Executive Summary

Blockchain has the potential to revolutionise how companies compete and stakeholders collaborate in the world of supply chains. As the technology is nascent, the World Economic Forum has published this toolkit to provide guidance for development and deployment of new blockchain solutions.

This summary provides the highlights of the toolkit but also serves as a brief to executives to familiarise them with deployment success factors and barriers. Additional detail is available in the toolkit modules, which provide deep dives into each topic.

Blockchain is a tool in the tech stack

Any implementation of blockchain technology should be approached just as any other new solution an organisation wishes to integrate into its overall operation. Blockchain is one piece of the information technology (IT) puzzle that, if deployed correctly, complements the other solutions used every day to carry out routine and mission-critical tasks.

Below are nine key requirements that organisations typically need to address for any new enterprise solution. The items on this list are grounded in IT best practices and project management principles that are likely already familiar to the reader. The toolkit helps your organisation think through and meet these typical enterprise requirements in the context of blockchain technology.

Essential requirements typical for enterprise technology solutions
Figure 1 – Essential requirements typical for enterprise technology solutions

For your organisation to ensure successful implementation of blockchain solutions, consider the following:

  • Defined Business Outcomes: Like any other technology, blockchain is as much about careful attention to the economics and business models as it is about technology evangelism. Blockchain technology should not be a goal but a tool deployed to achieve specific purposes.

    Recommended reading from World Economic Forum publications on evaluating the business value of blockchain technology:[25]

    Value brought by blockchain technology can best be understood through specific use cases. In general, the power of blockchain lies in its ability to enable peer-to-peer interactions and cross-enterprise automation – supported by smart contracts – typically as part of a broader solution. It offers the opportunity for greater trust and increased efficiency in supply chains.

    An introduction white paper[26] in this series outlines some of the most popular use cases in the supply-chain context to date.

    Today the typical operating model of most of the largest internet companies are platform-based. These centralised digital platforms can trend towards a “winner-takes-all” model that grows through quasi-monopolistic participant capture. Blockchain technology provides the tools for an alternative business model wherein the data and trust layer are collaboratively owned and managed by its participants. This provides an opportunity for incumbents to compete against the centrally driven platforms becoming the new market leader in their industry; to retain control of information collection and usage, the interface and trustbuilding.

  • Operational Integrity: Blockchain solutions should provide solid integrity in data, security, authenticity, and other important pillars of operational integrity. Given the increased focus on privacy and data compliance in the general public and with governments, these needs are greater than ever within supply-chain organisations.

    Interested? Learn more:
    Data Integrity
    Security
    Personal Data Handling
    Data Protection
    Structure: Public / Private
    Financial Reporting and Controls
    Digital Identity

    There is much misunderstanding about data integrity as it relates to blockchain. Simply by its nature, blockchain technology does not necessarily ensure accuracy of data entered on-chain. However, it does specifically protect against manipulation of data, which is immutable once it goes on the shared ledger. Achieving data integrity within blockchain applications is broadly composed of three requirements covered in the toolkit: data origin integrity, oracle integrity, and digital twin integrity. Blockchain helps to establish a higher level of traceability and auditability to data as any data entered inaccurately prior to consensus can be traced back to its origin.

  • Regulatory Compliance: Compliance requirements can dissuade the deployment of blockchain in supply chains if not properly understood. This is in part because of the cost of non-compliance, but also because regulations are seldom made with distributed data exchange or selfexecuting contracts in mind.

    Interested? Learn more:
    Legal and Regulatory Compliance
    Risk Factors
    Personal Data Handling
    Data Protection
    Tax Implications
    Financial Reporting and Controls

    Key legal and regulatory risks include uncertainty around crossjurisdictional regulations, antitrust violations, smart contract legal enforceability, Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements, and intellectual property (IP) protection. Personal data protection should also be considered within the blockchain design, including emerging rules like the European Union’s (EU) General Data Protection Regulation (GDPR) and the recent California Consumer Privacy Act (CCPA). Blockchain platforms also create multiple tax implications, from the potentially transformative impact on tax processing systems to the rise of new tax complexities.

