Blockchain Risk Assessment KPMG PDF

Realizing
blockchain’s
potential
Introducing KPMG
blockchain technology risk
assessment solution
KPMG International
kpmg.com
As a new technology,
blockchain brings with
it specific risks not
relevant to other IT
systems. Not factoring
blockchain-specific risks
into the technology
assessment can easily
leave companies open to
security breaches.
2 Realizing blockchain’s potential

© 2018 KPMG International Cooperative (“KPMG International”). KPMG International provides no client services and is a Swiss entity with which the independent member firms of the KPMG network are affiliated.
Foreword
Recent interest and investment in
blockchain has grown exponentially
and security risks throughout the
full product life cycle, from platform
which is not surprising given its potential selection to proof of concept and into full
to disrupt existing business models, production. The assessment is conducted
transform business processes, introduce by KPMG’s blockchain subject matter
operational efficiencies, realize cost professionals who utilize advanced
savings and spark new revenue streams. tools and techniques to evaluate the
What was once an obscure technology architecture, code, and security aspects
is now seen as applicable to a growing of blockchain platforms. Eamonn Maguire
range of activities and industries — from Global Distributed Ledger Services
KPMG member firm professionals built
funds transfer and securities trading to Lead, Financial Services,
this solution with a number of different
supply chain management and healthcare. KPMG International
stakeholders in mind as each might
Director, Financial Services Advisory,
Rapid growth of the technology and require a different perspective or level of
KPMG in the US
the growing menu of blockchain depth to conduct their assessment —
platforms coupled with its differences from blockchain product owners, chief
from traditional technology has information officers, chief information
made it challenging for companies to security officers, and technology risk
understand how to best apply, employ leaders to the heads of audit.
and harness the value of blockchain
There is no doubt blockchain has the
while managing associated risks — risks
ability to live up to its enormous hype —
they might not fully be aware of.
but it will only do so if organizations
The KPMG blockchain technology risk invest responsibly into blockchain with a
assessment solution (the solution) good understanding of the key risks and Kiran Nagaraj
enables companies to assess blockchain mitigation plans. Global Cryptoasset Lead, Distributed
Ledger Services
platforms and capabilities for technology
KPMG International
Managing Director, Emerging
Building on Securing the chain Technology Risk Services
KPMG in the US
In 2017, KPMG International released a threats and risks related to the use of
whitepaper entitled, Securing the chain1 blockchain. The framework underpins
in which we examined two specific many of our full life-cycle blockchain-
incidents whereby security associated related services, including our
with blockchain initiatives were blockchain technology risk assessment
breached, and how these incidents solution discussed in this paper. It
could have been avoided. We also can also be used to assist Information
introduced an overarching blockchain Risk Management departments in
technology and security framework that developing a bespoke blockchain
companies and blockchain consortia can risk and control framework for their Dennis de Vries
use to identify and respond to security organization. Distributed Ledger Services Lead,
KPMG in the Netherlands
1
ecuring the chain, KPMG International, May 2017 (https://home.kpmg.com/xx/ena/home/insights/2017/05/
S
securing-the-blockchain-fs.html)
Realizing blockchain’s potential 3

When it comes to blockchain,
one size does not fit all
Many companies have moved beyond simple experimentation
into proof-of-concept and use-case development. A small but
rapidly growing number have even started to move blockchain
While they might
solutions into production.
have the same
general functions, As more organizations look to achieve Understanding the two
value from blockchain, it has become
different blockchain apparent that they need a consistent types of blockchains
framework for assessing security and
platforms have technology risk of blockchain solutions
— Public blockchain: In a public
blockchain, access is wide-open;
differing security and across their full life cycle, from design to
anyone can become a node and
production deployment.
technology risks. participate in the blockchain. Bitcoin
The reality is there is no one-size-fits- is a prime example of a public
all approach for leveraging blockchain. blockchain.
While they might have the same general
— Private blockchain: In a private
functions, different blockchain platforms
blockchain, access is limited to
may also have different security and
specific users — such as a group
technology risks. To this end, companies
of banks — through a permissions-
should not make assumptions as to
based private network. Anyone
what a blockchain is capable of doing, or
outside of the private blockchain
how safely and securely it can complete
cannot see or participate in
a specific task. Organizations need to
blockchain transactions.
evaluate the various solutions across
their life cycle to make sure it fits their
needs and risk appetite.
Public versus private blockchains

Public blockchain Private blockchain
Participation in network Open Closed
Transactional privacy Not prioritized except for so-called anon-coins Adjustable to the wishes of the participants
Economic incentive for Built-in Contractually organized
participation
Centralization Fully decentralized Varying degree of decentralization
Commonly used for paid Payments, remittances, prediction markets, Asset servicing, foreign exchange (FX),
social networking distributed storage, paid social networking provenance tracking, trade finance, health care,
insurance contracts
The risk profile of public and private blockchains varies significantly. As a new technology, blockchain brings with it specific
risks not relevant to other IT systems. Not factoring blockchain-specific risks into the technology assessment can easily leave
companies open to security breaches.

