Home » VDC Contract Management

Blockchain for Contract and Records Management

Blockchain for Contract and Records Management

This is a guest post for a blockchain-based Contract and Records Management solution by Cecil (CJ) John of VDC Consortium.

In this article, CJ is going to outline specific challenges with records management and how blockchain can help to solve these. He will present a scenario where multiple parties to a transaction voluntarily enter into a smart contract, using the Digital Asset Modelling Language (DAML).
Finally, he will propose a technology infrastructure that synchronizes the smart contract with the digital records, workflows, and signatures stored in an enterprise records management portal using Sphereon’s SharePoint integration.

 

The rise of blockchain for enterprises

By 2022 a blockchain based business will be worth $10 billion¹. Gartner also listed records management as 1 of 4 key blockchain business initiatives² saving on costs and providing opportunities to generate revenue³. The technology has the potential to impact all record management processes and extend its capabilities⁴.

Challenges for Enterprises

Security and Confidentiality

The number of data breaches increased more than 400 percent in 2018, exposing almost 15 billion records, according to the identity intelligence company 4iQ⁵. The Average cost of a security breach is $17 million⁶. 88% of companies surveyed feel they are losing control over their data⁷.

Enterprise records need to be secure while ensuring that parties to a transaction have maximum privacy and confidentiality and can access records solely on a need to know basis. Centralized databases expose a single point of failure and are prone to costly security breaches.

Data Regulatory Compliance

There’s been a significant growth of global cross-industry regulations over the past ten years⁸. For government or industry regulatory compliance, or e-discovery, organizations may have to prove to auditors or the courts that there has been no malicious or negligent corruption of digital records, workflows, and logs.

Business Efficiencies

Reconciling transactions across individual and private ledgers takes a lot of time and is prone to errors. Distributed records management systems today, involving multiple parties are experiencing slow processing, high cost, high risk of errors, and often result in unreliable and inconsistent data.
Digital signature technologies come at a high cost, and the certificates are difficult to acquire⁹. Additionally, there’s also uncertainty around the impartiality of the third party provider.
Also, this is the era of smart contracts¹⁰, transactional elements of a legal agreement executing as code on the blockchain. How do we reconcile the smart contract with the corresponding digital contract records? As the industry moves towards the execution of smart contracts, contract professionals (including lawyers and auditors) may need to be able to read and decipher them, if not learn how to write them.

The Solution

Blockchain provides a trusted, independent, and cost-efficient mechanism for multiparty transactional records management. There are inherent problems with the public DLT, particularly around the pseudonymity of the parties identities, as well as privacy and confidentiality. We can leverage additional enterprise technologies to mitigate this. I’ll cover this in the solution architecture.

Blockchain stores a cryptographic hash of the data, workflow processes and signatures for each record, rendering them effectively immutable, more valid, more authentic and more reliable. Blockchain is appealing to auditors and litigators as it effectively certifies corrupt free data as proof or record.

Blockchain technology could also be used to verify the workflow steps that a record went through during its creation and management. The technology can create a cryptographic hash of each step effectively creating an immutable proof of process for the record.

Blockchain is an essential technology for records management professionals to understand because it has broad implications for securing and authenticating intellectual property at lower cost and higher efficiency. It’s important to point out that a records repository can store any digital object including audio, video or even software. A cryptographic hash of the record can be stored on the blockchain together with a time-stamp, serving effectively as proof of copyright.

Blockchain also provides for an advantage over legacy centralized digital signature technologies. The signatures, fingerprints, time stamps created for authentication purposes, are stored on the distributed ledger providing proof of data integrity and authenticity without the need of a third party.

Scenario

This is a simple workflow that describes how the proposed solution architecture can be leveraged to synchronize the smart contract with the contract records for multiple parties.

  1. Ann uploads a contract record into the SharePoint records management, essentially a document library and generates a URL (hyperlink) for the document.
  2. Ann digitally signs the contract using the Sphereon¹¹ blockchain API and generates a unique cryptographic hash for the document.
  3. Ann configures a workflow as the contract proposer and configures Bob as the reviewer.
  4. When Ann clicks SAVE, a smart contract proposal is created on the permissioned distributed ledger based on the DAML template. She includes as properties, the cryptographic hash and document URL as unique references.
  5. Bob receives an email notification with a link to review the contract record. Bob is prompted to accept or reject the contract proposal.
  6. Bob accepts the contract proposal and is redirected to sign the contract record.
  7. After signing the contract record, the original smart contract is archived and a new fully executed contract is created on the distributed ledger with the two parties having entered voluntarily into the contract.
  8. The smart contract is now synchronized with the contract record, joined by a reference to the hash and the document URL.

