Little Britain Votes To Leave

In the worst act of vandalism since the Visigoths sacked Rome in 410, the UK has been ripped out of the European Union by regional voters, led by a trio of politicians that caricaturists could only dream of who perpetrated a campaign that "descended into dishonesty on an industrial scale". 

Yet the Brexit map of the UK shows that those who voted for Britain to leave the EU are not only among those who were the net beneficiaries of EU funding, but are also utterly dependent on the areas that voted to remain to negotiate the terms of Brexit and to plug the regional funding gap that the EU money filled: the 'Leave' campaign demanded that Britain's contribution to the EU be diverted into the black hole that is the NHS budget and that is exactly where it will disappear.

All the facts and projections labelled as 'doom and gloom' now loom as reality. 

Forking The DAO - Robin Hood Update

No, this is not science fiction: the Ethereum world really has been rocked by financial scandal, and has less than a month to resolve it.

It's very hard to explain this situation simply to fans of financial scandals who may be less familiar with cryptotechnology.

In essence a bunch of people ('curators') got together and created - or curated - a new type of open association, which they christened a Decentralized Autonomous Organization, and this first example “The DAO". 

The DAO is built on a new type of cryptographic software platform called a 'distributed ledger' or 'blockchain', in this case known as Ethereum. Such ledgers typically have their own virtual currency, in this case called 'ether'. 

The DAO's rules are in written in software code, so it is in fact a computer programme (or application or 'app'). The DAO is designed to be controlled by investors who use their 'ether' to buy DAO 'tokens' that entitle them to vote on the The DAO's affairs - the main issue being how the DAO should invest the 'ether' it raises through selling 'tokens' to investors, who can also start mini-DAO or 'child DAOs' to focus the investments. By last week the The DAO had raised $60m worth of ether at the going exhange rate.

You can maybe see what's coming...

A savvy participant noticed that The DAO would allow any participant to start a 'child DAO' under their own control and drain 'ether' from The DAO into the child DAO without bothering any of the other participants. 

So they did. 

Cue outrage!

The other participants and 'curators' now say this move was an "attack" that exploited a 'vulnerability' arising from a 'mistake' in The DAO's code. As a result, a 'soft fork' has been imposed by the DAO's 'curator' for 28 days, effectively freezing the child DAO and the ether within it. Many of The DAO's participants want to see the soft fork become permanent - or a 'hard fork' (this saga is providing endless scope for unfortunate puns). Yet The DAO web site's makes it very clear that the code is the sole contract governing The DAO (though what contractual significance The DAO's web site has is therefore questionable).  At any rate, The DAO clearly allowed what in fact happened.

It's ironic that the self-styled "attacker" has resorted to lawyers and is threatening court action to protect his/her/their financial gains. But it would be a fascinating case to run, and a real-world judgment on the issues (applicable law, jurisdiction, whether there was a mistake for which relief could be given etc.) could actually be very helpful to the development of distributed ledgers and the applications that run on them.

23 June:

Meanwhile, the parties are battling it out in a cryptographic re-enactment of Robin Hood (or Barbarians at the Gate?). So-called 'white hat' hackers (claiming to be 'good actors') attempted to secure the remaining ether in The DAO in other child DAOs but the 'attacker' joined them as well.

But is either set of participants 'right' or 'wrong', 'good' or 'bad'? Are they not simply competing in any fashion that The DAO allows?

Would you do business with The DAO or its 'children'?

Would you be happy for The DAO or any child DAO to be an investor in your business? 

Watch this (cyber)space!

Further reading:
Frances Coppola has written a great piece for Forbes.
Introduction to the DAO.
Open letter from "The Attacker".
DAO Wars: Hacker Counter-Attacks and Infiltrates the Robin Hood DAOs

European Privacy Regulators Now Not Happy With US #PrivacyShield

It all seemed to be going so smoothly for US policy-makers when the gathering of the EU's privacy regulators (the Article 29 Working Party) issued a draft review of the US Privacy Shield in February. But the final report means the champagne will remain in the bottle for sometime yet.

Basically, the regulators found the Privacy Sword Shield is hard to read, unclear, inconsistently worded, inconsistent with the new General Data Protection Regulation, does not provide equivalent protection, makes it too hard for foreigners to get redress, the proposed Ombudsman will be neither independent nor adequately resourced; and does "not exclude massive and indiscriminate collection of personal data originating from the EU"!

Meanwhile, data transfers from the EU to the US are still okay to take place under the existing data transfer mechanisms ('standard model clauses' and 'Binding Corporate Rules').

Pity Mr Schrems who managed to overturn the 'Safe Harbor' but leave us even less protected than before!

There's No Single Market For Consumer Finance: What Next?

Perhaps it's not what the European Commission intended, but its green paper on retail financial services is a great explanation of why there is so little cross-border activity in consumer finance: 3% for payment cards, current accounts and mortgages; 5% for loans (less than 1% between Eurozone countries!) and only 3% of gross insurance premiums. For a very long list of reasons, it's just not practicable for most retail financial services providers to operate across EU borders, as the EC has known since at least 2007. Could it be time, therefore, to scale back EU requirements for firms that only focus on their national market, so consumers have a clear choice between national and genuinely cross-border suppliers and products?

The Commission concedes that its vast, confetti-like attempt to harmonise EU financial regulation  has proved futile in catalysing a single retail finance market, yet it continues to ask what more can be done.

One issue in particular that the Commission is huffing and puffing about is 'geo-blocking', the use of technology to identify and block or re-direct consumers based in certain countries.

