All About Blockchain

AuditChain: Trading Audit Platform over Blockchain | Guy Vishnia

November 17, 2021 Season 3 Episode 5
All About Blockchain
AuditChain: Trading Audit Platform over Blockchain | Guy Vishnia
Show Notes Transcript

When it comes to financial regulation systems, how can we make recording the flow of information more clear? How can we keep up with the expense of self-regulating, especially when there are monthly changes?

Newly emerged electronic trading practices call for new auditing protocols - why not build them with tech advances that help enhance market transparency?

Guy Vishnia is doing his PhD thesis around AuditChain, and built a proof of concept to connect all the data and automate trade execution practices.

Lauren Weymouth (00:00):

Hi, I'm Lauren Waymouth. My day job is directing the university blockchain research initiative at Ripple, which gives me access to incredible talent building out the future of blockchain.

Today we're talking about policy and governance, specifically exchange regulation for trading activity of exchanges. Examination of financial transactions has always been an essential part of market regulation. And when new financial markets come about like electronic trading and trade execution practices, new regulations are required. We continually discuss on this podcast how researchers and industry alike continue to approve upon systems to utilize the immutability, transparency and distributed consensus properties of blockchain. Today we welcome Guy Vishnia who has been doing his PhD at UCL, and has vast real world experience working on the regulatory requirement across products. He's here to discuss the distributed ledger blockchain solution, that provides a framework to solve the problem of exchange auditing for financial markets. It's meant to create enhanced market transparency. And we'll hear about his proof of concept on the feasibility of implementing this process. Thanks for joining us today, Guy.

Guy Vishnia (01:10):

Hey Lauren,  thank you for having me.

Lauren Weymouth (01:11):

I'm recording from San Francisco. Where are you today?

Guy Vishnia (01:13):

I'm based in London- working from home.

Lauren Weymouth (01:15):


Guy Vishnia (01:16):

As most of the planet I guess.

Lauren Weymouth (01:17):

Yeah. I'm working from my garage. So there you have it. How did you get into blockchain and distributed ledger technology?

Guy Vishnia (01:23):

Around 2015 I kind of sat for lunch with a friend who I started to work in a small startup that is some digital coins and he was kinda talking about blockchain and how it's gonna change the world and change the, the markets and the things that you can do with it. And I kinda started reading a little bit about it and then getting interested. And I was kinda two years into my  part-time PhD at the time, doing something a bit different on looking at limit order with models and, trading algorithms. I kinda was hooking the idea and I spoke to my supervisor, professor Garth Peters who wrote some article about blockchain and databases with another student.

And we discussed it and we shifted what I was doing and my PhD took on a bit more blockchain related. as part of my day job I was looking at regulations that kind of started affecting the European market back in the days from 2016 to 2018 plus. we tried to research how we can use blockchain  to help regulations of financial, transactions and assets, et cetera.

Lauren Weymouth (02:16):

So changing the world was your hook, and then you saw an opportunity to actually use this technology to help with financial regulations.

What is your PhD in?

Guy Vishnia (02:25):

So my background is in computer science, but my PhD is part of the department of statistics. 

Lauren Weymouth (02:31):

 When you set out to accomplish this paper, what was important to you on writing it?

Guy Vishnia (02:36):

I think because my background is kind of more industry based,  I was always looking at, how we can start using things now instead of you know in five years time when, there are more technology out there or more platforms that, will be available and kinda how we can actually use blockchain and the idea of blockchain and the immutability part of it especially 'cause it is something that's very important for auditing and regulation reporting.

How we can integrate blockchain into existing technologies or how we can integrate, distributed ledgers into, existing workflows and existing requirements that are already there. so that kinda was my main focuses, how we can actually use this now.

Lauren Weymouth (03:12):

diving deeper into financial transactions, the need to audit them. What does the examination of financial transactions look for?

Guy Vishnia (03:19):

it's a really, really broad world in general, and every regime has different regulations and every asset classes different regulations attached to it and different things that you need to report. My experience, my background is more on equity. Equities, cash equities based. And this is  what my research was mostly about. So I'm going to talk more about it, but in a way if you can look at other regulations from Dodge Frank and any other regulations that's in the market, you can probably take it to other regulations. 

Lauren Weymouth (03:49):

it was funny because my next question was going to be who do the investment regulations impact? So your particular work is on equities because that was your background, but it could impact anyone. But my question was when there's an examination of financial transactions, what is an auditor looking for?

Guy Vishnia (04:05):

When we look at a transaction, there are many things that the regulatory want to look at. And it depends on the regulatory and the regime and the asset class. But if we look for example on European Mifi regulations on the transaction reporting for example, the regulator wants to look at what was done on a trade, who did it,  what was the quantity, what was the order flow, where it was actually traded and things like that. so as part of the regulation reporting there is many things that needs to be done, and it really depends on who you are.

