Learning from the past to build an improved future of fintech

[Note: below is a slightly edited speech I gave yesterday at a banking event in Palo Alto.  This includes all of the intended legalese, some of which I removed in the original version due to flow and time.  Special thanks to Ryan Straus for his feedback.  The views below are mine alone and do not represent those of any organization or individual named.]

Before we look to the future of fintech, and specifically cryptocurrencies and distributed ledgers, let’s look at the most recent past.  It bears mentioning that as BNY Mellon is the largest custodial bank in the world, we will see the importance of reliable stewardship in a moment below.

In January 2009 an unknown developer, or collective of developers, posted the source code of Bitcoin online and began generating blocks – batches of transactions – that store and update the collective history of Bitcoin: a loose network of computer systems distributed around the globe.

To self-fund its network security, networks like Bitcoin create virtual “bearer assets.” These assets are automatically redeemable with the use of a credential.  In this case, a cryptographic private key.  From the networks point of view, possession of this private key is the sole requirement of ownership.  While the network rules equivocate possession and control, real currency – not virtual currency – is the only true bearer instrument.  In other words, legal tender is the only unconditional exception to nemo dat quod non habet – also known as the derivative principal – which dictates that one cannot transfer better title than one has.

Several outspoken venture investors and entrepreneurs in this space have romanticized the nostalgia of such a relationship, of bearer assets and times of yore when a “rugged individual” can once again be their own custodian and bank.1 The sentimentality of a previous era when economies were denominated by precious metals held – initially not by trusted third parties – but by individuals, inspired them to invest what has now reached more than $800 million in collective venture funding for what is aptly called Bitcoinland.

Yet, the facts on the ground clearly suggests that this vision of “everyone being their own bank” has not turned into a renaissance of success stories for the average private key holder.  The opposite seems to have occurred as the dual-edged sword of bearer instruments have been borne out.  At this point, it is important to clearly define our terms.  The concepts of “custody” and “deposit” are often conflated.  While the concepts are superficially similar, they are very different from a legal perspective.  Custody involves the transfer of possession/control.  A deposit, on the other hand, occurs when both control and title is transferred.

Between 2009 and early 2014, based on public reports, more than 1 million bitcoins were lost, stolen, seized and accidentally destroyed.2 Since that time, several of the best funded “exchanges” have been hacked or accidentally sent bitcoins to the wrong customer.  While Mt. Gox, which may have lost 850,000 bitcoins itself, has attracted the most attention and media coverage – rightfully so – there is a never ending flow of unintended consequences from this bearer duality.3

For instance, in early January 2015, Bitstamp – one of the largest and oldest exchanges – lost 19,000 bitcoins due to social engineering and phishing via Gmail and Skype on its employees including a system administrator.4 Four months later, in May, Bitfinex, a large Asian-based exchange was hacked and lost around 1,500 bitcoins.5 In another notable incident, last September, Huobi, a large Bitcoin exchange in Beijing accidentally sent 920 bitcoins and 8,100 litecoins to the wrong customers.6  And ironically, because transactions are generally irreversible and the sole method of control is through a private key they no longer controlled them: they had to ask for the bitcoins back and hope they were returned.

A study of 40 Bitcoin exchanges published in mid-2013 found that at that time 18 out of 40 – 45% — had closed doors and absconded with some portion of customer funds.7 Relooking at that list today we see that about another five have closed in a similar manner.  All told, at least 15% if not higher, of Bitcoin’s monetary base is no longer with the legitimate owner.  Can you imagine if a similar percentage of real world wealth or deposits was dislocated in the same manner in a span of 6 years?8

In many cases, the title to this property is encumbered, leading to speculation that since many of these bitcoins are intermixed and pooled with others, a large percentage of the collective monetary base does not have clean title, the implications of which can be far reaching for an asset that is not exempted from nemo dat, it is not fungible like legal tender.9

As a consequence, because people in general don’t trust themselves with securing their own funds, users have given – deposited – their private keys with a new batch of intermediaries that euphemistically market themselves as “hosted wallets” or “vaults.” What does that look like in the overall scheme?  These hosted wallets, such as Coinbase and Xapo, have collectively raised more than $200 million in venture funding, more than a quarter of the aggregate funding that the whole Bitcoin space has received. Simultaneously, the new – often unlicensed – parties collectively hold several million bitcoins as deposits; probably 25-30% of the existing monetary base.10 Amazingly, nobody is actually certain whether a “hosted wallet” is a custodian of a customers bitcoin or acquired title to the bitcoin and is thus a depository.

Yet, in recreating the same financial intermediaries that they hoped to replace – in turning a bearer asset into a registered asset – some Bitcoin enthusiasts have done so in fashion that – as described earlier – has left the system ripe for abuse.  Whereas in the real world of finance, various duties are segregated via financial controls and independent oversight.11 In the Bitcoin space, there have been few financial controls.  For example, what we call a Bitcoin exchange is really a broker-dealer, clearinghouse, custodian, depository and an exchange rolled into one house which has led to theft, tape painting, wash trading, and front-running.12 All the same issues that led to regulatory oversight in the financial markets in the first place.

