A better way to risk score using transaction weight and trends. (Patent pending)
A risk score calculation via distributed trust and automated confirmations (Patent pending)
A secure method of proposing nodes in an ethereum based consortium network. (Provisional patent issued)
A system to generate automated confirmations via a proof of transaction in blockchain systems. (Provisional patent issued).
We also have 8 patents pending which we cannot disclose at this point until our applications are submitted and provisional patents issued.
The Ledgerium & Block Ledger team is highly focused on security and makes sure all products are being built with the objective of securing confidentiality, integrity and availability requirements as well as applicable privacy security laws and regulations. Our Information security team is engaged in product development process from conception to deployment and tests all the builds against all known security threats. Once deployed, we use method of ‘Continuous monitoring’ to ensure high level of confidence in the protection of valuable data. Our infrastructure is hosted within industry-leading data centers with certifications on SOC1/SOC2/ISO 27001/NIST/CSA/FedRAMP. These secure facilities offer environmental protection, advanced network security, and both the processes and appliances to maintain the highest levels of data security.
ISO 27001: Block ledger is working towards a self-audit of ISO27001 which is the de facto standard for compliance of IT systems. Most of our infrastructure is already hosted on Azure and AWS which meet all these standards, but we will also be completing this internally for all systems in use. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).
SOC1 Type 1 & 2: As a company that wants to audit everything, we understand we need to start internally. Block Ledger is currently going through intensive policies and procedures which are all documented internally. Using these IT and systems controls we will be publishing an SOC report which is also a requirement for us to work with the financial partners listed.
ESIC: Block ledger has been assessed by Australian Tax Authorities as an ESIC (Early Stage Investment Company). This allows our investors to invest in the company with great benefits as tax credits. Based on our products, and technology and after a thorough review we were awarded this status in June 2019 and is valid for the next three years. The assessment is based on a 100 point innovation test and both our products and IP met the given criteria.
ASA 505: The ASA 505 is an auditing standard for automated confirmations. It allows an auditor to receive confirmations for a transaction that may be suspect from a trusted third party. Our product Luca+ is helps gather the audit evidence in a 100% automated and fool proof way. Traditionally when the standard was written it was aimed at secure email or web delivery with a third party bank. Since we have removed the banks, this is now 100% automated confirmations for all transactions. Source: https://www.auasb.gov.au/admin/file/content102/c3/ASA_505_27-10-09.pdf Open Banking: Our products in Luca+ and the open banking micro-services we offer are a link between current banking APIs and the blockchain. We use the data available to reconcile transactions. Currently the Open Banking spec in Australia is being developed by the top banks and IT teams and we are an active part of the eco-system. All our micro-services have been written with the spec in mind. Currently Luca+ uses third party links to talk to 73 banking and financial institutions and we hope to expand this to other countries like Hong Kong where Open Banking is available.
BIS 3.0 & PEPPOL: One of the core requirements for our products to enable e-invoicing in Australia was the adoption of the BIS 3.0 standards as defined by the European Union. The PEPPOL standard and its sub-set BIS defines how an invoice and procurement can be initiated across borders, IT systems and different standards with a universal language. It also allows real-time reporting on all transactions in a universal language, and the possibilities that open up once this standard is more widely used are immense. This includes real-time tax forecasting, discouragement of black economies, and adoption of world-wide standards. Luca+ and our e-invoicing services will allow not only our own products to use these features, but these are fully integrated into Ledgerium to allow time-stamping along the process of the entire transaction lifecycle. This is currently in production.
Source: https://peppol.eu/peppol-bis-billing-3-0/ ISO 20022: ISO is proposing a universal financial language. While we have not converted our systems to 20022 yet, we are fully compliant and can easily translate financial data using the micro-services. This along with the fact that we can propagate these financial transactions over a trustless chain opens up a lot of financial possibilities where IT systems can communicate with each other without needing any manual intervention or audits. The PEPPOL standard currently also covers a large portion of the same standards, however our aim is that when adoption increases our micro-services will already be compatible as will most of our financial products. Source: https://www.iso20022.org/