So whether you are an exchange or whether you're a broker or whether you're  another player in the markets. For example exchanges. There's an obligation to do order record keeping. So they need to keep, everything that was done on the platform for seven years and in these reports they need to have certain amount of data and they need to know who did what. So for example, they need to maybe know that trader A  was responsible for execution 127 in the market and then if the financial authority feels like there's something was wrong in the transaction that someone tried to play the market or someone was trying to behave bad, they can come to the exchange or they come to the broker, depends who and say, "Okay, give us all the data that you have on this trade because we know how to flow through your systems, because when you reported to us we saw it there," and they can pinpoint to who was responsible for something, et cetera.

the lifecycle of a trade, it goes through many, many  levels and many,  places I guess from the moment that someone decide to press on a button to buy or sell a stock  until it actually you know getting out to the exchange and then in the end settle then report. It's really a nice journey of an execution that it travels.

When you look at modern exchanges today or any electronic exchange, you get an order that comes in, it's going to sit on the limit order book or the book exchange all the buys and sells and at some point hopefully it'll get a match, basically execution, and then they're going to send a report to the actual person or broker, whatever who sent the trade that it was executed or partially executed. And the end of the day it will send to the regulator a report that says this was done, one by exchange, its price, et cetera. And by that broker, by that person. There's many parties that's playing here.

Lauren Weymouth (06:20):

Yeah. So what I'm hearing is that there's a lot of players along the way of the flow of the transaction and the exchanges themselves, the brokers, the traders all have to report on the origin, the completion of a transaction. Now there's current audit systems. What are the challenges with the current audit systems that you wanted to look into blockchain solving for?

Guy Vishnia (06:42):

for example if I'm looking at order record keeping.  they save their own data and everything sits on their servers and when the auditor comes they need to audit them and say, "Okay, it's here. You can look at now all the records, seven years or whatever." But it's still within the exchange.  And some exchange are operated by other players  in the market. So someone wants to temper with the data, I guess they can. And if this exchange for something then closes or shut down maybe some of the data will get lost  along the way.

Instead of having the exchange save all the data for example for all the record keeping you can put it on a chain that will be again semi governed by the regulatory itself that this exchange needs to report to different regulator and saved there or shared between them. By doing this basically you get an immutable chain and immutable order record keeping that can't be changed and always saved and always kept and can be queried at all time by the regulator when it needs to for example. So that's one thing that I was looking at.

Lauren Weymouth (07:45):

Okay, so blockchain can solve for not being tampered with, the immutability and almost like a standardization? 

Guy Vishnia (07:53):

When you report to the regulator, the regulator usually will have some trading repository where you can report to, and there are more than one of them, and they can also shut down. And then you need to move everything from one to another. if you will have  one  distributed chain a distributed ledger that is shared by the regulator and by the exchange for example, everything is there. And again, it can't be tampered with, and it can't be changed and it can’t get lost somewhere in the future. And there is other things like personal data that needs to be reported at some point.

Again, the regulator needs to know that trader A done something for example, because then you can pinpoint things to trader A, and a lot of this personal data can also sit on a separate ledger where people can share financial data that instead of being distributed to many people or many brokers or firms or whatever, can be sitting in one place and be shared and only be getting accessed only by the actual people who really need to know it. Again, the regulator on demand when it actually needs to investigate. Most of the time it's not like everyday things are getting raised I guess, it's not like it's something that's just done every day.

Lauren Weymouth (09:11):

Well I kinda get that there's an expectation to report on all of it and when you have an obligation to keep record keeping an entire life cycle of a trade and there's different, like you're an equity guy but there's FX and commodities and collaterals and different fields, different jurisdictions, that's a lot of different record keeping. And everyone's trying to avoid a fine, right? That's the ...

Guy Vishnia (09:34):


Lauren Weymouth (09:35):

You're trying to be compliant, you're trying to avoid a fine. You want to make sure all the information is correct.  I'm sure a lot of people outsource this to not have the responsibility on themselves but a blockchain could remove that third party to make sure that everyone could be doing this themselves while still being compliant.

Guy Vishnia (09:51):

Y-yes or even even if you outsource, you can still make the outsource much easier.  A lot of companies want to outsource it because in a way they share the responsibility Yeah. You want to make the reporting as easy as possible for every, everyone.

They make sure that e-everyone can be compliant without the huge overhead that usually you get when actually, you took for being compliant. There is a big overhead in being compliant. And companies usually don't like to pay the price but they have to.

Lauren Weymouth (10:17):

Yeah. I'm sure that's true across all sectors. Um ...

