Regulated financial institutions are expected to work closely with their regulators, demonstrating compliant financial activity, proof of compliance checks (e.g. KYC / AML) and submitting audit reports when required.

In traditional finance, payment initiation, clearing and settlement occur at different times, sometimes across several days. Data reconciliation (sometimes manual) adds further friction into the process and discrepancies make it hard to determine a single source of truth for regulators to audit transactions between institutions.

The result is that regulators are only able to audit transaction activity retrospectively, after the fact where fraud may already have taken place. And because the data has so many discrepancies, auditing is too resource intensive to assess all institutions, so spot audits are done on specific institutions across specific time periods.

There's got to be a better way?!

Auditing with Rayls Private Subnets

Rayls Private Subnets have been designed to greatly improve the auditing process, giving regulators better tools to monitor and enforce compliant financial activity.

Inside each Private Subnet, the Governor can assign an 'Auditor' within the network who has read-only access to the Subnet (Auditors are not permitted to hold or transact tokens). Their role is to monitor the transaction activity across the Private Subnet and validate homomorphic commitments submitted by each Privacy Ledger to continuously verify transaction legitimacy and network state consistency.

In simple terms, Subnet Auditors make sure all the institutions in the network are transacting correctly and they are not breaking the rules (e.g. double spending their tokens).

Depending on the governance rules defined by the Subnet Governor, Subnet Auditors have special access to "peek" into encrypted transactions between Privacy Ledgers that are stored on the Commit Chain.

By performing a Diffie-Hellman key exchange with each Privacy Ledger when they join the Private Subnet, Auditors can decrypt transaction information to perform a real-time audit of transactions from the rich data stored within the single source of truth immutable ledger (the Commit Chain).

Not only does this remove issues of data reconciliation, but also enables Auditors to be proactive in their assessments, not only retrospective as it is today. With real time access and issue identification on-chain, compliance flags can be automatically raised and preventative action can be automatically taken (using smart contracts) to mitigate fraudulent activity before it occurs.

And guess what... all of this is possible whilst still ensuring end to end transaction privacy and anonymity between the financial institutions within the Private Subnet. Only the transacting parties and, under certain conditions the Auditor, can ever access the encrypted transaction information stored on the Commit Chain.

Privacy 🤝 Real-time auditing

Ah 😌