Implementing blockchain?
Get it right the first time
Although every blockchain implementation is unique, they
will typically incorporate the following characteristics or some
combination thereof:
The KPMG
Immutable digital ledger: An unmodifiable and persistent
assessment
record of transactional activity using well-known, trusted, solution enables
and tested cryptographic principles.
organizations not
Consensus mechanism: Mechanisms whereby only to evaluate
independent participants have an agreed upon method as to specific risks
how transactions are executed and added to the blockchain
without relying on intermediaries. related to potential
blockchain
Identity and ownership: While identity may not always tie implementation
to a real-world identity, blockchain typically relies on these
concepts via cryptographic principles to prove the ability to projects, but also
interact with the blockchain and demonstrate ownership. to evaluate the
level of maturity of
While these characteristics offer exciting understand and assess the full scope controls related to
possibilities, the challenge is that they of security and technology risks
also bring with them their own specific associated with blockchain initiatives in-use blockchain
risks. For example, with blockchain’s they undertake or applications they are solutions.
immutability, data on a blockchain working to implement. The solution
cannot be deleted. In a use case where is designed to span the life cycle of
customer information is included in security and technology risks pertaining
a blockchain transaction, blockchain to blockchain.
participants may find themselves in
The solution also allows you to evaluate
breach of privacy regulations (e.g. as
the level of maturity of controls
General Data Protection Regulation
related to in-use blockchain solutions.
(GDPR) Article 17) if they cannot comply
By evaluating the maturity level of
with a request of a customer enacting
existing risk controls, organizations
their ‘right to be forgotten’.
can determine where they are well
KPMG’s blockchain assessment solution protected and where they need to
is designed to help organizations establish stronger controls.

Key benefits of the KPMG blockchain technology risk
assessment solution can include:
If you are at Design Develop Deploy Operate
proof-of-concept Provides a holistic model for
stage, the evaluating blockchain-solutions: A
tested model for assessing the risks
solution allows associated with blockchain initiatives
you to assess or solutions. KPMG professionals    
developed the model based on in-depth
weaknesses in experience, research and knowledge of
your existing IT risk standards, and then tested it with
a number of clients globally.
systems before
Supports clear identification into
you go live. blockchain risks: Gain specific insights
into the 10 key risk areas associated
with your blockchain implementation,  
including the strength of your existing or
proposed controls.
Confidently move from proof-of-

concept to production: There are
specific risks associated with the shift
from proof-of-concept to production
systems. If you are at the proof-of-  
concept stage, the model can help you
to assess weaknesses with your existing
system before you go live.
Enables the creation of a concrete

action plan: The risk assessment
provides clear pointers to critical risk
areas and areas where you have less
mature controls so that you can address    
potential gaps or weaknesses. The risk
assessment also provides you with
indications on how to improve your
controls to a higher maturity level.
Risk assessment areas

Through member firms’ extensive are inter-dependent, driving the
experience, we have identified 10 collective maturity of a blockchain
key risk categories associated with implementation. These dimensions also
blockchain implementations. A take on different variations throughout
number of these risk dimensions the life cycle of a blockchain.

KPMG blockchain technology risk assessment
framework — Key risk areas
Governance, risk and compliance
A number of these
Cryptography,
key management
Chain
permissions
risk dimensions are
and
tokenization
management
and privacy inter-dependent,
driving the
collective maturity

Consensus
mechanism and
network
Data
management
and
of a blockchain
management segregation
implementation.
Use case
relevance
and
applicability
Business
continuity and Chain
disaster defense
recovery
Scalability Interoperability
and and
performance integration
1. Consensus mechanism and platform determine if a transaction is

acceptable and should be accepted in
network management the blockchain. For example, a leader-
Consensus mechanism and network based consensus mechanism allows
management risks relate to the potential the leader to review and accept all
for inappropriate, unauthorized, or transactions for the blockchain which
inaccurate transactions to be recorded are simply acknowledged and put
in the blockchain. A consensus into the blockchain by other nodes. If
mechanism, core to most blockchain ineffective, incorrect transactions could
technologies, is the means by which be recorded.
the participants in a blockchain

