DTCC calls for industry consortium and comprehensive framework to address DLT security risks
Thu, 13 Feb 2020, 11:06 am UTC
Post-trade financial service firm Depository Trust Clearing Corporation (DTCC) has called for a coordinated effort for identifying and addressing security risks arising from the implementation of distributed ledger technology (DLT) in financial services.
DTCC made the recommendation in its recently published white paper, Security of DLT Networks. It has underscored the need for a comprehensive industry-wide DLT Security Framework for reviewing existing security guidelines, gaps in the approach to DLT security, and the need for increased standards. Towards this goal, the paper has also recommended forming an Industry Consortium.
“The coordinated strategy should be a cross-sector effort beginning with a conversation between the financial services sector, DLT providers and consumers. As a first step, we will leverage our unique role within the financial services sector to begin the conversation,” DTCC said, adding that those interested can reach out to it.
The paper said that a principles-based framework will provide firms with the flexibility to identify potential security weaknesses in their DLT implementations. It will also “increase the likelihood that disparate DLT implementations from different organizations could be linked or otherwise exchange information.”
The framework, DTCC said, would assist in the risk evaluations across a firm’s security assessments via best practices and tools, help address key aspects of the DLT key management lifecycle, and provide security guidance and practices respective to account access with the use of cryptographic hash functions, among other things.
It will also enable supervisors and regulators to have a consistent measure for understanding potential strengths and weaknesses in different DLT implementations.
“With adoption of DLT across the financial services ecosystem likely to continue to increase in the coming years, we need to be certain that all DLT-related security risks are identified and addressed to maintain the safety and stability of the markets,” said Stephen Scharf, Chief Security Officer at DTCC.
“As is common in IT security communities, frameworks must be widely available, generally agreed upon, and commonly adopted. As best practices mature, they can be adopted into a formal framework and used for financial industry participants and regulators alike,” added Scharf.
Last May, DTCC announced the postponement of the launch plans for its blockchain-based post-trade platform for derivatives by several months. It said that the delay was to avoid complications with Brexit.
<Copyright © TokenPost. All Rights Reserved. >