United Kingdom | Publication | November 2019
As applications of distributed ledger technology (DLT) move into the mainstream, financial institutions involved in those applications will find themselves exposed to new types of risks. In this article, we enumerate some of the novel risks created by banks’ involvement in DLT and how they may seek to mitigate those risks. Some of these risks are familiar disputes dressed up in DLT clothing; others are genuinely new aspects of DLT. Robust dispute resolution mechanisms, agreed in advance and optimised to work smoothly with DLT, can provide a necessary escape valve while retaining flexibility.
Banks have been enthusiastically exploring the possibilities of DLT through pilot projects1 . Some of these pilot projects are transitioning to mature deployments. Inevitably, disagreements have arisen or mistakes been made. Many of these have been resolved between the parties themselves but, as more systems are deployed and they increase in size, there will be more litigation. Meanwhile, interaction between the existing financial sector and the DLT ecology is also growing, leading to traditional disputes involving banks where DLT is relevant.
There is a common perception that DLT operates in a judicial no-man’s-land and courts are powerless to intervene. This perception is wrong and unhelpful. Any aggrieved party can bring a claim before a court, which will decide whether it has jurisdiction and on the appropriate governing law. Nor can remedies granted by courts simply be ignored: ultimately, ourts have the power to confiscate property or imprison individuals within their jurisdiction. This is illustrated by the first two blockchain disputes which have already found their way to the courts.
The first of these is the interim judgment in Vorotyntseva v Money-42 in September 2018, which settled the vexed question of whether a freezing order could be granted over cryptocurrency. Mr Justice Birss, dealing with the issue ex parte on short notice, took an admirably pragmatic stance. He held that where a party was within the court’s jurisdiction, it could be enjoined from dealing with cryptocurrency by a freezing order. The question of whether cryptocurrency was property was not raised by the parties and Birss J merely adverted to the issue. The key was that, as Birss J stressed, a freezing order acts against individuals subject to the jurisdiction of the court, not against electronic assets of unclear status. Its practical effects may be different when dealing with cryptocurrency rather than a bank account (in particular because there is no third-party bank that can be notified), but it is not devoid of effect. The English jurisdiction is well-suited for this type of order as contempt for breach can lead to harsh penalties, including imprisonment.
The second case is Robertson v Persons Unknown3, in which Mrs Justice Moulder granted an asset preservation order over 80 bitcoin held in an account with Coinbase. Again, the order was granted on an ex parte basis. The bitcoin had been traced by the claimant as the proceeds of a fraud transferred to an account held by Coinbase with an unknown recipient, who the claimant suspected, but could not prove, was involved in the fraud (if not the fraudster themselves). Moulder J also considered whether a freezing injunction might be granted, which raised the issue of whether bitcoin constituted property and, if so, what type of property. If bitcoin was a chose in possession, so that its movement to another account was sufficient to transfer legal title, then a proprietary freezing order might not be available. She referred to the recent description of cryptoassets given by the Financial Markets Law Committee (FMLC) (as set out in an article in this journal – (2016) 10 JIBFL 569) as ‘intangible choses in possession.’ Although Moulder J did not come to a view on the property status of cryptoassets, this case shows, firstly, that this is a key issue for blockchain disputes and, secondly, that the FMLC’s cogent analysis should be the starting point in any discussion of this issue.
Vorotyntseva is an example of the main sort of blockchain litigation that has already been seen: a traditional dispute enlivened by the incidental involvement of DLT assets. In the future, the novel characteristics of DLT will lead to novel types of disputes. These characteristics include:
On a permissionless blockchain, there is no one entity that has control over additions to the ledger. Transfers, once recorded, are permanent and cannot be removed. They may be cancellable, by entering a new opposite transfer, but both the original and the reverse transfer will remain forever on the blockchain. This leads to ‘reality mismatch errors,’ where the state of reality as recorded on the blockchain differs from the actual state of reality: the diamond provenance blockchain records the owner of the diamond as Company A but in reality it has been cut and is owned by several different companies; the real estate blockchain records the owner of a house as Company B but it has burnt down or been repossessed by Bank C; the blockchain share ledger shows that shares have been transferred to Company D but the transfer is vitiated for fraud or illegality. Reality mismatch errors will abound in DLT applications – immutability complicates unwinding transactions and court enforcement.
Blockchain nodes may be spread across different jurisdictions, with individual decisions to add blocks to a blockchain not attributable to any one node or group of nodes in any particular jurisdiction. Not only does this make enforcement by the courts problematical, it also raises basic questions as to governing law and jurisdiction applicable to any dispute. As we will discuss below, these basic questions can and should be addressed, in a permissioned blockchain, in a contract between its participants and, in a permissionless blockchain, in a constitution.
