Distributed ledger technology for securities clearing and settlement: benefits, risks, and regulatory implications

This article outlines the benefits and risks of the distributed ledger technology (DLT) for the clearing and settlement of exchange-traded and OTC securities, followed by a description of the technology’s potential role for central counterparties and central securities depositories. Although the industry and scholars are attempting to solve the technological and operational issues that DLT systems still face, outstanding legal risks are such that the financial industry is asking for more regulatory guidance and intervention. This article wants to contribute to the public policy debate by presenting potential regulatory barriers that may have to be removed for DLT to be fully adopted. In addition, it identifies areas requiring an update of the legal framework in order to address certain prudential and conduct risks that this technology could introduce.

infrastructure costs attributable to cross-border payments and trading of securities by $15-$20 billion. The World Economic Forum (2015) even estimates that by 2027, up to 10% of the value of the global GDP will be stored on blockchains.
Although financial institutions have yet to demonstrate that DLT is a viable and sustainable solution to cover the complete securities trade cycle (i.e. trading, clearing, and settlement), they developed several proofs of concept in particular niches 2 of the trading and post-trading ecosystem. A non-exhaustive list of examples: the Australian Stock Exchange cooperated with Digital Assets to use DLT for the clearing and settlement of equity transactions (McDowell 2017); Nasdaq and SEB constructed a mutual fund trading platform based on the blockchain technology (Parsons 2017); Overstock.com launched a closed-system trading platform for the sale of its own proprietary blockchain (Ryan and Donohue, 2017), Nasdaq launched Linq to enable private securities issuance (Peter and Vishnia, 2016), the French central securities depository (CSD) 'ID2S' applies the blockchain technology to issue French commercial paper, and the Canadian Securities Exchange developed a DLT securities clearing and settlement platform to allow companies to issue equity and fixed income securities via security token offerings .
With respect to the usage of DLT to cover the complete securities trade cycle (i.e. from trading to clearing and settlement), it is not yet clear from previous literature or observed proof of concepts whether DLT would in fact have a large impact on the trading (i.e. the agreement to buy and sell securities) of securities itself. According to the International Securities Services Association (ISSA, 2019), no full-scale DLT system is fully live so the wider implication of DLT in terms of business model impacts is not yet known. According to some industry participants (see e.g. Goldman Sachs, 2016;Euroclear, Oliver Wyman, 2016), and scholars (see e.g. Fico, 2016), trading venues or other trading facilities are likely to be less affected as participants of these infrastructures still need to find counterparties, which is not going to change when using DLT. Also, according to Peters and Panayi (2016), buyers and sellers could act first through brokers (i.e. trade level) and then create a transaction for the transfer of that amount of the asset, which is then transmitted to the network and verified. Yet, given the characteristics of the technology (see infra), posttrading (i.e. clearing and settlement) and trading could become more intertwined in a DLT environment compared to the currently sequential processing of securities. Some scholars even argue that the transaction phase and clearing-and-settlement phase will be the same (Malinova and Park, 2016). This would imply that there is in fact no longer a distinction between trading and post-trading and the role of post-trading market infrastructures gets strongly reduced (see Peters and Panayi, 2016). Trading venues might develop their own way of clearing and settlement using the DLT technology, thereby making a CCP or CSD no longer needed. However, there is also a possibility that market participants rather introduce the technology in a step-by-step manner thereby first 2 In theory, every asset (e.g. securities, real estate, gold, etc.) can be transformed into a digital form for transactional purposes (Ryan and Donohue, 2017;Lewis et al. 2017). Nevertheless, firms often do not have clarity yet over the corporate and securities laws that will apply in case these physical assets are transformed into e.g. tokens (see infra). In certain countries, like France and the state of New York, certain tokenized securities can legally be considered as an asset under the domestic law, but this is not the case in every jurisdiction and can depend on the type of security that is tokenized (see IOSCO, 2019). This is one of the reason why institutions are currently focusing on certain niches as a pilot. A detailed analysis of the applicable domestic corporate and securities laws is out of scope of this article.
focusing on the post-trading environment where most inefficiencies (i.e. reconciliation, manual processing, long custody chains, etc.) can be removed. This might be the reason why numerous exchanges are exploring the technology to apply it to clearing and settlement activities.
Another possibility is that CCPs and CSDs themselves start using the technology. A CCP could gain a better visibility of all dependencies when having access to a blockchain thereby gaining the ability to make better estimations of the risk and the level of pre-funded assets and margins required (see Platt et al. 2017). When the pilot cases get further operationalized, it will become clearer how the entire ecosystem will evolve due to the technology.
With respect to OTC derivatives that are not traded on a trading venue, DLT is also believed to provide numerous benefits. The reason is that the clearing and settlement of OTC derivatives nowadays involves a variety of manual actions and burdensome tasks including the continuous valuations, maintenance of records about ownership, and arrangements of cross-system margin obligations. OTC derivatives trading is more costly due to the increased amount of required collateral that has to be exchanged with the CCP or bilaterally. DLT and smart contracts (see infra) could optimize the calculation and posting of margins more efficiently, thereby realizing financial cost savings for market participants. Finally, DLT can be used to reduce the long custody chains that are involved in cross-border transactions of exchange-traded securities, but especially in case of OTC derivatives transactions (see infra).
Hence, also in the OTC derivatives market, several pilot cases are being developed. For instance, the Canadian portfolio company Fairom is developing a DLT-based solution to automate back-office operations for OTC derivatives with the intention to realize a 30% decrease of costs for financial institutions managing these financial products. DTCC initiated the creation of a solution for credit derivatives processing, like credit default swaps trades, on a DLT network. Furthermore, ISDA, in cooperation with REGnosys, developed the Common Domain Model (CDM) to provide a global representative standards for all events and actions occurring during the life of a derivative trade onto a smart contract blockchain.
The large number of examples illustrates the broadly accepted view of the financial industry that this technology could yield a large number of benefits (see infra). 3 Yet, there is widespread belief in the industry that the operationalization of DLT is going to be a gradual step-by-step evolution rather than a big bang revolution. Indeed, market participants might not be willing to write-off their investments in existing technologies at a fast pace. This means that market participants might first focus on segments where most efficiencies can be realized (i.e. segments where there is still a lot of manual intervention, timelines are long and costly and/or potential errors are high). In a later step, they might then focus on the entire trade life cycle. According to the German Banking Industry Committee (2016), DLT and legacy systems are likely to exist in parallel for the next 20 to 30 years, with a gradual adaptation of the technology. According to ISSA (2019), DLT networks will co-exist alongside legacy market infrastructures for the foreseeable future. Market forces are almost certain to create an eco-system with multiple ledgers; some of which integrate issuance, trading and settlement, and some of which will specialize in settlement (ISSA, 2019). DLT is still suffering from various internal and external barriers, such as the complexity of a transition from legacy systems to DLT-based systems, negative public perception issues linked to cryptocurrencies, inertia in the mainstream adoption of the technology, and unclear government regulation (Swan, 2015;Mainelli and Milne 2016;Goldman Sachs 2016). The latter will be the main focus of this article.
As market participants are still exploring and it is thus yet unclear whether the focus will be on trading or post-trading, this article assumes that DLT will be first applied to the post-trading activities, both for exchange-traded securities and OTC derivatives, as most inefficiencies can be tackled there.

