dubai government’s blockchain strategy. It is aimed at delivering real-time data on the flow of goods in and out of Dubai, and to improve customs control, reduce theft and improve payments to suppliers. IBM will also work with several banks, shipping companies and airlines.


  • Gamecredits Inc has announced the launch of its blockchain based mobile game store and peer-to-peer smart token known as MobileGo. The currency is set to go live in mid to late 2017. The MobileGo token will give gamers the ability to play in and host decentralised tournaments and use a decentralised marketplace where gamers can trade virtual items and in-game content.           

Proof of provenance

  • Everledger, a global digital registry for diamonds, is based on blockchain technology. It establishes a “digital passport” for each diamond recording its provenance, travel and transactions, and aims to stop the sale of stolen diamonds, insurance frauds and the sale of synthetic diamonds or those sourced in war zones.

Equity markets

  • In 2015, the Australian Securities Exchange (ASX) started evaluating replacement options for CHESS (its Clearing House Electronic Subregister System used to record shareholdings and manage the settlement of share transactions). In January 2016, the ASX selected Digital Asset Holdings LLC as a technology partner to develop, test and demonstrate a working prototype of a post-trade platform for the cash equity market using distributed ledger technology.
  • Computershare (which provides registry and transfer services to listed companies and offers technology services for stock exchanges, investor services for shareholders and employee share plan management) and SETL, a UK-based financial blockchain specialist, demonstrated Australia’s first working blockchain capital markets solution in April 2016, and announced that they are working together to establish the first securities register in the world based on blockchain.  This has led to some recent speculation that Computershare may be developing a potential competitor platform to the ASX system.
  • NASDAQ is using Linq blockchain to enable private companies to track changes in ownership of shares issued to founders, early investors and employees.

Land title registry

  • The Republic of Georgia and Bitfury Group have launched a project to register land titles via a private blockchain.  Bitfury and the Georgian National Agency of Public Registry have signed a new memorandum of understanding to expand the service to sales and purchases of land, registration of new titles, demolition of property, mortgages and rentals, and notary service.

Digital identity

  • SecureKey Technologies and the Digital ID and Authentication Council of Canada (a Canadian non-profit coalition) have received a grant from a research center funded by the U.S. Department of Homeland Security to help build a digital identity network. The aim is to build a national system that allows the public to access online services without memorizing dozens of passwords, or prove their identity, while still maintaining their privacy and security.

Food safety

  • Alibaba, the world’s largest retailer, announced in late March 2017 that it would engage PwC in New Zealand, Australia and China to assist with building a food safety framework using blockchain technology. The technology will be used to authenticate, verify, record and provide ongoing reporting on goods, in order to combat counterfeit food and improve food quality. New Zealand dairy giant Fonterra and New Zealand Post are also involved in market testing across their own supply chains.

What are the implications for business (and lawyers)?

The World Economic Forum believes that:

“[d]ecentralised systems, such as the blockchain protocol, threaten to disintermediate almost every process in financial services”. 

(WEC “The Future of Financial Services – how disruptive innovations are reshaping the way financial services are structured, provisioned and consumed” (June 2015)).

Blockchain or DLT has the potential to support efficient and secure real time transactions across a large number of sectors and together with smart contracts, revolutionise the way we do business:

  • From enabling efficient and accurate financial services to providing visibility along the supply chain, and from streamlining government services to delivering confidence in identity accuracy to consumers.
  • The combination of distributed ledgers with smart contract technology promises to be an especially potent combination. Currently a number of projects supported by leading global financial institutions have demonstrated prototype distributed ledger platforms which employ smart contracts to automate payments and settlement transactions in a number of financial instruments. We have discussed some of these above.