And while a number of the better funded and well-heeled hosted wallets and exchanges have attempted to integrate “best practices” and even third-party insurance into their operation, to date, there is only one Bitcoin “vault” – called Elliptic — that has been accredited with meeting the ISAE 3402 custodial standard from KPMG. Perhaps this will change in the future.

But if the point of the Bitcoin experiment, concept, lifestyle or movement was to do away or get away from trusted third parties, as described above, the very opposite has occurred.

What can be learned from this?  What were the reasons for institutions and intermediation in the first place?  What can be taken away from the recent multi-million dollar educational lesson?

We have collectively learned that a distributed ledger, what in Bitcoin is called a blockchain, is capable of clearing and settling on-chain assets in a cryptographically verifiable manner, in near-real time all with 100% uptime because its servers – what are called validators – are located around the world.  As we speak just under sixty four hundred of these servers exist, storing and replicating the data so that availability to any one of them is, in theory, irrelevant.13

Resiliency, accountability and transparency, what’s not to like?  Why wouldn’t financial institutions want to jump on Bitcoin then, why focus on other distributed ledger systems?

One of the design assumptions in Bitcoin is that its validators are unknown and untrusted – that there is no gating or vetting process to become a validator on its open network.  Because it is purposefully expensive and slow to produce a block that the rest of the network will regard as valid, in theory, the rest of the network will reject your work and you will have lost your money.  Thus, validators, better technically referred to as a block maker, attempt to solve a benign math problem that takes on average about 10 minutes to complete with the hope of striking it rich and paying their bills. There are exceptions to this behavior but that is a topic for another time.14

The term trust or variation thereof appears 13 times in the final whitepaper.  Bitcoin was designed to be a solution for cypherpunks aiming to minimize trust-based relationships and mitigate the ability for any one party to censor or block transactions. Because validators are unknown and untrusted, to protect against history-reversing attacks, Bitcoin was purposefully designed to be inefficient.15 That is to say attackers must expend real world resources, energy, to disrupt or rewrite history.  The theory is that this type of economic attack would stave off all but the most affluent nation-state actors; in practice this has not been the case, but that again is a topic for another speech.

Thus Bitcoin is perhaps the world’s first, commodity-based censorship resistance-as-a-service.  To prevent attackers on this communal network from reversing or changing transactions on a whim, an artificially expensive anti-Sybil mechanism was built in dubbed “proof of work” – the 10 minute math problem.  Based on current token value, the cost to run this network is roughly $300 million a year and it scales in direct proportion to the bitcoin market price.16

Thus there are trade-offs that most financial institutions specifically would not be interested in.

Why you may ask?

Because banks already know their customers, staff and partners. Their counterparties and payment processors are all publicly known entities with contractual obligations and legal accountability.  Perhaps more importantly, the relationship created between an intermediary and a customer is clear with traditional financial instruments.  For example, when you deposit money in your bank account, you know (or should know) that you are trading your money for an IOU from the bank.17 On the other hand, when you place money in a safe deposit box you know (or should know) that you retain title to the subject property.  This has important considerations for both the customer and intermediary.  When you trade your money for an IOU, you are primarily concerned with the financial condition of the intermediary.  However, when you retain title to an object held by somebody else, you care far more about physical and logical security.

As my friend Robert Sams has pointed out on numerous occasions, permissionless consensus as it is called in Bitcoin, cannot guarantee irreversibility, cannot even quantify the probability of a history-reversing attack as it rests on economics, not technology.18 Bitcoin is a curious design indeed where in practice many participants on the network are now known, gated and authenticated except the transaction validators.  Why use expensive proof-of-work at all at this point if that is the case?  What is the utility of turning a permissionless system into a permissioned system, with the costs of both worlds and the benefits of neither?

But lemonade can still be squeezed from it.

Over the past year more than a dozen startups have been created with the sole intent to take parts of a blockchain and integrate their utility within financial institutions.19 They are doing so with different design assumptions: known validators with contractual terms of service. Thus, just as PGP, SSL, Linux and other open source technology, libraries and ideas were brought into the enterprise, so too are distributed ledgers.

Last year according to Accenture, nearly $10 billion was invested in fintech related startups, less than half of one percent of which went to distributed ledger-related companies as they are now just sprouting.20

What is one practical use?  According to a 2012 report by Deutsche Bank, banks’ IT costs equal 7.3% of their revenues, compared to an average of 3.7% across all other industries surveyed.21)  Several of the largest banks spend $5 billion or more in IT-related operating costs each year.  While it may sound mundane and unsexy, one of the primary use cases of a distributed ledger for financial institutions could be in reducing the cost centers throughout the back office.

