The Bank of Canada has issued a report on Project Jasper, its recently completed experiment testing the viability of distributed ledger technology (DLT) as the basis for a wholesale payment system. The experiment was a combined effort by the Bank of Canada and Payments Canada, along with Bank of Montreal, Canadian Imperial Bank of Commerce, HSBC, National Bank of Canada, Royal Bank of Canada, Scotiabank and TD Canada Trust. The experiment revealed that such technology is not more beneficial, at least for now, than the current centralized system of wholesale payments. However, the successful proof-of-concept highlighted best practices for wide-scale public/private cooperation and uncovered other opportunities for the implementation of the technology within the financial industry.
Bank of Canada and Project Jasper
The Bank of Canada embarked on Project Jasper to learn more about the feasibility, benefits and challenges of using DLT as the basis for a wholesale interbank payment system. These systems are crucial mechanisms for the financial industry that allow large financial institutions to process payments to each other as well as to and from central banks. Canada’s wholesale payment system, the Large Value Transfer System (LVTS), is operated by Payments Canada and processes an average of $175 billion in payments each business day. Despite the large sums processed, LVTS payments are relatively simple and thus presented a reasonable starting point for practical testing of a DLT system.
Project Jasper involved the building and testing of a simulated wholesale payment system using a DLT-based settlement asset. The experiment’s dual objectives were to evaluate whether a test system could meet international standards for systemically important payments infrastructure, including the Principles for Financial Market Infrastructure (PFMIs), and to collaborate with the private sector on a practical DLT application.
The first phase of the project involved the building of a settlement capability on an Ethereum platform and the demonstration of the ability to exchange the settlement asset between participants. The second phase was built on a Corda platform[i] and introduced a liquidity saving mechanism (LSM) where only the net difference between transactions actually settles, mirroring the LSM function in the existing centralized system. Project Jasper required the creation of a novel LSM designed specifically for a distributed ledger, believed to be the first of its kind. The second phase also used a consensus system that allowed the Bank of Canada to serve as a notary with access to the entire ledger, allowing the Bank of Canada to verify the funds involved in transactions. Relying on these two custom features built within the Corda platform, the Bank of Canada, along with Payments Canada, ran a set of simulated transactions.
While the experiment validated that a DLT-based wholesale payments system can likely satisfy risk concerns and PFMIs related to credit risk, liquidity risk and settlement risk, other areas such as settlement finality, operational risk, as well as access and participation requirements are still of concern. The highest operational risks relate to resilience:
- Continued back-up and security needs: While the project demonstrated that the core of a DLT-based wholesale payments platform can deliver high availability at a low cost, once additional technology components, such as digital keys, identity and system access management—all important elements of Project Jasper, but currently based on centralized models—are added to the system, the typical challenges associated with a single point of failure faced by existing centralized systems re-emerge. This vital information must be backed up and secured to ensure it is not lost, mishandled or abused, similarly to the current security measures of centralized systems. Up against the highly efficient existing system, the high costs of initial design of the DLT system suggested that the bulk of cost savings that might arise from the use of this kind DLT system would arise from a reduction in bank reconciliation efforts, not from the core system.
- Difficult balance between privacy and transparency: While Project Jasper partitioned data in such a way as to create a significant amount of privacy for transactions, it also introduced significant challenges for data replication across the network, a key feature and advantage of DLT, because each participant’s node had access to only a subset of data, introducing a point of failure at each node. More robust data verification requires wider sharing of information. The balance required between transparency and privacy poses a fundamental question to the viability of the system for such uses once its core and defining feature is limited.
- Settlement risk: Principle 8 of the PFMIs requires settlement finality. Defining the conditions under which a transfer in the wholesale payments system is considered irrecovable and unconditional is central to the system’s operation and involves both operational and legal components. Phase 1 of Project Jasper underlined some of the challenges the use of Ethereum poses for settlement finality, as its proof-of-work (POW) concensus mechanism is probabilistic, meaning that although settlement becomes increasingly certain as a transaction becomes progressively more immutable over time, there is always a small possibility that a payment could be reversed. The use of the Corda platform and the notarial function of the Bank of Canada have potentially introduced in Phase 2 of Project Jasper an element of irrevocability, but stress testing would be required to confirm that settlement risk had been adequately addressed.
- Potential for restricted DLT systems to create single point of failure: The notary consensus system implemented in Phase 2 of Project Jasper, while important for verification, also creates a single point of failure, with the implication that an event such as an outage at the Bank of Canada would prevent the processing of any payments. Activities such as permissioning of nodes and establishment of operational standards continue to require significant centralization. Given these considerations, it was concluded that restricted distributed ledger schemes such as Project Jasper may decrease operational resilience or incur more expense when compared against current centralized systems.
Despite Project Jasper highlighting significant limitations to the use of DLT within the wholesale payment space, it still proved valuable in the eyes of the stakeholders involved. The participants, including public-sector and private-sector partners, stated that they learned a great deal about the technical aspects of DLT technology, discovered best practices for wide-scale cooperation and uncovered insights into other paths that may be explored to help reap the benefits of such technology through other Fintech innovations. One key insight that Project Jasper illuminated is that cost savings or efficiency gains can be obtained “if a DLT-based core interbank payment system can serve as the basis for other DLT systems to improve clearing and settlement across a range of financial assets”, such as stocks, bonds, derivatives and other, more decentralized systems with long settlement times, interacting with the wider financial market infrastructure by combining different elements on the same ledger.
Notably, this proof-of-concept exercise excluded many governance and legal considerations of traditional wholesale payment systems, including anti-money laundering requirements, suggesting that a true production system could have significant additional complexity to address.
Commenting on the experiment, Carolyn Wilkins, senior deputy governor of the Bank of Canada, and Gerry Gaetz, president of Payments Canada, concluded that, as against the necessity for interbank systems to be safe, secure, efficient and resilient, as well as to meet all international standards, “DLT-based platforms are just not there yet.” Consequently, they indicated that near-term modernization of Canada’s payments system will not involve distributed ledgers. Nonetheless, it will involve wide-scale innovation and collaboration across many public and private parties, the benefits of which were also demonstrated in Project Jasper.
[i] R3 has created an open-source distributed ledger platform named Corda that is designed to record, manage and automate legal agreements between businesses. Two important differentiators from traditional blockchains include the ability to support various consensus mechanisms and the ability to restrict access to the data within agreements to those explicitly entitled to it.
This post appeared previously on the CyberLex blog.
For more information about our firm’s Fintech expertise, please see our Fintech group’s page.