Find out more
Within the network a universe of businesses that could participate as nodes on the platform. Outside of the direct network, a universe of business that can work with the network, but may have different privileges.
Share this article
Caption 03:
Lorem tore v
eri tatis et quasi archi te cto be.
Caption 02:
Lorem tore v
eri tatis et quasi archi te cto be.
How do the enterprises come together to form a business network? Is there a backer institution or investors? If so, how involved are they and what is their business make-up?
by Patrick Schmid,
RiskStream President
In our last post we asked a lot of questions. We provide some of the answers here, focusing on examples from blockchain in insurance.
Business Network and Network Operations
Enterprise Blockchain within Insurance – Answering the Questions
The Second Post in our series on Enterprise Blockchain within Insurance
If the network is brought together by an institution or business network operator, what’s that institution’s make-up? Is it for-profit or non-profit? Does that institution (which is the business operator) have a method to fund staff?
RiskStream is the largest blockchain consortium
in insurance, with more than 30 leading carriers, brokers, and reinsurers as members.
Business Network &
Network Operations
Does the institution have the ability to interact with the broader industry? Have they done anything similar (bringing competitors together) before? What’s their level of expertise within the industry?
Which parties are permitted on the business network? Could this be opened up to other parties in the future? Are there network policies in place?
Who made these governance decisions? Was it made by industry parties or others?
There are a variety of enterprise blockchain platforms and frameworks. Each has a system where certain parties decide to stand up nodes and act as validators to use applications.
Find out more
Enterprise Blockchain Platform
What’s the underlying blockchain or DLT framework? Is this framework complete? If not, who will build it? Are consultants involved? How much will that cost? Who owns the finished platform? If it’s not complete, how long will completion of the platform take? Can you build applications on the platform while completing the platform framework itself? Would a SaaS model work best?
Enterprise Blockchain Framework
Q:
A:
Q:
A:
Several attempts on blockchain networks have been attempted in insurance. Some have consisted of for-profit institutions aligning behind a concept and creating an entity (B3i and InsurWave are two examples).
The Institutes RiskStream Collaborative has a different origin story in that it was created by The Institutes and their supporting organizations. The Institutes are a 501c3 nonprofit organization with a history in the insurance industry that stretches back more than 100 years. According to their website, The Institutes “seek to make a difference in society and in the lives of individuals, families, and businesses by providing knowledge, education, resources, thought leadership and global collaboration on risk management and insurance". They have a board of approximately 50 generally CEO-level individuals that represent a majority of domestic premium volume. The concept for The Institutes RiskStream Collaborative was supported by The Institutes Board because they felt The Institutes were a logical, neutral third party to leverage a network-based technology, like blockchain, in order to streamline multiparty business processes.
Other attempts at a blockchain network operator generally supported a
for-profit entity at the helm. B3i leveraged that approach, for example. These types of models generally rely on investor support or customers of their applications to support staff.
While The Institutes were the organization that fueled the creation of The Institutes RiskStream Collaborative, The Institutes RiskStream Collaborative is a separate 501c6 non-profit membership organization. So, the business network operator is the RiskStream non-profit organization, which works with the industry participants to set and enforce the agreed upon rules/policies established by the industry network.
RiskStream is the largest blockchain consortium in insurance, with more than 30 leading carriers, brokers, and reinsurers as members. RiskStream members lead all areas of the consortium’s governance and activity. Insurance member companies and leadership work with RiskStream staff to prioritize use cases for blockchain and launch working groups to design applications, which are facilitated by RiskStream product managers. RiskStream staff are supported by membership fees, which carriers, brokers and reinsurers provide to support the Collaborative and its efforts.
Blockchain networks tend to interact with the broader industry. B3i, for example, interacted closely with the European reinsurance community and some firms in commercial lines. AAIS, which has developed OpenIDL (initially with IBM) has worked very closely with the regulatory community. InsurWave involved a blend of participants (from Maersk to EY to insurance brokers).
The Institutes and its affiliated organizations, including The Institutes RiskStream Collaborative, interact with the broader industry frequently. The Institutes have a variety of affiliate organizations that have worked bringing industry competitors together for various purposes, including communication, education and research. Some of these affiliates include Insurance Information Institute, Griffith Foundation, Insurance Research Council, International Insurance Society, Claims Litigation Management and Black Insurance Industry Collective (BIIC).
Q:
A:
Different models have been leveraged for network operations and rights within the network. Some models have focused on insurance participants, others have focused on regulator involvement.
Insurance carriers, brokers, and reinsurers can join the RiskStream Collaborative as members. According to RiskStream’s Business Network Operations Policy, RiskStream members can stand-up nodes, integrate their company node to core systems and interact with the secure, private permissioned business network through RiskStream’s blockchain enabled platform, which is called Canopy.