But the Commission's own findings are that few players have the resources to focus on cross-border markets. Suppliers who do target multiple countries typically use separate local operating entities to deal with all the problems listed in the green paper, so they don't even properly qualify as 'cross'-border. At any rate, how can you force a Spanish motor insurer to sell policies to Germans if it simply can't afford to administer claims in Germany? How would that be in the policyholders' interests? Even assuming the focus solely on Spanish customers is the supplier's own choice, rather than due to some legal restriction, wouldn't requiring the firm to deal with Germans or Swedish consumers put it at risk of going bust, leaving the whole market to a few big players who can afford to serve customers everywhere?

In its response to the green paper, the UK's Financial Conduct Authority quite rightly urges caution on the economic impact of more (futile) regulation, as well as careful analysis of consumer needs and behaviour before churning it out. The FCA points out that existing regulation must be allowed to 'bed-in' before assessing its real impact; and the Commission needs to consider that EU consumers are not some amorphous clump of flesh waiting eagerly for Greek insurance policies homogeneous, but diverse in their needs and behaviours - so a 'one-size-fits-all' approach won't be universally acceptable and risks crushing local financial services that are working well.

The FCA hints at the idea of a range of EU-approved products that might be provided by any EEA firm to any EEA consumer in a standard way, though this still begs the question whether the providers are able to manage this operationally. 

I guess it's possible that those able to target cross-border markets would benefit from some kind of voluntary EU-cross-border safe harbour scheme that enables them to adopt the same approach to marketing, contracts, customer service, complaints handling and enforcement and so on throughout their target market(s). It could even be very a attractive product in some national markets that are currently under-served or where consumers are being fleeced.

But that's more or less what the current regime allows, yet few firms are bothering to do it: the whole point is that we know it is futile to impose a cross-border scheme on firms and consumers who just want to focus on their own national, regional or local market.

Which begs the question: rather than add more regulation, why not allow member states to scale back EU requirements for firms that wish to remain nationally focused? This would allow further differentiation between national and cross-border suppliers and products, presenting consumers with a clearer choice to make.

Of Brexit, Red Tape and Light At The End Of The Eurotunnel

A pragmatic approach to the Brexit debate is to ask whether withdrawal from the European Union would solve enough root causes of Britain's problems to make up for the inevitable disruption.

But we are yet to see that level of analysis, and I doubt we ever will.  

That, and the fact that opportunists like Boris Johnson are able to swing their booms from one side of the debate to the other in the hope of catching any old puff of political wind, tells me the UK's membership of the EU is just a political issue, unconnected to anything 'real'.

One thing that is clear, however, is that cutting the ties with Brussels will not automatically cut the UK's source of red tape: Britain is expert at producing its own. You only need to look at the NHS, the social welfare 'system', the Home Office or education to see how much of a mess the UK is capable of making on its own turf; and its approach to implementing EU law is similarly self-defeating...

Generally speaking, you might say that 'an Englishman's red tape is a Frenchman's business plan'. The English common law principle is that 'the law follows commerce' and we should be able to get on with something until the law forbids or restricts it; while civil law dictates that an activity is not lawful until the state says so. Another difference, somewhat surprising in light of the first, is that the common law system is based on literal interpretation; while civil law is interpreted on the basis of its purpose - the spirit rather than just the letter - and this is how EU law is interpreted by the European Court of Justice.

While the EU's civil law countries rely on EU regulation to tell them more or less how to act, the UK has not coped with this distinction very well. Firstly, the UK's attitude to EU membership means that it misses opportunities to influence the favourable development of EU law in the first place - the UK always seems to be on the back foot. Then, once EU laws are passed, the UK suffers from a policy of 'gold-plating' directives by simply copying them word-for-word into its own national laws which are interpreted literally under common law principles rather than reflecting the purposive interpretation that civil law member states adopt. So the UK creates several rods for its own back.

While it is said that the English courts do (or should) adopt a purposive approach when interpreting national legislation in areas covered by EU law, in practice this opportunity is not widely embraced either by officials or the legal and regulatory community. Once any awkward or confusing EU requirements are transposed into national law, everyone in the UK seems doomed to take them literally.

The result is a system that pushes the burden of resolving any EU regulatory awkwardness or confusion off the public sector's plate and onto the private sector (and, ultimately, the consumer or citizen). A recent case in point include the UK's approach to implementing the Payment Accounts Directive. There are others too numerous to mention.

I do have a little sympathy with the UK's approach to the EU legislative process. It is outnumbered by civil law countries who may not appreciate or respect the more reactive common law approach.  It is also tempting to avoid the expense in time and resources required to continually debate with EC officials whether UK regulation reflects the purpose of EU directives, rather than the letter. But this doesn't bother Italy, Germany, France or the other countries higher on the league table of those failing to implement European laws.

Maybe you could say this failure to navigate the EU legislative process is a reason to leave the EU, but it seems pretty feeble for the UK to lose the benefits of membership due to a political problem of its own making. At any rate, if UK ministers and officials would only take full advantage of the opportunity to resolve any problems in the formation of EU laws in Brussels and take a purposive approach to enacting them nationally, they would surely reduce any adverse impact on the wider UK community from laws that might be unduly restrictive.

Meanwhile, ironically, the EU authorities are beginning to take a more common law wait-and-see approach to regulation, having realised that regulation won't catalyse cross-border markets that don't already exist. Contrast the futile approach to consumer credit with the more cautious approach to regulating crowdfunding and virtual currencies/distributed ledger technology.  

In other words, the UK seems keen to leave when there may be light at the end of the Eurotunnel.

Distributed Ledger Technology: Cutting Through The Hype

A busy start to 2016 has meant the blogging has suffered, but I have at least co-written an article with Susan McLean of Morrison & Foerster that cuts through the hype around blockchain and other distributed ledger technology (DLT). 

