(Editor's note: Originally published at http://www.onthecommons.org/magazine/elinor-ostroms-8-principles-managing-commmons by Jay Walljasper in 2011)
Elinor Ostrom shared the Nobel Prize in Economics in 2009 for her lifetime of scholarly work investigating how communities succeed or fail at managing common pool (finite) resources such as grazing land, forests and irrigation waters. On the Commons is co-sponsor of a Commons Festival at Augsburg College in Minneapolis October 7-8 where she will speak. (See accompanying sidebar for details.)
Ostrom, a political scientist at Indiana University, received the Nobel Prize for her research proving the importance of the commons around the world. Her work investigating how communities co-operate to share resources drives to the heart of debates today about resource use, the public sphere and the future of the planet. She is the first woman to be awarded the Nobel in Economics.
Ostrom’s achievement effectively answers popular theories about the "Tragedy of the Commons", which has been interpreted to mean that private property is the only means of protecting finite resources from ruin or depletion. She has documented in many places around the world how communities devise ways to govern the commons to assure its survival for their needs and future generations.
A classic example of this was her field research in a Swiss village where farmers tend private plots for crops but share a communal meadow to graze their cows. While this would appear a perfect model to prove the tragedy-of-the-commons theory, Ostrom discovered that in reality there were no problems with overgrazing. That is because of a common agreement among villagers that one is allowed to graze more cows on the meadow than they can care for over the winter—a rule that dates back to 1517. Ostrom has documented similar effective examples of "governing the commons" in her research in Kenya, Guatemala, Nepal, Turkey, and Los Angeles.
Based on her extensive work, Ostrom offers 8 principles for how commons can be governed sustainably and equitably in a community.
1. Define clear group boundaries.
2. Match rules governing use of common goods to local needs and conditions.
3. Ensure that those affected by the rules can participate in modifying the rules.
4. Make sure the rule-making rights of community members are respected by outside authorities.
5. Develop a system, carried out by community members, for monitoring members’ behavior.
6. Use graduated sanctions for rule violators.
7. Provide accessible, low-cost means for dispute resolution.
8. Build responsibility for governing the common resource in nested tiers from the lowest level up to the entire interconnected system.
Richard Gendal Brown of IBM comments on the blockchain, asking what's the fuss:
Cost? Trust? Something else? What's the killer-app for Block Chain Technology?
Could decentralized ledgers change the face of accounting?
When I speak to people about decentralised ledgers, some of them are interested in the "distributed trust" aspects of the technology. But, more often, they bring up the question of cost.
This confused me at first. Think back to where this all started: with Bitcoin. Bitcoin is deliberately less efficient than a centralized ledger! Its design adds really difficult engineering constraints to what we already had. How could this technology possibly be cheaper than what we already have?
He then goes on to use some actual accounting to show that, amongst other things, cost isn't really what the discussion is about. By logic, he gets to a really interesting space, one that our readers will know well:
Sure - everybody still has a copy of the data locally... but the consensus system ensures that we know the local copy is the same as the copy everywhere else because it is the shared consensus system that is maintaining the ledger. And so we know we're producing our financial statements using the same facts as all the other participants in the industry.
Does this mean we no longer need audit? No longer need reconciliations? Obviously not, but perhaps this approach is what is driving some of the interest in this space?
Right. To which I added, for the record:
To me, the magic in this space is what we sometimes flippantly call triple entry, which innovation is highlighted by the blockchain's success in mounting an independent currency over a shared ledger.
We all know how insubstantial internal ledger entries are, and how we can really only lean on them to the extent that we trust our internal processes (e.g. slightly germane is the events of 2007-08 leading to a popular view that accounting and audit have failed us).
On the other hand, we also see how solid the payment systems are. Whether bank- or govt- or private-run, payments generally work. When these multi-party activities do not work, all hell breaks loose, and people run, sometimes quite literally, to other systems.
When accounting ledgers break, we shrug. Triple entry takes us from the unreliable fantasy of the accounting entry to the hard concrete reality of the payment: the distributed ledger is as solid as a payment.
This doesn't replace double entry, nor does it replace classical payment systems. Rather it augments it by providing a way for parties to share certain transactions as if they were as solid as payments.
E.g., when RichardCo decides to place its capital at Barclays, it will no longer rely on its accounting systems alone to describe this situation, and neither will Barclays. Both of these parties will share a "receipt" that is cryptographically signed by some party that has mediated it (could be Barclays, could be the Bank of England, or it could be VirginMoney).
That's three parties, each holding a copy of the same receipt, hence the label triple entry. In the Bitcoin world, that middle intermediator is the blockchain, but single servers or replicated servers or small partner groups are equally applicable and in many cases better.
The receipt itself is strong because it is cryptographically authorised by the payer, and cryptographically signed off by the mediator (as a minimum). It represents such high class evidence that it is practically irrefutable in terms of the facts on record, and it is trivially automatable in audit terms.
Holding this entry is far more flexible than RichardCo and Barclays relying on their double entry systems because firstly you can build the double entry systems out of the collection of receipts any time you need them, and secondly, it is so strong that it can be used as evidence to create derivative claims. E.g., it's a set-up for securitization or loaning or other more advanced uses. And, it's a lot easier to audit because it is such solid evidence.
Back to bitcoin and its blockchain. This is the first successful experiment in a large scale triple entry issuance. In part, seeing what happens on the blockchainn generates excitement because we perceive an ability for any company to turn its stalled internal assets into contracts that are then dynamically mediated through cryptographic receipts.
Now, that contracting arrangement isn't there yet (see for example the conceptual tussle between smart contracts and Ricardian Contracts as mechanisms of issuance) but it will get there. Once I can issue all my accounted assets into a triple entry arrangement that others will instantly respect, finance will democratise so fiercely that if you're not seeing where it's going, the shock will probably take you down.
Bill Black gave an interview last year on how the financial system has moved from robustness to criminogenia:
If you can steal with impunity, as soon as you devastate regulation, you devastate the ability to prosecute. And as soon as that happens, in our jargon, in criminology, you make it a criminogenic environment. It just means an environment where the incentives are so perverse that they are going to produce widespread crime. In this context, it is going to be widespread accounting control fraud. And we see how few ethical restraints remain in the most elite banks.
You are looking at an underlying economic dynamic where fraud is a sure thing that will make people fabulously wealthy and where you select by your hiring, by your promotion, and by your firing for the ethically worst people at these firms that are committing the frauds.
No prizes for guessing he's talking about the financial system and the failure of the regulators to jail anyone, nor find any bank culpable, nor find any accounting firm that found any bank in trouble before it collapsed into the mercy of the public purse.
But where is the action? Where is the actual fraud taking place? This is the question that defies analysis and therefore allows the fraudsters to lay a merry trail of pointed fingers that curves around and joins itself. Here's the answer.
So in the financial sphere, we are mostly talking about accounting as the weapon of choice. And that is, where you overvalue assets, sometimes you undervalue liabilities. You create vast amounts of fictional income by making really bad loans if you are a lender. This makes you rich through modern executive compensation, and then it causes tremendous losses to the lender.
The first defence against this process is transparency. Which implies the robust availability of clear accounting records -- what really happened? Which is where triple-entry becomes much more interesting, and much more relevant.
In the old days, accounting was the domain of intra-firm transactions. Double entry enabled the growth of the business empire because internal errors could be eliminated by means of the double-links between separate books; clearly, money had to be either in one place or another, it couldn't slip between the cracks any more, so we didn't need to worry so much about external agents deliberately dropping a few entries.
Beyond the firm, it was caveat emptor. Which the world muddled along with for around 700 years until the development of electronic transactions. At this point of evolution from paper to electronic, we lost the transparency of the black & white, and we also lost the brake of inefficiency in transactions between firms. That which was on paper was evidence and accountable to an entire culture called accountants; that which was electronic was opaque except to a new generation of digital adepts.
Say hello to Nick Leeson, say good bye to Barings Bank. The fraud that was possible now exploded beyond imagination.
Triple-entry addresses this issue by adding cryptography to the accounting entry. In effect it locks the transaction into a single electronic record that is shared with three parties: the sender, the receiver and a third party to hold & adjudicate. Crypto makes it easy for them to hold the same entry, the third parties makes it easy to force the two interested agents not to play games.
You can see this concept with Bitcoin, which I suggest is a triple-entry system, albeit not one I envisaged. The transaction is held by the sender and the recipient of the currency, and the distributed blockchain plays the part of the third party.
Why is this governance arrangement a step forward? Look at say money laundering. Consider how you would launder funds through bitcoin, a fear claimed by the various government agencies. Simple, send your ill-gotten gains to some exchanger, push the resultant bitcoin around a bit, then cash out at another exchanger.