2. Cryptography, key be able to transact with non-regulator Adequate data management is
parties and not be able to view or action particularly critical when two interacting
management and transactions that it is not party to. parties on a blockchain want to keep
tokenization their transaction anonymous from the
Private blockchains may initially
Within a blockchain, each user maintains other members of the network.
create a less risky environment for
a set of public and private cryptographic a solution, but risks of inappropriate In addition to general usage rights,
keys. As a result, there needs to be entitlements to perform actions or some transactional information may
identified procedures to ensure these the ability to have read-only views into be live on the blockchain, commonly
keys are managed appropriately transactions can have a significant referred to as ‘on chain’, while other
(e.g. distribution, usage, revocation) impact on a solution’s risk profile. information might be stored off the
so that only approved individuals are blockchain, or ‘off chain’. There should be
accessing the blockchain. As of July 2018, production use
identified processes in place to manage
cases for private blockchains are
For improved security, there may the movement of funds between hot
still few and far between. Because
be a need to engage multiple and cold storage so that assets or
of this, many of the important risks
individuals (within the same funds are not transferred without the
and mitigating factors may have yet
participant organization) before appropriate permissions.
to be identified. The lack of lessons
completing a transaction. In these to learn from others’ risks are not —— Cold storage refers to private
instances, multi-signature format keys yet clear, increasing the need for a key storage solutions that are
and a solution will need to be developed framework — based approach to completely offline and typically
and managed to ensure that approval blockchain risk. located at physically secure
processes are followed prior to a locations. These solutions typically
transaction being recorded. Ineffective 4. Use case relevance and live their full life cycle without ever
management of these keys could result applicability connecting to the internet.
in unauthorized transactions or tokens
being made. Currently, there are any number —— Hot storage refers to private key
of use cases being undertaken storage systems that are connected
3. Chain permissions with respect to blockchain. As part of to the internet and can be used to
this process, companies should consider make transactions in real time.
management and privacy
whether it is relevant to use a blockchain It is important that data management
Private blockchains, as previously solution given their specific needs and and segregation risks should be
noted, are based on the principle objectives, and whether the identified considered in tandem with chain
that only approved users can join blockchain solution is the most applicable permissions management and privacy
and participate in them. Usage method to enable the blockchain. For risks as the two categories overlap.
by unauthorized parties pose a example, a blockchain solution that does
significant risk both to the integrity not support automatic updates to smart 6. Chain defense
and privacy of the blockchain and contracts based on external sources
to the transactions being recorded. of data may not be the most effective Companies using blockchain cannot
Private blockchains require when it comes to managing logistics and underestimate security requirements or
authentication of participant identities tracking packages. make assumptions regarding blockchain
in addition to user access management defense mechanisms. It is important to
policies and procedures similar to other 5. Data management and identify and verify checks on security
sensitive IT systems to allow for only and network monitoring processes
segregation to reduce risks associated with smart
authorized user access.
Any companies involved in a blockchain contracts or other attacks.
In a private blockchain, there may be need to assess whether they have the
different types of users that should While a blockchain provider should
capabilities to manage the use case
only be permitted to perform certain conduct source code analysis as a matter
once built. This includes managing all
actions or view specific transactions. of course, companies should conduct
aspects of data, including confidentiality,
For example, in a private blockchain their own due diligence on the source
integrity, and the availability of data
there could be a regulator present on code and any smart contracts running
such as identifying data sources and
the network. That regulator could have on top of it to ensure there are no gaps.
understanding how activities will occur
its chain permissions set so that it is As the blockchain evolves, companies
when data is not available. Companies
only able to view transactions that are in should continue to monitor and manage
also need to ensure that their blockchain
a specific state. In contrast, a business blockchain security in a proactive manner.
activities are compliant with appropriate
participant in the blockchain should only regulations such as GDPR.

