Share this post:
Business law, legal considerations and regulatory compliance are important to setting up and running an enterprise business. The blockchain business network enables enterprises to interact among their stakeholders across geography with trust and traceability. Hence, it is important that the blockchain business network comply with a required set of business laws, geography-specific standards, a global set of standards, government regulations, taxation, and other rules.
We have previously laid out the four dimensions framework — business, operations, legal and technology (BOLT) which are key considerations to building effective business networks. We want to take this opportunity to look at the legal dimension in more detail.
While building a network it is important to adhere to data privacy, legal aspects of using smart contracts, geography-specific legal considerations are distributed as nodes across different geographies. Cross-border regulatory and governance plays a key role in the success of the blockchain business network executiocon.
Business network design should focus on early adoption of legal compliance and regulatory needs.
1. Legislative, regulatory challenges and its compliance are critical to the network
While building your blockchain platform-centric business network, it is important to make sure that all relevant business rules and regulations are met. Evaluate the current contracting practices and choose based on what can be automated through smart contracts without breaching the agreed terms.
Make sure the legislators and other governance and regulatory bodies review the smart contracts and approve. The target country’s specific law enforcement and relevant taxation needs to be addressed and taken care of in the transactions.
2. Data privacy to improve confidentiality of data and transactions
Define the access control rules, certificates mapping to create trusted and secure access based on persona and participant stake on the network. It is always required to preserve the secret and use zero knowledge proof (ZKP) between two parties (prover and verifier) without revealing the actual secret.
Identify peers (organizations) transacting over a shared ledger on a channel. Also, identify confidential data that need not be shared with all parties on the channel but sharing with one or few organizations on the channel privately using private data collection. Establish auditability and identify a way for assessing privacy preserving transactions.
3. Data residency and data protection compliance
Data residency is associated with the laws in certain countries and plays a key role in physical data storage within a specific country’s border. Assess and choose the data centres based on the geography-specific data restriction rules for the entire solution including the application components (data files persistence point, object storage, and others) and off-chain database. Validate the data residency rules of a specific country before choosing the hosting location of the peer or nodes. This applies to data distributed across the nodes of the network.
Assess the data model and segregate the data based on the privacy and residency rules, also identify the privacy mechanisms like channel, private data collection, off-chain, encryption, and others, with access policies for right level of access segregation and access control. Identify the personally identifiable data and store it in off-chain or private state to be in compliance with General Data Protection and Regulations (GDPR).
4. Cross-border trade regulations to remain in compliance
There are legal frameworks and institutions responsible for enforcing cross-border rules and regulations in international business and trade. So, this needs to be focused from the blockchain business network perspective to remain on regulatory compliance. Identify the cross regulatory bodies and their validation rules. Create a common set of (smart) contracts that can be reviewed and agreed by all interested regulatory bodies to automate it for easy validation and compliance. This helps to create a dashboard for auditing.
Identify and comply with all relevant regulatory activities for trade compliance that occurs among several jurisdictions and countries in trade processing. To be on government regulations, look at it from the required set of documentations, custom law, export/import controls, and others, with respect to domestic and cross-border trade and distribution of goods and services. Create international tax planning and execution to stay compliant in cross-border businesses.
Thus, planning the legal perspective right from the beginning of the solution is the key success in bringing confidence and compliance to your blockchain business network.
Stay tuned for our future posts which will continue our in-depth look into the other dimensions with which to build an effective business network. For more information and discussion on this topic, please feel free to reach out to us.
Turning strategy into business outcomes
IBM Blockchain Services can help bring your ideas to life. Explore the use of blockchain and digital assets in your business.