A few months ago, we replaced our long-running blockchain solution for a more conventional set up. The solution now runs on an almighty relational database and a shiny set of backend services in cloud native Java & JavaScript frameworks. With this important milestone achieved, we thought it would be a good time to share our story.
How it all happened
The original design originated in 2017, when we outlined a solution to allow employees who built-up “2nd pillar” savings with different pension providers or insurers to transfer their capital when changing jobs. 2nd pillar savings are built from pre-tax contributions which means employees cannot just handle the savings themselves. Everything must be managed by pension providers who collect, invest, track, plan, and dispense retirement benefits in line with the Dutch pension law. Pension providers are typically bound to an industrial sector and with the increased cross-industry mobility of employees, the need for transferring built-up capital between providers kept increasing. The old paper-based process is slow, manual, error prone, and doesn’t provide a great user experience. Moreover, the process is mandated by law and therefore non-competitive by nature.
With our idea to digitize this flow, Mijnwaardeoverdracht.nl (my value transfer) was born. A digital service that standardises, optimises, and automates the administrative (read bureaucratic) process while providing end-users with a simple digital interface. Building such a system required the collaboration of multiple pension providers. It required these parties to set a common standard for exchanging pension information, adapt their internal processes, and interface with a new system. More importantly, it called for a core component to orchestrate the exchange, communicate between the parties, and synchronise with a new user interface… a seemingly perfect use-case for disintermediation using blockchain and smart-contracts.
We thus proudly became the very first party in the Netherlands to launch a multiparty production-grade Blockchain solution to support the interaction between major financial institutions. Until its replacement, this solution served tens of thousands of end-users and was fully audited, compliant with financial services standards, and connected to the government eID service.
The magic bullet
Back in 2017, enterprise (permissioned) blockchains were the unique solution to solve cross-organisational inefficiencies. In the value transfer use-case, multiple parties exchange information in order to achieve an outcome that follows a set of predefined rules and conditions. The exchanging parties must share a protocol, trust the system to be tamper-proof and require a clear history of past events. Blockchain thus seemed to provide all those benefits together with the advantage of letting pension providers manage the system together, without having to give up their autonomy over to a central institution. Pension providers could, in theory, maintain a shared application and capture both the governance model and the business processes in self-regulated smart contracts managing the process in a transparent and traceable way.
Fast forward 5 Years later
Setting cryptocurrencies aside, in the past years the market has clearly seen a two-speed adoption of blockchain based solutions. On one hand, Web3 solutions, aiming at true public decentralisation, are booming. With more open systems, the Web3 world aims to replace existing centralised organisations with their decentralised autonomous equivalent. These projects and their financial success are still heavily correlated with the crypto world. The general trend however develops towards bold projects which still aim at fulfilling the promises of revolution the crypto pioneers envisioned.
On the other hand, interest in permissioned blockchain solutions is cooling. The hype that made every organisation announce some form of a blockchain initiative has definitely receded. Over the years, many organisations have quietly written off their investments. If you feel this claim requires some substantiation, feel free to check the searches on Hyperledger, which are today down 75% from their 2018 peak (the GitHub contributors on this open source project is down 95% from its 2017 peak).
Our story clearly belongs to the second category, so what happened?
Making this Work
Let’s face it, the tech ain’t easy. While the use cases that are on display scale well, this often does not extend to more complex business processes. In those cases, stringent security and privacy requirements necessitate ingenuity, which often leads to the need to compromise (e.g. between privacy and performance, between operability and availability). Development times are (based on our experience) between 1.5x and 2x as long due to implementation complexity. Maintainability is also harder, more manual, and custom because your stack needs to be patched, rolling upgrades have to be performed, backward compatible features need to be released,… Most importantly, getting a large network of organisations to (eventually) run a shared application is not an easy affair. In the ideal scenario, each party would contribute to the maintenance of the shared network. The reality is that experts are hard to come by, and the technology is challenging to integrate in an organization’s enterprise architecture. The work often falls back on a single party to maintain and manage the application, which in the end defeats the purpose.
But these problems can be solved right?
Yes! We do believe that if we lay down each problem one by one, there is an existing solution or a trick that can be devised to solve them. There is someone with the right experience out there, and there is a company that has that cool solution we need. There is always a way to make it work. And it did work. . We ran 18 months of highly performant, auditable, compliant, and secure business operations on the very first of its kind production blockchain application.
However, our experience has been that if you want to make it work consistently with high industry standards, it will on average cost more, require more time, you’ll be facing critical issues more often, you’ll always rely on a few extremely specialised experts… The operational overhead, the sensitivity of each operation and the tightness of expertise in the market resulted in the fact that the future possible benefits didn’t outweigh the costs. More importantly, we experienced that the desire of organizations to run their network “nodes” was not sufficient to successfully implement this new technology. Whether that’s due to complex application landscapes, to risk & compliance, or to the availability of expertise in-house, the applications often ends up centralised at one software or cloud provider.
About Central Parties
The truth is, central parties have a worse reputation than they deserve. Every organisation benefits the outsourcing of some operations to a trusted party while focusing on their own business. Even with untrusted parties, countless solutions exist to hold them accountable. In our experience, the legal frameworks used around the business world are mostly fit for purpose. When they are not, legal and governance innovation is an entirely valid way of making things happen without requiring trust-less technology such as blockchains. After operating a live multi-party system for multiple years we understood that our added value really was to foster the collaboration between a large amount of parties. For this, we built a state-of-the-art legal framework and governance that provides the necessary guarantees while holding all parties accountable for the role they have to play. This allows us to ensure performance, satisfaction, and tangible benefits for end users while remaining under strong guidance from our customers. If anything, our move away from blockchain allows us to pack ever more value in the same service, which should be the end goal of any company.
With mixed feelings, on the night of September 6th 2022, our Blockchain was put to rest.
We did learn a lot though
Looking back, our team (of then 10 people) managed quite complex operations while supporting multiparty governance, automating every aspect of our job, pioneering compliance frameworks, and developing the most innovative technologies to make everything work seamlessly. We just celebrated our 2nd birthday a few months ago and will soon welcome our 25th team member.
Taking a step back to reflect, through our journey we discovered that our core strength lies in the underlying framework we developed iteratively. This framework consists of:
Drawing a clear map of our regulatory, compliance, and risk surroundings
Designing a set of practical and traceable controls to achieve our objectives
Translating the controls in software and operations requirements
Building great software, made robust and for smooth operations
Automating the hell out of our jobs to achieve compliant operations at scale.
This resulted in our coolest product thus far: the compliant cloud. With the compliant cloud we can now speed up time-to-market for innovative software in highly regulated environments. This ends up with us today building, running and maintaining half a dozen applications for third parties in highly regulated environments.