Regulatory developments
Over the last few years, the financial industry has advocated more regulatory guidance (e.g. ECSDA 2017) and/or an update of the legal framework for providers or users of DLT (e.g. Goldman Sachs 2016;German Banking Industry Committee 2016;Polish Bank Association 2016;Caceis 2016). According to the German Banking Industry Committee (2016), DLT systems work in a fundamentally different way compared to legacy systems and thus a different regulatory approach is needed. Existing regulations reflect a conceptualization of what financial markets currently look like, and at the time the requirements were drafted, legislators could not have foreseen that DLT could become important for financial markets. This view has been confirmed in 2017 by the Bank for International Settlements (BIS), stating that new legal and liability frameworks are needed to make sure that the legal underpinnings of DLT arrangements are sound, that their governance is robust, and that appropriate data controls are in place.
Several regulatory initiatives have been launched to examine the potential influence of DLT on the (post-) trade ecosystem and to assess the need for new financial regulations or a modification of existing ones. For instance, the European Central Bank's Target2-Securities (T2S) Harmonization Steering Group decided in August 2016 to create a task force on DLT to assess the impact of this technology on post-trading and European financial market integration. In February 2017, the BIS published an analytical framework, with key questions for the industry on the use of DLT in payments, clearing, and settlement. The document intends to facilitate central banks and markets authorities to detect the opportunities and risks of DLT arrangements in their conceptual, experimental or implementation phase. Yet, the BIS framework does not include principles that the industry should adhere to.
At the same time, the European Securities Markets Authority (ESMA) published a report outlining its views on DLT when applied to financial markets. The report discusses the potential risks and benefits of DLT under several scenarios and reflects on the potential interaction with existing EU rules. ESMA's position is that regulatory action would be premature at present, because the technology is still evolving and the number of practical applications is limited. Yet, ESMA acknowledges that certain concepts or principles, such as the legal certainty attached to DLT records and settlement finality (see infra), may require more clarification.
In April 2017, the European Central Bank confirmed that it considered the blockchain technology as not mature enough for an inclusion in the Eurosystem's financial market infrastructure but that it would closely follow its evolution. Together with the Bank of Japan, the ECB has already developed several DLT prototypes for the exchange of securities against cash.
In July 2017, the European Commission launched a European expertise hub on blockchain technology. This expertise hub started a study to examine the feasibility of a EU blockchain infrastructure and will also reflect on the conditions needed to achieve an open, trustworthy, transparent, and EU law-compliant data and transactional environment (European Commission 2017). The European Commission's Joint Research Center and the Directorate-General for Internal Market, industry, entrepreneurship, and SMEs also launched the #Blockchain4EU project to develop industrial use cases for blockchain and DLT.
In July 2018, the Financial Stability Board developed a framework and identified metrics to monitor financial stability implication of crypto-assets (FSB 2018). Its securities and markets stakeholder group provided in October 2018 an advice to ESMA on initial coin offerings and crypto-assets where the key request for ESMA was to provide level 3 guidelines to aim at supervisory convergence on whether crypto-assets can be considered as transferable securities under MiFID II. Hence, European legislators are examining whether virtual securities can legally be considered as securities.
On a national level, the UK's Financial Conduct Authority (FCA), launched a discussion paper on DLT in April 2017 stating that it will maintain a technology-neutral approach to regulation. The FCA considers its rules flexible enough to accommodate the use of DLT by regulated firms and has thus not yet proposed any changes (FCA 2017). Similar to the regulators from Singapore and Australia, the FCA did launch a regulatory sandbox, which allows firms to test in a monitored environment innovative products, services, and business models. This sandbox allows the FCA to closely monitor DLTrelated market developments in order to be prepared to review its rules if specific developments would require so.
Certain regulators, like the Australian Securities and Investment Commission (ASIC) and the Belgian Financial Services and Markets Authority (FSMA) preferred to launch innovation hubs. These hubs allow to have discussions with the industry and provide support and guidance to (regulated and unregulated) firms navigating the regulatory framework.
It is clear from these initiatives that regulators are monitoring the rapid development of DLT to identify any need for regulatory action. Nevertheless, reflections on the usage of DLT for securities transactions are still in their infancycurrently at the level of whether virtual securities should legally be considered as securitiesand there are currently very few federal US or EU regulations applicable to the institutions wanting to provide or use this technology. 4 The large majority of legislators are of the opinion that it is too early to draft hard law because it could be an impediment to innovation and because it is still insufficiently clear whether any specific DLT solution will be widely adopted in the securities markets.

Literature overview
As trading, clearing, and settlement institutions are currently examining the best possible blockchain solutions, no empirical data is available yet to execute rigorous empirical analysis. This article is therefore based on a systemic literature review, comparable to those of Corbet et al. (2019), Seebacher and Schüritz (2017), Zhao et al. (2016), and Konstantinidis et al. (2018). The main findings and conclusions are then compared with the relevant European regulations. Articles in peer-reviewed journals received a higher priority than working papers. Yet, as documented by Seebacher and Schüritz (2017), peer-reviewed literature on DLT only increased since 2015 and most of those are mainly based on available white papers and practitioneroriented sources. Hence, the latter cannot be ignored to base the arguments of this paper on.
According to Risius and Spohrer (2017), there is a dominant concentration of academic work confined to the disciplines of computer science and information systems research focusing on the technical design and features of the blockchain technology (see e.g. also Yli-Hummo et al. 2016;Morisse 2016;Glaser and Bezzenberger 2015). According to these scholars, current research has neglected the applications, value creation, and governance related to the blockchain technology and focused mainly on technological issues such as data access, types of permissioning, consensus mechanisms, and scalability. Since then, the economics and finance literature on this topic evolved further thereby describing the technology and its characteristics for e.g. bitcoins (e.g. Böhme et al. 2015), fraud detection (Cai and Zhu 2016), smart cities (e.g. Sun et al. 2016), and securities markets (see e.g. Caytas 2016; Pinna and Ruttenberg 2016;Mainelli and Milne 2016;Micheler and Von der Heyde 2016;Klimos 2018).
In addition to the computer science, finance, and law literature, also the political science literature shows interest into DLT. That is, certain techno-libertarians hold the extreme view that DLT could underpin the existing political systems and government models, because it questions the traditional role of the government and its centralized institutions, such as market authorities (see e.g. Paquet and Wilson 2015). Yet, according to Atzori (2015), the role of the state is a necessary central point of coordination in society and there could be key risks related to a dominant position of private powers in distributed ecosystems.

Significance of the article
As documented above, the existing academic studies focused mainly on the technological state-of-practice, the advantages, and/or (dis)advantages of the technology itself. By devoting considerable attention to the application of DLT, this article builds further on the existing literature and addresses broader financial and judicative questions. Indeed, this article does not only focus on the 'platform' level of analysis but also on the 'users and society', 'intermediaries', and 'firms and industries' perspectives of the social media framework developed by Aral et al. (2013). It thus first describes the current post-trading landscape without the usage of DLT and compares it to a possible DLT post-trade system. It pinpoints the benefits and risks that this technology might bring to market infrastructures and their users when applied to clearing and settlement.