Simple, except every record is now locked into the blockchain -- the third party. Because it is cryptographic, it is now a record that an investigator can trace through and follow. You cannot hide, you cannot dive into the software system and fudge the numbers, you cannot change the records.
Triple-entry systems such as Bitcoin are so laughably transparent that only the stupidest money launderer would go there, and would therefore eliminate himself before long. It is fair to say that triple-entry is practically immunised against ML, and the question is not what to do about it in say Bitcoin, but why aren't the other systems adopting that technique?
And as for money laundering, so goes every other transaction. Transparency using triple-entry concepts has now addressed the chaos of inter-company financial relationships and restored it to a sensible accountable and governable framework. That which double-entry did for intra-company, triple-entry does for the financial system.
Of course, triple-entry does not solve everything. It's just a brick, we still need mortar of systems, the statics of dispute resolution, plans, bricklayers and all the other components. It doesn't solve the ethics failure in the financial system, it doesn't bring the fraudsters to jail.
And, it will take a long time before this idea of cryptographically sealed receipts seeps its way slowly into society. Once it gets hold, it is probably unstoppable because companies that show accounts solidified by triple-entry will eventually be rewarded by cheaper cost of capital. But that might take a decade or three.
H/t to zerohedge for this article of last year.
While we're on the accounting theme (and why it matters for cryptocurrencies), this is a great article:
No Accounting Skills? No Moral Reckoning
By JACOB SOLL APRIL 27, 2014
SOMETIMES it seems as if our lives are dominated by financial crises and failed reforms. But how much do Americans even understand about finance? Few of us can do basic accounting and fewer still know what a balance sheet is. If we are going to get to the point where we can have a serious debate about financial accountability, we first need to learn some essentials.
The German economic thinker Max Weber believed that for capitalism to work, average people needed to know how to do double-entry bookkeeping. This is not simply because this type of accounting makes it possible to calculate profit and capital by balancing debits and credits in parallel columns; it is also because good books are “balanced” in a moral sense. They are the very source of accountability, a word that in fact derives its origin from the word “accounting.”
In Renaissance Italy, merchants and property owners used accounting not only for their businesses but to make a moral reckoning with God, their cities, their countries and their families. The famous Italian merchant Francesco Datini wrote “In the Name of God and Profit” in his ledger books. Merchants like Datini (and later Benjamin Franklin) kept moral account books, too, tallying their sins and good acts the way they tallied income and expenditure.
One of the less sexy and thus forgotten facts about the Italian Renaissance is that it depended highly on a population fluent in accounting. At any given time in the 1400s, 4,000 to 5,000 of Florence’s 120,000 inhabitants attended accounting schools, and there is ample archival evidence of even lowly workers keeping accounts.
This was the world in which Cosimo de’ Medici and other Italians came to dominate European banking. It was understood that all landowners and professionals would know and practice basic accounting. Cosimo de’ Medici himself did yearly audits of the books of all his bank branches; he also personally kept the accounts for his household. This was typical in a world where everyone from farmers and apothecaries to merchants — even Niccolò Machiavelli — knew double-entry accounting. It was also useful in political office in republican Florence, where government required a certain amount of transparency.
If we want to know how to make our own country and companies more accountable, we would do well to study the Dutch. In 1602, they invented modern capitalism with the foundation of the first publicly traded company — the Dutch East India Company — and the first official stock market in Amsterdam. But it was through an older and well-maintained culture of accountability that they kept these institutions stable for a century. The spread of double-entry accounting to the Netherlands during the early 1500s made the country the center of accounting education, world trade and early capitalism. Well-accounted-for provincial tax returns allowed the Dutch to float bonds at dependable 4 percent interest rates. The Dutch trusted their managers to know how to keep good books and make regular interest payments, while paying off state debt.
Every level of Dutch society practiced double-entry accounting — from prostitutes to scholars, merchants and even the Stadholder, Maurice of Nassau, Prince of Orange. Painters regularly depicted merchants keeping their books; Quentin Metsys’ “The Money Changers” (circa 1549) showed that even skilled accountants could be fraudulent. In other words, the advantages and pitfalls of accounting were at the fore of public consciousness.
Not only did the Dutch have basic financial management skills, they were also acutely aware of the concept of balanced books, audits and reckonings. They had to be. If local water board administrators kept bad books, the Dutch dyke and canal system would not be well maintained, and the country risked catastrophic flooding.
This desire for accountability was what pushed the Dutch to reform their financial system when it began to collapse under the weight of fraud. The first shareholder revolt happened in 1622, among Dutch East India Company investors who complained that the company account books had been “smeared with bacon” so that they might be “eaten by dogs.” The investors demanded a “reeckeninge,” a proper financial audit.
While the state did not allow the Dutch East India Company’s books to be audited in public, Prince Maurice did do a serious internal audit, and Dutch burghers were satisfied with both company and state accountability. A cultural ideal was set. For the next century, it became common practice for public administrators to have portraits of themselves painted with their account books — sometimes with real calculations in them — open, for all to see.
These historical examples point the way toward achievable solutions to our own crises. Over the past half century, people have stopped learning double-entry bookkeeping — so much so that few know what it means — leaving it instead to specialists and computerized banking. If we want stable, sustainable capitalism, a good place to start would be to make double-entry accounting and basic finance part of the curriculum in high school, as they were in Renaissance Florence and Amsterdam.
A population well-versed in double-entry accounting will not immediately solve our complex financial problems, but it would allow average citizens to understand the nuts and bolts of finance: balance sheets, mortgage interest, depreciation and long-term risk. It would also give them a clearer sense of what financial accountability really means and of how to ask for and assess audits. The explosion of data-driven journalism should also include a subset of reporters with training in accounting so that they can do a better job of explaining its central role in our economy and financial crises.
Without a society trained in accountability, one thing is certain: There will be more reckonings to come.
Jacob Soll, a professor of history and accounting at the University of Southern California, is the author, most recently, of “The Reckoning: Financial Accountability and the Rise and Fall of Nations.”
A version of this article appears in print on 04/28/2014, on page A21 of the NewYork edition with the headline: No Accounting Skills? No Moral Reckoning.
Ilya Grigorik provides a ground-up technologists' description of Bitcoin called "The Minimum Viable Blockchain." He starts at bartering, goes through triple-entry and the replacement of the intermediary with the blockchain, and then on to explain how all the perverse features strengthen the blockchain. It's interesting to see how others see the nexus between triple-entry and bitcoin, and I think it is going to be one of future historian's puzzles to figure out how it all relates.
Both Bob and Alice have known each other for a while, but to ensure that both live up to their promise (well, mostly Alice), they agree to get their transaction "notarized" by their friend Chuck.
They make three copies (one for each party) of the above transaction receipt indicating that Bob gave Alice a "Red stamp". Both Bob and Alice can use their receipts to keep account of their trade(s), and Chuck stores his copy as evidence of the transaction. Simple setup but also one with a number of great properties:
- Chuck can authenticate both Alice and Bob to ensure that a malicious party is not attempting to fake a transaction without their knowledge.
- The presence of the receipt in Chuck's books is proof of the transaction. If Alice claims the transaction never took place then Bob can go to Chuck and ask for his receipt to disprove Alice's claim.
- The absence of the receipt in Chuck's books is proof that the transaction never took place. Neither Alice nor Bob can fake a transaction. They may be able to fake their copy of the receipt and claim that the other party is lying, but once again, they can go to Chuck and check his books.
- Neither Alice nor Bob can tamper with an existing transaction. If either of them does, they can go to Chuck and verify their copies against the one stored in his books.
What we have above is an implementation of "triple-entry bookkeeping", which is simple to implement and offers good protection for both participants. Except, of course you've already spotted the weakness, right? We've placed a lot of trust in an intermediary. If Chuck decides to collude with either party, then the entire system falls apart.
Grigorik then uses public key cryptography to ensure that the receipt becomes evidence that is reliable for all parties; which is how I built it, and I'm pretty sure that was what was intended by Todd Boyle.
However he walks a different path and uses the signed receipts as a way to drop the intermediary and have Alice and Bob keep separate, independent ledgers. I'd say this is more a means to an end, as Grigorik is trying to explain Bitcoin, and the central tenant of that cryptocurrency was the famous elimination of a centralised intermediary.
Moral of the story? Be (very) careful about your choice of the intermediary!
I don't have time right now to get into the rest of the article, but so far it does seem like a very good engineer's description. Well worth a read to sort your head out when it comes to all the 'extra' bits in the blockchain form of cryptocurrencies.
Many systems are built on existing trust relationships, and understanding these is often key to their long term success or failure. For example, the turmoil between OpenPGP and x509/PKI can often be explained by reference to their trust assumptions, by comparing the web-of-trust model (trust each other) to the hierarchical CA model (trust mozilla/microsoft/google...).