The article includes updates on a range of DLT initiatives across numerous business sectors; various policy and regulatory responses; as well as some thoughts on the challenges involved in implementing DLTs.

You won't be able to put it down! ;-)

Of Royalty Problems and Distributed Ledgers

January has been a whirlwind of meetings and discussion around the idea of using 'blockchains' and other distributed ledger technology to help track and collect royalties on creative works, starting with music and the Digital DNA Genome Project. The potential is certainly there for a new ledger-based environment for creative works. But whether distributed ledger technology will address the root causes lurking beneath the biggest problems that the creative industry faces is another question. Here are some observations relating to problems in the music sector, which I know from other conversations and reports resonate in other creative industry sectors...

The current processes for producing and distributing music are clearly broken.  A trawl through the comments below this 'story' on how much YouTube pays in royalties to artists gives you some insight into the problems faced even by those who work really hard at tracking and claiming what they are owed. Responding to a Wall Street Journal report on claims that Spotify fails to properly account for royalties, musician and critic David Lowery wrote to the Attorney General of New York State demanding action. Civil litigation has followed, seeking $150m in unpaid royalties. 

But the more you dig into the royalty problems, the more you realise they are just a symptom, not the cause, of the music sector's woes. One has to be careful about apportioning blame among the multitude of different types of participant involved in the overall process for creating, distributing and performing musical works. What some see as misconduct can easily be attributed to poor systems and record-keeping and a failure to address the root causes of those failures. But, again, go easy on the blame: it's a huge and daunting task to figure out all the processes involved in such a diffuse sector and then how to improve and control each of them so you know when things are going awry and how to respond.

Ultimately, however, one can't help feeling that listeners are not getting access to the sort of range and quality of music that a more efficient sector could deliver.

So, where to start?

The high level problem statement is that the ability to efficiently monetise music has simply not kept pace with the ability to generate and consume it. Why? Well, let's say that the back-office processes have not kept up with the front of house processes. How so? Back office staff at record labels and collection agencies, artist's agents - and even the artists themselves - manually reconcile paper contracts and bank statements to figure out who is owed what; and royalties are often still paid by cheques, even for tiny amounts. At the other end of the process, consumers can stream music and watch video clips on their smartphones. The distribution processes in the middle are also far from operationally efficient. They don't properly track and account for what is made available to consumers at the front end, and don't interface efficiently with the back office.

Why? 

Well, this is where the sector seems to have stopped analysing the situation, which is what we humans tend to do in such situations. We leap to conclusions and solutions. "It's in the interest of the big labels to do nothing about it," has been the most popular refrain, although "Google and Spotify don't care" seems to the latest chart-topper. Current 'solutions' range from sending in the auditors, to filing law suits, to preferring to stage live gigs and concerts as the way to make money. From a technology standpoint, we have the Codec idea from Benji Rogers - not to mention the distributed ledger initiatives that we'll come to.

But these are really just solutions in search of the root cause to the sector's actual problems, spawned more by a sense of helplessness and frustration than any pure insight.

To identify the solutions that will give the most bang for the buck there is a lot more work to be done in understanding all the processes; defining the key problems more precisely, measuring which cause the most pain, then analysing the range of root causes of those problems; before then figuring out which improvements are worthwhile implementing. Finally, all that work will be lost unless there are controls in place to know when the processes are starting to fail again.

Any new system for monetising music efficiently must be “customer-centric” and not merely ‘consumer-centric’ or ‘artist-centric’. It has to cater for the entire set of end-to-end business processes and treat all industry participants fairly. We have to recognise that each participant may be a supplier in one step of the overall process, yet the customer of another step; and which hat they are wearing when they complain. One could argue, for example, that artists are perhaps most upset not in their role as suppliers of music, but in their role as customers in process steps related to distribution, consumption and payment.

To become sustainable, 'the system' must evolve in a customer-centric fashion at each step, otherwise the participant in the role of the ‘customer’ will not buy in to the solution for that step. Equally, however, no one can afford to get caught up in anger and blame. The whole sector needs to move along the change curve to accepting that the system is broken and participate positively in the work required to fix it.

So it's simply too early to say what role, if any, distributed ledgers have to play in solving the creative industry's problems. It's not about imposing a solution, but rather fostering agreement on root causes of the problems and the necessary improvements and controls to be implemented.

That's not to say work should not continue on the use of ledgers in relation to music and other works. It is exciting to see the work on releasing music into ledgers by Ujo Music and MyCelia; Audiocoin; Aurovine; Revelator; Colu; and OCL (One Click Licence); as well as the work of the Kendra Initiative on the wider development of a distributed marketplace; and collaborative forums like the Digital DNA Genome Project mentioned earlier. I just don't think we should saddle these initiatives with the responsibility for solving the current woes of the creative industry - the two can co-exist quite peacefully.

Isle of Man Goes Crypto-Crazy

I'm indebted to my colleagues in the Isle of Man for pointing me to the IoM's recent Designated Businesses (Registration and Oversight Act 2015, which imposes various registration and anti-money laundering requirements on distributed ledger technology. Do we have a poster-child for how regulation of new technology can go way too far?

The IoM compliance obligations are aimed at: 

"the business of issuing, transmitting, transferring, providing safe custody or storage of, administering, managing, lending, buying, selling, exchanging or otherwise trading or intermediating convertible virtual currencies, including crypto-currencies or similar concepts where the concept is accepted by persons as a means of payment for goods or services, a unit of account, a store of value or a commodity;"

This seems likely to be counter-productive, to say the least, given that the 'currency' aspect of distributed ledgers is often merely there to reward the 'miner' or processor of transactions or events that occur on the ledger, regardless of whether those events are themselves financial in nature - financial services being merely one of many different potential applications.