Entities on a blockchain are associated with a unique identifier: a public key. Depending on the design of the blockchain, this can enhance the trackability of users and transactions. But it may be difficult to link those public keys to real-world entities. This raises problems for a court in deciding who should be party to a dispute or the target of enforcement. In practice, even for a fully permissionless blockchain, there are numerous points of intersection between entries tagged with public keys and transactions identifying indivduals that will allow courts to identify parties to a dispute. The most common point of intersection is an exchange of cryptocurrency for fiat currency, as with Roberts v Persons Unknown, considered above.
We enumerate types of DLT disputes involving banks as follows, differentiating between traditional disputes with added DLT involvement and those that are genuinely novel:
These are primarily traditional claims in a DLT context. Fraudulent misrepresentation by an issuer of Initial Coin Offerings (ICO), for instance, would have been a claim against an IPO issuer in a previous age. Existing rules against securities and commodities fraud, set out in common law or statute, will apply in most jurisdictions. Fraudulent misrepresentation can arise also between commercial counterparties, where the only connection to DLT is payment by cryptocurrency.
Cryptocurrency exchanges are another focus for civil fraud. Indeed, the Mt Gox fraud was one of the earliest ways in which DLT came to public notice (Mt Gox was a bitcoin exchange that was liquidated in 2014 following largescale fraud).
Fraud claims often feature requests for freezing orders. Banks have set procedures for dealing with freezing orders affecting their accounts. Cryptoassets cannot necessarily be frozen in the same way and banks may need to develop new procedures, particularly where they are involved at the interface between traditional banking and DLT (such as exchanges between cryptocurrency).
Particularly where these procedures are inadequate, financial institutions may be indirectly exposed to DLT fraud through claims for dishonest assistance or knowing receipt. Cryptoassets tend to be highly traceable: although holders of accounts may be pseudonymous, the immutable and transparent nature of blockchain allows assets in those accounts to be followed precisely. Enhanced traceability increases the chance that a bank may be fixed with identifiably tainted assets and marked as a constructive trustee over those assets.
A dispute over a commercial transaction to which a financial institution is party may involve DLT if payment is to be made by blockchain or assets the subject of the transaction are located on the blockchain. Although this is fundamentally a traditional dispute, the question as to whether cryptoassets are property may arise – as discussed above, this is a foundational issue which should be addressed by the courts or statute as soon as possible.
Banks are party to contracts establishing permissioned blockchains, as participants, administrators, information providers or block producers. Each of these roles exposes them to a risk of disputes arising out of those contracts. For instance, as a block producer, a bank will have obligations to maintain a certain level of service and to act in accordance with the consensus mechanism. Novel disputes may also arise. Consider one scenario: two groups of banks part of an industry-wide blockchain disagree over its strategic direction and create rival forks. Other banks may have to choose which consensus mechanism to follow and be exposed to litigation from banks supporting the other fork.
Many blockchains feature ‘smart contracts’ – agreements embodied in or including self-executing code. The self-executing nature of these agreement may lower dispute risk overall. Even so, banks should be aware that dispute risks may stem from coding bugs, including interactions with third-party software, and automated performance, which could interfere with enforcement.
Banks acting as professional advisors in ICOs or the establishment of permissioned blockchains may be exposed to claims of negligent misstatement. They may also become involved in disputes as providers of traditional financial services to entities using DLT.
Participation in DLT will expose financial institutions to negligence claims from other participants. The distributed nature of DLT leads to dependencies that go beyond contractual relationships. For instance, a bank acting as administrator in a permissioned blockchain may have the power to annul or reverse ledger entries. Then, it may be sued by users of the DLT protesting against its failure to reverse a transaction that it claims was induced by fraud or is subject to illegality or another vitiating factor. Or, if a bank is providing financial data to an app developer that it shares with blockchain users, it may be sued for providing that data in an incorrect or unexpected format – even if the data itself is correct – by the users.
Financial institutions might be exposed to contractual or tortious liability not only through their own actions but by becoming liable for the actions of others through principles of agency or partnership. For instance, block producers operating a single consensus mechanism for a commercial blockchain appear to satisfy the requirements for a partnership, at least as a matter of English law. Questions of partnership are often dealt with in financial transactions through express language negating any implication that a partnership exists. For permissionless blockchains, there may be no appropriate contractual document which could house such a statement. DLT frameworks may also be specifically established as partnerships or similar entities in different jurisdictions, such as a Swiss verein. This may prevent a partnership otherwise arising, but it will depend on a conflicts of law analysis of the particular blockchain. Where block producers are spread through different jurisdictions and a subset of them is carrying on business in England, there is varying Supreme Court authority as to whether an English partnership might arise in parallel with a foreign partnership-like arrangement. There is no parallel for this sort of arrangement in the non-DLT economy, so it is a genuinely novel point that the courts may yet need to address.