Case study
Spotlight on an Asian
stock exchange
A large Asian stock exchange recently

announced plans to implement
a blockchain-enabled solution
for recording shareholdings and
managing the clearing and settlement
of equity transactions. KPMG
professionals conducted a detailed
review of the security design and
architecture of the platform against
security objectives identified by
management. This supported the
stock exchange’s decision to move
forward with the solution.
As the stock exchange
was leveraging a proprietary
distributed ledger solution (DLT), it
was imperative that it considered the
security implications of the design
architecture of the DLT platform, the
inherent risks and mitigating factors
to consider the security of trades
executed on the platform.
KPMG professionals from across
the member firm network, including
emerging technology risk, cyber
security services and Lighthouse data
and analytics center of excellence
collaborated on the assessment by
identifying security risks, analyzing
the solution’s security architecture and
design, and performing specific tests
to determine if the solution addressed
security objectives.
The blockchain assessment
framework provided additional areas
of considerations with respect to
management’s security objectives
and further opportunities to enhance
stakeholder trust in the solution.

7. Interoperability and prior to selecting a solution and to
implementation, companies should
integration
assess whether a solution is production
There are many Organizations need to be aware capable and if it can be scaled to grow and
that their legacy systems may align with their use case going forward.
factors that increase not be designed to interact with
complexity and blockchain solutions or capitalize 9. Business continuity and
on the advantages offered by them. disaster recovery
compute demands Comprehensive examination of
Similar to any other technology
at the production interoperability and integration is
implementation, organizations need
essential to successful implementation
level than at the use of a blockchain solution. Given the to have a plan for addressing business
continuity and disaster recovery risks
case or even immutability of transactions, it is
pertaining to the blockchain application.
essential that the proper mechanisms
proof-of-concept are in place to prevent incorrect data The decentralized nature of blockchain
technology creates a unique reliance on
level (e.g. speed from being written onto a blockchain.
the other participants of the blockchain
and volume of Controls should be developed for the network in order to maintain functionality.
blockchain — both independently and with
transactions, respect to guarding connections between Given that private blockchains may
have both centralized and decentralized
number of active systems. As blockchains are developed
components (e.g. certificate authority,
or moved from proof-of-concept into
participants). production, companies should also ensure cloud key management system), there
a proper focus on change management needs to be concrete understanding
and testing in order to ensure changes of what will happen should these
to scale and scope do not affect components be affected by any potential
interoperability and integration. factors. This will ensure any outage is
limited and no inappropriate transactions
8. Scalability and performance can occur.
Use cases provide tests of the ability of 10. Governance, risk, and
a blockchain to fulfill a specific purpose.
compliance
However, prior to selecting a solution
or moving to a production system, Overall governance, risk management
companies should be confident that and compliance support is essential to
blockchain will perform under the any blockchain implementation. Given
stresses of a production environment. there are different users — sometimes
There are many factors that increase even competitors — involved in
complexity and compute demands at the the blockchain, companies need to
production level than at the use case or be very clear on specific roles and
even proof-of-concept level (e.g. speed responsibilities related to the blockchain.
and volume of transactions, number
For example, how the organizations
of active participants). The successful
will jointly manage changes to
scalability and consistent performance
blockchain software, onboarding of new
of a blockchain solution is dependent
nodes, or other activities. Clear and
on a number of factors, including non-
documented roles, responsibilities, and
blockchain software that it is directly
accountabilities can ensure everyone
reliant upon. One high profile example
participating in the blockchain is on the
includes cryptocurrency exchanges during
same page with respect to compliance
the sudden market activity increases in
processes.
late 2017 through early 2018.2 Therefore,
2
https://www.bloomberg.com/news/articles/2018-01-12/crypto-exchange-kraken-goes-dark-and-user-anxiety-
surges

Assessing the risks: A five-level approach
KPMG professionals use a five-level allows us to help companies determine
maturity scale to assess the robustness where controls are strongest and where
of controls over specific activities. In the weaknesses or gaps exist that should
figure below, we provide an example of be recognized or addressed.
the maturity level of blockchain-specific
Once we have done the initial
controls associated with each assessment
assessment, we use a spider map to
level. Using this scale, we can assess
highlight the results of the blockchain risk
both your current blockchain-specific risks
assessment in a holistic manner so that
and define your goal state for the future.
companies can visually see the current
Each of the blockchain risk areas is level of maturity of risk controls related to
scored on the maturity scale. This a specific blockchain solution or project.
KPMG blockchain technology risk assessment example output
Level 5 — Value
On boarding and off
Cryptography, boarding procedures
key management are defined also for
and future state
Consensus tokenization Chain operation of the
mechanism and permissions network.
network management
management and privacy
Level 4 — Service
On boarding and off
boarding procedures are
defined for all network
participants and periodic
compliance checks take
Governance, Use case place.
risk and relevance and
compliance applicability
Level 3 — Proactive
Controls are in place to
detect unauthorized
access.
Business 1 Data
continuity and management
disaster 2 and Level 2 — Reactive
recovery 3 segregation Procedures are in place to
ensure data confidentiality.
4
5
Scalability Chain
and defense
Level 1 — Adhoc
performance Lack of defined on boarding
Interoperability and off boarding procedures
and for network participants.
integration