So, should every business on the IoM that uses, or might wish to use, distributed ledgers register with the authorities and introduce AML controls on everyone it deals with, just in case? Maybe so...

Two specific points to make:

1. ‘convertible virtual currencies’ are defined more broadly than one would expect:

“including crypto-currencies or similar concepts [neither term being defined, except by what follows…] where the concept is accepted by persons as a means of payment for goods or services, a unit of account, a store of value or a commodity”, 

Most definitions of a ‘currency’ require all these criteria to be met, not just any one of them. Imagine what would happen to the US Dollar, for example, if suddenly it was not accepted as meeting just one of the above criteria...  Indeed, for this reason many people disagree that Bitcoin - the most widely used form of 'crypto-currency' - is still nothing more than a commodity.

In addition, none of the typical exemptions under payment services regulations seem to be imported here. To take but one relevant example: consumer loyalty/rewards programmes are typically exempt on the basis that the rewards are only accepted as a means of payment within a 'limited network'. Do the local authorities really want every business participating in a loyalty scheme on the Isle of Man to register and apply AML controls just because the scheme involves distributed ledger technology? Maybe so...

2.  Similarly, the list of activities that trigger the relevant compliance obligations would seem to cover a vast array of potential services and their providers/users - recognising that these are distributed ledgers to which all computers running the protocol have the same access. Again, just think of consumer loyalty programmes as you go through the list:

the business of issuing, transmitting, transferring, providing safe custody or storage of, administering, managing, lending, buying, selling, exchanging or otherwise trading or intermediating...

Even payment services regulation, for instance, exempts technology services that support transactions without the service provider handling funds. And the whole point of the ledger is that no intermediary is actually handling funds - its all happening peer-to-peer amongst machines - indeed perhaps everyone's device is handling the funds. Furthermore, there will be instances where access to a distributed ledger is just one element of a wider system - as in the car-rental example, or tracking shipping containers - and it may not be clear to everyone that a distributed ledger is involved if it's just to share the location or state of a vehicle or container.

Still, the Isle of Man's approach might at least be useful in demonstrating how regulation in this area can go too far...

Better Services For SMEs: Follow The Data

I was at a 'parliamentary roundtable' on Tuesday on the perennial topic of small business banking reform. A more official report will be forthcoming, but I thought I'd record a few thoughts in the meantime (on a Chatham House basis). 

It still seems to surprise some people that small businesses represent 95% of the UK's 5.4m businesses - 75% of which are sole traders - and that they account for 60% of private employment, most new jobs and about half the UK's turnover. So-called 'Big Business' is just the tip of the iceberg, since only they have the marketing and lobbying resources to be seen above the waves. As a result small businesses have long been a blind spot for the UK government - until very recently - and the impact has gone way beyond poor access to funding. It includes slow payment of invoices, the absence of customer protection when dealing with big business and lack of alternatives to litigation to resolve disputes.

What's changed?

A combination of financial crisis, better technology and access to data has exposed more of the problems surrounding SMEs - and made it possible to start doing something about them. And it's clear that legislators are prepared to act when they are faced with such data. The EU Late Payments Directive aimed to eliminate slow payments. The UK has created the British Business Bank to improve access to finance, as well as a mandatory process for banks to refer declined loan applications to alternative finance providers and improved access to SME credit data to make it easier for new lenders to independently assess SME creditworthiness. The crowdfunding boom has also been encouraged by the UK government, and has produced many new forms of non-bank finance for SMEs, including equity for start-ups, debentures for long term project funding, more flexible invoice trading and peer-to-peer loans for commercial property and working capital.  Last week, the FCA launched a discussion paper on broadening its consumer protection regime to include more SMEs.

Yet most of these initiatives are still to fully take effect; and listening to Tuesday's session on the latest issues made it clear there is a long way to go before the financial system allocates the right resources to the invisible majority of the private sector.

A key thread running through most areas of complaint seems to be a lack of transparency - ready access to data. This seems to be both a root cause of a lot of problems as well as the reason so many proposed solutions end up making little impact. But the huge numbers and diversity of SMEs presents the kind of complexity that only data scientists can help us resolve if we are to address the whole iceberg, rather than just the tip. That's surely one job for the newly launched Alan Turing Data Institute, for example, although readers will know of my fear that it seems more aligned with institutions than the poor old sole trader, let alone the consumer. So maybe SMEs need their own 'Chief Data Scientist' to champion their plight?

The latest specific concerns discussed were as follows:

• despite much regulatory activity, few bank reforms have actually taken effect - and many are being watered down - with the result that the banking picture is worse, if anything, than it was in 2008. Recent fines and scandals reveal little change in culture from that described in the report of the Parliamentary Commission on Banking Standards and most recently in the damning report into the failure of HBOS. In addition, banking is more concentrated (despite a few new entrants); less diverse in terms of ownership structure, competition, regional coverage and financial model; and still only about £200bn or 3% of bank assets are focused on SMEs and GDP producing activities. The trouble is we've known this for some time, but aside from the BBB's activity on access to funding, we still seem unclear on what can be done for SMEs at a regional or local level;

• the recent findings and remedies proposed by the Competition and Markets Authority into business current accounts are widely considered to be weak and unlikely to be effective - try searching the word "data" in the report to see how often there was too little available. The report still feels like the tip of an iceberg rather than a complete picture of the market and its problems;

• austerity imperatives seem to be the main driver for off-loading RBS into private shareholder ownership - the bank pleading to be left to its own devices (not what it suddenly announced to the Chancellor in 2008!) - and trying to kill-off any further discussion of using its systems as a platform for a network of smaller regionally-focused banks (as in Germany);

• bank lobbying has become more powerful - and will become even more so with the merger of their various mouthpieces - we need much more transparency on banks' access to government and the revolving door between the City and Whitehall/Westminster - we should have learned long ago that the interests of large banking groups are not aligned with SMEs (or consumers);

• SMEs lack an effective means of resolving disputes with banks, as the Financial Ombudsman Service has limited jurisdiction; banks refuse to release internal reports related to credit decisions and calling in loans; while the FCA is said to be hiding behind its confidentiality obligations; and banks have too much legal fire power for SMEs to take them on in court - hence moves to take matters into their own hands. The FCA has clearly woken up to this, but it's recent discussion paper shows there's a huge gap to close.

