undefined

Cleaning up the supply chain

Jonas Lundqvist, CEO at Haidrun, explores how private blockchain technology is helping to reduce fraud and add trust in the supply chain

Through the pandemic, we have seen first-hand the fragility of the supply chain, leading to empty shelves and long delays for good. The fact is that every enterprise has a supply chain of some description. They can’t exist without them, and effective management of the supply chain is at the heart of any successful business. 

While sourcing, production and logistics have clearly presented their own challenges, controlling the flow of data and funds related to suppliers and partners for components, parts, raw materials, work in progress and finished goods has always been a complex procedure. This has been compounded by the increased risk of cyber-attacks, counterfeiting and the drive for sustainability and governance, it is no wonder that supply chain fraud poses a bigger threat to organisations than ever before. 

Supply chain fraud can occur at any step in a chain. This can range from bribes offered during supplier selection and forged cheques for financing to fraudulent payments and guarantees. However, a growing and more challenging trend is corruption in supply chain data. It is a significant management challenge that can take a wide variety of forms including manipulation of provenance data, item quantity and payments information, as well as the introduction of fake and counterfeit goods into the system. 

Identifying compromises in the process is not helped by the lack of consistency and integration across the broad spectrum of technologies that support the links in the chain: from paper-based systems and legacy, analogue comms through to cutting edge integrated digital systems. People and processes connect in a combination of ways from non-secure, low-tech phone calls, emails, apps and even faxes to advanced technologies such as IoT-enabled devices, artificial intelligence (AI) and machine learning (ML). This lack of uniformity across the modes of communication creates security risk exposure in areas such as authenticity, payments and reporting.

Blockchain in the supply chain

Supply chains are created by the linkage of parts, products, services, individuals, departments and companies. With all these variables in play, a further challenge to effective supply chain management lies in how to streamline, unify and secure the flow of data. One way this can be done is through the implementation of a private blockchain platform to provide full end-to-end digital connectivity across the entire supply chain ecosystem. One of the inherent features of blockchain technology is the security of the data. As a digital transaction ledger, which records transactions shared across multiple computers that cannot be altered, cheated or hacked without everyone knowing about it, blockchain lends itself ideally to supply chain applications. It can efficiently record transactions between parties in the chain, in a verifiable and permanent way. Blockchain intrinsically embeds trust into the supply chain process.

Blockchain can also eliminate suspicious and duplicate activities by securely and chronologically logging and time-stamping each transaction. Once verified using a consensus algorithm and cryptographically sealed, the transaction is immutable and tamper-evident to everyone on the network. 

How does private blockchain work in the supply chain

While anyone can join and participate in a public blockchain, a private or enterprise blockchain empowers the business rather than any individual and allows a single authority or organisation to ultimately retain control. This makes it more attractive for enterprise supply chain management where it’s important to have a single, time-stamped, open and transparent version of the truth, but with a level of controlled access. 

Private blockchain platforms are also suited to supply chain management because they provide traceability, transparency, real-time logistics tracking, electronic funds transfer and smart contract management. Processes including negotiations support and procurement can also be connected via blockchain to build trust and confidence with new suppliers. 

While private blockchains adhere to the original principles of blockchain, they also retain some of the characteristics of more centralised, controlled networks. No one can enter this type of ‘permissioned’ network without proper authentication, making it ideal where it does not suit an enterprise to allow every participant full access to the entire contents of the database. 

Cyberattacks on supply chains are on the rise with no signs of stopping

A recent report published by The European Union Cybersecurity Agency (ENISA),  Threat Landscape for Supply Chain Attacks,  found that older frameworks used to defend against supply chain attacks no longer provide adequate security and said that organisations must find new means of securing against supply chain threats. In the SolarWinds supply chain attack of late 2020, it is reported that as many as 18,000 organisations were affected and in July 2021 Kaseya who provides software for Managed Service Providers (MSPs) was exploited by the REvil ransomware gang to infect over 1,000 customers with ransomware. The group demanded a ransom of $70 million to provide decryption keys for all affected customers.

When it comes to safeguarding a company’s sensitive information, using private blockchain supply chains not only offers a secure solution but can demonstrate provenance with full accountability even via external audits. Private blockchain also provides a higher degree of regulation set by industry regulatory codes and importantly, private blockchains do not need to use cryptocurrencies or native tokens for the network. All of this means minimal resources and participants are required to run the private blockchain, resulting in reduced costs on a far more predictable scale. 

For further information visit www.haidrun.com