Solution Architecture

The architectural components:

  1. Digital Asset Modeling Language (DAML) Blockchain Permissioned Distributed Ledger (DLT).
  2. Microsoft SharePoint Enterprise Records Management Portal (SharePoint Online or On Premise).
  3. Microsoft Azure based Sphereon¹¹ Blockchain as a Service (BaaS) Digital Signature APIs.
  4. Microsoft Azure Identity Management

About Digital Asset Modelling Language (DAML)

DAML is a smart contract language for modeling rights and obligations in multi-party business processes in any business domain. Smart contracts developed in DAML provide high integrity and privacy guarantees. DAML also makes the smart contracts development more open and flexible because there could be many potential physical deployment options. DAML contracts encode the rights of the parties as choices that they can exercise, and obligations as agreements that they agree to to¹².

Permissionless distributed ledger technologies conducts transactions pseudonymously. Identities of parties can be hard to establish. Regulatory compliance dictates that parties to a transaction are identifiable. DAML provides for a permissioned ledger, reinforcing the essential properties of a smart contract:

  1. Proof of Rights and Obligations
  2. Confidential Execution
  3. Evidentiary Trail
  4. Formally Verifiable

DAML is an intuitive smart contract programming language that supports formal methods for catching design time errors is accessible enough for lawyers and contract professionals to at least understand, if not write. The next illustration shows how a design time error is caught and displayed, warning the developer that the smart contract is not valid due to a missing authorization from the second party to the contract.

DAML is an intuitive programming platform built from the ground up for modelling smart contracts. It is relatively easy to learn and leverages formal methods for limiting design time errors.

“So, what did a group of relatively new programmers feel about learning a new language to build complex workflows for an industry they did not know? Universally the feedback was that it was not a problem at all and, in fact, having a tool tailored for the job was crucial for their success¹³.”

Microsoft Azure provides the security¹⁴ necessary for privacy and confidentiality and also supports the regulatory requirements for data integrity and compliance. Microsoft 365 offers a comprehensive set of features for compliance and unique intelligence across critical end-points in today’s mobile-first, cloud-first world. Blockchain as a Service (BaaS) by Microsoft Azure provides a rapid, low-cost, low-risk, and fail-fast platform for organizations to collaborate by experimenting with new business processes and is backed by a cloud platform with the largest compliance portfolio in the industry.

SharePoint is a well-established enterprise content management system with built-in records management, e-discovery, and data protection framework such as the office protection center. Seventy percent of the value at stake in the short term is in cost reduction, followed by revenue generation and capital relief¹⁵. The future of blockchain integration with records management looks exceedingly bright.

Formal Media™ Blockchain edition¹⁶, leverages the proposed solution architecture, and is a next generation, secure, transparent and regulatory compliant infrastructure, synchronizing the records, workflow processes and signatures for the smart contract and contract records for multiple parties to a transaction.

 

 

Cecil (CJ) John is an architect, technologist and innovator and has worked with some of the largest companies in the world including the IMF, US Federal Government and some of the top 5 consulting companies. He is the CEO of virtualdeveloper.com, LLC a Microsoft Gold Partner and Goldman Sachs 10KSB alumni member. If you like what you have read, you can follow me on Medium for more great content. You can also sign up for my newsletter or contact me by email, Linkedin or Twitter.

 

 

Notes:

  1. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
  2. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
  3. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
  4. Kandaswamy, Rajesh. (2018). “Pay Attention to These 4 Types of Blockchain”.
  5. Olenic, Doug. (2019). “Data breaches up 400 percent, 15 billion records compromised: report”.
  6. Microsoft. (2019). “Microsoft 365 Security and Compliance Proactive Attack Prevention and Detection”.
  7. Ernst & Young. (2016). “Global Information Security Survey”.
  8. Stewart, Luke A. (2010). “The Impact of Regulation on Innovation in the United States: A Cross-Industry Literature Review”.
  9. Aki, Jimmmy.(2018). “DocuSign Will Add Ethereum Blockchain Integration to Verify Signatures”.
  10. A smart contract is a program running on a blockchain that facilitates, verifies, and/or enforces arrangements between parties. Source: Dyer, Barrington. (2018). “Smart Contracts Explained (for Lawyers) part -1”.
  11. Sphereon are document processing and blockchain specialists, based in the Netherlands.
  12. Kmett, Edward.(2018). “A new language for a new paradigm: smart contracts”.
  13. Digital Asset, (2018). “How much effort is required to become a DAML-Driven developer?”
  14. Microsoft has over 3,500 people dedicated to security — more than most governments, let alone companies.
  15. Carson, Brant.(2018). “Blockchain beyond the hype: What is the strategic business value?.”
  16. Formal Media™ Blockchain edition, is the world’s 1st blockchain enabled digital workplace. Probably. Contact virtualdeveloper.com, LLC for more information.
Logo Sphereon

Sorry

De versie van de browser die je gebruikt is verouderd en wordt niet ondersteund.
Upgrade je browser om de website optimaal te gebruiken.