In addition, as it is currently unclear whether this technology constitutes a threat or opportunity to post-trading financial market infrastructures, this paper granularly discusses the future role of central counterparties and central securities depositories. The paper hereby illustrates how their business models may have to change and which ancillary intermediary services they might offer. By providing valuable first insights on the future for these institutions, this article meets the request of Risius and Spohrer (2017) for more investigation on the impact of DLT on the type of services provided by organizations, thereby detecting which ones can reasonable be programmed and automated or rather may become obsolete.
As scholars have not yet devoted much attention to the regulatory aspects, and literature on regulatory implications of DLT applied to clearing and settlement is rare, this paper combines insights from the finance and law literature and document the potential regulatory barriers to a full adoption of DLT. In addition, this article identifies areas requiring an update of the legal framework. In this paper, our main theoretical argument is that existing regulation acts as a barrier while it does not accurately capture all the risks that this new technology brings to market infrastructures, their users, and society as a whole. Although legislators might think that it is premature to regulate providers and/or users of this technology, a reflection on this matter is worthwhile. When this technology fully materializes, it will introduce risks that could have to be addressed by legal action. A timely reflection on these risks and requirements may speed up the regulatory process when it is due.
In addition to the computer science, finance, and law literature, this article contributes to the political science literature. By examining whether regulation and monitoring by market authorities is not an unnecessary burden and is required to cope with new risks, this article contributes to this stream of literature and provide a more nuanced view than Atzori (2015). This article indeed does not claim that governments and authorities are illegitimate, unnecessary, and obsolete but proposes an update of the existing rules to cope with newly-introduced technologies.
This article often refers to Anglo-Saxon legislation but is more targeted at the European landscape. The main reason is that the USA has only a handful of post-trading market infrastructures, while the European market is fragmented and diverse. Yet, numerous insights and conclusions can be generalized to non-EU settings, given that European regulations applicable to market infrastructures are based on international guidelines, such as the CPMI-IOSCO (2012) Principles for Financial Market Infrastructures. This topic is also important to non-European countries, given that non-European investors -especially credit institutions located in the USA -are often participants of European central securities depositories or clearing members of central counterparties.

Trading, clearing, and settlement without DLT
Before this article discusses the potential impact of DLT on clearing and settlement, it first explains how these aspects of the trading life cycle currently work without DLT. 5 In addition, the custody holding chain is explained.
The custody holding chain explained Figure 1 shows the custody holding chain and shows eight examples of different relationships between end investors, funds, and participants of a CSD. 6 Example 1 of this figure displays a direct holding system. 7 Examples 2, 3, 4, and 5 then illustrate indirect holding systems, whereby the clients of an issuer CSD are not always local participants, like domestic credit institutions or investments firms, but can also be global custodians, investor CSDs, or depository banks. As documented by Priem (2018a), investors have no direct relationship with the CSD in these indirect holding systems: they have established relationships with the clients of the CSD that provide safekeeping and administrative services related to the holding and transfer of financial instruments on behalf of their customers.
Examples 5 to 8 display CSD links, where one CSDthe investor CSDbecomes the client in the securities settlement system of another CSD, which can be another investor CSD or the issuer CSD. In Europe, with an average of one local CSD per country, CSD links are used by market actors active in different Member States. Without such CSD links, they would have to become a participant of every domestic CSD, which would be costly.

The trade life cycle
In order to examine the influence of DLT for clearing and settlement, this section first presents the entire trade life cycle, of which clearing and settlement are only the last two phases. Figure 2 is a simplified representation of the security leg of the trade life cycle. Trading, clearing, and settlement currently take place in multiple sequential steps.
In the trade execution phase, a buy side and a sell side client/investor, acting through their respective brokers, seek to buy and sell financial instruments to each other on a trading venue, 8 which serves as a meeting point for all buyers and sellers. Alternatively, the trade can take place over-the-counter.
When the trade is executed and the clearing phase starts, the sell instruction and buy instruction are forwarded to the central counterparty (CCP). A novation takes place, whereby the CCP acts as a buyer to the seller and a seller to the buyer. The clearing members, being the direct clients of the CCP acting on behalf of the buy side and sell side clients, post collateral to the CCP to mitigate the latter's credit and counterparty risk. They will need to post (or collect) collateral in function of the financial instruments' value changes until the instruments finally mature.
After the novation, the CCP will forward the settlement instruction to the CSD. The CSD will operate the securities settlement system by crediting and debiting the securities accounts of its participants, acting on behalf of the buy side and sell side clients, respectively. In case of net settlement, 9 these instructions were first netted by the CCP in order to lower the outstanding positions of its clearing members, thereby reducing their liquidity requirements.
The large majority of European CSDs nowadays outsource their settlement service to the Target2-Securities (T2S) platform operated by the Eurosystem. This pan-European platform was launched in 2008 and became operational in 2015. Its main objective is to achieve an integrated and harmonized securities settlement infrastructure via a centralization of the settlement in Europe. This integrated model, where CSDs are interconnected through a single platform, intends to enable cross-border real-time settlement inside Europe. The CSDs Netting is the process where the obligations between participants are offset against each other, thereby reducing the number and value of payments or deliveries that are needed to settle the set of transactions. Deferred net settlement is a settlement mechanism which settles on a net basis at the end of a predefined settlement cycle. A real-time gross settlement system, by contrast, is a settlement mechanism where settlement occurs in real time and individually on a transaction-by-transaction basis for the full value.
connected to T2S still have their own accounts. The balances reflected in their ledgers are automatically updated and realigned. The final ledger remains legally within the remit of each CSD's regulatory and legal framework (Pinna and Ruttenberg 2016).
As illustrated by the two figures above, the current financial industry structure is dominated by centralizing institutions. The trade life cycle and custody chains can be long, with numerous intermediaries having their own proprietary databases with overlapping information on transactions, 10 leading to a lot of duplication. Participants in the post-trade value chain often need to manually update their digital records to reconcile them with any change that occurred in the records of counterparties at a different level in the holding chain, leading to a considerable operational risk (Pinna and Ruttenberg 2016;Goldman Sachs 2016).
Furthermore, the long chain of custodians has led to the creation of 'intermediated securities', which have given rise to a number of undesirable issues, especially in the case of crossborder transactions. Examples are the loss of control over the security by the ultimate investor and legal uncertainty because securities laws not being harmonized (Avgouleas and Kiayias, 2019). Indeed, long custody chains make it more difficult for ultimate investors to enjoy their investor rights, like exercising their voting powers at the general assembly. The investors can often only claim against the immediate custodian who can then claim through the chain of sub-custodians and so on (Micheler, 2015). The rights of ultimate investors do not depend only on what is included in the contract between them and their immediate custodians but also on what is included in the contracts entered into between the other (sub) custodians of the chain. According to Micheler (2015), the rights of the investor revert to the lowest denominator implying that long custody chains can only reduce investor rights rather than to improve them. In long custody chains, corporate actions also need to be processed up and down the chain by all intermediaries between the issuer and the ultimate account holder, which can be burdensome in case of equity and fixed income securities (Keijser and Mooney Jr. 2019). In the case of cleared OTC derivatives, the risk concentration within CCPs also give rise to systemic risk concerns, as these institutions are considered as too big to fail (Avgouleas and Kiayias, 2019).