Guy Vishnia (10:18):


Lauren Weymouth (10:19):

Now in your paper, you not only argue for the use of blockchain in auditing financial transactions because of these properties, but you actually went ahead and designed audit chain. Can you introduce audit chain to us and tell us about how it functions, how it works, the properties, what motivated you to design it?

Guy Vishnia (10:40):

I was looking at if I would like to create something that will basically write into a centralized blockchain, how would it look? How would I save it in a compact way? And also in a way that it would be easy to access. What would be the throughput of it? What would be the latency of it? How actually we are going to put it in a chain or will it be like a one off process at the end of the day when someone will report and say, okay, load a big file and we will load it into the chain, into a block or couple of blocks, et cetera, or will it be something that's going to be more real time, where everything that happens automatically will send to a chain and be in the off chain process. Blockchains are slower by default and writing something on a chain it's cost in terms of time.

And you don't want to effect trading on a cash equities because you're actually writing some report. So basically you need to distinguish it. You need to make sure that it's separated. So you can report end of the day, just get everything you've done. Trading is finished. Now you can report it or now you can load it to your chain, or you can try to do something that will be off chain that once you get something and then T plus either minutes or seconds will get reported and put in the chain.

And then there are many interesting questions on how do you want to do it? Do you want to do it again based on a day by stock. So you would have an audit for a stock for a specific instrument throughout the day. Do you want to do it by, I don't know, by a company that trades with you, et cetera. You can play with it on a very different level. So I built this very small  POC software basically that does it. II did it for simplicity something that is  basically being  loaded at the end of the day and I look at some financial data sort of a reporting section and start loading them into and build my own ledger based on that. And then try to query then try to make sure that it's untampered 

Lauren Weymouth (12:38):

And thinking of business use cases, you built audit chain specifically for financial transactions. Could it scale to serve other types of transactions in an auditing capacity? Compliance?

Guy Vishnia (12:49):

Yeah, I think the idea in terms of compliance, yeah, it can relate to anything that you want to audit or put on a chain, or basically get  an immutable source, the golden truth that will sit there and no one will be able to tamper with. so I think you can use it for almost anything you want. It's not like I come from the financial world and the regulative reporting so this is where I took it, but I think you think you can take it anywhere you want Look at supply chains auditing or whatever. I don't know. People can take it to wherever their imaginations can.

Lauren Weymouth (13:23):

Useful. So you built this POC, tell us how the system worked.

Guy Vishnia (13:27):

It was a small software that took large end of day files. Dump files of transaction data.  And again loaded it into an exchange. So basically loaded it into the blockchain. So the blockchain every day created itself, the daily node or the daily block and started to build the chain on there. So basically try to get it easier to query, in the future I look at it on a daily basis. So every day was its own sub-chain. So it'll be easy to query after. A little quicker to query after. 

Lauren Weymouth (14:01):

Maybe you could share with us an example of a well-known financial institution who could've really benefited by audit chains.

Guy Vishnia (14:10):


I think it's not something that one specific company will benefit it can benefit everyone. Once you have more standards and you kind of make things more clear and more easy for everyone to use, everyone is benefiting from this. It's not just  one company.  it makes the whole market more efficient more reliable, more transparent and it's uh kind of a win-win situation.

Lauren Weymouth (14:28):

It kind of enhances the market productivity?

Guy Vishnia (14:31):

Yeah.  You reduce your cost of basically being compliant. You make compliance more easy.

Lauren Weymouth (14:36):

Mm-hmm (affirmative). That's great. 

So what are the next steps for this project?

Guy Vishnia (14:39):

trying to look at more time of the real time life cycle and look at everything that goes in between. I spoke before a bit on the trading lifecycle, and the trading lifecycle or a trade execution lifecycle, when someone is sending an order to the market, it can go to one exchange and today the markets are much more fragmented, so it can go to many exchanges. So you can trade. I know IBM you can trade in more than one exchange. Vodafone you can trade in more than one exchange. Like there's the LSC and there's other MTFs or dark pools or different places that the trade can actually get executed. So you send 100 shares and it can be traded in 10 different exchanges, 10 different trading venues. At the end everything should be reported back to the person who initiated trade and the trade will also go forward and get reported and settled 

Then also you have settlement and clearing in the end. So basically somewhere it needs to be written on a ledger, usually on T plus one to T plus three that person X sold these shares and now they're moved to person B. Settlement and clearing is another interesting research on blockchain and possibilities. And I think there are a couple of interesting papers regarding that. the idea here is to start looking at the whole life cycle it goes many steps, there are many places in between that it can get tampered. So for example let's say that  I'm a player and I executed my trade on platform A but I report let's say you report back that I executed it on platform B because I get more commission if I do that.

the idea is to if you can get a ledger, like an immutable ledger on top of it that will track the real life cycle of an execution, the trail of the execution.  You won't be able to do this, or you won't be able to tamper with the data after or before 

Lauren Weymouth (16:28):

So it improves the integrity of the data. I heard you say that there were other research going on about this, and I was going to ask, what is the competition for audit chain? What else is already out there? Did you have any other systems that you looked at, compared notes, lessons learned when you were designing audit chain?

