Ever since the Punjab National Bank (PNB) fraud has come to light, many believers of the blockchain technology have been saying that it could have stopped the fraud. This list includes my organisation as well. I, for one, truly believe that blockchain will become pervasive in near future. But, could this technology have avoided this huge fraud that has shaken the Indian banking system? It is hard to respond to this question in the affirmative, knowing that no technology is smarter than the human brain at its best. If the intent is wrong, loopholes can be found or created, just as it was done in the PNB case.
While there were multiple reasons for this fraud to occur — like mal-intent of account holders, corrupt employees, audit failure, manual contracts, etc. — the key reason was unintegrated applications, i.e., the SWIFT gateway was not integrated with the PNB’s core banking system. So, transferring data within branches and across departments was a manual process. When money was lent by foreign branches of other Indian banks based on the false letter of understanding (LoU) issued by the PNB, no record was being made in the bank’s core banking solution (CBS). Thus, year after year, the fraud remained under cover.
Could blockchain have prevented it? Well, the answer is yes and no. Blockchain definitely has a much higher security capability built-in. The basic concept underlying blockchain is distributed ledger technology (DLT). So, the master data is maintained in every node of the distributed ledger and hence, there is no dependence on a single source of truth. While today, the CBS is the single source of truth for the bank in a distributed ledger framework, each node would contain the same truth. So, tampering one node will not be possible and immediately bring to light any kind of malpractice.
Technically speaking, the blockchain technology does have security mechanisms to deal with these frauds. However, the success of this will depend on how distributed the ledgers are and how big the chains are. Any time there is a gap or a break between the chains, or two or more chains are not integrated, demanding a human intervention, mistakes or frauds are likely to have taken place.
Whether or not the blockchain technology could have stopped the PNB fraud would have depended on how integrated the blockchain was. Even in a blockchain scenario if the bank and the SWIFT payment gateway were not connected by a single chain or two integrated chains and had it required a manual intervention, the problem could not have been avoided. So, the blockchain technology alone is not an answer to avoiding such a problem, intentional or not. The most critical requirement is for all stakeholders to be part of the blockchain, with no break in the chain.
There are a few other necessary conditions for the success of blockchain as well. For example, All manual contracts of today will have to be converted into smart contracts to run some automated checks on them, whenever there is any transaction involving the contract. Since the security is dependent on the technology itself, technology audits will have to become much more stringent and pervasive. Finally, all stakeholders, no matter which industry they belong to, need to come together as part of the same or connected blockchain. Moreover, regulators of all industries will have to accept and agree on common processes and protocols. Hence, the regulators too need to come together to ensure the robustness of this system.
The bottom line is that no technology can eradicate fraud. Being the inventor of all technology, people are much smarter than computers. And people with mal-intent will always be there to manipulate a system. While blockchain has the technology built in to improve security, it is definitely not the answer to all frauds.