• the financial infrastructure for SMEs appears not to be geographically diverse - it doesn't yet mirror the Chancellor's "Northern Powerhouse" policy, for instance - despite calls for bank transparency on the geographical accessibility, a US-style "Community Reinvestment Act" and clear reporting on lending to SMEs by individual banks (rather than the Bank of England's summary reporting). There's a sense that we should see some kind of financial devolution to match political devolution, albeit one that still enables local finance to leverage national resources and economies of scale. Technology should help here, as we are tending to use the internet and mobile apps quite locally, despite their global potential;

• Some believe that SMEs need to take more responsibility for actively managing their finances, including seeking out alternatives and switching; while others believe that financial welfare should be like a utility - somehow pumped to everyone like water or gas, I assume - indeed regional alternative energy companies were touted as possible platforms for expanding access to regional financial services. My own view is that humans are unlikely to become more financially capable, so financial and other services supplied in complex scenarios need to be made simpler and more accessible - we should be relying less on advertising and more on hard data and personalised apps in such instances.

• Meanwhile, SME are said to lack a genuine, high profile champion whose role it is to ensure that the financial system generally is properly supportive of them. This may seem a little unfair to the Business Bank, various trade bodies and government departments, but it's also hard for any one of these bodies to oversee the whole fragmented picture. As I suggested above, however, I wonder whether a 'data champion' could be helpful to the various stakeholder in identifying and resolving problems, rather than a single being expected to act as a small business finance tsar. 

 In other words, we should follow the data, not the money...

Poor Competition In Personal and #SME Banking (and What the CMA Plans To Do About It)

The Competition and Markets Authority has been investigating the state of competition for personal and small business bank customers, and the results are pretty shocking. The full report is here, the summary of findings here and the possible remedies are here.

We have until 20 November to comment on the findings and remedies (email retailbanking@cma.gsi.gov.uk). The CMA's provisional decision on remedies is due in February 2016 and the final report in April 2016.

Most glaring is the fact that 99.9% of all UK businesses are small - over 5 million of them - and the vast majority of them are sole traders. Yet small businesses do not benefit from most of the customer protection and other measures aimed at improving services and increasing competition for personal customers.

You would also think banks would do more to look after small businesses, given they are responsible for at least 5 million self-employed roles, and most new jobs come from that sector. But only 60% of SMEs survive beyond three years and only 40% make it past the five year mark. It's true that no job is for life, anymore, but poor financial services must surely be a factor in such high business death rates.

More has to be done to help this sector thrive. Have your say! 

Labour's Idealistic March Into Oblivion

So, another political 'party' season slips by and the casual observer would think the Tories' policies must be more or less the right. There are no practical alternatives for anyone interested in the decisions actually required to drag the UK back from the abyss into which it's been staring for decades. Fortunately, that seems to be the majority of voters - the electorate finally understands that the UK reached the limit of taxing and spending sometime in the noughties and it's the Government's job to figure out how to do less of both.

Sadly, the Labour Party is giving up on such tough decisions, preferring the cosy bubble of idealism in which the air is a mixture of moral panic and dogma, and the 'answer' must fit on a placard. 

For instance, this week's 'news' that a single grammar school in Kent is expanding is said to threaten the quality of teaching at every school in the country, and Labour's 'solution' is that all children must go to state school. 

Trident costs too much? Unilateral disarmament. 

Steel plants to close through lack of demand for British steel? Nationalise them.

A living wage? Tax credits.

Unhelpful, impracticable, unrealistic, vacuous, dogmatic twaddle.

And since Liberal Democrat voters decided they, too, are sick of their party having to make the hard decisions, we are left with the Tories having to be their own conscience...  and do all the work.  

Let's hope they get it right - and remember, every country has the government it deserves.

The Alan Turing Institute: Human-centric?

A slightly dispiriting day at The Alan Turing Institute 'Financial Summit', yesterday, I'm afraid to say. 

The ATI itself represents a grand vision and stunning organisational achievement - to act as a forum for focusing Britain's data scientists on the great problems of the world. Naturally, this leaves it open to attempts at 'capture' by all the usual vested interests, and its broad remit means that it must reflect the usual struggle between individuals and organisations and between 'facilitators', who exist to solve their customers problems, and 'institutions', who exist to solve their own problems at their customers' expense. 

And of course, it's the institutions that have most of the money - not to mention the data problems - so I can see, too, why the ATI advertises its purpose to institutions as "the convener of a multidisciplinary approach to the development of 'big data' and algorithms". It's true also, that there are global and social issues that transcend the individual and are valid targets for data scientists in combination with other specialists. 

But it was concerning that an apparently neutral event should seem predicated on a supplier-led vision of what is right for humans, rather than actually engineering from the human outward - to enable a world in which you to control what you buy and from whom by reference to the data you generate rather than by approximating you to a model or profile. Similarly, it was troubling to see a heavy emphasis in the research suggestions on how to enable big businesses to better employ the data science community in improving their ability to crunch data on customers for commercial exploitation.  

