As the decade comes to a close, new technologies are having a major impact on how insurance industry participants conduct their operations – especially how they collect, process, analyze, store and disseminate vast amounts of data – as well as how they interact with those with whom they do business. In recent years, blockchain technology has gained increased visibility as a type of innovative technology with the potential to transform the insurance industry. Although insurance industry participants have generally been eager to learn about the capabilities of blockchain technology, relatively few have begun the process of identifying ways to incorporate such technology into their business, preferring a more cautious "wait and see" approach instead. Similarly, insurance regulatory authorities, while generally curious about the nature of blockchain technology, have only started taking steps to ensure that the regulatory framework can keep pace with the potential changes accompanying this technology.

Yet change is on the horizon. In 2018, the Vermont legislature mandated the Vermont Department of Financial Regulation (the "Vermont DFR") to review the potential application of blockchain technology to the provision of insurance and banking and to make recommendations for potential adoption of blockchain technology and any necessary regulatory changes. In January 2019, the Vermont DFR submitted its report and recommendations to the legislature: Blockchain: Implications for the Banking and Insurance Industries, Michael S. Pieciak, Commissioner Vermont Department of Financial Regulation, January 15, 2019. In addition, the Vermont DFR announced a pilot program to explore the use of blockchain technology in digital recordkeeping practices for captive insurers domiciled in Vermont.

This article sets out a brief overview of blockchain and related technologies, potential obstacles for the use of blockchain, potential applications of such technology in the insurance industry and Vermont's novel approach to assessing the impact on the regulatory framework.

The basics of blockchain

Blockchain is a type of distributed ledger technology ("DLT") and is a system of maintaining records utilizing advanced encryption methods over a decentralized network of computers. Generally, equal access rights are provided to all participants although certain data can only be accessed if a user has the proper encryption keys. Blockchain organizes data into "blocks" of data. Each block of data may contain information about a transaction and the parties involved in such transaction, although personally identifiable information is encrypted through a digital signature called a "public key". A user can only unlock the personally identifiable information in the block if the user also has the corresponding private key which the user can store offline or in a digital wallet. Once a block is created, it then needs to be connected to the blockchain network. This is done through attaching the block to another block that is already part of the network "chain". In order for a block to be added to the chain, the content of the data in the block must be verified by the network of computers on the blockchain through a complex algorithmic process. Once the information in the block is verified as accurate, the block is added to the chain and given a unique "hash" to identify the block from other blocks.

This chain of blocks, or the blockchain, is stored on all computers in that particular blockchain's network. This collection of information, therefore, is decentralized as the data is not just stored in one location or by one user; the data verification process is also done on a collective basis. Once a block is added to the blockchain, the block and the data on such block is technically permanent and cannot be changed because it has its own unique hash identifier and encryption keys. Many forms of blockchains are public, permissionless systems which allow any individual to participate, contribute data to the system, and to receive identical copies of the records maintained on the system. While some blockchains impose, as a qualification for becoming a participant in the system, possession of a specified threshold level of computing power established by "proof of work" in solving a complex mathematical puzzle, many blockchains do not include any requirements for participation (beyond the minimum amount of computing power required to support the actual requirements of the system). A widely publicized example of a public blockchain is the DLT underlying the Bitcoin cryptocurrency. Because this type of public blockchain is essentially a public database operated by anonymous, unauthenticated individuals (as opposed to a centralized database operated by known, trusted individuals), the participants in such a system must agree on protocols for determining how data may be published to or edited on the blockchain system. In addition to public blockchains, there is a growing number of private blockchains which require participants to have been granted prior permission in order to gain access to the specific distributed ledger system. The closed, restricted access nature of private blockchains may make them potentially a better fit for a highly regulated industry such as insurance.

Because blockchains are decentralized in nature, they rely on consensus in order to operate. Indeed, a primary purpose of a blockchain is to allow for potentially adverse parties to collaborate on transactions without relying on other actors to process or otherwise manage the transaction. Proponents of blockchain assert that the technology creates the potential to eliminate certain "intermediary" parties to transactions, such as insurance brokers, and thereby achieve increased efficiencies and reduced costs. Additionally, as blockchains create permanent ledgers to which information can only be added but not deleted, the use of blockchains would create a complete audit trail, which would potentially reduce the risk of fraud.

An additional technological development facilitated by the use of blockchain technology has been the creation of "smart contracts." A smart contract is a programmable, code-based contract, which is stored in the blockchain system itself and which automatically executes upon the occurrence of specified conditions that have been previously agreed upon by the parties – for example, upon the payment of the consideration for a transaction. Use of smart contracts, particularly in conjunction with distributed ledger technology, would theoretically reduce the need for intermediaries, lower costs and increase transparency. It should be pointed out, however, that most of these smart contracts rely on an impartial, arm's-length third party (the so-called "oracle") to verify the occurrence of contractual conditions. At this early stage, smart contracts are best suited for simple, straightforward, standardized transactions with clear, unambiguous parameters that can be readily verifiable, rather than for complex, customized transactions that are inherently ambiguous because a number of variables may be involved.

Potential stumbling blocks for blockchain

Blockchain will need to successfully address some fundamental challenges if its potential for increased accuracy, efficiency, security and privacy is to be realized in the insurance industry. While there is always room for improvement, currently insurance transactions are generally conducted efficiently, securely and privately by established institutions which operate in a well-structured, professional manner within a clearly defined regulatory framework. Blockchain's overarching challenge is to demonstrate that it is potentially a significantly better alternative in terms of cost savings, improvement in customer experience and prudential regulation of insurance companies for the protection of policyholders. Among the specific challenges that blockchain faces are technological constraints and regulatory uncertainty.

From a technological perspective, two key issues limit the growth of blockchain technology. First, in their current stage of development, blockchains are limited in their ability to grow. For many public blockchains, each party or "node" must process every single transaction (to affirm compliance with the protocols in place) and then maintain a copy of the entire revised ledger of records. As a consequence, a blockchain is constrained in the number of transactions it can process in a set period of time. Presently, for example, blockchains have a fraction of the transactionprocessing capacity of established centralized transactions and data processing entities such as VISA. Second, the amount of storage space and computing power required for blockchain technologies to operate in a timely manner is quite high and results in massive energy consumption issues, which is neither cost-effective nor environmentally friendly from both enterprise and community perspectives. In this regard, the growth of blockchain technology may benefit from the ability of such systems to interact with one another. While hundreds of blockchain systems currently exist, each operates independently from the others. The ability to share information between blockchain systems as well as within such systems may allow participants to derive greater value from their use of such systems. Blockchain technology is still in the early stage and advances are currently being developed to improve the number of transactions that can be processed per second and interconnectivity of different blockchains.

To view the full article click here

Visit us at

Mayer Brown is a global legal services provider comprising legal practices that are separate entities (the "Mayer Brown Practices"). The Mayer Brown Practices are: Mayer Brown LLP and Mayer Brown Europe – Brussels LLP, both limited liability partnerships established in Illinois USA; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales (authorized and regulated by the Solicitors Regulation Authority and registered in England and Wales number OC 303359); Mayer Brown, a SELAS established in France; Mayer Brown JSM, a Hong Kong partnership and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.

© Copyright 2019. The Mayer Brown Practices. All rights reserved.

This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.