In informal money systems such as LETS, barter circles and community currencies, it has often seemed to me that these things work well, or would work well, if they could leverage local trust relationships. But there is a limit.
To express that limit, I used to say that LETS would work well up to maybe 100 people. Beyond that number, fraud will start to undermine the system. To put a finer point on it, I claimed that beyond 1000 people, any system will require an FC approach of some form or other.
Now comes some research that confirms some sense of this intuition, below. I'm not commenting directly on it as yet, because I haven't the time to do more than post it. And I haven't read the paper...
'Money reduces trust' in small groups, study shows
By Melissa Hogenboom Science reporter, BBC News
People were more generous when there was no economic incentive
A new study sheds light on how money affects human behaviour.
Exchanging goods for currency is an age old trusted system for trade. In large groups it fosters co-operation as each party has a measurable payoff.
But within small groups a team found that introducing an incentive makes people less likely to share than they did before. In essence, even an artificial currency reduced their natural generosity.
The study is published in journal PNAS.
When money becomes involved, group dynamics have been known to change. Scientists have now found that even tokens with no monetary value completely changed the way in which people helped each other.
Gabriele Camera of Chapman University, US, who led the study, said that he wanted to investigate co-operation in large societies of strangers, where it is less likely for individuals to help others than in tight-knit communities.
The team devised an experiment where subjects in small and large groups had the option to give gifts in exchange for tokens.
- Participants of between two to 32 individuals were able to help anonymous counterparts by giving them a gift, based solely on trust that the good deed would be returned by another stranger in the future
- In this setting small groups were more likely to help each other than the larger groups
- In the next setting, a token was added as an incentive to exchange goods. The token had no cash value
- Larger groups were more likely to help each other when tokens had been added, but the previous generosity of smaller groups suffered
They found that there was a social cost to introducing this incentive. When all tokens were "spent", a potential gift-giver was less likely to help than they had been in a setting where tokens had not yet been introduced.
The same effect was found in smaller groups, who were less generous when there was the option of receiving a token.
"Subjects basically latched on to monetary exchange, and stopped helping unless they received immediate compensation in a form of an intrinsically worthless object [a token].
"Using money does help large societies to achieve larger levels of co-operation than smaller societies, but it does so at a cost of displacing normal of voluntary help that is the bread and butter of smaller societies, in which everyone knows each other," said Prof Camera.
But he said that this negative result was not found in larger anonymous groups of 32, instead co-operation increased with the use of tokens.
"This is exciting because we introduced something that adds nothing to the economy, but it helped participants converge on a behaviour that is more trustworthy."
He added that the study reflected monetary exchange in daily life: "Global interaction expands the set of trade opportunities, but it dilutes the level of information about others' past behaviour. In this sense, one can view tokens in our experiment as a parable for global monetary exchange."
Sam Bowles, of the Santa Fe Institute, US, who was not involved with the study, specialises in evolutionary co-operation.
He commented that co-operation among self-interested people will always occur on a vast scale when "helping another" consists of exchanging a commodity that can be bought or sold with tokens, for example a shirt.
"The really interesting finding in the study is that tokens change the behavioural foundations of co-operation, from generosity in the absence of the tokens, to self-interest when tokens are present."
"It's striking that once tokens become available, people generally do not help others except in return for a token."
He told BBC news that it was evidence for an already observed phenomenon called "motivational crowding out, where paying an individual to do a task which they had already planned to do free of charge, could lead people to do this less".
However, Prof Bowles said that "most of the goods and services that we need that make our lives possible and beautiful are not like shirts".
"For these things, exchanging tokens could never work, which is why humans would never have become the co-operative species we are unless we had developed ethical and other regarding preferences."
Without much comment, from Francine McKenna:
Auditors All Fall Down; PFGBest and MF Global Frauds Reveal Weak Watchdogs
The made-for-TV drama is instead unfolding in Cedar Falls, Iowa and Chicago where, in “truth is stranger than fiction” style, PFGBest’s Russell Wasendorf Sr. says he used his “blunt authority” as sole owner and CEO to falsify bank statements sent to regulators for twenty years using Photoshop, Excel, scanners and laser printers.
Instead of MF Global’s world-renowned auditor PwC, we’ve got a one-woman show, Jeannie Veraja-Snelling, signing the audit opinion accompanying the financial statements for PFGBest. Not that there’s much less apparent incompetence when a global firm like PwC misses increased risk and deteriorating controls at MF Global and signs off on a clean annual audit opinion as recently as March 31, 2011, seven months before MF Global was forced into bankruptcy. PwC also signed off on a 10-Q review at the end of June, and a bond issue in August of 2011.
Wasendorf’s suicide note said that he duped his first-response regulator, the National Futures Association, by intercepting its request for confirmation of his bank balances, including funds segregated and safeguarded for customers, by using a P.O. Box he set up in the name of US Bank. He simply wrote whatever he wanted on those confirmation requests and signed in the name of the bank. His doctored banks statements with matching figures were sent along with the confirmation request back to the regulator.
“I was forced into a difficult decision: Should I go out of business or cheat?” he wrote. “I guess my ego was too big to admit failure. So I cheated,” his suicide note said.
Regulators, auditors and internal controls can not prevent a psychopath from lying, cheating and stealing to perpetuate a myth and sustain a lavish lifestyle, but they can and should detect the fraud much sooner if not immediately.
Wasendorf’s admission does not explain how he also duped the independent auditor. One of the cornerstones of an independent audit is an independent confirmation of bank balances. PFGBest’s auditor was either duped for twenty years or complicit in the fraud. Neither conclusion is a good one for her. Auditors are forbidden to use company personnel to obtain or process bank balance confirmations. Of course, that hasn’t prevented auditors from falling down on this critical part of their job anyway, leading recently to some of the biggest and most notorious fraud cases in years.
Deloitte’s audit client Parmalat gave that firm falsified bank confirmations. Deloitte’s Milan firm and its international coordinating firm eventually settled the 2003 case with Parmalat bondholders and shareholders for almost $200 million total. Price Waterhouse India partners are still facing criminal charges and the firm is being sued by its former audit client Mahindra Satyam for the fraud revealed by Satyam’s CEO who admitted to falsifying $1 billion in bank balances. Price Waterhouse India paid fines to the SEC, PCAOB, and settled with shareholders. Regulators said Price Waterhouse India’s audits were negligent because they failed to obtain confirmations of bank balances directly from banks and instead accepted management’s representations without independent verification. Several of the current Chinese frauds allege bank confirmation fraud, including accusations of collusion with executives by bank officials and negligence by auditors Deloitte China and others.
What’s even more troubling to me is PFGBest’s auditor, and many others who audit only SEC-registered broker-dealers, may be breaking laws as well as being negligent in their public duty to the capital markets.
On that latter, read the article for detail...
How to cope with a financial system that looks like it's about to collapse every time bad news turns up? This is an issue that is causing a few headaches amongst the regulators. Here's some musings from Chris Skinner over a paper from the Financial Stability gurus at the Bank of England:
Third, the paper argues for policies that create much greater transparency in the system.
This means that the committees worldwide will begin “collecting systematically much greater amounts of data on evolving financial network structure, potentially in close to real time. For example, the introduction of the Office of Financial Research (OFR) under the Dodd-Frank Act will nudge the United States in this direction.
“This data revolution potentially brings at least two benefits.
“First, it ought to provide the authorities with data to calibrate and parameterise the sort of network framework developed here. An empirical mapping of the true network structure should allow for better identification of potential financial tipping points and cliff edges across the financial system. It could thus provide a sounder, quantitative basis for judging remedial policy actions to avoid these cliff edges.
“Second, more publicly available data on network structures may affect the behaviour of financial institutions in the network. Armed with greater information on counterparty risk, banks may feel less need to hoard liquidity following a disturbance.”
Yup. Real time data collection will be there in the foundation of future finance.
But have a care: you can't use the systems you have now. That's because if you layer regulation over policy over predictions over datamining over banking over securitization over transaction systems … all layered over clunky old 14th century double entry … the whole system will come crashing down like the WTC when someone flies a big can of gas into it.
The reason? Double entry is a fine tool at the intra-corporate level. Indeed, it was material in the rise of the modern corporation form, in the fine tradition of the Italian city states, longitudinal contractual obligations and open employment. But, double entry isn't designed to cope with the transactional load of of inter-company globalised finance. Once we go outside the corporation, the inverted pyramid gets too big, too heavy, and the forces crush down on the apex.
It can't do it. Triple entry can. That's because it is cryptographically solid, so it can survive the rigours of those concentrated forces at the inverted apex. That doesn't solve the nightmare scenarios like securitization spaghetti loans, but it does mean that when they ultimately unravel and collapse, we can track and allocate them.
Message to the regulators: if you want your pyramid to last, start with triple entry.
PS: did the paper really say "More taxes and levies on banks to ensure that the system can survive future shocks;" … seriously? Do people really believe that Tobin tax nonsense?