To be fair, there were warning signs posted for the assembled throng of banks, insurers and investment managers - in the FCA's presentation on its dedication to competition through its Innovation Hub; a presentation on the nature and value of privacy itself; and salutary lessons from a pioneer of loyalty programmes on the 'bear traps' of customer rejection on privacy grounds and consumers' desire for increasing control over the commercial use of our data. The director's slides also featured the work of Danezis and others on privacy-friendly smart metering and a reference to the need to be human-centric.  

But inverting the institutional narrative to a truly human-centric one would transform the supplier's data challenge into one of organising its product data to be found by consumers' machines that are searching open databases for solutions based on actual behaviour - open data spiders, as it were  - rather than sifting through ever larger datasets in search of the 'more predictive' customer profile to determine how it wastes spends its marketing budget.

Personally, I don't find much inspiration in the goal of enabling banks, insurers and other financial institutions to unite the data in their legacy systems to improve the 'predictive' nature of the various models they deploy, whether for wholesale or retail exploitation, and I'm sure delegates faced with such missions are mulling career changes. Indeed, one delegate lightened the mood with a reference to 'Conway's Law' (that interoperability failures in software within a business simply reflects the disjointed structure of the organisation itself). But it was clear that financial institutions would rather leave this as an IT problem than re-align their various silos and business processes to reflect their customers' end-to-end activities. There is also a continuing failure to recognise that most financial services are but a small step in the supply chain, after all. I mean, consider the financial services implications of using distributed ledgers to power the entertainment industry, for example... 

When queried after the event as to whose role it was to provide the 'voice of the customer', the response was that the ATI does not see itself as representing consumers' or citizens' interests in particular. That much is clear. But if it is to be just a neutral 'convenor' then nor should the ATI allow itself to be positioned as representing the suppliers in their use and development of 'big data' tools - certainly not with £42m of taxpayer funding. 

At any rate, in my view, the interests of human beings cannot simply be left to a few of the disciplines that the ATI aims to convene along side the data scientists - such as regulators, lawyers, compliance folk or identity providers. The ATI itself must be human-centric if we are to keep humans at the heart of technology.

Building Societies Abandon The Lending Code

A new version of the Lending Code has been released, simply omitting the name of the Building Societies Association which has ceased sponsoring the farcical idea that UK retail lenders should be allowed to regulate themselves.

Banks and credit card issuers still think it's a good idea though...

Heap's Giant Leap!

Another great discussion about distributed ledgers, this time focused on the music sector, hosted by the Copyright Hub at the Digital Catapult. A quick summary of the discussion along Chatham House lines to protect the innocent.

By now it's clear that people in different sectors are encountering very similar issues that might be solved by distributed ledgers, but each sector tends to have a different set of priorities that might mean one is faster to take advantage of the technology. The fact that the first solutions have been alternative currencies tells you that proponents of distributed ledgers are not shy of a challenge. Now music is to get the same treatment with key events this Friday and Saturday night featuring the release of Imogen Heap's song "Tiny Human" into a distributed ledger for 'hackers' to attempt to spoil the party, followed by a live Saturday night post mortem on what could be improved. No doubt future events will try to perfect the process.

Why music? 

The problems in the music industry (and most other segments of the entertainment market) are pretty well-rehearsed, with just about every stakeholder group (except the consumers, these days) split over whether digital technology is helping all the participants strike the right bargain or robbing them blind. The revenue flows (or lack of them) have been the subject of constant disruption from internet technology, with the advent of P2P file-sharing via Kazaa in 2001 and rewards-based crowdfunding through Artistshare in 2003.

But bigger obstacles to reaching a better settlement for all concerned lie in the notorious lack of data about who really created and/or worked on various tracks and albums; or even about what's really in many 'back catalogues'. Then there's the secrecy surrounding licensing/royalty deals and the snail's pace of royalty collection/distribution - not to mention who sampled what; whether a performance and related video was a private family affair or an attempt to build a public-facing YouTube channel; hacking digital rights management software; and file-sharing. 

A lot of these issues go away if you just focus on creating and dealing with new music in a more efficient way. And few of these issues are exclusive to music itself. They relate to any item whose status changes a lot and where a multitude of different parties are affected but find it hard to get all their systems and processes to talk to one another. 

So this seems another case for getting everyone's machines to share a single view of a marketplace that avoids 'capture' by any single intermediary. In fact, the 'ledger' they all share becomes that intermediary. In that case, all the participants' machines running the same ledger protocol would be able to see and agree who created which music in its myriad iterations and remixes; who has the various types of rights to exploit or consume the various versions; who owes what to whom; and even make payments in the ledger currency.

Will it work? There's only one way to find out - hence Imogen's giant leap on Friday night.

I reckon it'll be all the rage this Christmas ;-)

This Is Not The Time To Let Bank Management Off The Hook

The CEO of UBS yesterday joined other wolves in sheeps clothing big bank leaders in calling for freedom to make 'honest mistakes' (last year it was the crew at HSBC!). 

This is just a confidence trick. After all, the word "mistake" covers many different types of sin and bank culture doesn't seem to distinguish between honest and dishonest ones, as Andrew Hill of the FT has pointed out. He also cites a memo from JP Morgan's CEO as warning against descending into "a culture of back-stabbing and blame" - but from what I understand that's exactly the culture that already prevails, at least amongst rival managing directors. Emails disclosed in numerous scandals reveal that these are dog-eat-dog environments, full of perverse incentives, where everything from taking the credit for other people's efforts to fiddling records to incurring the odd regulatory fine are just speed bumps along the road to fees, profits and this year's bonus.