Trading, clearing, and settlement with DLT As stated above, financial institutions have yet to demonstrate that DLT is a viable and sustainable solution and it is not yet clear from the pilot cases whether the trading and post-trading segments will become more intertwined. It is thus still unclear which DLT system in terms of operational functionality would be most suitable for the clearing and settlement of securities. Because most inefficiencies are situated in the post-trading segment, the assumption is made that these will be addressed first before the various segments of the trade life cycle are potentially merged into one DLT solution.
This section outlines a potential DLT system, in order to pinpoint the risks and benefits of this technology. 11 This (fictitious) example is based on Euroclear and Slaughter and May (2016), Pinna and Ruttenberg (2016), and Finra (2017). It is only one potential example of what a DLT system could look like. 10 E.g. volume, value, identifiers of the counterparties, timestamp, etc. 11 A discussion of the specificities of the technology itself or a detailed overview of the technical details of DLT is out of scope of this article and is already elaborated in great detail in e.g. Pinna   3 represents this DLT system. As the system is decentralized, all clients would have a copy of the ledger recording the securities, 12 the ownership details, and the entire transaction history of each security (Swan 2015). When two clients enter into a trade (i.e. the trading phase), they would first sign the transaction by applying their private keys to unlock the securities and then transfer the ownership to each other via their public keys. 13 The signed transaction would be broadcasted to the entire system in order to be validated. The validation process would then be executed by other clients, comparable to what 'miners' do in a Bitcoin system.
More specifically on the validation process, which is a necessary step before the ledger can be updated, a consensus-based verification process would be used, 14 meaning that a consensus has to be reached between several participants of the system on the validity of the underlying database.
One of the key goals of this validation process would be to ensure that the seller is the rightful owner of the securities being sold, based on the transaction history recorded on the DLT system.
Several consensus techniques exist. 15 One possibility could be that the originator of the transaction first needs to provide the hash value 16 of the latest version of the ledger and validators would then check whether the correct hash function was provided 12 The digital assets may be created on the network itself or may be digital representations on the network of the physical assets (Finra 2017). Digital assets that are originated on the ledger are called 'native assets' or 'native tokens', while assets that are represented electronically on the ledger are referred to as 'non-native assets' or 'non-native tokens' (BIS 2017). The whole process of issuance of securities and the concept of tokenization is out of scope of this article. 13 Asymmetric key cryptography, where a public and a private key are used, is often applied in the case of cryptocurrencies. The receiver (e.g. beneficiary) can send his public key (representing the 'address' where the digital asset is located on the network) to the sender, where the sender encrypts the message with the receiver's public key. Then, the message is sent and the receiver opens it through his private key (i.e. the code that gives the holder access to the assets when it matches with the corresponding public key). Both private and public keys are mathematically linked, often based on elliptical curve cryptography (see Bheemaiah 2017) meaning that the private key can decrypt the information that is encrypted only with the corresponding public key, and vice versa. The private key is known only to the beneficiary. If the beneficiary loses the key, it also loses the right to dispose of the assets, so it is important for this party to properly protect its private keys. As an alternative, 'Pretty Good Privacy' (PGP) was build in order to ascertain a user's trustworthiness. PGP is a public key cryptographic package that provides sender authenticity, message integrity, and non-repudiation of the sender (see Duane and Anteniese 2015). 14 For an accurate definition of a consensus and a thorough overview of consensus models, please see Zang et al. (2019) 15 There are multiple alternative consensus mechanisms, such as proof-of-stake algorithms where the creator of the next block is chosen via various combinations of random selection and wealth (i.e. the stake) and proof-of-work mechanisms where the validators have to computationally solve intensive puzzles (Swan 2015, Finra 2017. 16 Hashing is running a computer algorithm over a content file generating a compressed string of alphanumeric characters (i.e. the hash function). These cannot be back-computed into its original content. Every digitalized financial instrument, represented by records, could be transformed into a hash string as a unique and private identifier, meaning that the hash function itself depends on the transaction data, the identities of the counterparties, and the result of previous transactions (Goldman Sachs 2016). It is not possible to infer the values of the data from its hash, while it is easy to compute the hash from the given data values. Every time that a validator wants to check that the records are still the same and no modification has been done, the same hash algorithm is run and the hash signature should be the same as before. The hash string can also be used as text in blockchain transactions, thereby proving that e.g. the actual assets exist. This way of working can be considered as a secure timestamping function of when a specific attestation has been executed (Swan 2015). A new version of the distributed ledger would also include the hash of the previous version, which allows a validation of the new version of the ledger by checking whether the fixed-length output corresponds to the hash included in the updated version (BIS 2017). Each block will thus contain a hash function reflecting the contents of the previous block, which itself will include a hash function referring to a block even more adjacent to the initial block. Hashing is a method to make the blockchain immutable and also helps in ensuring that the seller is the rightful owner when past transactions are referred in the blockchain and show that the seller initially received the asset and has not yet sold them (Lewis et al. 2017). (Pinna and Ruttenberg 2016). If this is the case, the new transaction would also be cryptographically hashed and permanently recorded. It would thus be difficult to add wrong transactions to the ledger without the consent of the relevant parties involved in the process (Goldman Sachs 2016). A cyber-attack of a DLT system would be very hard, as the attacker would have to attack the majority of the validators in order to be successful (Klimos, 2018). This step also implies that the ledger would be constantly growing because new transactions would be added after each validation.
In case transactions are added in 'blocks' to the ledger, the term 'blockchain' is used rather than DLT. These blocks are chained to each other via a time stamp. Because of the chaining and the use of hash functions, a malicious client or hacker wanting to change a transaction would need to change not only the transaction and its time details, but also every other transaction in the previous blocks, making a blockchain rather immutable (Bheemaiah 2017;Euroclear, Oliver Wyman 2016). After the validation, all participants of the DLT system would get an updated copy of the ledger, often via automatic synchronization.
This potential example 17 indicates that the settlement process of a transaction could be contemporaneous with the validation process whereby the new asset ownership would be reflected in the system. Because there are fewer intermediaries involved, a lot of currently repetitive business processes could be eliminated. The disadvantages associated with long custodian chains would be dissolved, for exchange-traded as well as OTC securities. DLT would thus increase owner transparency, as ultimate investors  (2017) is of the opinion that several interoperable ledgers (derivative ledgers and collateral ledgers) that use smart contracts (see infra) would exist. The parties to the derivatives transactions would submit bids and asks as usual. The matching could take place on the blockchain and the CCP, which would continue to exist, would novate the agreements. The novation, resulting in two contracts, would be uploaded to the derivative ledger. Throughout the lifespan of the agreement, the collateral ledger would use oracles (see infra) to track price movements in the underlying assets and to automatically adjust positions.
could have direct access to their holdings and issuers might find it easier to identify their ultimate shareholders (Panisi et al., 2019). The trade life cycle could be simplified, leading to reduced costs due to the manual reconciliation of potentially conflicting trade data stored in various duplicated ledgers (Bheemaiah 2017;ESMA 2017b;Euroclear, Slaughter and May 2016). 18 Unpermissioned DLT systems, such as those used for cryptocurrencies, are DLT systems that are accessible to anyone who wishes to join the system. In such a system, the validation mechanism would play a key role because not every participant would necessary be a trusted party. Examples of stringent validation mechanisms could be the activation of numerous participants as validators or a more stringent validation algorithm. As a consequence, those DLT systems would be slower (see Caytas, 2016). In the case of Bitcoins, for instance, validators often have to solve trillions of mathematical puzzles in order to calculate a hash value (Euroclear, Slaughter and May 2016;Goldman Sachs 2016), which limits the maximum numbers of transactions that can be simultaneously treated to a low number. A comparison with e.g. the VISA credit card payment system, that can accommodate peak volumes of 10,000 transactions per second, shows how ineffective unpermissioned systems would be in case large volumes need to be cleared and settled (Swan 2015;Bheemaiah 2017).