RiskStream has recently extended the membership concept to include entities outside carriers, brokers and reinsurers. Associate members, also can have network rights, but those rights are not the same as carriers, brokers, and reinsurers. The associate membership category consists of industry non-profits, governmental entities, regulators, core system providers (e.g. claims system providers), solution providers (insurtechs and other application builders) and collaborator parties (for personal auto use case this could include glass repair shops, rental car companies, roadside assistance organizations, etc.). These associate members don’t have the same rights as full members, but can stand-up nodes for certain applications, if approved by governing bodies comprised of carriers, brokers and reinsurers.
Q:
A:
RiskStream has sector-specific governance bodies, including advisory groups, that are made up by member company representatives (carriers, brokers, and reinsurers) and have been responsible for strategic direction. RiskStream’s advisory groups have worked with RiskStream staff to create and formalize various policies as well.
Q:
A:
Q:
A:
Various models for enterprise blockchain frameworks have been leveraged by the insurance industry. Many have leveraged consulting groups to design and build the solutions and/or develop the platform/framework itself. While these groups are very knowledgeable and tend to propel initiatives forward, interactions can be costly and it is possible they may have incentives to advise to develop new platforms, rather than leveraging off-the-shelf models.
RiskStream has worked with many technical solution providers over the years, but has moved to a off-the-shelf, SaaS model. Currently, RiskStream works with blockchain business cloud providers, like Kaleido, to develop and enhance an insurance-specific enterprise blockchain platform, called Canopy, and build decentralized applications on the platform that can streamline the sharing and verification of data within insurance. Canopy allows each RiskStream member to stand up blockchain-enabled nodes, which can be integrated to core systems (policy or claims systems, for example) to enable data exchange and verification for specific use cases or applications.
The Canopy framework is on its third iteration and is complete. A key component of this Canopy 3.0 framework, is Hyperledger Firefly, which is open-sourced and built to allow off-chain data sharing, working with a variety of of underlying enterprise blockchains. This framework also has off-the-shelf tools for privacy, digital assets that can be stood up quickly and operate with optimal security across regions.
Due to this move, consulting firms are no longer leveraged by RiskStream to support development of the Canopy platform or its applications. Having components open-sourced reduces license costs. RiskStream works with Kaleido on development, which is low cost since existing Web3-oriented modules, scripts and tools can be spun up easily on the platform — keeping the overall costs down. The movement to a SaaS framework/platform approach with RiskStream’s development partner (Kaleido) has allowed RiskStream to concentrate on network expansion and application design, and reduce overall fees for application build and run.
Hyperledger FireFly is the first open source Supernode: a complete stack for enterprises to build and scale secure Web3 applications.
Is the framework tied to one specific enterprise blockchain or DLT? What are the pros/cons of being associated with only one DLT or blockchain platform? What are application build costs a function of? What’s the level of security? Is it SOC 2 certified? How does the framework deal with privacy and compliance (GDPR)?
As blockchain developed within insurance, many leveraged an initial enterprise blockchain and those efforts were tied to the underlying DLT platform network. For example, B3i was heavily tied to the R3 Corda network, while AAIS was more closely tied to Hyperledger Fabric blockchain backbone. In addition, the industry has learned about pros and cons of storage of certain information and the benefits of private and secure off-chain data exchange and each blockchain network has attempted to provide solutions to these challenges.
RiskStream’s Canopy 3.0 is not tied to one specific enterprise blockchain or network. It’s network is based on the RiskStream consortium and this network can operate with various underlying enterprise blockchains, including Quorum, Corda and Hyperledger Fabric through the Canopy platform. This flexibility, leveraging Canopy and it’s FireFly off-chain capabilities, allows RiskStream to develop applications very efficiently on the platform.
Security and privacy are top of mind for carriers, brokers and reinsurers. Any blockchain solution leveraged by the industry has to ensure world class security and privacy. The RiskStream platform is SOC 2 and ISO certified. It leverages off-chain capabilities to ensure compliance with GDPR and CCPA, ensuring that private data is handled very rarely and when it is it is never stored on an ‘immutable’ ledger.
Q:
A:
RiskStream’s Canopy 3.0 is not tied to one specific enterprise blockchain or network
Is there potential for the private permissioned blockchain network to interact in any way with public blockchains? How?
RiskStream’s Canopy 3.0 paves the path for an enterprise blockchain network to tie to public blockchains. Today, Canopy 3.0 has potential to work with layer 1 blockchains, like Ethereum and Avalanche, while also showcasing the ability to work with lower-cost layer 2 blockchains, like Polygon or Optimism. This sets the stage for enterprise-specific exchange to occur on an enterprise blockchain, but interaction with public blockchains for asset tracking (via NFTs) and other policyholder-oriented use cases. Indeed, public blockchains could very useful for consumer-facing applications, while the same backbone, Canopy, could be leveraged for B2B data sharing applications.