    It is also important to work with external auditors, along with relevant stakeholders, to determine what aspects of financial reporting may be impacted by blockchain deployment. These may include risks related to material misstatement, management’s assertions, and internal controls, to cite just a few examples.

  • Interoperability: The peer-to-peer interactions around shared distributed ledgers with blockchain technology make a transformation from a siloed and fragmented approach to end-to-end value chain integration more attainable. But this also means that integration with existing and future processes and systems is imperative – especially as there are more than 100 blockchain platforms in 2020.

    Interested? Learn more:
    Interoperability
    Digital Identity

    Interoperability is the ability for computer systems to exchange and make use of information in a collaborative way. But this otherwise straightforward concept can become complex in the context of blockchain due to its distributed nature.

    In a blockchain ecosystem, successful interoperability guarantees that the user can trust that “I know what I see is what you see” within a single platform as well as across platforms. The toolkit provides tools for dissecting the challenge of interoperability and for choosing the best workable interoperability approach. Being mindful of such compatibility issues will help future-proof the blockchain part of the system at the technical, business, governance and process levels.

  • Security: As any new software, blockchain-based solutions must include adequate safeguards against potential cybersecurity nightmare scenarios, like costly enterprise hacks, ransomware, and stolen user data.

    Interested? Learn more:
    Cybersecurity
    Risk Factors
    Structure: Public / Private
    Data Protection
    Personal Data Handling

    One of the main differentiators of blockchain is its decentralisation, which has profound impacts in security governance. While there is no security silver bullet in the world of cyber, ensuring a high degree of data segregation, control requirements, privacy, and clear custody of data is achievable. While various types of blockchains have varying degrees of fault-tolerance, most are considered better alternatives than traditional databases from an integrity perspective. Blockchain is no exception to the general rule of cybersecurity that sound risk management requires that security measures be baked in from the start. There are some fundamental security concepts that have emerged in the blockchain space, as well as a clear sense of what the risks are. The toolkit offers a risk management framework and a 10-step secure deployment plan that should be useful in a wide range of supply-chain projects.

  • Scalability: Any new blockchain solution should be able to grow along with the enterprise. Also, as blockchain technology is developing rapidly, organisations should prepare for change over time. It is important to prepare for change and future-proof your solution.

    Interested? Learn more:
    Interoperability
    Digital Identity
    Introduction

    Given that current platforms could become obsolete someday, it is prudent to consider decoupling current decentralised applications from their underlying blockchain protocols as much as possible. This can help any future migration to a new platform with limited pain and rework. Whatever blockchain technology that you are using today, plan for upgrading or replacing it within 3–5 years.[27]. But that does not mean your organisation shouldn’t participate at this early stage. If the blockchain solutions are relevant to your business, you should start preparing nontechnical and technical foundation progressively for the eventual mainstream operations. This is like RFID in its early days; before blockchain can reach its potential, business processes and standards need to be defined.

  • Formal Governance and Industry Collaboration: With the advent of the digital age, companies and institutions have started to organise their activities and business architectures in the form of ecosystems. Good governance is key. Creating the framework for entities to effectively work together is just as important as building the related technology solution.

    Interested? Learn more:
    Ecosystem
    Consortium Formation
    Consortium Governance

    Organisations are starting to understand the disruptive potential of blockchain to solve pain points and provide increased efficiency, automation and transparency across supply chains. CEOs are also starting to recognise that industry-wide collaboration around blockchain is necessary so that proof-of-concept, standards and solutions can be adopted at industry-scale. In fact, a lack of collaboration can undermine or even block the transformation that blockchain technology has the
    potential to bring about in a given ecosystem (blockchain is the ultimate networked technology). Joint ventures or blockchain consortia have been popular approaches in the industry to-date. While the rewards from collaboration can be high, agreeing on what constitutes a fair and welldesigned governance system, let alone a joint blockchain platform, can be difficult. This is where many industry collaboration efforts have fallen apart. The toolkit provides guidance to help new consortia reach consensus on what constitutes fair, compliant and robust governance.

