#DLT | #distributedledgertechnology | #riskmanagement : Key risk management considerations related to the use of DLT by authorized institutions (AIs) in Hong Kong:
The HKMA encourages banks to study the potential of taking "tokenised" deposits and supports the adoption of DLT-based solutions, as long as AIs can adequately manage the associated risks.
1. The HKMA's focus when reviewing AIs' DLT-related proposals is on ascertaining whether an AI has put in place adequate systems and controls to manage those additional risks that may arise due to DLT adoption.
2. The HKMA expects an AI's board and senior management to put in place adequate systems and controls to mitigate DLT-specific risks, including those related to governance, technology risk management, business continuity planning, and outsourcing.
3. AIs should review and update their relevant policies and frameworks to reflect DLT-specific factors as needed, and ensure that they have sufficient staff with expertise in DLT available to support the implementation process.
AIs should fully understand the different types of DLT networks available and make an appropriate choice based on the nature and risks of the application in question, and with consideration for their own legal and regulatory responsibilities.
4. AIs should put in place a rigorous governance framework for introducing and updating smart contracts, and effectively manage the vulnerabilities commonly associated with smart contracts.
5.AIs should understand and mitigate potential legal risks, seek professional advice where necessary, and put in place measures during the design process to mitigate the ensuing legal risks.
6. AIs should effectively manage third party-related risks, including those related to node operators and the design of the DLT network.
7. AIs should design their DLT-based systems to be compatible and able to "communicate" with both traditional and other DLT-based solutions, and ensure that these connections are made in safe and secure ways.
8. AIs should establish a level of cybersecurity commensurate with traditional technology applications, and have effective mechanisms in place for countering both DLT-specific cyber risks and other common cybersecurity threats.
9. AIs should securely manage private keys, and demonstrate that robust policies and procedures are in place to provide a level of security to any private keys held or under their management that are appropriate for the nature and risks of the application, the underlying assets associated with the keys, as well as the duties assumed by the AI.
10. AIs should ensure compliance with data privacy and protection requirements, and introduce mitigating measures to manage complications that may arise due to the unique nature of DLT arrangements.
11. AIs should tailor contingency planning and testing arrangements, and include testing scenarios and contingency arrangements that are specific to DLT in their business continuity planning.
#DLT | #distributedledgertechnology : Hong Kong Monetary Authority (HKMA) has shared Risk management considerations related to the use of distributed ledger technology.
Key considerations :
1. Governance
2. Application design and development
3. On-going maintenance and monitoring
#blockchain | #blockchaintechnology | #startups | #startup | #innovation
Helping Ambitious Companies Build Scalable Software, Integrate AI, and Drive Digital Transformation | $30M+ Funding Success
2wI kinda like this! And well done for not pretending you use AI just for the sake of it!