The world’s largest oil company, Saudi Aramco, and the Abu Dhabi Digital Authority (ADDA) have something in common: both organisations used WEF’s new toolkit to implement blockchain projects across their operations.
Organisations are pivoting quickly to put emerging technologies into place during the COVID-19 crisis, which has highlighted the need for both speed and clarity in implementations.
Though blockchain is often equated with cryptocurrencies, it is essentially a programming architecture for distributed networks that makes use of cryptography to securely host applications — including smart contracts — as well as store data and execute transactions.
ADDA, which oversees digital transformation in UAE’s largest emirate, has been developing a blockchain platform to support a secure ‘data marketplace,’ or information exchange, between Abu Dhabi government entities and other external organisations. But they faced challenges developing a full set of guidelines for blockchain technology, mainly due to the absence of clear best practices that could be used as benchmarks.
The government agency identified the data marketplace as a clear use case for the toolkit and tested it with the Centre for the Fourth Industrial Revolution UAE (C4IR UAE) — a collaboration between the WEF and the Dubai Future Foundation — applying the questions formulated by the WEF to drive the development of ADDA’s own guidelines and implementation strategy.
Defining the business goal is key
With the help of the toolkit, ADDA was able to clearly articulate the business problem and its blockchain deployment strategy.
“The answers resulting from those questions provided important clarity in what the ADDA needed to do in the implementation phase,” said Dr. Abdulla Al Kendi, Executive Director, ADDA Technologies and Policies Sector, in a press release.
“The toolkit provided a lot of objectivity to the undertaking reducing the subjectivity in judgments and decisions on designing the consortium,” he added.
The use of blockchain is not restricted to government agencies alone. Top oil and gas firms in the Middle East have begun to understand the potential of the technology.
The development of a single oilfield requires the sourcing of thousands of parts from several suppliers; smart contracts, which encode business logic and automate transactions, are designed to optimise the tracking of contractual commitments as well as the flow of money.
Among national oil companies in the region, Saudi Aramco has been at the forefront in terms of emerging technology adoption. The state-owned oil giant utilised the WEF’s toolkit to aid the completion of two critical applications, in supplier management and credential verification.
Blockchain solves time-consuming supply issues
The first application is a blockchain solution to the time-consuming process of supplier management. The application is designed to be utilised in a wide spectrum of industry challenges — such as swift supplier on-boarding and real-time supplier information — that cannot be easily resolved with current technologies.
In the second case, Saudi Aramco identified an adoption strategy for credential verification and assurance of academic degree authentication, a strategy that is expected to reduce verification time and prevent certificate and degree fraud.
By using the toolkit, the energy firm was able to develop a structured approach by dividing the work into manageable pieces, which in turn ensured that realistic milestones could be set and attained.
In its report titled “Redesigning Trust: Blockchain Deployment Toolkit,” the WEF said that to successfully implement blockchain solutions, enterprises and CIOs should consider factors including the folllowing:
- Defined Business Outcomes: “Like any other technology, blockchain is as much about careful attention to the economics and business models as it is about technology evangelism,” according to the WEF toolkit. The toolkit points out that implementing blockchain technology itself should not be a goal, rather, the aim of a blockchain project should be defined in terms of a specific business outcome.
- Operational Integrity: To achieve data integrity or accuracy within blockchain applications, enterprises need to fulfill three requirements: data origin integrity, oracle (data transfer agent) integrity, and digital twin integrity in cases where digital twins – digital replicas of physical object – are used. Blockchain helps in establishing a higher level of traceability and auditability to data as any data entered inaccurately can be traced back to its origin, but blockchain itself can not assure that data is accurate before it is entered into an application.
- Regulatory Compliance: Certain requirements can dissuade an enterprise from deploying blockchain in its supply chains. Key legal and regulatory risks include uncertainty around cross jurisdictional regulations, antitrust violations, smart contract legal enforceability, Anti-Money Laundering (AML) and Know Your Customer (KYC) requirement. It is important for companies to work with external auditors, and relevant stakeholders, to determine the aspects of financial reporting that may be impacted by blockchain implementation.
- Interoperability: Interoperability is a computer system’s ability to exchange and make use of information in a collaborative way. In a blockchain ecosystem, successful interoperability guarantees that the user can trust that “I know what I see is what you see” within a single platform as well as across platforms. Being mindful of technology-related compatibility issues will help future-proof the blockchain part of the system at the technical, business, and governance and process levels.
- Security: Like any new software, blockchain-based solutions must include adequate safeguards against potential cyber-attacks in the form of enterprise hacks, ransom ware, and stolen user data. While various types of blockchain have varying degrees of fault-tolerance, most are considered better alternatives than traditional databases from an integrity perspective. However, blockchain is no exception to the general rule of cybersecurity that sound risk management requires that security measures be baked in from the start.