Globally, governments and regulators are focused on blockchain and DLT (amongst many emerging technologies). For example:

  • The Hong Kong Monetary Authority has recognised that Hong Kong’s continued leadership as a financial hub will depend on its ability to foster fintech. As part of its broader project to investigate DLT, its potential applications and risks, it released a DLT white paper in November 2016;
  • The United Kingdom’s Government’s Chief Scientific Adviser Professor Sir Mark Walport released the “Distributed Ledger Technology beyond blockchain” report in January 2016;
  • The United Kingdom’s Financial Conduct Authority and the Australian Securities and Investments Commission have developed fintech regulatory sandboxes. These enable new and emerging technologies to be trialed, in collaboration with the regulators, without immediately incurring all the normal regulatory consequences of engaging in those activities in the open market;
  • The United States Federal Reserve released its “Distributed Ledger Technology in Payments, Clearing and Settlement” paper in December 2016;
  • Standards Australia released its Roadmap for Blockchain Standards in March 2017. Its purpose is to identify the technical issues associated with developing, governing and using blockchains and DLT; identify blockchain and DLT use cases relevant to Australia; and prioritise the order of standards development activities. Australia is heading the International Organisation for Standardisation for new international standards on blockchain;
  • New Zealand’s Reserve Bank is monitoring closely the potential effects of digital disruption to banks and broader financial system stability. In a November 2016 speech to the New Zealand payments conference, the Reserve Bank confirmed its main focus is preserving financial stability while also facilitating innovation and improved efficiency, and that to do this, it needs to keep abreast of the changing technology environment and continue to assess the level of system preparedness to handle adverse shocks.

Globally, the central banks’ response to Bitcoin and other digital currencies (for example, are they legal tender, how do they fit into the current regulatory environment? and so on) has been mixed:

  • The Reserve Bank of India has publicly cautioned users, holders and traders of digital currencies (including Bitcoin), advising that it has not granted any licence or authorisation to deal with Bitcoin or other digital currencies and that any dealings are at the user’s own risk;
  • The Philippines central bank announced in January 2017 that it will regulate digital currencies (particularly Bitcoin);
  • The Swedish Financial Supervisory Authority has recognised Bitcoin as a means of payment.

As we noted earlier, the possible uses for blockchain and smart contract technology are not limited to the banking, finance and payments industries. Proponents of the technology believe it can have almost endless applications.

As with all disruptive technologies, the speed at which DLT and smart contracts becomes mainstream will depend on a number of factors, including:

  • How quickly the challenges (commercial, legal and regulatory) can be addressed;
  • Market confidence in its use, particularly given the industries where it is most prevalent – banking and finance, equity and commodity markets;
  • Solving software capability issues;
  • Addressing privacy and data security concerns; and
  • Improving confidence in the capability for smart contracts to adequately execute complex instructions.

Where does this leave lawyers and the ever-changing business of law? 

Professors Marco Iansiti and Karim Lakhani of Harvard Business School offer some revealing insights for business and lawyers in “The Truth about Blockchain”, Harvard Business Review January -  February 2017. In their view:

  • Smart contracts may be the most transformative current blockchain application.
  • The widespread adoption of blockchain technology and smart contractsdegree of co-ordination and clarity on how smart contracts are designed, verified, implemented and enforced. The technology challenges, especially security, are daunting.
  • If contracts are automated, then traditional firm structures and processes, and the roles of intermediaries like lawyers, accountants and managers will radically change.
  • Law firms may need to develop new expertise in software and blockchain programming.
  • They may also have to rethink the hourly payment model and entertain the idea of charging transaction or hosting fees for contracts (to name just two possible approaches).

The future

There is a huge change before us – as lawyers, we need to embrace it and be part of its evolution.

We leave you with two final comments:

“Change is the law of life. And those who look only to the past or present are certain to miss the future.”  John F. Kennedy.                                                     

“[There are] two futures for the professions. Both rest on technology. One is reassuringly familiar. It is a more efficient version of what we have today. The other is transformational – a gradual replacement of professionals by increasingly capable systems.”  Richard Susskind “The Future of the Professions: How Technology Will Transform the Work of Human Experts” 22 Oct. 2015.

For further information please contact a member of our technology or data protection and privacy teams.


Disclaimer: the content of this update is not intended as a substitute for specific professional advice on any matter and should not be relied upon for that purpose.


Share this publication