Permissioned systems, where only authorized parties are allowed are generally considered as more suitable for securities markets because of the participants being considered as more trustworthy requiring a less stringent validation process (see e.g. ESMA 2017b; Mainelli and Milne 2016). Furthermore, the risk of money laundering or other illicit activities would be lower when only reliable system participants can use the system. Also, the need to copy all data to the internal ledgers of the participants would be lower when participants are considered as more trustworthy because they fulfill certain pre-defined access criteria.
However, a permissioned system requires one (or more) institutions acting as (a) gatekeeper(s) and screening potential participants before the latter can access the DLT system. These gatekeepers would grant access only to participants meeting the access criteria, which would be included in a rulebook (ESMA 2017b). The presence of a gatekeeper implies that in a permissioned DLT system, a central institution cannot be completely ruled out. Such a system is thus in sharp contrast with the initially developed open Bitcoin system, where there are no access restrictions and no central institution acting as a gatekeeper (Yermack 2017).
Apart from data on transactions, distributed ledgers could also contain computer code, so-called 'smart contracts'. These contracts self-execute and automatically process a transaction on the ledger when pre-defined conditions are met (see e.g. Bheemaiah 2017). They are decentralized: they are not held by a single centralized server but are distributed amongst the system participants (Swan 2015). In the case of securities markets, these smart contracts could be used to automate certain non-elective corporate 18 Although proponents of the DLT technology are of the opinion that it should be possible to move from T + 2 to T + 0, it is not entirely clear whether market participants actually favor instantaneous settlement, since the ability to net transactions would disappear. Netting has advantages in terms of liquidity requirements compared to real-time settlement because, without netting, participants need to have all the required funds immediately available in order to be able to fulfill their payment in real time (Finra 2017;Caytas 2016).
actions (Euroclear, Slaughter and May 2016). 19 Regarding derivatives, smart contract could also allow an automatic execution and payment of margins as soon as certain criteria would be met, such as the stock price being below or above a certain threshold (Euroclear, Oliver Wyman, 2016). CCPs would also be able to calculate margins more accurately, given the increased visibility into the economic agreements held between entities (Platt et al. 2017).
A smart contract has the same features as a traditional contract. It is an agreement between two or more parties to do or not do something, in exchange for something else. The difference is that a smart contract is defined by code, which executes under precisely predefined conditions without any human discretion (Swan 2015;Bheemaiah 2017). As these contracts will execute automatically, they are considered to be 'self-enforcing' (ISDA and Linklaters 2017). Some scholars, like Niederman et al. (2017) and Beck et al. (2018) even claim that a blockchain economy is emerging, which is a new type of economic system where agreed-upon transactions are enforced in an autonomous manner via rules defined in smart contracts.
Smart contracts might even be executed based on information they receive from outside the DLT system. So-called 'oracles' might be deployed, which are computer servers that are programmed to scour data (news) feeds in order to validate whether user-provided expressions are true. These oracles will only act as programmed, avoiding the risk of collusion with a counterparty, as there is no human arbitrator (see also Brito et al. 2014).

The future role for CCPs and CSDs
As market participants are still in the exploratory phase, it is currently less clear what the role for CCPs and CSDs would be when DLT is applied to the clearing and settlement phase.
Some financial institutions, like Société Générale (2017), expect that CSDs may no longer be required, as the issuer of the securities and the investors buying them can directly trade with each other via updates of the shared ledger. Put differently, because the trading phase and the clearing phase could become more intertwined, it is not clear whether CCPs and CSDs are still needed. The DLT technology could reduce counterparty risk. 20 Indeed, the almost instantaneous settlement would reduce the time that each party is exposed to counterparty default risk. Counterparties would moreover have pre-trade transparency on each other, given that the content of the ledger would be copied in their own internal systems. Several market players therefore expect that CCPs in their traditional role might not be needed anymore (Euroclear, Oliver Wyman 2016;ESMA 2017b).
According to ESMA (2017a), a distinction has to be made between spot transactions and transactions with a maturity, like certain derivative transactions. For spot transactions having a single clearing and settlement instruction extinguishing the obligations of each party, DLT could reduce the role of the CCP and the CSD. For derivative transactions with a maturity, however, the outstanding rights or obligations remain throughout the entire life of the contract and the need to mitigate counterparty risk subsists 19 Even without the usage of smart contracts, the processing of corporate actions would be simplified in a DLT system compared to the current multi-tier holding systems where investors and intermediaries only have access to the accounts held by the intermediary closest to them in the holding chain. The issuer CSD often does not have a view on who the actual security holders are because the multiplicity of intermediaries involved in the transaction process limits the traceability of securities holdings and makes it difficult to link a security to their end beneficiaries (Euroclear, Slaughter and May 2016). 20 Counterparty risk can be considered as a pre-settlement risk and is here defined as the risk that one counterparty of the trade does not deliver the security or cash as per the agreement. The longer the time between trading and settlement, the higher the likelihood that counterparty risk materializes.
until the contract's maturity. For these contracts, DLT is unlikely to fully eliminate counterparty risk. Clearing could thus still be useful to hedge risk until securities and/ or cash are finally and irrevocably exchanged (Pinna and Ruttenberg 2016).
Because of their changing role, Euroclear, Slaughter and May (2016) and ESMA (2017b) expect that CCPs and CSDs will start offering new services, such as the coordination of the evolution of the permissioned DLT protocol (e.g. modifying or updating source codes), the management and safekeeping of private keys in order to ensure network security, and the management of the introduction or cancellation of tokens on the ledger. In addition, they could take up the role of gatekeeper or validator. Nevertheless, because these services are no core clearing or settlement functions and thus fall outside existing legislation applicable to these services, other type of financial institutions could also start offering them. If this would indeed be the case, CCPs and CSDs would not remain as important as they are today. According to Pinna and Ruttenberg (2016), CSDs are, however, more suitable to act as validators compared to other market participants. Traders, for instance, would face competition issues when validating the transactions of their peers. A non-market participant institution, like a CCP or a CSD, would face fewer conflicts of interests.

Challenges and risks related to DLT systems
As documented above, DLT systems could have numerous benefits when applied to clearing and settlement, such as less counterparty risk, lower settlement fees, simplified operational processes because of fewer intermediaries, and a higher level of transparency.