There are multiple possible sources of regulatory liability for financial institutions to address in DLT frameworks. Securities regulation or financial services regulation applies to an institution’s involvement in ICOs or any blockchain for trading, clearing or settlement of a financial product, such as a derivatives blockchain. Sanctions and anti-money laundering rules will apply to all counterparties that financial institutions engage with on blockchains – this may curtail their involvement in permissionless blockchains and activities at the interface between DLT and the traditional economy, such as currency exchanges. Antitrust and competition regulation may affect institutions participating in blockchains that achieve market dominance. Insurance regulation will apply to blockchains selling or providing insurance.
Notwithstanding these multiple risks, financial institutions have been involved in DLT and will wish to continue doing so. We set out here two main ways that they can minimise their DLT disputes risk.
While permissioned blockchains suit many financial applications, large-scale, industry-wide and universally accepted DLT may need to be permissionless. Financial institutions will wish to engage with these blockchains but will not have the assurance of contractual terms and conditions that all participants must sign up to before using the DLT. The governed blockchain is an innovation that attempts to provide the certainty of an agreement entered into by all participants within a permissionless framework . Essentially, it involves the blockchain protocol only permitting ledger entries that include a hashed reference to an external document. Inclusion of the hash connotes agreement by the party submitting the ledger entry to the document it refers to. This document is generally an agreed form that may change from time to time, called a ‘constitution’.
Despite the name, a constitution in a governed blockchain has the status only of a multi-partite contract between blockchain participants. It may include useful terms such as governing law and jurisdiction clauses and dispute resolution mechanisms. Enforcement of other terms such as obligations to behave in accordance with community norms may be primarily through expulsion from the blockchain rather than court-imposed penalties.
Governed blockchains are already being used. Where financial institutions decide to engage in permissionless blockchains, they are a neat mechanism to mitigate and to better define the scope of liability.
No analysis can faithfully predict what disputes may occur in the future. The immutability of blockchain can make it appear rigid and resolution of disputes cumbersome. Dispute resolution mechanisms agreed in advance can provide the flexibility to deal with unexpected disputes. A dispute resolution mechanism in a DLT does not just cancel out the rigidity of DLT but can be even more flexible than the equivalent mechanism in a traditional contract.
In a permissioned blockchain, the administrator may have the power to delete or reverse transactions. A dispute resolution clause entered into by users of the blockchain will clearly circumscribe when this power may be employed, presumably limiting it to compliance with orders from an arbitrator appointed in accordance with the clause. This will minimise the risk to administrators of being drawn into disputes between users.
In many blockchains, an arbitration clause can be given some smart contract functionality, so that dispute resolution becomes part of the DLT process, rather than separately imposed upon it. Appointment of an arbitrator can be agreed by the parties on the blockchain and then the arbitrator becomes empowered to enforce awards directly – transferring assets between blockchain accounts. In this way, enforcement using DLT can be more straightforward than court enforcement in traditional litigation.
The promise of reduced cost and increased speed have led financial institutions to set up or participate in DLT projects. As DLT is new and evolving, it carries a risk of novel types of disputes. A bank looking to engage with a DLT project should evaluate the level of risk in each of the categories enumerated in this article and take appropriate action to mitigate those risks.
This article was first published in the October issue of the Journal of International Banking & Finance Law.
Space does not permit definitions of DLT and blockchain or their use within the financial sector – we refer readers to the many other introductory sources on this subject. For ease of reading, we use terminology by using ‘DLT’ and ‘blockchain’ almost interchangeably. It will be clear from context where only a particular type of technology that falls within this umbrella is being referred to. Where other terminology is not yet standardised, we try to adopt self-explanatory terms such as ‘block producer’ rather than multiple definitions.
Case No. CL-2019-000444, July 15, 2019
Legal analysis of the governed blockchain, Grigg, Sanitt, 2018, https://www.nortonrosefulbright.com/en/knowledge/publications/0d56a3a5/legal-analysis-of-the-governed-blockchain
Publication
The Court of Appeal has overturned a 2023 High Court decision in Manolete v White [2024], ruling that courts cannot issue injunctions requiring members to draw down their occupational pensions to make them available to judgment creditors.
Publication
The Chancellor presented her maiden Budget on October 30, 2024.
Publication
On October 29, 2024, the PPF published a response to its March 2024 consultation, confirming that it would proceed with its proposal to give actuaries the option of using a bespoke discount rate assumption in s. 143 valuations of smaller pension schemes.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023