Ignorance of exactly what is going on at operational level is another aspect of this confidence trick. Recently, the CEO of government-owned RBS told John Snow of Channel 4 News that he "didn't know" whether there were other major scandals waiting to break. I guess it's a tricky question to answer, but it does highlight the conclusion from the Parliamentary Commission on Banking Standards that these banking groups appear to be beyond management control, enabling those at the top tend to avoid culpability. Remember, too, that many of the recent scandals, like currency market rigging, arose well after the start of the financial crisis. So nothing has really changed since the aptly nick-named 'noughties' (lest we forget Bobby "Dazzler" Diamond's immortal words in 2011!).

And to suggest that regulation might mean big banking groups will tend to take less risk in doing things that customers care about, like lending to small businesses or paying higher returns on savings, is poppycock. They aren't bothering to do this anyway. They just want the freedom to make more money for management, and possibly shareholders. They are simply not customer-led businesses.

For all these reasons, the bank CEOs should continue to be roundly ignored.

Guest Post at Open Identity Exchange - A Pragmatic Approach To Distributed Ledgers

The post appears here.

Thanks to OIX for the opportunity to support the initiative.

How To Pay A Spanish Speeding Fine From The UK

There seem to be a lot of grumpy tourists surfing the web after their holidays in search of a method to pay their fines. Strangely, the Spanish don't make it easy! I finally cracked it and share the steps below, some of which were the result of a call to the Spanish authorities on the number given on the fine notice, but the links came from surfing the net. Please take care when using the links/urls to ensure you are on the official pages! 

Click here: https://sedeapl.dgt.gob.es:7443/WEB_Sanciones/jsp/sincertificado/identificacionPagador.jsf [note this is reached via https://sede.dgt.gob.es/es/tramites-y-multas/alguna-multa-en/pago-de-multas/ , which in turn is reached by clicking the union jack “Is there a fine?” link at http://www.dgt.es/es/].

When the online form comes up, complete as follows:

Under "Document type", click the drop-down menu and click “passport”

Under "Document number", type 000000 - six zeros

“Date of the Report” means the date at the top of the fine notice in the box marked “Fecha Denuncia”

“Record Number” means the number in the top right of the fine notice in the box marked “N. Expediente” – with all dashes and dots removed

For the amount, you must put the total amount of the fine, not the discount for early repayment - the site will then calculate any discount and display it in the next screen, which will also give you the opportunity to pay by debit/credit card.

Drive safely ;-)

What (The Hell) Is A Smart Contract?

Another good meeting of the BitcoinBlockchain Leadership Forum today, with the focus on practical use-cases for distributed ledgers and grasping at the nebulous concept of 'smart contracts' (links are to my own recent posts on these topics). 

In particular, we saw good, productive tension between Bitcoin blockchain purists who are intent on coding pretty much every element of a transaction into the blockchain; and those who see distributed ledgers as (also) playing a more limited role as just one layer or component in a broader array of gadgetry involved in any contractual scenario.

In my view, both approaches are valid but which 'wins' will depend on the use-case. And the development of the Internet demonstrates the technology will be used in ways no one intended anyway.

So, for my money, the definition of a 'smart contract' needs to be very broad, and I've suggested:

"an agreement performed via any number of applications, devices, networks and messages, which may involve entries in a distributed ledger."

This definition flows partly from a great discussion I had with Alex Amsel of Bitshake recently. I made the point that distributed ledgers seem most useful where a specific item is somehow dealt with or used very frequently and by many people or entities. Alex added a third condition: the participants are running different proprietary software, operating systems and/or devices - in other words they have an expensive interoperability challenge.

So a 'smart contract' might just be written in Word format, or html, and not embedded in a distributed ledger at all. But the subject matter of the contract - the rights to play a song, or rent a shipping container or space on a truck - might be 'hashed' into the ledger, and users' machines could interact using that hash, triggering instructions to pay the contractual amount to a certain account. Multi-factor authentication as one step in the contractual process (e.g. identify checks for anti-money laundering) is another example.

At the forum, there was mention of locating, booking and paying for a car space as another example. This was dismissed by lots of people who said you can already do this without a distributed ledger - the parking space is already entered in the systems of the council's chosen payment service provider. But that means I need to know which municipality I'm in to find the right payment app, download it and register a payment method before paying (I changed cars recently, so I have to re-do all that). And that inaccessibility is partly a function of having to cover the cost of expensive proprietary systems. But if parking spaces were 'hashed' in an openly accessible public ledger, couldn't our smartphones find and pay for them using that code and our own chosen payment method?

Anyhow, the point is not that we necessarily need distributed ledgers to pay for parking or any other specific use-case, but that once people begin using distributed ledgers more widely, tons of other apparently trivial uses become feasible and worthwhile. Conversely, a comparatively trivial but widely shared use-case might unleash more widespread adoption, as happened with text messaging (I'm not suggesting that parking will do it, by the way).

Of course, Bitcoin users will be screaming at their screens by now, if they've got this far. They'll be shouting that Bitcoin has already unleashed distributed ledgers. 

They're probably right.

1001 Use Cases For Distributed Ledger Technology...

Virtual currencies are so last year. This year is about all the other uses for the underlying technology - the blockchain and other distributed ledgers.  

The number of use-cases is starting to snowball with every discussion about scenarios in which a certain item is dealt with many times by many parties. That's because it will be more efficient and cost-effective for the item to be represented by a 'hash' in the ledger, and each transaction related to that item to be 'hashed' so they are available to any computer running the same language/protocol, rather than dealing with that using 'old' technology. Even though the ledger is openly accessible to everyone's machine, confidentiality can be guaranteed using encryption, so that only those computers with the right private key could unlock the hash and see the details.