On 13/06/11 12:56 PM, James A. Donald wrote:
> On 2011-06-12 8:57 AM, Ian G wrote:
> > I wrote a paper about John Levine's observation of low knowledge, way
> > back in 2000, called "Financial Cryptography in 7 Layers." The sort of
> > unstated thesis of this paper was that in order to understand this area
> > you had to become very multi-discipline, you had to understand up to 7
> > general areas. And that made it very hard, because most of the digital
> > cash startups lacked some of the disciplines.
> One of the layers you mention is accounting.
Yes, so back to crypto, or at least financial cryptography.
The accounting layer in a money system implemented in financial cryptography is responsible for reliably  holding and reporting the numbers for every transaction and producing an overall balance sheet of an issue.
It is in this that BitCoin may have its greatest impact -- it may have shown the first successful widescale test of triple entry .
Triple entry is a simple idea, albeit revolutionary to accounting. A triple entry transaction is a 3 party one, in which Alice pays Bob and Ivan intermediates. Each holds the transaction, making for triple copies.
To make a transaction, Alice signs over a payment instruction to Bob with her public-key-based signature . Ivan the issuer then packages the payment request into a receipt, and that receipt becomes the transaction.
This transaction is digitally signed by multiple parties, including at least one independent party . It then becomes a powerful evidence of the transaction .
The final receipt *is the entry*. Then, the *collection of signed receipts* becomes the accounts, in accounting terms. Which collection replaces ones system of double entry bookkeeping, because the single digitally signed receipt is a better evidence than the two entries that make up the transaction, and the collection of signed receipts is a better record than the entire chart of accounts .
A slight diversion to classical bookkeeping, as replacing double entry bookkeeping is a revolutionary idea. Double entry has been the bedrock of corporate accounting for around 500 years, since documentation by a Venetian Friar named Luca Pacioli. The reason is important, very important, and may resonate with cryptographers, so let's digress to there.
Double entry achieves the remarkable trick of separating out mishaps from frauds. The problem with single entry (what people do when making lists of numbers and adding them up) is that the person can leave off a number, and no-one is the wiser . We can't show the person as either a bad bookkeeper or as a fraudulent bookkeeper. This achilles heel of primitive accounting meant that the bookkeeping limited the business to the size with which it could maintain honest bookkeepers.
Where, honest bookkeepers equals family members. All others, typically, stole the boss's money. (Family members did too, but at least for the good of the family.) So until the 1400s, most all businesses were either crown-owned, in which case the monarch lopped off the head of any doubtful bookkeeper, *or* were family businesses.
The widespread adoption of double-entry through the Italian trading ports led to the growth of business beyond the limits of family. Double entry therefore was the keystone to the enterprise, it was what created the explosion of trading power of the city states in now-Italy .
Back to triple entry. The digitally signed receipt dominates the two entries of double entry because it is exportable, independently verifiable, and far easier for computers to work with. Double entry requires a single site to verify presence and preserve resiliance, the signed receipt does not.
There is only one area where a signed receipt falls short of complete evidence and that is when a digital piece of evidence can be lost. For this reason, all three of Alice, Bob and Ivan keep hold of a copy. All three combined have the incentive to preserve it; the three will police each other.
Back to BitCoin. BitCoin achieves the issuer part by creating a distributed and published database over clients that conspire to record the transactions reliably. The idea of publishing the repository to make it honest was initially explored in Todd Boyle's netledger design.
We each independently converged on the concept of triple entry. I believe that is because it is the optimal way to make digital value work on the net; even when Nakomoto set such hard requirements as no centralised issuer, he still seems to have ended up at the same point: Alice, Bob and something I'll call Ivan-Borg holding single, replicated copies of the cryptographically sealed transaction.
With that foundation, we can trade.
> Recall that in 2005
> November, it became widely known that toxic assets were toxic.
In 2005, the SEC looked at my triple entry implementation, and....
> From late in 2005 to late in 2007, it was widely known that major
> financial institutions were walking dead, and yet strangely they
> continued to walk, though this took increasingly creative changes of the
...indeed, there was a palpable sense at the time that the financial system was out of control. They were looking at this thing with worried eyes.
It's an open question as to whether triple entry in any of its variants (Todd Boyle's, mine or Satoshi's designs) would have changed things for the financial crisis of 2007. I think the answer is; it was way too late to effect it. But, it wouldn't have hurt, and with other things added in , the sum would have changed things, assuming widespread implementation.
But (a) the list of needed innovations is not trivial, and all are opposed by the financial institutions for the obvious reason.
Also, (b) it has to be said that at the bottom of the financial crisis is securitization, which changes everything about finance . And I do mean everything. Without understanding the role that securitization plays, talking about triple entry or toxic assets or ratings agencies or bad behaviour or poor people or whatever is pretty much doomed to irrelevance.
Which is how they like it!
> Today in 2011, there is still no audit that acknowledges that toxic
> assets were and are toxic.
This one winds all the way to  ...
> While doubtless a good monetary system should embrace all these aspects
> of knowledge, our existing monetary system does not.
 reliably here means to play its part in the overall security model against attacks of fraud, etc.
 this rant is essentially a highly compressed version of:
 there is an intermediate step here where Bob can also sign the payment into a deposit instruction, thus confirming acceptance. But this can be optimised out. You can find out more about the signed transactional receipt model from Gary Howland's paper on SOX.
 think here of European Notaries, responsible to both parties to intermediate.
 crypto people would recall the term "non-repudiable" although that is out of favour; "non-repudiation is repudiated . BitCoin paper uses the term "non-reversible." Finance prefers terms like "final settlement. Legal people look for "evidence." I choose the legal term here because in a dispute their opinion matters more.
 this is not really apparent on paper, only in code and implementation (aka issues).
 all of this logic is applicable & analogous & consistent when the bookkeepers are computers...
 accounting history does not accept this point as proven. Having seen the difference of both double entry and triple entry in accounting systems, I'd say its clear. But historians don't have the benefit of seeing accounting systems stuff up in glorious fashion, they only have the dry old parchments to work from.
 another of the things essential on the list is final settlement / irreversibility / non-repudiation, as pioneered in many digital cash schemes. c.f., Mutual Funds Scandal.
 Everything important about the financial crisis in 4 short essays, start here: http://financialcryptography.com/mt/archives/001297.html
In the very sad story of the Justice System as we know it, a British courts has ruled the beginning of the end.
He went to jail this week, protesting his innocence. Speaking to The Times, he said: "There are no missing millions, there's no villa in the Virgin Islands, there has been no fraud. I am not allowed to earn any money, my assets were restrained so I couldn't use them to defend myself - it's a relentless, never-ending, vicious, cruel and wicked system.
Of course, all mobsters say that. So what was the crime?
Bowles was convicted by a jury in June of cheating the Revenue of £1.2 million in VAT but sentencing had been adjourned on three previous occasions. He had been found guilty of failing to pay VAT on a BIG land sale and diverting money due to the taxman to prop up Airfreight Express, his ailing air-freight company.
Now we have come full circle, and the evidence is presented: the Anti-money-laundering project of the OECD (known as the Financial Action Task Force, a Paris-based body) is basically and fundamentally inspired by the desire to raise tax. Hence, we will see a steady progression of government-revenue cases, occasionally interspersed with Mr Big cases. This is exactly what the OECD wanted. Not the mobsters, murderers, drug barons and terrorists pick up, but:
Bowles is a divorced, middle-aged company director from Maidenhead who has been transformed from successful entrepreneur to convicted fraudster.
A businessman, from the very heartland of English countryside. Not a dangerous criminal at all, but someone doing business. Not "them" but us. POCA or Proceeds of Crime Act is now an important revenue-raising tool:
It was not suggested that Bowles, who has no criminal record, had used the money to fund a luxury lifestyle. Nevertheless, when the Revenue began a criminal investigation into his affairs in 2006 all his assets were frozen under the powers of the Proceeds of Crime Act.
Bowles was required to live on an allowance and rely on legal aid for his defence rather than pay out of his own resources. Defence lawyers claimed that preparation of Bowles's defence case was hampered further because his companies' financial records were in the hands of administrators.
The accounts were not disclosed until a court hearing in February this year, at which point Bowles sought permission to have a forensic accountant examine them to determine the VAT position. He was refused a relaxation of the restraint order to pay for a forensic accountants' report. The Legal Services Commission also declined to fund such a report from legal aid.
After the court was told that the records "could be considered by counsel with a calculator" the trial went ahead. Bowles was cleared of two charges but found guilty of a third.
It works this way. First the money is identified. Then, the crime is constructed, the assets are frozen, legal-aid is denied, and the businessman goes to jail. By the time he gets out of that, he probably cannot mount a defence anyway, and rights are just so much confetti. This stripping of rights is a well-known technique in law, as only 1 in 100 can then mount a recovery of rights action, it is often done when the job of the prosecutor is more important than rights.