For example, the settlement and clearing of FX and OTC derivatives is an oft cited and increasingly studied use case as a distributed ledger has the potential to reduce counterparty and systemic risks due to auditability and settlement built within the data layer itself.22

How much would be saved if margining and reporting costs were reduced as each transaction was cryptographically verifiable and virtually impossible to reverse? At the present time, one publicly available study from Santander estimates that “distributed ledger technology could reduce banks’ infrastructure costs attributable to cross-border payments, securities trading and regulatory compliance by between $15-20 billion per annum by 2022.”23

With that said, in its current form Bitcoin itself is probably not a threat to retail banking, especially in terms of customer acquisition and credit facilities.  For instance, if we look at on-chain entities there are roughly 370,000 actors.  If the goal of Bitcoin was to enable end-users to be their own bank without any trusted parties, based on the aggregate VC funding thus far, around $2,200 has been spent to acquire each on-chain user all while slowly converting a permissionless system into a permissioned system, but with the costs of both.24

That’s about twice as much as the average bank spends on customer acquisition in the US.  While there are likely more than 370,000 users at deposit-taking institutions like Coinbase and Xapo, they neither disclose the monthly active users nor are those actual Bitcoin users because they do not fully control the private key.

If we were to create a valuation model for the bitcoin network (not the price of bitcoins themselves), the network would be priced extremely rich due to the wealth transfer that occurs every 10 minutes in the form of asset creation.  The network in this case are miners, the block makers, who are first awarded these bearer instruments.

How can financial institutions remove the duplicative cost centers of this technology, remove this $300 million mining cost, integrate permissioned distributed ledgers into their enterprise, reduce back office costs and better serve their customers?

That is a question that several hundred business-oriented innovators and financial professionals are trying to answer and we will likely know in less time it took Bitcoin to get this far.

Thanks for your time.


  1. Why Bitcoin Matters by Marc Andreessen []
  2. Tabulating publicly reported bitcoins that were lost, stolen, seized, scammed and accidentally destroyed between August 2010 and March 2014 amounts to 966,531 bitcoins. See p. 196 in The Anatomy of a Money-like Informational Commodity []
  3. Mt. Gox files for bankruptcy, hit with lawsuit from Reuters []
  4. Bitstamp Incident Report []
  5. Bitfinex Warns Customers to Halt Deposits After Suspected Hack from CoinDesk []
  6. Why One Should Think Twice Before Trading On The Bitcoin Exchanges from Forbes []
  7. See Beware the Middleman: Empirical Analysis of Bitcoin-Exchange Risk by Tyler Moore and Nicolas Christin []
  8. This has occurred during times of war.  See The Monuments Men []
  9. Bitcoin’s lien problem from Financial Times and Uniform Commercial Code and Bitcoin with Miles Cowan []
  10. Based on anecdotal conversations both Coinbase and Xapo allegedly, at one point stored over 1 million bitcoins combined. See also: Too Many Bitcoins: Making Sense of Exaggerated Inventory Claims []
  11. See Distributed Oversight: Custodians and Intermediaries []
  12. See Segregation of Duties in the CEWG BitLicense comment []
  13. See Bitnodes []
  14. See Majority is not Enough: Bitcoin Mining is Vulnerable from Ittay Eyal and Emin Gün Sirer []
  15. See Removing the Waste from Cryptocurrencies: Challenges and More Challenges by Bram Cohen and Cost? Trust? Something else? What’s the killer-app for Block Chain Technology? by Richard Brown []
  16. See Appendix B []
  17. See A Simple Explanation of Balance Sheets (Don’t run away… it’s interesting, really!) by Richard Brown []
  18. Needing a token to operate a distributed ledger is a red herring []
  19. See The Distributed Ledger Landscape and Consensus-as-a-service []
  20. Fintech Investment in U.S. Nearly Tripled in 2014 from Accenture []
  21. IT in banks: What does it cost? from Santander []
  22. See No, Bitcoin is not the future of securities settlement by Robert Sams []
  23. The Fintech 2.0 Paper: rebooting financial services from Santander []
  24. One notable exception are branchless banks such as Fidor which is expanding globally and on average spends about $20 per customer.  See also How much do you spend on Customer Acquisition? Are you sure? []
Send to Kindle

2 thoughts on “Learning from the past to build an improved future of fintech

  1. As ever, perfect academic breakdown of the facts. I’d be interested in recommendations…e.g Action: “Banks should investigate the distributed ledger start-up sector and identify use cases”… Calls to action are sexy

    Also somewhat tangentially “Because banks already know their customers, staff and partners. Their counterparties and payment processors are all publicly known entities with contractual obligations and legal accountability” — Banks legally know their customers, but in reality are ineffective at doing so because they rely on paper. One of the biggest benefits of this technology may be attacking some of the cost / liability structure banks are currently accountable for.

  2. Pingback: The Weekend Read: July 10 | Todd Blog

Leave a Reply

Your email address will not be published. Required fields are marked *