In light of the material differences between DLT and normal project management that have been observed and, with the current maturity level of understanding these differences, the International Securities Services Association (ISSA) has compiled a Best Practice Report to help its members navigate the specific complexities of DLT projects.
ISSA’s dedicated working group (WG) for DLT conducted a review of projects executed by its members and identified a number of common themes across firm and project type, containing both positive learnings and, equally importantly, challenges which need to be carefully managed. The paper summarizes these findings.
DLT projects — despite sharing similar themes with traditional projects, such as project execution — need to be handled differently from a planning and preparation perspective, since the success is likely dependent on multiple stakeholders coming together in an ecosystem. The research focused on the following themes, which are expanded upon in the body of the report:
Business Case – a DLT project should have a clear business case, with sufficient scope and participation to demonstrate that it can provide benefits and deliver a scalable solution, with the efficiency, privacy, control and connectivity demanded by multiple parties. If the initial group of participants is too small, this can be difficult to prove, since working at scale often results in a different set of challenges
Client – DLT has different capabilities than existing technology. A joint understanding of the opportunity between a provider and its clients allows a more successful transformation of the service. Due to the novelty of the solution set, clear communication, escalation and allowing sufficient time for client education are critically important. Upfront involvement of the client’s control functions will allow for a higher chance of project success.
Design – good design is a key prerequisite for any project but particularly for those involving DLT and interfacing with legacy technology. Understanding the controls, privacy and deployment options is not a necessity for just the project team but also its control stakeholders and its clients. The temptation is to start building, but the WG would caution that a good design and deployment plan that addresses the business case, allows for agile adjustments whilst delivering control and privacy, and engages the stakeholders is essential.
Deployment – deployment methodologies can make or break a project — there is widespread consensus on the importance of incremental builds and phased implementation in order to demonstrate progress and deliver early benefits. The WG believes that true agile methodology is best used for DLT projects. This should be used in conjunction with teams who are managing the legacy systems and who are involved in the delivery. If possible, the solution should be built adjacent to legacy systems and run in parallel in order to eliminate the need for a hard cutover. Non-functional requirements are a key requirement for any system supporting financial markets, so should be designed into the solution and robustly tested.
Knowledge Management – DLT implementations are a team sport. The whole firm — business, technology, control and enabling functions — must all be educated to ensure its success. Even if the whole firm is educated, the ecosystem partners (such as clients, regulators, service providers) also need to be brought up to the same level of knowledge, since the ecosystem is key to the success of the DLT implementation. Education around DLT includes explaining the variety and capabilities of DLT, smart contracts and data lineage. New technology may require the application of new training techniques and methodologies.
Governance of DLT projects must be first-class. DLT projects are under the microscope as the regulatory spotlight is focused on DLT, there have been some infamous high profile project failures, and senior managers know enough to be worried but not enough to be assured about the technology. Good governance, including clarity of problems as they arise and the mitigation, with a clear scope to help ensure that sponsorship is assured and projects can deliver.
Network – the choice of network is increasingly important to deliver the promise of connected interoperable applications suitable for regulated financial markets. It must be able to support the attributes critical to these markets — namely, control and connectivity — without sacrificing the privacy, transparency or sovereignty that are rightly demanded by application owners, clients or regulators . Furthermore, the choice of network should factor in the ability to address NFRs, extend an initial solution to other use cases, or to applications which deliver greater value and operate at scale. These decisions may need to adapt over time.
Regulation is both necessary — and for ISSA members — an imperative to comply with. As with OTC derivative regulation before the 2008 crisis, there is no universal regulatory stance on DLT. Now, as then, there are new assets and new ways of transferring value, and it takes time for the synthesis of operations, technology and regulation to occur. The competing regulatory views can be extreme — crypto is bad, crypto should replace my currency, etc.— and the needs of different industry participants — disruptors or established firms — gives rise to a wide array of regulatory outcomes. The goal of the regulators is to ensure that no harm comes to the clients, markets or wider economy through a poor regulatory framework. Therefore, it is up to the market participants to work with, and explain to, the regulators about the technology, the projects it facilitates, and what controls exist in order to ensure no harm occurs. It is the WG’s belief that early regulatory dialogue is helpful to the success of both individual projects as well as the wider ecosystem.
Vendors – Build / Buy – unsurprisingly, the option between build / buy from a vendor perspective remains limited as most, if not all, of the projects identified had been built for specific outcomes. The challenge remains the wide variety of networks, technology options and vendors in this still maturing technology. One of the identified pitfalls — given the maturity level of the technology — is the likelihood of changes that may need to be made. A classic Request for Proposal (RFP) which does not allow for agile changes can cause additional problems for DLT projects. In the view of the WG during 2024, more DLT projects in the industry have lived up to its headline: “We are getting better at planning and realizing returns from our DLT Projects”. The WG hopes that this short paper will help to provide further guidance to assist the industry in moving from ‘better’ to ‘excellent’.