Turning assessment into action
Based on the results of the blockchain but rather focuses on identifying key
risk assessment, we provide areas that warrant further attention and
recommendations to help organizations action. Based on the recommendations,
respond to weaknesses. The following actual controls need to be developed
figure provides an example of what based on the unique needs of a
recommendations could look like. blockchain project or solution. As
mentioned earlier, there is no one-size-
It should be noted that the blockchain
that-fits all.
risk assessment is not prescriptive,
Recommendations
Desired
maturity level Recommendation consensus mechanism
Consensus mechanism and and network management
network management The consensus mechanism selected may
create challenges when meeting the
Cryptography, key business continuity requirements of the
management and tokenization organization. Additional controls and
Chain permissions possibly external attestation reports may be
management and privacy required to further address these risks.
Use case relevance
and applicability Recommendation cryptography, key
management and tokenization
Data management
and segregation While standards exist for private key ownership
and accountability, it is recommended that
active monitoring on attempts to access private
Chain defense
keys is set up. Secondly, it is recommended
that private keys are made unavailable to
Interoperability and
non-production systems.
integration
Scalability and
performance Recommendation interoperability
There are no checks for completeness and
Business continuity and accuracy between the relevant internal
disaster recovery subleger and blockchain which could result
Governance, risk and in incorrect transactions being posted to or
compliance read from the blockchain.

Creating sustainable
value through blockchain
There is no doubt that blockchain makes for an exciting value
proposition. Yet, you should not jump blindly into blockchain
implementations, or move from use cases to productions,
without having a holistic picture of the risks.
Just because a solution is blockchain- To achieve the most value from
enabled does not mean it addresses blockchain, both now and in the
relevant risks regardless of what future, you must take responsibility
some blockchain proponents might for its safety and security. There are To achieve the
think. Blockchain is still a very young no opportunities or shortcuts to learn
technology, with new innovations, uses from others’ mistakes. By conducting most value from
and solutions being introduced every a blockchain risk assessment and then blockchain, both now
day. There are still many hard-earned addressing key risks associated with
lessons to be learned from blockchain your specific blockchain activities, you and in the future,
implementations. Therefore, making can make sure you are well positioned you must take
assumptions with respect to key risks to leverage the efficiencies and cost-
and security associated with specific effectiveness provided by blockchain responsibility for its
solutions could open the door to without opening yourself up to safety and security.
significant issues down the road. unexpected risks.
Case study
Rabobank
Rabobank is a multinational cooperative bank and the second largest financial

service provider in the Netherlands, serving over 10 million customers
worldwide. It is the leading financial service provider worldwide in the agri-food
(wholesale, rural and retail) business, and is especially active in banking, lending,
bank assurance and factoring within this sector.
Like many banks, Rabobank had been looking at blockchain and was taking
steps to explore the possibilities associated with it. KPMG’s professionals
worked with Rabobank to test the blockchain technology risk assessment3
against one of its high impact blockchain projects.
Rabobank commented that the assessment provided concrete pointers as
to which areas to focus on and how to improve their maturity. The framework
clearly helped to generate an oversight of all IT maturity risks and the
corresponding mitigations, thereby helping to focus on improving the areas
that need it the most.
3
The Blockchain Risk Assessment was previously referred to as the Blockchain Maturity Model

About KPMG Distributed KPMG Lighthouse Centers of
Excellence to help organizations
Ledger Services maximize ROI of their blockchain
With expertise Embracing a rapidly-advancing new investments.
in more than 40 technology that disrupts business as KPMG Lighthouse is comprised of

usual is not easy. KPMG Distributed software engineers, data scientists,
countries, member Ledger Services professionals are data engineers, domain/Industry
firms blend dedicated to working with you to create consultants and visualization specialists.
relevant, scalable solutions that drive Teams work with financial institutions to
blockchain-based value for your organization. evaluate trends in blockchain and other
consulting services Our tailored approach supports emerging technologies and to identify
the technical solutions best able to
with KPMG organizations through a life cycle
meet their unique requirements. KPMG
process focusing on:
Lighthouse Centers Lighthouse specialists also help assess
— strategic realization security issues and identify other risks
of Excellence to — requirements guidance associated with blockchain and other
help organizations — systems and operations integration
emerging technology.
maximize ROI of — managed services with the potential

We provide
their blockchain to address data governance
— third party blockchain assurance and —— deep industry and business
investments. attestation related services expertise
— conventional audit services such as —— business-case driven transformation
audit and tax services. —— blockchain platform agnosticism
With expertise in more than 40 countries, —— global teams of domain experts,
member firms blend blockchain- system architects and technical
based consulting services with specialists.

