A new survey of financial institutions’ experiments with distributed-ledger technology (DLT) by the Hong Kong Monetary Authority shows a few making genuine progress, while many remain hobbled by challenges of governance, know-how, and risk fears.
Half of the 10 projects covered by HKMA are commercial products, while half have yet to break out of proof-of-concept mode. Those that are live are niche. One of them, a policyholder authentication system operated by the Hong Kong Federation of Insurers, is far enough along that it is beginning to integrate more deeply with insurance companies and banks. The others remain isolated within their specific use, but the HKFI example shows that at least some of these projects have the potential to gradually expand.
Live examples cover repo, KYC functions, and digital identity. Project Synapse, deployed by Hong Kong Exchanges and Clearing, facilitates trade settlement for the buying of A-shares in the Stock Connect scheme with the bourses in Shanghai and Shenzhen.
HKEX relies on Digital Asset’s smart-contract language, which enables buyers and sellers, custodians and both local and US financial infrastructure to handle concurrent block trades, allocations, and settlement that avoids the need for pre-funding into China’s T+0 trading environment.
Some projects are technically live but are not being widely adopted. UBS Tokenize uses Ethereum to leverage an existing ecosystem of services and developers, but it remains hobbled by lack of a regulated industry’s standards for using public, permissionless blockchains.
From pilot to production
Projects using DLT have merits. Programmability (via smart contracts) and transparency appeal to financial institutions. They also like atomic settlement, and faster and simplified processing, which lowers the cost of capital. HKMA is eager to encourage uptake of blockchain-based solutions, and it happily notes an uptick in firms seeking guidance in areas such as tokenized deposits.
Inevitably, though, DLT solutions must either remain closed clubs for reasons of control, risk management and security (which limits scale and undermines many advantages of decentralized systems) – or they must find reach, either via public, permissionless chains such as Ethereum, or via some cooperative access among the keepers of walled gardens, which returns us to risks.
The Authority recommends banks, insurers and market operators address governance through a defined strategy, a dedicated DLT team, and training. It also calls for firms to have a clear process for managing risks around counterparties, node concentration (the risk of bad actor compromising a majority of the network, including staked tokens), smart contracts, immutability and the lack of clawbacks, private keys, cybersecurity, privacy, and interoperability.
That’s a long checklist, and doesn’t even include legal issues, such as different treatment toward smart contracts’ definitions, obligations, and acceptance in various jurisdictions.
Slow burn
No wonder that HKMA reports a majority of financial institutions are struggling with adoption. These aren’t just risk and legal: operating considerations are also in doubt, with firms reporting wariness of third parties (and the risk of being shackled to third-party vendors), a lack of in-house technical expertise, and a lack of proper governance over DLT-solution design and implementation.
On the technical side, most firms worry about security and data privacy risks, and challenges around internal systems integration and external interoperability or scalability.
DigFin has recently written about the risks of overhyping real-world asset tokenization, with tradfi players mistaking their own technical benefits for issuer or investor demand.
The challenges in HKMA’s paper are different, as most of these use cases are designed to improve intra-industry services. They are not directly related to catering to the demands of crypto-native speculators.
But many tradfi DLT trials only work if they reach a broader userbase, as this summary indicates (the comments are DigFin‘s). Out of the 10 projects featured by HKMA’s report, only one – one, in operation for seven years – has even begun to creep beyond its special niche. Are the costs, resources, attention and risks worth it?
1. Hang Seng: eHKD for merchant payment and rewards
- eHKD is key to this solution for merchants and retail digital wallets, but non-CBDC solutions are just as feasible for this kind of use case
2. HSBC: tokenized deposits for cross-border fund transfers (with Hang Seng and Visa, separately with Ant)
- Will depend on critical mass of participating banks, interoperability; racing against stablecoin adoption
3. Linklogis: supply-chain digital trade tokens (with Standard Chartered)
- Linklogis is experimenting with Ethereum to extend this beyond closed-loop networks
4. WeCan: ‘Comply’ for secure and efficient data exchange for KYC and KYB checks
- Designed for asset managers and custodians, reducing existing redundancies, run by a consortium of Swiss institutions – this is a question of FIs trusting a central vendor
5. Deutsche Bank: digital identity (Project DAMA) for KYC and identity in launching funds
- Needs to attract enough asset managers, distributors, investors and service providers, ie, integration and interoperability challenges
6. HKEX: Synapse for real-time settlement status updates, using Digital Asset’s Daml
- Live as a commercial product, used by global asset managers to handle stock settlement in T+0 China
7. JP Morgan’s Kinexys: digital financing on repo transactions
- Live as a commercial product; competes with similar product by Broadridge
8. UBS Tokenize: issuer and investor tokenization platform
- Live but so far limited as a closed-loop system
9. Allianz: cross-country motor accident claims (European Union)
- Live as a commercial product since 2021, using a private blockchain among participating banks and insurers
10. HK Federation of Insurers: MIDAS for car insurance authentication (with CryptoBLK)
- Live since 2018 in wake of a fraud. Now moving to Phase 2, integrating with insurers’ systems via APIs