Yet, this technology still faces challenges. First, in order to increase transparency and trust in the DLT system, all information on the transactions in the ledgers is typically observed by all system participants and duplicated into their own ledgers. When applied to financial markets, this transparency might cause privacy or competition issues, and thus breach applicable laws, such as the General Data Protection Regulation (see e.g. De Filippi, 2016). 21 All participants would be aware of all the existing transactions and their details, such as the value and volume of the assets being bought together (ESMA 2017a;Goldman Sachs 2016). Certain solutions, such as advanced obfuscation and encryption techniques, 22 are currently being examined to enhance participants' privacy together with the use of economic avatars based on tokenized identity (Bheemaiah 2017). 23 21 GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. 22 These techniques enable participantsor a central authority depending on whether the system is permissioned or notto validate the transactions by performing the mathematical computations without having a view on the exact inputs and outputs of the computations. An example is homomorphic encryption, where e.g. asset quantities for a transaction may be hidden to all participants except for the sender and recipient of those transactions, while all participants are still able to verify the validity of the transaction. Another example is the Quorum Platform developed by JP Morgan, where transactions are fully replicated across all nodes but the database is split into a private database and a public database. All the participants concur on the public database but their private databases differ. Furthermore, the industry is currently experimenting with 'mixers', which allow users to pool a set of transactions in unpredictable combinations, thereby making the tracking of identities more difficult (see Böhme et al. 2015). A potential disadvantage of these obfuscation techniques is that it might make the detection of insider trading more difficult as the identity and transaction details become no longer transparent. On the other hand, in the absence of proper safeguards, certain market participants could unduly exploit the shared and public information recorded in the system to conduct unfair market practices. 23 Avatars are pseudonymous identities that are linked to the original identity in a separate database where only a trusted gatekeeper has access to. The gatekeeper can assign certain rights to the avatars in order to allow them to perform certain tasks, such as buying and selling securities, without the need for them to reveal their identity to their counterparties.
Second, as market participants are currently developing their own niche DLT systems, there is a risk that incompatibility issues between the different developed systems, leading to fragmentation, appears (see e.g. Goldman Sachs 2016). One of the goals of DLT is to reduce the number of layers within the custody chain. When each 'layer' starts using its own proprietary DLT system, the opposite would be realized, leading to more operational risks (Pinna and Ruttenberg 2016). The lack of standardization could lead to a situation where manual post-trading validation processes are still necessary or become even more important, thereby blocking disintermediation (Klimos 2018).
Nevertheless, several market-driven initiatives are currently fostering common DLT protocols and standards. Examples are the HyperLedger Linux Foundation, 24 the R3 Consortium, 25 the Post-Trade Distributed Ledger Group, 26 and the CSD Working Group on DLT. 27 Incompatibility issues thus do not seem to be the stopping point for this technology.
The establishment of an agreement on standardised DLT solutions, however, is likely to take time and could thus reduce the speed at which this technology is implemented. Even more, when existing market participants are replacing their legacy systems by DLT systems, the latter will have to be interoperable with the former for a short to medium period of time (ESMA 2017a).
As illustrated in this section, the technological challenges of DLT systems, such as fragmentation and privacy issues, are currently being addressed by the industry. It is generally assumed that these risks will cause certain delays but will not be blocking. However, the legal challenges for this technology when applied to clearing and settlement could be a hurdle when not properly tackled. Because of its importance, the rest of this article is addressed to these regulatory challenges. 28

Regulatory challenges when DLT is applied to clearing and settlement
According to the German Banking Industry Committee (2016), DLT systems work in a fundamentally different way compared to legacy systems and thus a different regulatory approach is needed. In case existing clearing and settlement providers would use DLT as a mere technological improvement, ESMA (2017a) foresees limited regulatory challenges: the EU regulatory framework does not prescribe the type of technology that market infrastructures have to use and is thus considered as 'technology neutral'. DLT operationally replacing the current set up of market participants and market 24 The main objective of HyperLedger is to achieve cross-industry collaboration with the focus on generating improved performance of the DLT systems being developed. Among the members of the initiative are: ABN Amro, BNY Mellon, ANZ Bank, CLS Group, CME Group, DTCC, Deutsche Börse Group, JP Morgan, State Street, Swift, and Wells Fargo (HyperLedger 2018). 25 The R3 Consortium consists of more than 200 companies, including Barclays, BBVA, Goldman Sachs, JP Morgan, BNY Mellon, Bank of America, Commerzbank, Deutsche Bank, HSBC, and Unicredit. The Consortium has created an open-source DLT system, called Corda. 26 The Post-Trade Distributed Ledger Group is a group of almost 40 financial institutions, including financial market infrastructures, which acts as a forum to collaborate and share best practices. 27 The CSD Working Group on DLT is a consortium comprising of Russia's National Securities Depository, Switzerland's SIX Securities Services, the Nordic subsidiary of NASDAQ, Chile's DCV, South Africa's Strate, and Argentina's Caja de Valores. Together with Swift, this working group is considering the use of ISO 20022 standards for e-proxy voting in order to foster interoperability amongst DLT solutions and legacy systems (CSD working group on DLT 2017). 28 This article focusses on regulations specifically targeting CCPs and CSDs. A discussion on e.g. the compliance of gatekeepers with Know-Your-Customer and Anti-Money Laundering Regulation and the compliance of system developers with property or copyright law is out of scope of this article.
infrastructures would be a different matter. Permissioned DLT systems 29 would meet two types of legal challenges: a) existing post-trade regulations could act as a barrier to the introduction of this technology and, in case the technology does succeed in getting implemented, b) this technology might introduce prudential and conduct risks that are insufficiently addressed by the existing regulations.

Barriers to entry
Although a complete list of all the potential barriers to entry due to existing regulations is out of scope of this article, this section discusses a few major ones to illustrate that existing legislation may have to be updated for this technology to be fully implemented. 30 The EMIR regulation 31 requires standardised OTC derivative contracts to be cleared through a central counterparty. EMIR thus foresees an important role for CCPs in order to reduce counterparty credit risk, granting them a quasi-monopoly. New types of market participants, such as DLT FinTechs operating a permissioned system, may want to enter the market. If they set up a DLT system without a CCP for these type of derivatives, they would be in breach of EMIR. If CCPs would act as validators, it is still not clear whether the validation of trades, now often conducted by trading venues, would legally be considered as central clearing. In addition to this EMIR requirement, Basel III lowers capital requirements for institutions that clear their OTC derivatives through a CCP. OTC derivatives trades in a DLT environment without a CCP could therefore lead to higher capital requirements for counterparties, which would make DLT systems less attractive.
Second, article 3 of the CSDR regulation 32 requires that 'any issuer established in the European Union that issues or has issued transferable securities admitted to trading or traded on trading venues, arranges for such securities to be represented in book-entry form, which should be able to take the form of immobilisation 33 or dematerialization'. 34 Where a transaction in transferable securities takes place on a trading venue, the relevant securities have to be recorded in book-entry form in a CSD on or before the intended settlement date, unless they have already been so recorded. This implies that such issuances cannot lawfully exist without an issuer CSD. A DLT system without an issuer CSD would thus not be an option from the issuers' point of view.
In particular, in order for an institution to obtain a CSD license, it must be designated by the Member State in which it is located as the operator of a securities settlement system under the Settlement Finality Directive (SFD). Based on the discretionary 29 Unpermissioned DLT systems would likely not be eligible, as it would appear very difficult or even impossible to regulate all (regulated and non-regulated) participants as they would typically be institutions that are scattered over different countries and jurisdictions (Peach 2017). 30 One of the caveats of this discussion is that it is currently not clear which scenario will unfold. Will operators of DLT systems, which are currently unregulated, start providing clearing and settlement services? Or will licensed CSDs and/or CCPs start offering DLT services? I is thus not yet clear whether new regulations need to be introduced or existing ones modified. interpretation of the Member State and the business case at hand (assuming that the industry decided on a uniform DLT system), it is possible that not every Member State will designate this DLT system as a securities settlement system.
