By: Mohua Sengupta, EVP & Global Head of Services, 3i Infotech
Blockchain definitely has much higher security capability built-in. The basic concept underlying Blockchain, is Distributed Ledger Technology or DLT. So the master data is maintained in every node of the distributed ledger and hence there is no dependence on a single source of truth
Ever since the Punjab National Bank fraud case has come to light, many believers of Blockchain have been saying that Blockchain could have stopped it. Blockchain will become pervasive, but could it have avoided this huge fraud that has shaken the Indian banking system?
Well it’s hard to respond in the affirmative knowing that no technology is smarter than the human brain at its best. If the intent is wrong, loopholes are found or made. Just as in this case.
What was the main reason behind this fraud? While there were multiple, like mal-intent of account holders, corrupt employees, audit failure, manual contracts etc, the key reason was unintegrated applications, i.e, the SWIFT gateway was not integrated with PNB’s Core Banking System.
So transferring data from one to the other was a manual process! When money was lent by foreign branches of other Indian banks, based on the false LOU issued by PNB, no record was being made in the banks CBS. Thus year after year, the fraud remained under cover.
Could Blockchain have Solved it?
Well the answer is yes and no. Blockchain definitely has much higher security capability built-in. The basic concept underlying Blockchain, is Distributed Ledger Technology or DLT. So the master data is maintained in every node of the distributed ledger and hence there is no dependence on a single source of truth.
While today the banks CBS is the single source of truth for the bank, in a Distributed Ledger framework, each node would contain the same truth. So tampering one node would not be possible and would immediately bring to light any kind of malpractice.
So technically speaking Blockchain technology does have security mechanisms to deal with these frauds. However, the success of this would depend on how distributed the ledgers are and how big the chains are.
Anytime there is a gap or a break between the chains, or two or more chains are not integrated, demanding a human intervention, mistakes or fraud are likely to happen. So whether or not Blockchain technology could have stopped the PNB fraud, would depend on how integrated the Blockchain was.
So even in a Blockchain scenario if the bank and the SWIFT payment gateway were not connected by a single chain or two integrated chains and had it required a manual intervention, the problem couldn’t have been avoided inspite of Blockchain technology. So, Blockchain technology alone is not an answer to avoiding such problem, intentional or not. The most critical requirement is for all stakeholders to be part of the Blockchain, with no breakage in the chain.
There are a few other necessary conditions to the success of Blockchain as well:
- i) All manual contracts of today will have to be converted into smart contracts to run some automated checks on them, whenever there is any transaction involving a contract.
- ii) Since the security will be so much dependent on the technology itself, technology audits will have to become much more stringent and pervasive
iii) Finally in order for all stakeholders, no matter which industry they belong to, need to come together as part of the same or connected Blockchain, there needs to be common processes and protocols accepted and agreed on by regulators of all industries. Hence, the regulators need to come together to ensure the same.
So bottom line is no technology can eradicate fraud. People are much smarter than computers, being the inventors of all technology. And people with mal- intent will be there. So while Blockchain has the technology built-in to improve security, it is definitely not the answer to all fraud.