  • Known and trusted participants: For most supply-chain solutions, there needs to be a way to identify who or what entity was responsible for any specific part of a blockchain transaction. For this reason, trust-worthy verification of digital identity is needed, and it is important that there are clear rules and procedures for adding new participants to the network.

    Interested? Learn more:
    Digital Identity

    A trusted digital identity is critical on a blockchain network as there is no face-to-face interaction during a transaction, and autonomous software agents and “things” might transact on behalf of legal entities in the future. A digital identity system in a blockchain deployment for supply-chain should be able to support digital identities for the various actors involved. The toolkit includes considerations and questions to guide the design and implementation of a responsible digital identity system.

  • Information Sharing Agreement: Parties should have agreed on data rights and intellectual property (IP) ownership before conducting transactions on a blockchain network.

    Interested? Learn more:
    Data Protection
    Personal Data Handling
    Legal and Regulatory Compliance
    Consortium Governance

    Realising blockchain in supply-chain use cases and taking advantage of the distributed nature of the technology, requires sharing of data that is usually generated in-house within individual member companies in a broader ecosystem. Thus, there is a risk of data being shared or used inappropriately by third parties. Data sharing also needs to comply with data protection legislation. European Union’s General Data Protection Resolution (GDPR) is also at the forefront of a new wave of data protection legislation globally which places strict obligations on organisations handling personal data or personally identifiable information, such as the recent California Consumer Privacy Act (CCPA).

    Blockchain technology never requires an organisation to reveal more data than it is comfortable with. On-chain data can also be encrypted so that it is only usable by permissioned parties. Thus, in the course of selecting and deploying a blockchain solution, a supply-chain organisation has real flexibility to ensure it addresses both their data protection and privacy concerns and obligations and those of other supply-chain partners.

Final comments

The essence of blockchain is to offer a new way of collaboration through decentralisation. At the same time, it is important to keep in mind that decentralisation is not an all-or-nothing objective but a balanced one that can require trade-offs for practical reasons. Thus, a system may require both centralised and decentralised elements. Historically, the supply-chain industry’s IT solutions have been a patchwork of centralised modules, some of which may have compatibility issues or create other challenges for organisations. The emergence of blockchain technology offers the opportunity to alleviate some of these headaches.

A hyper-focus on efficiency gains and a culture where players create barriers to others, can reinforce existing mistrust or competition and undermine or even block the transformation that blockchain technology has the potential to bring about for the supply-chain ecosystem. Strong players may push blockchain-based solutions to resolve pending industry issues. The industry is still in the infrastructure-building phase of the technology, in which it can be largely cost-prohibitive for small players to innovate or to build comprehensive solutions. Even though there are more open-source components to blockchain (than is the case for many other technologies), which could lead to a faster diffusion and adoption cycle, smaller incumbents may not have access to resources required to unlock the value of blockchain technology. For these reasons, the toolkit can be a valuable resource that level the playing field for small and medium-sized enterprises. It was designed to help organisations undertaking new blockchain projects to consider potential unintended consequences and to encourage integrity, interoperability and inclusivity.

This toolkit is designed to help organisations with the hard work that comes in blockchain implementation. The 14 modules are meant to be used on an as needed basis, in whatever sequence is best suited to an organisation’s practice. Your organisation can use the modules to support more responsible blockchain deployments, de-risk early adoption, and ensure careful consideration of unintended consequences.

As the Forum prepared this toolkit, an unparalleled community of leaders shared their expertise to benefit everybody. By bringing together competitors, this toolkit cuts through marketing hype and helps those new and overwhelmed by the proliferation of blockchain-based solutions.

This toolkit builds on a series of earlier white papers on Inclusive Deployment of Blockchain for Supply Chains.[17] If of interest as supplementary reading, it covers the following topics:

  1. Introduction[18]
  2. Trustworthy verification of digital identities[19]
  3. Public or Private Blockchains – Which One Is Right for You?[20]
  4. Protecting Your Data[21]
  5. A Framework for Blockchain Cybersecurity[22]
  6. Case studies and learnings from the United Arab Emirates[23]
  7. A Framework for Blockchain Interoperability[24]