Let's be realistic here and assume that Bowles was guilty of tax fraud. His local paper certainly thinks he was guilty:
A tax cheat from Maidenhead who dodged paying £1.3m in VAT has been jailed for three-and-a-half years. ... The court heard between October 2001 and July 2006 Bowles failed to submit VAT returns to HM Customs and Excise (HMCE) and then HM Revenue & Customs (HMRC). The VAT related to the sale of land for commercial development in Cardiff worth £7.5m.
Following an HMRC criminal investigation Bowles, from Sandisplatt Road, was charged on three counts of 'cheating the revenue'. Peter Avery, assistant director, HMRC Criminal Investigations, said: "This sentence will serve as a deterrent to anyone who thinks that tax fraud is a risk worth taking."
Firstly, this is quite common, and secondly, tax is the most complicated thing in existence, so complicated that most ordinary lawyers don't recognise it as law by principle. It's the tax code, it's special. It's actually very hard not to be guilty of it, when you have a fair-sized business (whoever heard of a value-added-tax on a land sale?)
But even assuming that the guy was guilty, there was rather stunning evidence to the contrary, which underscores the point that this was revenue raising, not the bringing down of a Mr Big:
A financial report has since been prepared, free of charge, by a firm of chartered accountants. A draft copy was presented to the judge two months ago and a full version handed to him this week. Its analysis concludes that rather than owing tax, Bowles's companies had actually overpaid their taxes.
The report stated: "In our opinion, none of the evidence points to Philip Bowles fraudulently evading or concealing VAT due to HMRC ... It would have been reasonable to conclude that no fraud has taken place."
Lawyers for Bowles claimed in court that matters were compounded by a failure to explain VAT law properly. They alleged the jury were wrongly informed that companies in the same group could not assign tax liabilities and credits between each other.
When a firm of *chartered accountants* utters _an opinion_ over finances, this is a legally imposing evidence. It is given a special status in court, in that the court may rely on it, and so might all others; this special status is awarded for the purposes of public companies that need to impress others such as creditors and shareholders that the company is sound. This form of reliance is not available outside the accounting profession, and only available in an accounting context (e.g., when a firm of accountants audits a certification authority, we do not get a special right to rely on it without further ado).
When a firm of chartered accountants does this for free, this is beyond surprising, this is a shock. The natural order of things is now upset. When the accountants are working for free, this might mean that the professions are mounting a last-ditch effort to preserve the Justice System in Britain, as I predicted:
It took 20 years to hollow out Mexico, we have a bit longer in other countries, because the institutions are staffed by stiffer, better educated people.
Those stiffer, better educated institutions realise that we all are poorer when the justice system is used to raise revenue. Or perhaps they realise their turn is next?
I got some good criticism on the post about accounting as a profession. Clive said this which I thought I'd share:
As an engineer who's father was an accountant I will give you three guesses as to what he told me not to do when I grew up... Oddly it is the same for engineers, we tend to tell our children to do other things. As I've said before if you want to get on in life you should learn to speak the language that the man who cuts your cheque at the end of the month does, or more correctly his boss ;)
So even if you are just a humble team leader get yourself three courses,
- Vocal training,
- Psychology or Method acting.
And no I'm not joking about 3.
He's talking about what we do when we get to 30 and beyond, e.g., most readers of this blog. For us older folks looking back, it is depressing that the world looks so sucky; but this is a time-honoured thing. The myths have been stripped away, the rot revealed.
But the youth of today is perpetually optimistic, and the question they ask is eternal and (Spence-like) opinionated: what to study, first?
What then do we recommend for a first degree for someone near 20? It seems that nobody promotes the accountancy field, including the incumbents. Accountants don't practice accountancy, if they are any good. The only accountant I ever knew well committed suicide.
An MBA doesn't work, this is something that should be done after around 5-10 years of experience. Hence, I'm not convinced a straight business degree ("Bachelors in Business Studies" ?) makes sense either, because all that additional stuff doesn't add value until experience is there to help it click into place.
I wouldn't suggest economics. It is like law and accounting, in that it helps to provide a very valuable perspective throughout higher business planes. But it doesn't get you jobs, and it is too divorced from practical life, too hard to apply in detail. Engineering seems far too specialised these days, and a lot of it is hard to work in and subject to outsourcing. Science is like engineering but without the focus.
To my mind, the leading contenders as a first degree are (in no particular order):
⇒ computer science,
⇒ biotech, and
Firstly, they seem to get you jobs; secondly, law, compsci and marketing are easy to apply generally and broadly, and pay dividends throughout life. I'm not quiet sure about Biotech in the "broad" sense, but it is the next big thing, it is the wave to ride in.
Comp sci was the wave of the 1980s and 1990s. Now it is routine. Any technical degree these days tends to include a lot of comp sci, so if there is a tech you enjoy, do that degree and turn it into a comp sci degree on the inside.
Law is in my list because it is the ultimate defensive strategy. Headline Law tends to offend with its aggressively self-serving guild behaviour ("a man who represents himself has a fool for a client and a fool for a lawyer") and as a direct practice (courts) the field seems made for crooks. More technically, all disputes are win-lose by definition, and therefore litigation is destructive by definition, not productive. This is offensive to most of humanity.
But litigation is only the headline, there are other areas. You can apply the practical aspects of law in any job or business, and you can much more easily defend yourself and your business against your future fall, if you have a good understanding of the weapons of mutual destruction (a.k.a. lawsuits). About half of the business failures I've seen have occurred because there was no good legal advisor on the team; this is especially true of financial cryptography which is why I've had to pick up some of it; what one person I know calls "bush lawyering."
The downside to studying law is that you can lose your soul. But actually the mythology in law is not so bad because it is grounded in fundamental rights, so keep those in mind, and don't practice afterwards. It's nowhere near as bad as the computing scene (no grounding at all, e.g., open source) or the marketing blah blah (your mission is to unground other's perceptions!).
Marketing is there because every successful business needs it, and you can only be successful with it. MBAs are full of marketing, which reflects its centrality (and also gives a good option for picking it up later). But marketing is also dangerous because it gives you the tools to fool yourself and all around you, and once you've become accustomed to the elixir, your own grounding is at risk.
I don't advise any of the arts (including Clive's points 2,3) as a primary degree for youth, because businesses hire on substance, so it is important to have some to offer. E.g., people who study psychology tend to end up doing HR ("human resources"), badly, perhaps because they lack the marketing sense to make HR the most important part of the business.
Likewise, avoid anything that is popular, soft, fun, nice and that all your touchy-feely friends want to do. When there are too many people and too little substance, the competition suppresses everyone and makes you all poor. That's the best result because at least it is honest; a very few dishonest ones become rich because they figure out the game. The notion that you can study acting, media, history, photography or any of the finer arts, and then make a living, doesn't bear talking about. It is literally gambling with lives, and has no place in advice to young people.
So, if they are not doing audits and accounting, where does the accounting profession want to go? Perhaps unwittingly, TOdd provided the answer with that reference to the book Accounting Education: Charting the Course through a Perilous Future by W. Steve Albrecht and Robert J. Sack.
It seems that Messrs Albrecht and Sack, the authors of that book, took the question of the future of Accounting seriously:
Sales experts long ago concluded that "word of mouth" and "personal testimonials" are the best types of advertising. The Taylor Group1 found this to be true when they asked high school and college students what they intended to study in college. Their study found that students were more likely to major in accounting if they knew someone, such as a friend or relative, who was an accountant.
So they tested it by asking a slightly more revealing question of the accounting professionals:
When asked "If you could prepare for your professional career by starting college over again today, which of the following would you be most likely to do?" the responses were as follows:
Type of Degree % of Educators Who Would % of Practitioners Who Would Who Would Earn a bachelor's degree in something other than accounting and then stop 0.0 7.8 Earn a bachelor's degree in accounting, then stop 4.3 6.4 Earn a Master's of Business Administration (M.B.A.) degree 37.7 36.4 Earn a Master's of Accountancy degree 31.5 5.9 Earn a Master's of Information Systems degree 17.9 21.3 Earn a master's degree in something else 5.4 6.4 Earn a Ph.D. 1.6 4.4 Earn a J.D. (law degree) 1.6 11.4
These results are frightening,...
Well indeed! As they say:
It is telling that six times as many practicing accountants would get an M.B.A. as would an M.Acc., over three times as many practitioners would get a Master's of Information Systems degree as would get an M.Acc., and nearly twice as many practitioners would get a law degree instead of an M.Acc. Together, only 12.3 percent (6.4% + 5.9%) of practitioners would get either an undergraduate or graduate degree in accounting.2 This decrease in the perceived value of accounting degrees by practitioners is captured in the following quotes:We asked a financial executive what advice he would give to a student who wanted to emulate his career. We asked him if he would recommend a M.Acc. degree. He said, "No, I think it had better be broad. Students should be studying other courses and not just taking as many accounting courses as possible. ...
