Insight

Blockchain and risk

Technology risk insights

Brian Consolvo

Brian Consolvo

Advisory Managing Director, Technology Risk Management, KPMG LLP

+1 757-646-6378

Bryan McGowan

Bryan McGowan

Principal, Advisory, Technology Risk Management, KPMG US

+1 816-802-5856

Ahmed Saleh

Ahmed Saleh

Director, Technology Risk Management, KPMG US

+1 402-637-5014


What is blockchain?

Blockchain is a system in which a record of transactions is maintained across multiple computers (nodes) that are linked in a peer-to-peer network. It removes the need for intermediaries such as banks or brokers to serve as a third party.

41%

Business leaders believe their companies should have invested more in blockchain over the past five years1.

$19B

Global spending on blockchain solutions has been forecasted by 20242.



An introduction to Blockchain

Video transcript

An introduction to Blockchain

Learn about blockchain and how it can be used it today’s dynamic digital business environment.

At this point, you've probably heard about blockchain and cryptocurrencies such as bitcoin on the news or in casual conversation. it's a topic that dominates social media ignites debate and could very well change the future of finance, but what is blockchain we'll cover the blockchain basics in part one of this blockchain video series. Simply speaking a blockchain is a system in which a record of transactions is maintained across multiple computers called nodes that are linked in a peer-to-peer network. let's go through the core components.

  • Cryptography a blockchain is a chain of blocks that contain transaction information each block of data contains a unique hash key which is like a fingerprint used to identify a block in its contents that links the blocks together. a block will contain the hash of the previous block making the chain immutable as any change will require a new hash that will break the chain.
  • Distributed ledger instead of relying on a central authority to manage the ledger blockchains use a distributed peer-to-peer network each user on the network is called a node and each node maintains a copy of the entire blockchain history as well as the rules that govern the blockchain.

The consensus when a new transaction is submitted it goes through a series of validation procedures to ensure it is a valid and authorized transaction prior to it being added to the blockchain, through a process called mining or consensus the transaction is validated against a set of rules and ultimately added to the chain with blockchain two parties are able to make a transaction without a trusted intermediary such as a bank broker or clearinghouse.
let's say Alice wants to send a payment to bob without blockchain bob and Alice uses a number of intermediaries to facilitate the payment including clearing and settlement and to also ensure that bob does not send that same payment to Someone else known as double spending with blockchain digital trust is built into the system removing the need for a trusted third party.

To recap blockchain technology is a distributed ledger that provides users with digital trust to perform transactions blockchain uses cryptography and consensus methods to create these immutable blocks this technology has far-reaching impacts across industries now that you have the basics, you'll be able to join in on the conversations about this revolutionary technology.

For more KPMG technology risk insights please visit our website KPMG helping organizations build stakeholder trust discover more insights today.


How does blockchain work?


Cryptography

A blockchain is a chain of blocks that contain transaction information:

  • Each block of data contains a unique hash key, which is like a fingerprint, used to identify a block and its contents. 
  • Each block contains transactions, a hash, and a copy of the hash of the previous block (with the exception of the genesis block, which has no previous block hash). This concept makes the blockchain immutable. If data from a previous block changes, then its hash changes, disconnecting it from the proceeding chain of blocks.


Distributed ledger

Instead of relying on a central authority to manage the ledger, blockchains use a distributed peer-to-peer network:

  • When someone joins the network, they download a full copy of the blockchain. Each new user, or computer, to the network is called a node. 
  • Distributed peer-to-peer architecture provides benefits of higher availability than traditional client-server based networks, as there is no single point of failure.


Consensus

New transactions are sent to all nodes, which then get validated and grouped into blocks:

  • Consensus ensures that peers on the network agree upon a consistent state of records.
  • Once consensus is reached, the new block is posted on every node’s blockchain. 
  • Nodes will reject blocks whose data violates the protocol’s rules or appears to have been tampered with. 
  • Common consensus mechanisms include Proof of Work (PoW) and Proof of Stake (PoS).


Smart contracts

The main difference between a traditional contract and a smart contract is that smart contracts are automated:

  • A contract is created between parties. 
  • Parties can choose to remain anonymous. 
  • Predefined triggers are initiated. 
  • The contract self executes as defined by the source code.
  • A participant can analyze all activities and make informed decisions. 
  • The data captured can be used for analytics and reporting.
  • Data is fed into blockchains and used for smart contract execution from external sources, specifically data feeds and APIs; a blockchain cannot directly “fetch” data. These real time feeds are called ‘oracles’ which operate very much like middleware between the data and the smart contracts. 


Key blockchain risks

Adoption of blockchain technology exemplifies a firm’s investment in innovation, but with innovation comes new risks in the following areas:

  • Governance
  • Infrastructure
  • Data
  • Key management
  • Smart contracts
  • Development

To unlock the full potential of distributed ledger technologies, organizations should proactively identify and mitigate all risks posed by the adoption of the technology.

Learn more by reading our new article.

Blockchain
Download PDF


How KPMG can help

KPMG provides an experienced lens to understanding, developing, and maintaining the security and compliance of distributed ledger technologies.

Our services encompass the full lifecycle of both blockchain solutions and cryptocurrency businesses. These services include strategic realization, regulatory guidance, risk assessment, control design and assessment, IT audit and attestation support, and information and cyber security. Additionally, we work closely with the KPMG Audit, Tax, and broader Advisory service lines to help deliver a full offering of services for our clients.

Footnotes

  1. AP News, “CFOs Are Ready for Digital Transformation in 2021, New Survey Shows,” February 2021
  2. Yahoo! Finance, “Global Spending on Blockchain Solutions Forecast to be Nearly $19 Billion in 2024, According to New IDC Spending Guide,” April 2021