The SFD definition of 'system' is based on the notion 'transfer order', which in turn refers to the notion of 'account': a transfer order is 'any instruction by a participant to place at the disposal of a recipient an amount of money by means of a book entry on the accounts of a credit institution, a central bank or a settlement agent or any instruction which results in the assumption or discharge of a payment obligation as defined by the rules of the system, or any instruction by a participant to transfer the title to, or interest in, a security or securities by mean of a book entry on a register or otherwise'. 35 Securities accounts as we currently know them may not exist in a DLT system. Neither SFD, EMIR, nor CSDR explicitly describe what accounts should look like and whether there is a legal difference between accounts, records, and/or ledgers. According to e.g. Fico (2016), securities on a DLT are not credited on traditional accounts held by an intermediary or a regulated entity but are rather web accounts realized via electronic annotations. Given the definition of a transfer order under the SFD and the definition of a securities account under CSDR, 36 some Member States might take the view that only double-entry (or multiple-entry) book keepings could be considered as accounts and that transfer orders could only exist when legacy ledgers are maintained. 37 If so, a DLT system without double-entry accounts would not be considered as a securities settlement system. As a consequence, the operator of a DLT system would not be eligible for a CSD license and issuers using the DLT system would violate article 3 of CSDR. Other member states could perhaps take the view that the digital address on a DLT platform to which securities are recorded (i.e. the public keys) can be considered as accounts. Because of the lack of clear definitions and various possible interpretation of the Member States, divergent views within Europe could arise, leading to a situation where DLT providers could act as a CSD in certain countries, and not in others. Hence, even when legislators want to be technology neutral, the interpretation of the law could be such that the law at hand does become a barrier.
Alternatively, infrastructures might have to keep the securities on securities accounts and tokenize them into the ledger in order to fulfill the legal requirements, but this process could create additional operational risks. Both EMIR (article 39) as CSDR (article 38) require that CCPs and CSDsand their participants throughout the clearing / holding chainskeep records and accounts that enable them, at any time and without 35 Directive 98/26/EC on settlement finality in payment and securities settlement systems. The Member States ultimately decide what a securities settlement system is, given that article 2 of this directive defines a system as a formal arrangement: (i) between three or more participants (being narrowly defined in the directive, without counting a possible settlement agent, a possible central counterparty, a possible clearing house or a possible indirect participant) with common rules and standardised arrangements for the execution of transfer orders between participants, (ii) governed by the law of a Member State chosen by the participants; the participants may, however, only choose the law of a Member State in which at least one of them has its head office, and (iii) designated, without prejudice to other more stringent conditions or general application laid down by national law, as a system and notified to the Commission by the Member State whose law is applicable, after that Member State is satisfied as to the adequacy of the rule of the system. 36 CSDR defines a securities account as an account on which securities may be debited or credited. 37 A DLT institution could also create a 'side-system' in which accounts are provided to be able to adhere to the CSD regulation but the question raises whether this is then still a 'pure' DLT system or rather a hybrid system between a DLT and a legacy system. delay, to segregate in their accounts the securities of their clients from those of any other client and, if applicable, from their own assets. As documented above, security accounts where a debit and/or credit is possible may legally speaking not exist in a DLT environment.
Finally, under the assumption that a Member State does consider a DLT system as a securities settlement system under the SFD and that the operators succeed in obtaining a CSD license, the moments of entry and of irrevocability of the transfer orders in that system will need to be defined 38 in order to be compliant with article 39 of CSDR requesting the CSD to ensure that the securities settlement system it operates defines the moments of entry and of irrevocability of transfer orders. In addition to the difficulties surrounding the notion of a transfer order in a DLT environment (see supra), fixing the point in time when the settlement can be considered as final will be very burdensome in a DLT environment as it might not be a clear moment in time (BIS 2017). Settlement finality will depend on when the consensus is reached and/or when the transaction is added to the ledger, which can sometimes be probabilistic (see Böhme et al. 2015). The timing could depend on a multiplicity of factors, given that the validators first have their role to play and could thus each individually influence the total timing between validation and the update of the ledger. Hence, a transaction might be added to the ledger even after bankruptcy proceedings were already commenced against one of the counterparties.

Legal requirements to address prudential and conducts risks that DLT could introduce
The potential regulatory barriers discussed above already show that existing legislation, such as SFD, EMIR, and CSDR, were not written with DLT in mind. Legislators were not yet aware that this technology existed and could become important for financial markets. Even if potential regulatory barriers would be eliminated and DLT systems would be operationalized, additional requirements might have to be introduced to address prudential and/or conduct risks introduced by this technology. According to Zetzsche et al. (2017), DLT systems might be secure from a technological perspective, but from a legal perspective these systems might spread risks amongst participants that were formerly concentrated with a limited number of central institutions. These new types of risks need to be formally addressed. Whether these new requirements should be part of a rulebook, soft guidelines, and/or hard law is a question that legislators, together with the industry, should further reflect upon.
The Bank of International Settlement (Bank for International Settlements, 2017) shares the opinion that new requirements might have to be introduced, stressing that more work is needed to make sure that the legal underpinnings of DLT arrangements are sound, that their governance is robust, and that appropriate data controls are in place. Indeed, DLT might be more efficient and safe compared to existing legacy 38 This in accordance with articles 3 and 5 of the SFD. More concretely, this directive protects against the implementation of normal insolvency law and more specifically the so-called zero-hour rule. That is, certain Member States have this zero-hour rule, which gives retroactive effects to the pronouncement of an insolvency. In particular, the orders that the participant introduced after zero hour of the day of pronouncement of its insolvency but before the actual pronouncement of the insolvency can be challenged by its liquidator. This would grant the liquidator the power to insist on the transfer to him of the underlying amount originally due to the institution. Settlement finality is thus the moment at which the transfer is irrevocable and unconditional and not susceptible to the insolvency of the participant unwinding the transfer. systems but when there are governance deficiencies, DLT systems might even turn out to be inferior (Evans 2014). For instance, given the difficulty to correct transaction errors, new enforceable procedures and governance requirements would have to be created on how to handle possible mistakes, both from a technological and a governance perspective (ESMA 2017a). Useful questions to elaborate on would be a) to whom does a participant need to flag errors, b) which correcting mechanisms would apply, and c) within which timeframe would the error need to be solved.
According to Zetzsche et al. (2017), new rules that govern the interactions between participants should also be created. Examples include rules regarding potential liability issues of participants and rules requiring users to put risk and compliance management systems in place. With respect to the underlying software code, requirements and processes regarding changes in the code, and regarding dispute resolution would be needed. The governance requirements could indicate rules to be followed by the parties setting up the code design, the validators, and the users of the system. ESMA (2017a) agrees with Zetzsche et al. (2017) that participants themselves should put in place appropriate governance frameworks. An appropriate governance framework for the entire DLT system might be as important as the current governance requirements that central market infrastructures and their participants need to adhere to. ESMA (2017a) also expects that in a permissioned DLT framework, authorized participants would use risk mitigation techniques, similar to those that participants of CCPs and CSDs currently have in place. These tools would need to ensure proper investor protection and avoid financial stability issues due to market contagion in case a participant defaults More clarification is also needed on the legal status of smart contracts (Pina and Ruttenberg 2016). Only a few legislators, such as those of the state of Arizona, have enacted legislation giving legal status to smart contracts, thereby clarifying that smart contracts can be as legally effective as any other contracts. Even if computer code might be too rigid to allow all contracts to be drafted in an algorithmic way, 39 regulators might start examining whether and how contract law should be modified for smart contracts to be valid and enforceable, given their automated and deterministic nature. Further reflection is needed on whether smart contracts can ultimately replace existing legal contracts in their entirety or whether they can only be used to automate the execution of the actions that are specified in legal contracts.