My job right now is no longer putting numbers together. I do more analysis. My finance skills and my M.B.A. come into play a lot more than my CPA skills.
.... we are creating a new course of study that will combine accounting and
information technology into one unique major....
...I want to learn about information systems.
(Of course I'm snipping out the relevant parts for speed, you should read the whole lot.) Now, we could of course be skeptical because we know computing is the big thing, it's the first addition to the old list of Reading, Arithmetic and Writing since the dark ages. Saying that Computing is core is cliche these days. But the above message goes further, it's almost saying that Accountants are better off not doing accounting!
The Accounting profession of course can be relied upon to market their profession. Or can they? Todd was on point when he mentioned the value chain, the image in yesterday's post. Let's look at the wider context of the pretty picture:
Robert Elliott, KPMG partner and current chairman of the AICPA, speaks often about the value that accountants can and should provide. He identifies five stages of the "value chain" of information. The first stage is recording business events. The second stage is summarizing recorded events into usable data. The third stage is manipulating the data to provide useful information. The fourth stage is converting the information to knowledge that is helpful to decision makers. The fifth and final stage is using the knowledge to make value-added decisions. He uses the following diagram to illustrate this value chain:
This five-stage breakdown is a helpful analysis of the information process. However, the frightening part of Mr. Elliott's analysis is his judgment as to what the segments of the value chain are worth in today's world. Because of the impact of technology, he believes that:
- Stage 1 activity is now worth no more than $10 per hour
- Stage 2 activity is now worth no more than $30 per hour
- Stage 3 activity is now worth $100 per hour
- Stage 4 activity is now worth $300 per hour
- Stage 5 activity is now worth $1,000 per hour
In discussing this value chain, Mr. Elliott urges the practice community to focus on upper-end services, and he urges us to prepare our students so they aim toward that goal as well. Historically, accounting education has prepared students to perform stage 1- and stage 2-type work.
Boom! This is compelling evidence. It might not mean that the profession has abandoned accounting completely. But it does mean that whatever they do, they simply don't care about it. Accounting, and its cousin Audits are loss-leaders for the other stuff, and eyes are firmly fixed on other, higher things. We might call the other stuff Consulting, and we might wonder at the correlation: consulting activities have consumed the major audit firms. There are no major audit firms any more, there are major consulting firms, some of which seem to sport a vestigial audit capability.
Robert Elliot's message is, more or less, that the audit's fundamental purpose in life is to urge accountancy firms into higher stages. It therefore matters not what the quality (high?) is, nor what the original purpose is (delivering a report for reliance by the external stakeholder?). We might argue for example whether audit is Stage 2 or Stage 3. But we know that the auditor doesn't express his opinion to the company, directly, and knowledge is the essence of the value chain. By the rules, he maintains independence, his opinion is reserved for outsiders. So audit is limited to Stages 3 and below, by its definition.
Can you see a "stage 4,5 sales opportunity" here?
Or perhaps more on point, can you avoid it?
It is now very clear where the auditors are. They're not "on audit" but somewhere higher. Consulting. MBA territory. Stage 5, please! The question is not where the accounting profession wants to go today, because they already got there, yesterday. The financial crisis thesis is confirmed. Audits are very much part of our problem, even if they are the accounting profession's solution.
What is less clear is where are we, the business world? The clients, the users, the reliers of audit product? And perhaps the question for us really is, what are we going to do about it?
Regarding the failure of financial auditing, or statutory audits, there is probably a body of knowledge to be found in academia and business journals. There is certainly a lot of wisdom and knowledge among the accounting profession, although it is heavily suppressed, and auditors, like bankers, start out opaque and unself-aware. All three of these things grow deeper over lifelong habit (lack of honest self appraisal, lack of communication skills to talk about their business in anything but literal terms, and lack of any motive or impulse to be honest or candid even if they wanted to.) So, you'll find the best research on this problem in the business schools and press, for whom auditors are a business problem to be understood, and in the accountancy schools who still harbor a lot of great minds, with too much integrity to survive in the global audit firms. The audit profession took root in the 1930s and I would have to guess that it was captured from day one, by the publicly listed companies they were supposed to be auditing.
Accountants have had the choice to improve themselves at several historic points in time; the 1929 crash, the end of WW2, when every other economy was demolished, and the end of the Soviet threat. What they've actually done was continue fiddling with their false definitions of economic substance, called GAAP, which is really intended to modulate the lies and maintain as much opaqueness as the public would tolerate.
The greatest opportunity to improve business reporting, if that were the intention, has come from improvements in database, computing, and the internet. Internally of course, companies have built information tools to navigate and understand their customers, suppliers, financial structures and inner working. All of it conceived, developed and maintained for the benefit of senior executives. The host-centric, server-centric architecture of the dominant computing architectures (ibm, att, dec, sun, microsoft etc) reflect this.
There is nothing that reveals the intent and will of the AICPA more clearly than its design choices in XBRL. And I doubt if anybody will ever write the book about XBRL, since the people who realized what a betrayal it was, while it was being cooked up, were physically nauseated and left the standards bodies, myself included. Outside the meeting room and convention halls, there were more than a few people who saw what was happening-- and why would they pay annual dues of $thousands, plus travel costs, to attend the next XBRL conference, unless they were part of the corrupt agenda themselves?
I am reminded of the State of Washington democratic party convention I attended a few years ago-- more than 2/3s of the 1000 delegates from the precincts, statewide had never been to a convention before. And, by the end of the convention, a percentage even larger than that, was in open rebellion against the selection of candidates and railroading of the platform and agenda, by top party officials. So, 2/3s of them would never bother participating in the Democratic Party in the next election cycle either.
The people responsible for the sabotage and corruption of the AICPA's XBRL and other technologies, are Barry Melancon, working on behalf of opaque interests in the audit firms and wall street, and, the young turks they hired, Charlie Hoffman and Eric Cohen. Hoffman bubbled up in the Seattle area as an evangelist for microsoft technologies in accounting firms and probably never understood where the money and support for his magic carpet ride was coming from. Microsoft itself being a front-end for IBM and wall street. There have been a few, who try from time to time, to make these technologies honest, such as David RR Weber, Glen Gray, Bill McCarthy...
A more hopeful technology, ebXML emerged shortly after XBRL, and again the history is so vast, somebody should write a book---indeed would write a book-- if they had the stomach for it. Now, here, we ran into a different set of entrenched interests, the EDI industry and adjacent companies and interests. It was a fabulous project, with at least ten different workgroups, each with a lot of dedicated people, supported by many great companies.
To sum it all up-- there are people who want to use the power of computers and communications to reach process improvements, labor savings, AND transparency for all stakeholders. These people have developed over many years, a very complete understanding of business processes in their industries and somewhat less completely, a generalized architecture for all economic transactions. However, there are a plutocracy who own all their companies and make all of the hiring and firing decisions. Obviously, these people at the very top, have leaned hard on the tiller, since the early days.
And the accounting and auditing profession knows where its bread is buttered, see Bob Elliot's diagram of "five stage value chain."
I have in the past presented the strawman that your CISO needs an MBA. Nobody has yet succeeded in knocking it down, and it is proving surprisingly resilient. Yet more evidence comes from Bruce Schneier's blog post of yesterday:
Return on investment, or ROI, is a big deal in business. Any business venture needs to demonstrate a positive return on investment, and a good one at that, in order to be viable.
It's become a big deal in IT security, too. Many corporate customers are demanding ROI models to demonstrate that a particular security investment pays off. And in response, vendors are providing ROI models that demonstrate how their particular security solution provides the best return on investment.
It's a good idea in theory, but it's mostly bunk in practice.
Bunk is wrong. Let's drill down. It works this way: NPV (net present value) and ROI (its lesser cousin) are a mathematical tool for choosing between alternate projects. Keep the notion of comparison tightly in your mind.
The tools measure the money going in versus the money going out in a neutral way. They are entirely neutral between projects because NPV is just mathematics, and the same mathematics is used for each project. (See the top part of Richard's post.)
Obviously, any result from the model depends totally on the inputs, so there is a great deal of care and theory needed supply those proper inputs. And, it is here that security projects have the trouble, in that we don't have a good view as to how to predict attack costs. To be clear, there is no controversy about the inputs being a big problem.
But, assuming we have the theory, the process and the inputs, we can, again in principle, measure fairly across all projects.
That's how it works. As you can see above, we do not make a distinction between investment, savings, costs, returns or profits. Why not? Because NPV model and the numbers don't, either.
What then goes wrong with security people when they say ROI doesn't apply to security?