Guy Vishnia (16:44):

I haven't seen anything that that looks at the the trail of the execution itself where I looked at, but there are some interesting papers and research I think on the after in settlement and clearing.  I think this is probably an interesting topic because you can write some smart contracts that will do the settlement and clearing after, and again, settlement clearing you actually write it on ledger, it's called a ledger. So it makes sense. It makes in a way sense to do that, but again, it also depends on time and how much time it's going to settle, et cetera. So there is some research about it. I think there's a couple of interesting papers that talk about this area.

I was trying to look at the execution part and where the trades go from one step to another. And again about regulations, about order record keeping and about personal data, how we save this and how we make this maybe more static data or less changeable data after that in any as a public distributed ledger that people can use.

Lauren Weymouth (17:44):

Have you been in conversation with any of those other researchers, have you connected with them or collaborated with them on the potential of a one stop shop auditing system since yours is one part of the trade and theirs is at a later part of the trade?

Guy Vishnia (17:57):

No, but it's a good idea.

Lauren Weymouth (17:59):

Guy, where are you in your PhD? When do you complete?

Guy Vishnia (18:00):

I hope to complete in about a year's time. I think I have my last paper and then I can submit my thesis and then finish everything. 

Lauren Weymouth (18:14):

Hooray, you're in the final stretch. And what's next for you after that? Are you looking to be an entrepreneur and take this product to market? What do you think you'll do after?

Guy Vishnia (18:23):

I am not sure. I don't know yet. I think there are some interesting topics there that I can maybe take out and do something entrepreneurial.

Lauren Weymouth (18:34):

So we talked about immutability and how important that is in auditing financial transactions to make sure that things aren't tampered with, but what happens in a situation where you do need to change an entry on the ledger?

Guy Vishnia (18:45):

Changing entries on the ledger when you need to report something and you find out that something was wrong with a transaction or you need to make an amend on something that happens. But the idea is that it'll be an add-on to the chain. So the amendment and everything that flows will be the next block or the next part of the chain. So for example if I need to change a quantity because I reported the quantity wrong for some reason, I can attach another report with the amendment and it'll just  follow through. So you will have one large change with everything that happened in this.

So you can trail everything and audit every part of the way. So something was done, a partial here,  an amendment happened because of that, et cetera. we are still keeping the immutability and we are not losing it. we're not taking a record and changing the record. We're just adding another level with the new data. we keep everything, we don't really delete anything.

Lauren Weymouth (19:46):

Guy, we try to keep this podcast high level, but could you quickly dive a little bit deeper (laughs) into the technical aspects of the design you chose?

Guy Vishnia (19:54):

It was a POC, but, we wanted to look at different way to build, the audit chain and how we kind of want to implement our ledger. and whether we want to do a day basis cluster or maybe we wanna do it on kind of block per transaction or per asset class or per asset instrument. We look at all of these different things and in the way that the POC we did the A cluster because it was the easiest thing to, in a way to implement on, on for POC.

When we started designing we kind of look at what is for the change need to implement. From kind of reading events,  and then processing the events, adding the events to the block, basically you wanna hash them, you wanna make sure that they can add in a way that they then make it immutable.

you're gonna repeat this part to more than one event, until you can either save, and you verify it, and you can sign and verify the whole block.  this is a repeatable process that kind of goes throughout,until you finish let's say your daily, reports that you wanted to, to put on the chain, make this kinda audit trail immutable for the day., we also try to look in more about what will be the scalability, what will be the capacity, recovery of this chain, what happens if something falls down,if the system crashes, how you load it back.

We look at all of these things and I think one of our main objectives were to make something that is scalable. And we spoke maybe before and we know how we can use it to other things. By designing it in a scalable way, it means that you can take the general implementation and move it into other asset classes, if you look at financial market, but also other  different things in terms of food chain or any other auditable things out there in the world.

Lauren Weymouth (21:25):

I mean, that's great to hear. A well built system should be able to be used by many different sectors. Guy, your work looks to take steps towards standardization of recording the flow of information to be more clear. We know that it's costly to regulate ourselves and regulation changes monthly. So we wanna thank you for thinking through how to cut out intermediaries to create a fixed financial protocol that automates on chain, such that everyone is connected while still being governed. We enjoyed hearing about your work and hosting you on UBRI's podcast, all about blockchain.

Guy Vishnia (21:56):

Thank you for having me.

Lauren Weymouth (21:58):

Listeners, thank you for your ears today. If you have any questions about this episode or feedback for new episodes please reach out to Till next time.