Conclusion
This article presents the benefits and risks of an application of the distributed ledger technology to securities markets, and especially to clearing and settlement. Because there are fewer intermediaries involved in a DLT system, a lot of currently repetitive business processes could be eliminated. The entering of transaction data separately in each layer of the custody chain, thereby requiring costly reconciliation processes, would no longer be necessary. This, in turn, could lead to reduced transaction costs. DLT could thus yield substantial economic cost saving in the financial industry because of the reduced back office costs tied to manual reconciliation of conflicting trade data.
On the other hand, although the industry and scholars are attempting to solve the technological and operational issues that DLT systems still face, such as the harmonization of technical standards, outstanding legal risks are such that the financial industry is asking for regulatory intervention (e.g. ECSDA 2017). Legislators and regulators are monitoring the rapid development of DLT to identify the needs for regulatory action, but their reflections are still in their infancy and the large majority of legislators are of the opinion that it is too early to draft hard law.
Yet, a reflection on this matter is worthwhile, as this technology might one day fully materialize and bring risks to financial markets that will need to be addressed by legal actions. The regulation process could move faster when these risks and the requirements to address them are already reflected upon beforehand. This article intends to contribute to the debate about regulatory developments by first presenting potential regulatory barriers that may have to be removed so that this technology could be fully adopted and then identifying areas requiring an update of the legal framework in order to address certain prudential and conduct risks that this technology might introduce.
In particular, this article documents that, because EMIR requires that all standardized OTC derivative contracts are cleared through a central counterparty, a DLT system without a CCP would not meet the EMIR requirements. Also, because double-entry accounts might legally not exist in a DLT system, it is unlikely that a DLT provider would be able to obtain a CSD license in all European Member States and thus be able to offer issuance services or adhere to the asset segregation requirements. 40 Because of the difficulties surrounding the notion of a transfer order in a DLT environment, the point in time when settlement can be considered as final will also be very difficult to determine, making it difficult for these systems to comply with the settlement finality requirement of CSDR.
In case these potential regulatory barriers could be overcome and DLT systems would be operationalized, certain new legal requirements may have to be brought forward because of prudential and/or conduct risks being introduced by this technology. For instance, technological and governance requirements to correct errors of the immutable ledger may have to be required together with liability, risk, and compliance management systems of participants. It is up to the legislators, in consultation with the industry, to further discuss whether these requirements should be part of a rulebook of the DLT system, included into soft principles or rather be enforced by hard law requirements.
When dealing with the legal issues presented in this article, legislators should also take into account that when modifying existing laws or creating new ones, a level playing field should exist between all financial services providers. Legislation should also avoid a situation in which CSDs apply the distributed ledger technology and are heavily regulated for doing so, while new (FinTech) companies apply DLT for the same purposes but remain unregulated (Polish Bank Association 2016). Different actors offering 40 ID2S is currently the only DLT provider that has obtained a license as a CSD from the French market regulator. However, this CSD does not use tokens as securities but decided to use traditional securities accounts in order to be CSDR compliant. In addition, the settlement of the securities itself is outsourced to T2S. This institution uses thus the DLT technology but mainly for the issuance of commercial paper. the same regulated services should be subject to the same legal requirements. The various services offered by various market participants (CSDs, FinTech companies, custodians, CCPs, etc.) could be mapped and regulated accordingly.
Although the trading phase of the entire trade life cycle is shortly addressed, this article focused on the post-trading landscape, given that the financial industry recognizes the role that this technology might have on these activities and most efficiencies can be realized there. It is not yet sufficiently clear whether DLT could play a meaningful role in the trading of securities. Micheler and Von der Heyde (2016), think that DLT could make it possible to merge trading, clearing, and settlement into one real-time process. Also, Bank of New York Mellon (2016) and the French Banking Federation (2016) expect that DLT could incorporate the full life-cycle of securities, thus avoiding further complication of the ecosystem by introducing an additional set of interfaces with offledger systems and/or assets. The distinction between trading, clearing, and settlement could thus become blurry. Further research is needed to assess the potential impact on trading venues when the market evolves.
Regulators may also want to pay attention to new operational risks that might arrive in case the trading, clearing, and settlement part of the entire value chain implement different approaches to DLT at different moments in time, thereby causing fragmentation issues. In case an important market player successfully operationalizes a DLT system for the clearing and settlement of securities, regulators should examine whether the use (or non-use) of DLT by one infrastructure is not used as a barrier to entry to another; this being at odds with the non-discriminatory access requirements included in EMIR and CSDR.
When it becomes clearer what the dominant DLT design will be in the post-trading landscape and statistical data becomes available, scholars could engage in empirical research beyond mere conceptual and legal discussions. That is, an empirical examination on whether DLT truly leads to value creation in the post-trading landscape and whether regulation would lead to a value increase rather than a decrease is of utmost importance. Scholars could indeed analyze whether increased transaction settlement, increased security, auditability, and control is truly beneficial to market participants.
When data on DLT solutions becomes readily available, researchers might also start using unsupervised learning methods, like the cluster techniques explained in Kou et al. (2014), to find underlying structures in the data. This might allow researchers to analyze which type of DLT solutions are more alike than others and are thus likely to become the standard in the future. Furthermore, researchers and authorities could use data mining and machine learning methods, like those established in Chao et al. (2019), to conduct micro-and macro-prudential supervision to detect whether unlawful acts, such as money laundering, or other abnormal behavior takes place. The machine learning methods described in Kou et al. (2019) might also be used by authorities to detect systemic risk issues. These analyses might be relevant in case there would only be a couple of too-big-too fail DLT players having relationships with credit institutions as users thereby forming a financial network.
In addition, empirical questions such as the amount of capital that CCPs and CSDs would need to hold to cope with their operational risks due to the introduction of the technology is valuable to determine. Future research could also analyze whether DLT can improve collateral management as the time required for reconciliations could be reduced and collateral updates could become possible at a much faster pace. That is, a missed collateral update could be detected in real time triggering a smart contract to execute and providing an immediate closeout valuation based on the agreed margin model (see e.g. Morini 2016).
Finally, scholars could examine the price formation of securities traded on DLT and whether the formation is different compared to pricing on traditional trading venues. A starting point for this research would be the previous literature on Bitcoin price formation (see e.g. Pavel et al. 2016;Caporale et al. 2018;Cheah et al. 2018). According to Krisoufek (2013), Bitcoin price formation cannot be explained by standard economic theories because Bitcoins are not issued by a specific central bank or government and are thus detached from the real economy. In addition, demand and supply are driven by investors' speculative behavior because there is no interest rate for the digital currencies. In the case of securities transactions, scholars could examine whether supplydemand fundamentals are still at play.