Before I get into the details, there's one point I have to make. "ROI" as used in a security context is inaccurate. Security is not an investment that provides a return, like a new factory or a financial instrument. It's an expense that, hopefully, pays for itself in cost savings. Security is about loss prevention, not about earnings. The term just doesn't make sense in this context.
The bottom line is that security saves money; it does not create money.
It seems to be that they seize on the words investment and returns, etc, and realise that the words differ from costs and savings. In conceptual or balance sheet terms, they do differ, but here's the catch: to the models of NPV and ROI, it's all the same. In this sense, we could say that the title of ROI is a misnomer, or that there are several meanings to the word "investment" and you've seized on the wrong one.
If you are good at maths, consider it as simply a model that deals equally well with negative numbers as well as positive numbers. To a model, savings are just negatives of returns.
Now, if your security director had an MBA, she would know that the purpose of NPV is to compare projects, and not anything else, like generating returns. She would also know that the model is neutral, and that the ability to handle negative numbers mean that expenses and savings can be compared as well. She would further know that the problems occur in the inputs and assumptions, not in the model.
Finally, she would know how to speak in the language of finance, which is the language that the finance people use. This might sound obvious, but it isn't so clear. As a generalism, it is this last point that is probably most significant about the MBA concept: it teaches you the language of all the other specialities. It doesn't necessarily make you a whizz at finance, or human resources, or marketing. But it at least lets you talk to them in their language. And, it reminds you that the other professions do have some credibility, so if they say something, listen first before teaching them how to suck eggs.
It was widely recognised since David Chaum's designs first appeared that the new 'digital certificate' model of money was not aligned or symmetrical with accounting techniques such as double entry book keeping. Many people expected the two to compete and indeed many money systems avoided combining them; this is I believe one of the few efforts to integrate the two and show them as better in combination than apart.
The digitally signed receipt, an innovation from financial cryptography, presents a challenge to classical double entry bookkeeping. Rather than compete, the two melded together form a stronger system. Expanding the usage of accounting into the wider domain of digital cash gives 3 local entries for each of 3 roles, the result of which we call triple entry accounting.
This system creates bullet proof accounting systems for aggressive uses and users. It not only lowers costs by delivering reliable and supported accounting, it makes much stronger governance possible in a way that positively impacts on the future needs of corporate and public accounting.
Comments below as always!
Those that are deep into transactional database work, as everyone in payment systems and the like is, know there is a deep dim and ghostly place that we all fear. I've just walked that through that place, and as soon as I saw it, I know I was staring at the Twilight Zone.
The Twilight Zone is a special nightmare for database engineers. It is when your transactional set forks into two; both are correct because they are transactions, after all, but both places are wrong because of the other place. Worse, the further time passes, the more chance of more forks, more and more places, all in the same zone. It is when the time-space continuum of your data fractures and spreads out in an infinite tree of possibilities.
I've always known it existed. When you've travelled so many databases, so many scenarios, you realise that the perfect database doesn't exist. Software is meant to fail, and getting it right today just means it will really go wrong tomorrow. For nine years, tomorrow never came, until one day in Vienna, I discovered a whole issuance of newly minted gold, Euro and sterling had just ... vanished into another space. It took me over two days of isolating and isolation before I realised where I was. And where I was.
(A brief digression for the non-digerati: database software does transactions, which are like records or receipts or sales or somethings that have special characteristics: they happen once and once only, if they happen at all, and if they happen, they happen forever. We call them atomic, because they either do or they don't happen, we can't divide them into half-happens. We do this because when we move money from one place to another, we want to make darn sure it either moves or it doesn't. No halfway house. And no going back, once we got there. We actually care so much about this that we don't really care which it is - happens or not happens!)
So when my fresh gold decided it had happened and not happened, I was sucked into the Twilight Zone. The reason it exists is quite fundamental: transactional software is perfect in theory, but implementations are flawed. No matter how much care you take, changes occur, features get added, bugs need to be fixed; step by small baby step, the logical beauty of your original design flits and dances towards the forking point. With all software, everywhere, no matter the manufacturer's guarantee, there will always be the possibility of so many bugs and so many patches and so many engineers who didn't understand, all one day coming together to split your state into the twilight zone.
This is why space shuttles blow up. Why Titanics sink, dams collapse, power grids shut down, and stock exchanges melt down. It's not because of a lack in the quality of the people or the software, it's because of the complexity of the system. Fundamentally, if you got it right, someone will build a better system on yours that is 99% right, and reliant on yours 101%. And the next person will layer their opus magnum over that great work and get that 98% right... and so it goes on until the mother of all meltdowns occur.
Specifically, what happened was an event notification - a new feature added in so as to enable chat broadcasts via payments - had a dodgy forwarding address. Which would have been fine, but the change to fix that broke. Which wasn't picked up in testing, because it didn't break in quite that way, but was picked up by a recovered transaction which did look it in exactly that way, which in turn failed and then went on to block another transaction in recovery. (Long time hackers will see a chain of bugs here, one tripping another in a cascade.)
This last transaction was a minting transaction. That means, it created value, which was the sterling I mentioned earlier (or gold, or Euro, I forget). Which, by a series of other unfortunate events caused yet another whole chain of transactions to fail in weird ways and Shazam! We entered the twilight zone where half the world thought they had a bucket of dosh, and the other half did not.
Fixing the bugs is obvious, boring, and won't be discussed further. The real issues are more systemic: it is going to happen and happen again. So infrequently that its very rarity makes it much more traumatic for its lack of precedent. It is very hard to create procedures and policies to deal with something that hasn't happened in living memory, would be fixed immediately if we knew how it was going to happen, and is so not-going-to-happen that the guarantee doesn't permit it. Nor its solution, nor even the admittance of the failure.
So how do we deal with the twilight zone? Well, like quantum physics, the notion is to look at the uncertain states and attempt to collapse them into one place. With luck this is possible, simply by re-running all the transactions and hoping that it all works out. With bad luck however, there would be a clash between transactions that resulted in leaving the twilight zone the wrong way, and being splintered forever: Simply put if I had given money to you in one place, and to your sister in another place, when the two places collapsed into one then the time-space of accounting would rip asunder and swallow us all, because money can't exist in two states at once. It would be light and day together for evermore. At the least, permanent migraines.
Which leads me to our special benefit and our own fatal curse: the signed receipt. In our transactions, the evidence is a receipt, digitally signed that is distributed to all the accounts' users. This means we as issuers of contractual value are locked into each and every transaction. Even if we wanted to fiddle with the database and back out a few tranasctions to pretend your sister doesn't exist, it won't work because the software knows about the signed transactions. This trick is that which I'd suggest to other databases, and that's why we signed the receipts in the first place; We never wanted that to work, and now it doesn't. Stuck, we are.
It does however mean that the simple tactical phase is a good starting point: re-run all the transactions, and live with the potentially broken accounts, the accounting time-space rent asunder if so discovered. How we'd deal with that is a nice little question for our final exam in post-graduate governance.
My walk through the twilight zone was then guided by a strategy: find all the signed receipts, and re-run them. Every one, and hope it worked out! Luck was indeed on my side this time, as it was a minting that had failed, so the two places were cleanly separated in the zone. I had to fix countless interlocking bugs, make yet more significant feature changes, and conduct days worth of testing. Even after I had done all this, and had watched the thrilling sight of 10 transactions reborn in my preferred space, I still had only the beginnings of a systemic solution to the problem of walking the twilight zone.
How to do that is definately a tricky problem. Here are my requirements so far: even though it should never happen, it must be a regular occurrence. Even though the receipts are scattered far and wide, and are unobtainable to the server, we must acquire the receipts back. And, even though we cannot collapse the states back when they have forked too far, we must re-engineer the states for collapse.
I have the essence of a solution. But it will have to remain on the drawing board, awaiting the next dim opportunity; as no-one willingly walks into the Twilight Zone.
Adam's blog pointed me to this description of the switcherooo in US government accounting. In brief, the USG has been using cash accounting, which means they count up the cash coming in, and going out, and that's their profit & loss. Yet, the SEC mandates accrual accounting for all companies of any note. The difference is pretty substantial. In accrual accounting, you also include all your *future* income and liabilities. This of course means that on paper at least you can't play games with this year's numbers at the cost of next year's numbers.
Now, it seems that some rebels in Congress got the US treasury to at least present some rough accrual numbers this year. So we can see the difference. Well, it ain't good. Actually, it's unbelievable. So sit down, and prepare to expire.
On a cash basis the USG has incurred an extra debt of about $412 bullion, for the fiscal year of 2004. But, on an accruals basis, the number is $11.087 trillion dollars.
That's twenty seven times bigger than the popular, published number, if these numbers are to be believed. Can you say Enron on a global economic scale?
