So what is blockchain technology, other than a string of hashed mini-files stretching to the far horizon? Is it really useful or just another techno-fad with all the substance of a fidget spinner? A commentary published earlier this month in Insurance Thought Leadership, entitled Blockchain: Bad Tech, Worse Vision", strongly suggests that new systems designed to reduce or eliminate the need for conventional forms of trust between contracting parties by using blockchain are doomed to failure.
This has substantive implications for risk management since trust issues make up part of so many exposures regarding default, misrepresentation, intentional fraud, etc. Can you deploy blockchain based processes to mitigate trust denominated risks? One idea behind blockchain, after all, is that if you can audit the software and each step represented by each linked file, you can trust the system even if you don't trust every party in a transaction. But the ITL essay suggests that the old Gaelic word for blockchain might be hooey.
The author, Kai Stinchcombe, puts the case plainly enough: "Blockchain is not only lousy technology but a bad vision for the future. Its failure to achieve adoption to date is because systems built on trust, norms and institutions inherently function better than the type of no-need-for-trusted-parties systems blockchain envisions."
Well, no punches pulled in that summary. Let's ask that well known expert in finance, JP Morgan, what he thinks about the blockchain approach to creating trust without acquaintance:
The first thing [in credit] is character … before money or anything else. Money cannot buy it. [...] A man I do not trust could not get money from me on all the bonds in Christendom. I think that is the fundamental basis of business.
The entre for blockchain is that it theoretically allows financial deals to be put together quickly, without the usually time consuming back and forth involved today in verifying credit, confirming and reconfirming contract provisions and specifications. Blockchain allows us to replace trust with software and audit protocols - or at least, that is the promise.
The question is not theological if you're a risk manager. After all, managing risk is all about managing trust - trust in your insurance carrier and TPA, trust in your bonds, contracts and policy provisions. Will blockchain help you solve known problems or create new, unknown pitfalls? We'll look at the other side of the question in the next Journal.
From the Bamboo Annals
It is written in the Bamboo Annals that in the last year of the reign of the Xia Emperor Fa, about 1700 BCE, Mount Tai shattered. This entry is thought to be the first record of an earthquake in written history. Shandong Province is still beset by earthquakes, so this was only the first of many entries.
On May 4, CoreLogic released its report, Financial Implications of the HayWired Scenario, a detailed look into the real consequences of the earthquake that seismologists think will happen on the Hayward Fault any minute now. You don't have to have a location or employees in the vicinity of Hayward, however, to profit from the report. CoreLogic has - excellent thinking on their part - developed a casebook analysis that, with a few different numbers and geographic considerations, can lay out the likely consequences of a possible disruption along any known active fault line. Active and semi-active faults are spread across the US. Earthquakes are not a California dreamin' or even a West Coast kind of event. Charleston, SC, was nearly flattened back in the 1880s. Hartford, CT, sits on a major fault, as does St Louis.
The HayWired scenario walks you through the key questions for planning in any potential earthquake zone. For example, what is the scientifically probable magnitude of an earthquake along a given zone of a given fault line? The United States Geological Service has developed this information - your tax dollars at work. What preparations are or are not appropriate for a given location and a moderate to severe event? What about the aftershocks? Earthquakes are seldom if ever one and done. Hey, what about your fire sprinklers? In the Loma Prieta quake in 1989 the San Francisco airport terminal was shut down not by fire but by a flood when the entire sprinkler system let loose at once. Oops.
Oh, one more thing. If you haven't been through a major quake, talk to someone who has. What happens when a half ton copier rushes across an office and smashes into the wall opposite? What happens when waves four or five feet high come down your freeway lane? Not waves of water; waves of pavement. What happens when the front steps of your office building drop four feet as the ground under them liquefies?
The HayWired report can help you think through and then plan for the likely events along any known fault line. Major movements along significant faults are never a question of "if," only of "when." What happens next is up to you.
GDPR or the "Brussels Effect"
Back in the 1920s when railroads still ruled the transportation scene, the Pennsylvania Railroad billed itself as "the standard of the world." There was a little puffery in that promotion, but a great deal of truth as well. The "Pennsy" was the railroad others tried to emulate and the Pennsy's standards turned up everywhere in railroading in the US and abroad.
An important shift is taking place, as we watch, at the point where data and finance touch, or, in some cases, collide. Once upon a time, the US led the way, both through official regulation and corporate practice. Not so nowadays. An essay in this week's Wall Street Journal looks at how the European Union is now the standard setting organization for more and more new areas of regulation. The new General Data Protection Regulation (GDPR) proves a current case in point.
Apple, Facebook, Twitter and Sonos have all signed on to use these new regs. The author, Daniel Michaels, points out, "GDPR is the latest sign of the EU's growing power in global regulation. With increasing frequency, EU rules targeting industries within the bloc - from consumer products to financial services - have set international benchmarks."
What does this mean? Well, for starters it means that even risk managers who deal only with domestic US risk need to be paying attention to Brussels, at least on specific areas of regulatory compliance. For example, more than 120 countries have adopted privacy laws based on Europe's over recent decades. Indeed, the "Brussels effect" now sits cheek by jowl with the well-known "California effect". EU requirements, like California's, tend to be the strictest around. If you comply with the EU and California, you may have entered a de facto safe harbor in that few entities have regs exceeding those two.
Once the US ruled the roost in terms of regulating tech and finance, just as the Pennsy did in setting standards for railroading. Those days are gone. Pay attention to what's coming from Brussels. It may shape some of your next compliance audit.
Good News/ Bad News
First, the good news. According to a recent report by Quest Diagnostics, fewer Americans tested positive for prescription painkillers like morphine derivatives and oxycodone. Indeed, positive indications fell by 17% in 2017. This is clearly in line with the drop in prescribing rates for these medications which have been reported in the Journal in recent months.
The bad news? Well, positive indications for cocaine, methamphetamine, and marijuana surged at the same time. The increase in marijuana use appears to parallel new state laws allowing medical and, in some cases, recreational uses of the devil weed, as it used to be known. What's worrisome is the first two. Overall, 5% of tests were positive for an illicit substance in 2017, compared to 4.9% the previous year. Cocaine use spiked in the Midwest, the South and a few parts of the Northeast, while meth use spiked in Nebraska and Idaho.
What does this mean? The goal of a drug free workplace in the US remains elusive. The specifics vary, but at least 5% of your employees, if your company is typical, are using something right now that makes them dangerous to themselves and to others. This is one risk you always have to manage.