Here are a few of the ideas, some of which are definitely being kicked around and most of which involve smart contracts, e.g.:

• car rental;

• identification tools - multi-factor authentication - e.g. checking validity of a drivers licence (hat tip to Alex Batlin)

• issuing/trading shares, bonds and other financial instruments;

• freight, transport, logistics - e.g. booking space in shipping containers, long-haul trucks and aircraft, and keeping track of the delivery items themselves;

• tracking, controlling autonomous vehicles/devices;

• switching to the best tariff minute to minute for services related to cars, homes, devices like insurance, gas, electricity, phone contracts;

• renting hotel rooms, accommodation;

• tracking and paying royalties for music, films etc;

• something I'm working on that it's not my place to disclose;

and on, and on.

In other words, distributed ledgers as a platform will have the same horizontal impact as the Internet,  mobile networks and the smartphone. The ledgers won't necessarily replace any of that, but will be an important layer, enabling all sorts of applications and devices to 'run' off the recorded transactions and related events.

Worth giving is some thought - just keep a good old fashioned pen and paper handy to jot down the flow of ideas ;-)

#LOBOs The Wolves That Stalk The High Streets

'Lobo' is Spanish for 'wolf'

Last night Dispatches updated us on the LOBO crisis that's savaging the UK's local government budgets. 

Not only have councils lost the estimated £500 million in instant profits pocketed by the banks who lured them off long term, low rate loans to 'more flexible' terms; but they're also left with higher interest bills that have resulted in more spending cuts or higher borrowing.

Everyone still involved seems to deny there's a problem, of course, but the data speaks volumes and some of the poachers-turned-gamekeeper have been willing to spill the beans. 

It's worth noting that the banks paid commissions to 'brokers' who brought in the business. Whether those commissions were or should have been disclosed is one issue; and whether the brokers also paid a cut to others is another. You'd think that Clive Betts MP (Lab), Chair of the Commons' Select Committee on Communities and Local Government, might include those items on his agenda - assuming he can get past the sad fact that allowing local governments to deal with the banking wolves in the first place was a Labour initiative.

It's also important to note that all of this only came to light through the tenacity of researchers armed with Freedom of Information requests, the results of which were handed to Dispatches. While hunting down any miscreants is an important step, requiring greater transparency on the sources and terms of local government borrowing in future might also help avoid another mauling. 

Video Did Not Kill The Radio Star

So many highlights from the past few days at the SCL's Technology Law Futures Conference on 'Keeping Humans at the Heart of Technology', available online soon, but a favourite quote is that "video did not kill the radio star" (with apologies to the Buggles). 

A more fulsome report will no doubt be available shortly. In the meantime, we should all be thinking about the responsible development of 'artificial narrow intelligence' in the context of social care, driver-less cars and other autonomous vehicles (not to mention surveillance and warfare, to the extent we can influence that!). 

If we can insist on adequate transparency and appropriate rules governing risk and liability in the context of these types of projects, then maybe we'll be in good shape to deal with 'artificial general intelligence' when that comes, as well as the potential for artificial superintelligence beyond... [drum roll]... The Singularity.  

Or we could simply fade away as the machines take over.

It's up to us.

For now.

Banks Make A Mockery Of Their Self-regulatory #LendingCode

Readers may still be surprised to hear that Britain's retail banks remain self-regulated when it comes to their lending activities.

That means it's the job of their own Lending Standards Board to check that subscribers are complying with the self-regulatory Lending Code, not the Financial Conduct Authority (although there is a 'memorandum of understanding' between the two bodies written on the back of an envelope somewhere).

Of course, the Lending Standards Board tends to give its own members a clean bill of health...

Which is puzzling, because the LSB has just made the rather unfortunate discovery after reviewing complaints procedures that there is "mixed evidence to indicate that issues, once identified, [are] being reviewed specifically against the requirements of the Code."

In other words, the banks are blowing raspberries at the Code.

So, um, how could the LSB have given the banks a clean bill of health before now?

Does the FCA care? Or, in regulatory speak, "Quis custodiet ipsos custodes?"

It's been a farce from the very beginning.

2015: The Year Our Political Class Went Rogue

April passed in stunned silence on this blog because I was waiting patiently for the UK General Election to get real.

Instead, our political classes went rogue.

Today, all the way from Greece to Scotland, there are no politicians who believe it is their job to ensure that society lives within its own means.

James Palumbo hit the nail on the head in his article for the Evening Standard this week. "In place of facing hard truths, our leaders offer unaffordable and undeliverable promises." The Institute of Fiscal Studies promptly confirmed it.

You might think our politicians went rogue years ago, and some of them did. But I think the last coalition was formed by people in such a deep state of shock at how badly the New Labour machine had transformed Britain's economic plight that they were genuinely committed to ensuring the country did not go broke. 

Since then, the endless process of distraction, deception and spin has meant that even the dreaded Tory machine has realised it can 'extend and pretend' just like the Greeks. 

These days nothing in politics is real. The same effluent is cycled from the pollsters to the media to the party machines, out the mouths of candidates and canvassers and into the eyes and ears of the deceived, who feed the same crap back into the polls. Every 'issue' - from health, social welfare and education to immigration, foreign aid, devolution and higher taxes for 'non-doms', 'mansions' and foreign corporations - is debated on the utterly false assumption that the country can finance whatever policy is touted.

If you thought Gordon Brown has had a rough ride, just imagine what will happen to the Prime Minister in charge when the truth really dawns.