See the post, and the UST's hopefully authoritive report for the details. I can't cope, but luckily I don't need to. All you American Accountants out there.... It's over to you: Tell Mr Scrivener he's wrong! You owe it to your country.
DSR is a historical pre-commercial (circa 1994) shared accounting architecture that was proposed to compensate router owners for passing the packets of other entities.
Cooperating router nodes would count packets passed between them, and occasionally, they would send "number" money packets back and forth to reset the counters. These paid-for resets would cause charges to trickle across to big users, and money towards working routers. Defences against cheating/fraud were limited to signed notifications of balances and a simple payment system.
DSR is like LETS for routers. As a thought experiment in multi-agent accounting, it is interesting for its influence on later micropayment systems (Mojo Nation?), but it assumes pre-commercial net-style honest behaviour and the absence of competition. It also suffers somewhat from the cool engineering approach ("the silk road was so cool, let's rebuild it") that always gets steamrollered by markets and marketing.
E.g., FedEx beats the original silk road, as does a host of other transport innovations such as trains, bulk container ships and blind men with canes. In today's Internet world, large corporations achieve internal Coasian efficiencies by owning thousands of routers and not doing internal charging, but collecting flat fees from customers.
Convergence of accounting standards by 2005 is anything but a sure thing, thanks to opposition by Europe's banking sector.
Ed Zwirn, CFO.com February 20, 2004
Will opposition from Europe's banking sector leave the world's two biggest markets operating by different rules?
The International Accounting Standards Board (IASB) is apparently digging in its heels on marking derivatives to market. But the European Union may refuse to go along. Companies needing to access capital markets in both the United States and Europe, as a result, might have to continue to account for their business by using both U.S. GAAP and International Financial Reporting Standards beyond the Jan. 1, 2005 deadline for convergence.
On Wednesday, the IASB rejected calls from bankers that IAS39 either be scrapped or substantially revised. IAS39 is Europe's answer to FAS133, the U.S. accounting standard, which requires derivatives be marked to market. EU officials have cast doubt on whether they will make the standard mandatory when it makes IFRS mandatory on Jan. 1.
IASB has issued a standard on another controversial issue, ruling that EU companies must expense stock options. Another apparent sticking point for convergence is how to best record tax benefits for employee stock-based compensation.
Earlier this month, Fritz Bolkestein, internal market commissioner of the EU, warned that the EU might have to shelve mandatory compliance of IAS39 when IFRS becomes mandatory at the beginning of 2005 if the IASB does not reach some kind of agreement with the EU.
Donald Nicolaisen, the SEC chief accountant, said the IASB proposals already on the table were of "high standard" and that he would withdraw his support for accepting the IASB filings of companies listing in the United States if they were not adopted. "Derivatives are widely used today and you need a way to account for them," he said after Bolkestein's comments. "Without that, the [accounting] standards are not complete and I wouldn't be in support of accepting filings where they don't have it."
Despite heavy lobbying from European banks and the EU's European Commission on derivatives, the board refuses to change its position. As a result, sources cited by EUPolitix.com say, banks will still manage their risk portfolios as they always have. But they will be forced to make figures fit IASB requirements ? a development that will be more costly and will reduce the reliability of accounting figures.
A new Group of Thirty (G30) report, Enhancing Public Confidence in Financial Reporting, commissioned after the last few years' spate of corporate failures has stated that it is Governance that has failed, not Accounting.
It is true that governance was the core failure in these cases. But, accounting is sleeping at the wheel, and asking to be not woken up right now is hardly useful.
Accounting, according to the G30 team, has integrity. Which, they drill down to mean these five criteria (see the doc for their definitions):
These things can be done better. Consistency and Neutrality are achieved by more and deeper automation - this is widely known.
Building on the former two, Reliability is then created by liberal dashes of crypto - sign and hash everything in site.
Once these three things are in place, Relevance and Understandability follows with public disclosure: not the sort that the accountants are thinking about - regulated, limited, formally filed reports - rather the new, open and dynamic engagement with the scrutinising public. Detail that is *outside* the regulatory environment, records that are in excess of requirements, but contribute to making a fair and open picture of a corporation.
Not, as the accountants think, by reducing the amount and simplicity of information so that the public can understand it, but, the total reverse: More quantity and more quality, so the public can ascertain for themselves what is important.
Why don't accountants think in these terms? I'd stab at this: they can't move because of the momentum of current practice and regulations. Which explains why the new trends appear in unregulated sectors such as DGCs, or previously unlisted companies such as eBay which reveals detailed statistics of its auction business.
Jeroen found this definition:
"Securities that are recorded in electronic records called book entries rather than as paper certificates."
and this one:
"a method of registering securities. There is no physical certificate. Ownership is solely reflected by an entry in the books of the issuer."
Which doesn't say much really. Still, it's their term and they get to define it. Question is, what do we call Ricardo, in contrast to "book entry securities."
In essence, Ricardo uses book entries. So do all systems of any sophistication, as book entries have gathered popularity since the 13th century invention of double entry book keeping.
Token money people - blinded bearer coins - were fond of pointing out that book entry was the problem. In a way, it was, but it wasn't that it was using books, but the inefficiencies brought in by its vague pencil & abacus approach to the whole situation. As the books were quite brief in their information, and as they were mostly updated manually, with frequent error corrections, the system can't really maintain any reliable accuracy.
RIcardo does book entry without the errors. All the information is there, and each entry only needs to be made once. Once made, it stays made. How hard is that?
However hard it was, it might not be as hard as creating a metaphor to show the difference between Ricardo and book entry securities!
Nothing much on security, but these remarks caught my attentions:
"Information integration and standards. A key point made at the conference was that large businesses, in particular, want payments system providers to understand that information about transactions (such as invoice numbers and shipping information) is critical to their use of electronic payments, for both domestic and global commerce. Many speakers identified a need for common standards to enable significant operational improvements in integrating payment and related transaction information in order to enable greater straight-through processing of electronic payments and automated reconciliation procedures."
What does this mean, in detail? Here's what I can guess at:
We have always provided an open memo field in Ricardo transactions, which could be used for any purpose, and we duplicated that in XML-X. Open XML is a possibility. And, it's within the realm of possibilities to add order numbers and other identifiers, either into the Memo, or in the actual packets.
Question is, what could be done here to make a difference? Any clues?
"A particularly important topic is how electronic payments systems can better meet the needs of business users. Business people frequently report that, from their perspective, a payment is only one part of an overall transaction or relationship with a counterparty. Other parts include orders, confirmations, shipping documents, invoices, and a variety of accounting and other information that supports a transaction or relationship. The complexity of this situation has created challenges for businesses as they integrate corporate information systems with electronic payment capabilities, and this complexity has likely slowed the adoption of electronic payments for a wide range of business purposes. I hope this conference will help underscore the need for businesses, financial institutions, technology vendors, and payments system operators to find common approaches and standards for addressing this issue."
OK, so AG is worried about "orders, confirmations, shipping documents, invoices, and a variety of accounting and other information that supports a transaction or relationship..." So there's nothing wrong with the payment, it's just everything else that is wrong?
DigiCash's eCash introduced a set of coins denominated in powers of 2. That is 1,2,4,8... This allowed the most efficient arrangement of arbitrary values, and it also means that the denomination of a coin can fit in only a byte sized integer. Quite elegant, really.
(Think about the old parable of the Chinese peasant, the chessboard and the grain of rice to see how big you can go with one just one byte. In my code I limit it to 64.)
The method I have used slightly extends the eCash method by including zero, which I believe that eCash ignored. The inclusion of zero is essential for testing purposes, as it removes the need for care and concern about the coins and the need for issuances of special currencies.
Recently, someone asked for more normal denominations as are apparent in normal national monies. There are two common sequences to my knowledge:
1, 2, 5, 10, ...
1, 2.5, 5, 10, ...
Question number 1: are there any more common sequences in use by people today?
I'm not that keen to duplicate for example the sequence of pre-decimal Sterling but it is amusing to list:
1/2, 1, 3, 6, 12
for ha'penny, penny, thrupenny bit, sixpence, shilling, and then
1, 2.5, 5, 10, 20, 21
shilling, half-crown, crown, 10-shilling, pound and finally, the guinea.
Now, once we introduce the notion of non-trivial coin sets, it is also possible to experiment. One consideration is that if one were doing an untraceable bearer token scheme, then traffic analysis occurs at the coin unit. That is, for the one person who can afford a $1,048,576 coin, he has no protection.
And, at any given coin size, there is only as much protection as the size of the pool would permit. So the obvious thing is to increase the size of the pool, by, for example, reducing the denominations. For example,
1, 5, 10, 50
1, 10, 100, 1000
The disadvantage is the larger payments and the extra signing burden, but, hey, none of my computers are doing anything right now. I'll bet your's aren't either. Why not load them up a bit?