Authors
Eamonn Maguire Kiran Nagaraj Dennis de Vries
Global Distributed Ledger Services Global Cryptoasset Lead, Distributed Distributed Ledger Services
Lead, Financial Services, Ledger Services Lead
KPMG International KPMG International KPMG in the Netherlands
Director, Financial Services Advisory, Managing Director T: +31 206 567451
KPMG in the US Emerging Technology Risk Services E: devries.dennis@kpmg.nl
T: +1 212 954 2084 KPMG in the US
E: emaguire@kpmg.com T: +1 212 872 3056 Sam Wyner
E: kirannagaraj@kpmg.com Distributed Ledger Services
KPMG in the US
T: +1 212 954 4903
E: swyner@kpmg.com
Additional contacts
Wei Keat Ng Said Fihri Bernard Wieger
Global COO (Markets) Head of Fund Distribution Services, Partner, IT Audit and Assurance
Distributed Ledger Services Head of Distributed Ledger Services KPMG in the US
KPMG International KPMG in Luxembourg T: +1 816 802 5810
T: +44 20 73111889 T: +352 2251 57892 E: bwieger@kpmg.com
E: wei.keat.ng@kpmg.co.uk E: said.fihri@kpmg.lu
David Palmer
Laszlo Peter Jan Reinmueller Managing Director, IT Audit and
Director, Innovation & Digital Head of Digital Village Assurance
Solutions, Digital + Innovation KPMG in the US
Head of Distributed Ledger Services KPMG in Singapore T: +1 216 875 8171
KPMG Australia T: +65 65071581 E: davepalmer@kpmg.com
T: +61 2 9455 9018 E: jreinmueller@kpmg.com.sg
E: laszlopeter@kpmg.com.au
Anton Ruddenklau
Catherine Philippe Head of Digital & Innovation
Partner, IT Financial Services Financial Services
KPMG in France KPMG in the UK
T: +33 155688809 T: +44 20 76942224
E: cphilippe@kpmg.fr E: anton.ruddenklau@kpmg.co.uk
Sven Korschinowski Christopher Mottram

Head of Fintech and National Service Solutions Leader
Innovation IT Audit and Assurance
KPMG in Germany KPMG in the US
T: +49 69 9587 4235 T: +1 404 979 2100
E: skorschinowski@kpmg.com E: cmottram@kpmg.com
kpmg.com
kpmg.com/socialmedia
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor
to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be ac-
curate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.
© 2018 KPMG International Cooperative (“KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG
International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm
vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved.
The KPMG name and logo are registered trademarks or trademarks of KPMG International.
Designed by Evalueserve | Publication name: Realizing blockchain’s potential | Publication number: 135734-G | Publication date: September 2018

Blockchain Risk Assessment KPMG PDF

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Blockchain Risk Assessment KPMG PDF

Încărcat de

Drepturi de autor:

Formate disponibile

Realizing

2 Realizing blockchain’s potential

Realizing blockchain’s potential 3

Public versus private blockchains

4 Realizing blockchain’s potential

Realizing blockchain’s potential 5

Confidently move from proof-of-

Enables the creation of a concrete

Risk assessment areas

6 Realizing blockchain’s potential

Governance, risk and compliance

Governance, risk and compliance

Governance, risk and compliance

1. Consensus mechanism and platform determine if a transaction is

Realizing blockchain’s potential 7

8 Realizing blockchain’s potential

A large Asian stock exchange recently

Realizing blockchain’s potential 9

10 Realizing blockchain’s potential

KPMG blockchain technology risk assessment example output

Realizing blockchain’s potential 11

12 Realizing blockchain’s potential

Rabobank is a multinational cooperative bank and the second largest financial

Realizing blockchain’s potential 13

in more than 40 technology that disrupts business as KPMG Lighthouse is comprised of

maximize ROI of — managed services with the potential

14 Realizing blockchain’s potential

Sven Korschinowski Christopher Mottram

S-ar putea să vă placă și

1. Consensus mechanism and platform determine if a transaction is