- Less Simple = Less
Secure
- The more features and complexity in a distributed application, the more potential vulnerabilities
- Ask: What is our strategic goal? What functionality is necessary vs. just desirable?
- Jurisdiction
issues
- Consider cross-border transactions, different laws and regulatory schemes
- Ensure clear and comprehensive choice of law, venue and jurisdiction provisions for resolving any disputes
- Vendor issues
- Blockchain vendors will want to disclaim as much risk and liability as possible
- Consider necessary service levels and performance required for business application in determining when to walk away
- Testing /
Liability
- Robust testing environment to validate and debug application before launch
- Consider risk of improperly settled transactions, network failures, and other risks inherent to business application
- In customer and vendor agreements, clearly allocate risks and liabilities under all potential dispute and/or failure scenarios
- Privacy / Customer
Data
- Understand benefits and need for comprehensive permission-based structure
- Verify identification of participants and set access levels to ensure compliance with all applicable privacy and security regulations
- Intellectual
Property
- Ensure appropriate user permissions and access limitations to prevent harvesting of proprietary business data or trade secret information
- Vendor and customer agreements should address ownership of existing IP, later-developed IP, and comprehensive restrictions on use / disclosure
- Enforceability / Dispute
Resolution of Smart Contracts
- Automated process, but what if something goes wrong?
- Allocate liability & risks, and outline procedures for enforcement / dispute resolution
- Have "in case of fire" plan – may need to unwind transactions or manually evaluate and create corrective entries.
- Consider including real-time monitoring and auditing functionality
- Regulatory
Compliance
- Same rules, different game
- Critical to understand technology, how it works, what processes it is supplanting, and what it is doing to coordinate and update compliance regimes
- Transaction Due
Diligence
- Ownership of data / property on Blockchain
- Critical to understand how Blockchain technology works
- Traditional approaches to due diligence may need to be altered
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.