Q:
A:
Decentralized Applications
Decentralized applications are built for business purposes of the network participants on the platform. The goal is often to make multiparty business processes more efficient.
Find out more
Decentralized
Applications
In terms of applications, are there a good amount of multiparty business processes within that area sector? Is there a governance method to select use cases? Is the application portfolio diverse? Is there a process to fund applications? Is there a process to concentrate resources on concepts that have the most support?
Across the array of blockchain insurance initiatives, most have focused on different areas of insurance. B3i, for example, primarily focused on European reinsurance, whereas InsurWave has focused on marine insurance. These other efforts were likely reliant on initial investors to fund application build.
The Institutes RiskStream Collaborative has primarily been focused on the domestic US market and designed solutions for private passenger auto, commercial auto, surety bonds, life & annuities, and other areas. RiskStream has explored new blockchain technologies with the industry through RiskStream Explores and has worked with the industry to source new use cases and have worked with RiskStream Advisory Boards to prioritize, launch and execute on new lab working groups for a specific use-cases.
RiskStream’s Product Design, Development and Launch Process works in five phases:
Q:
A:
*** Sometimes use cases emerge from member input, other times use cases emerge from educational series or InsurTech vetting within RiskStream Explores. Either way, RiskStream has a use case backlog and works with advisory boards and committees to rank projects based on a desirability, feasibility, and viability approach***
Phase 1 — Kick-off Phase
Open to the entire industry, both RiskStream members and non-members. The goal is to discuss the use case’s business problem and collaborate on designing a multi-party business process solution using blockchain technology. Over the last year, more than 150 non-member firms (carriers, brokers, or reinsurers) were involved in RiskStream Labs Phase 1 sessions across initiatives within Surety Bonds, Commercial Auto, Life & Annuities and more. Sessions are generally once a month for several months.
Phase 2 — Proof of concept
Participants from Phase 1 determine if they want to self-fund a proof-of-concept (POC) application to be built on RiskStream’s Canopy platform for that specific use case. A threshold POC development cost is established with the development partner, Kaleido, and RiskStream works with participants to self-fund. Members of RiskStream either receive a steep discount or pay nothing, non-members pay a premium, but the overall price is still very reasonable. The design for the proof of concept is worked on with participants over 12 weeks, with a testable product delivered at the conclusion.
Phase 3 — Pilot
This is an optional phase. RiskStream’s Advisory Groups provide advice on whether POCs that are completed in Phase 2 will move beyond to Phase 3 or straight to Phase 4. At this point, membership is a requirement to engage in working sessions, testing, and node set-up.
Phase 4 — Production build
During the production build phase, development of the production variant of the application takes place. Individual business cases for the application are published and reviewed. Production nodes are stood up. Security is reviewed with internal teams. The production-hardened application is tested by members and integrations into core systems are also tested.
Phase 5 – Adopt and Run
RiskStream works with interested members on adoption plans. This may include contracts, run fee and early adopter incentive reviews and discussions. Early adopters begin running production transactions through the Canopy platform for that specific application.
Is there a process in place for testing and completing applications? Are there business cases available? Is there a run fee concept in place? Is running applications cost efficient? Who owns completed applications? Are early adopter incentives offered for network applications?
Within its pilot and production phases, RiskStream has developed a process for individual testing and cross-testing applications and has worked with members to create industrywide and company-specific business cases for application adoption. The cost to run applications has a cost-efficient funding method. For applications close to production, early adopter incentives are established to ensure the first adopters are rewarded by the network with late entrants receiving no such benefits.
For the RiskStream network, consortium-oriented applications keep the IP with RiskStream. However, it is possible for a proprietary application to be built on RiskStream’s Canopy network by a carrier, broker, or reinsurer and for that organization to maintain IP.
As we’ve illustrated here, there have been vastly different approaches leveraged for blockchain within insurance thus far. It’s likely that existing approaches will take hold and some new networks may emerge. The successful attempts at enterprise blockchain (for data exchange, verification and cross-party payments) will have a key focus on multiparty business process challenges; an existing network of participants to design and adopt associated apps; an efficient, flexible and secure underlying platform; and a method to fund and support all of the above. It will also be vital to have R&D available to showcase potential of connecting private/permissioned networks to public blockchain networks.
Patience is also vital as enterprise blockchain is often linked in with deep technology — a concept that will lead to radical disruption, but takes a longer time from research to market-ready returns for initial investors. That said, projects will work out and those that were patient will benefit greatly. We’ll explore this side in our next post coming soon.
Q:
A:
The partnership with Kaleido has allowed RiskStream to reduce overall fees for application build and run.
< Previous Article
Share this article