Chapter 24: Quiz — Blockchain, Smart Contracts, and Immutable Audit Trails
14 questions. Questions 1–4 are multiple choice. Questions 5–8 are true/false with explanation. Questions 9–11 are short answer. Questions 12–14 are scenario-based.
Multiple Choice
Question 1. Which of the following most accurately describes the difference between a permissioned and a permissionless blockchain?
A. Permissioned blockchains use Proof of Work; permissionless blockchains use Proof of Stake. B. Permissioned blockchains restrict participation to known, admitted members; permissionless blockchains allow anyone to participate. C. Permissioned blockchains store data on-chain; permissionless blockchains store data off-chain. D. Permissioned blockchains are faster; permissionless blockchains are more secure.
Question 2. The EU DLT Pilot Regime (Regulation EU 2022/858) primarily does which of the following?
A. Prohibits the use of distributed ledger technology in EU securities settlement until a permanent framework is established. B. Requires all EU securities trading to migrate to DLT-based infrastructure by 2026. C. Creates a regulatory sandbox permitting DLT-based market infrastructure to operate under adjusted requirements for a time-limited period. D. Defines the legal status of smart contracts across all EU member states.
Question 3. FATF's "Travel Rule" for virtual assets requires virtual asset service providers (VASPs) to do which of the following?
A. Record all cryptocurrency wallet addresses on a public register accessible to law enforcement. B. Share originator and beneficiary information with receiving VASPs for transfers above the applicable threshold. C. Maintain a proof-of-reserves ratio of at least 100% for all customer deposits. D. Report all transactions above $10,000 to the relevant financial intelligence unit.
Question 4. Under the EU's Markets in Crypto-Assets Regulation (MiCA), a stablecoin that is backed 1:1 by a single fiat currency (such as a euro-backed digital coin) is classified as which type of token?
A. An asset-referenced token (ART). B. A utility token. C. An e-money token (EMT). D. A security token, regulated under the Prospectus Regulation.
True / False with Explanation
Question 5. True or false: Blockchain records are completely tamper-proof — once data is recorded on any blockchain, it is technically impossible to alter.
(Provide a 2–3 sentence explanation of your answer.)
Question 6. True or false: Under English law as interpreted by the UK Law Commission, a smart contract cannot constitute a legally binding contract because it is code rather than natural language.
(Provide a 2–3 sentence explanation of your answer.)
Question 7. True or false: Storing personal data directly on a permissioned blockchain creates a conflict with GDPR Article 17 (the right to erasure) that cannot be resolved without forking the chain or obtaining the data subject's permanent waiver.
(Provide a 2–3 sentence explanation of your answer.)
Question 8. True or false: A smart contract that was compliant with applicable margin calculation rules when deployed remains compliant regardless of subsequent regulatory changes, because regulators cannot hold firms responsible for code written before a rule change.
(Provide a 2–3 sentence explanation of your answer.)
Short Answer
Question 9. Explain what an "oracle" is in the context of blockchain and smart contracts. Why are oracles a potential compliance risk point for automated regulatory reporting applications?
(Suggested length: 100–150 words.)
Question 10. A compliance officer at a bank is evaluating a blockchain trade finance platform. She asks: "The platform says the audit trail is immutable. Can I use that to satisfy our FCA record-keeping obligations under CASS/MiFID II?" What are the three most important questions she should ask before treating the platform's records as compliant with her regulatory obligations?
(Suggested length: 100–150 words.)
Question 11. Describe the architectural approach that allows a blockchain network to maintain an immutable audit trail while also enabling compliance with GDPR right-to-erasure requests. What is stored on-chain, and what is stored off-chain?
(Suggested length: 80–120 words.)
Scenario-Based Questions
Question 12. Rafael Torres discovers that the trade finance consortium Meridian has joined uses a permissioned blockchain with only four validator nodes — all of which are operated by the consortium's technology provider, a single company. What specific compliance concerns does this raise? Which of the six assessment questions from Section 24.7 are most directly implicated?
(Suggested length: 150–200 words.)
Question 13. A RegTech startup proposes to Meridian Capital that it embed regulatory reporting logic into a smart contract. The smart contract would monitor all trades in Meridian's name on the network and automatically submit EMIR reports when notional thresholds are crossed. Rafael is interested but has two specific compliance concerns about the proposal. What are those concerns likely to be, and how could the smart contract architecture be designed to address them?
(Suggested length: 150–200 words.)
Question 14. A crypto asset exchange approaches Meridian Capital seeking a correspondent banking relationship. The exchange claims to be Travel Rule compliant. Describe the due diligence steps Meridian's compliance team should take to verify that claim before proceeding. What documentation or technical evidence would demonstrate genuine Travel Rule compliance?
(Suggested length: 150–200 words.)
Answer Key
Q1: B. Permissioned blockchains restrict participation to known, admitted members. Consensus mechanism type (A) and storage location (C) are independent design choices not definitional to the permissioned/permissionless distinction. Speed and security trade-offs (D) are generalizations that do not hold universally.
Q2: C. The DLT Pilot Regime creates a structured regulatory sandbox for DLT-based market infrastructure operating under adjusted requirements. It does not prohibit DLT (A), mandate migration (B), or define smart contract legal status generally (D).
Q3: B. The Travel Rule requires VASPs to share originator and beneficiary identifying information with receiving VASPs for transfers above threshold — mirroring the wire transfer rules that apply to conventional banks. It does not create a public register (A), a proof-of-reserves requirement (C), or a CTR-style filing obligation (D) in the standard FATF formulation.
Q4: C. A fiat-backed stablecoin pegged 1:1 to a single currency is classified as an e-money token (EMT) under MiCA and regulated similarly to electronic money. An ART (A) is backed by a basket of assets or currencies. Utility tokens (B) provide access to goods or services. Security tokens (D) are regulated under MiFID II, not MiCA.
Q5: False. The accurate characterization is that blockchain records are tamper-evident, not tamper-proof. On large networks with many validator nodes (such as Bitcoin), altering historical records is practically impossible due to the computational cost of recalculating proof-of-work for all subsequent blocks. On smaller permissioned networks with few validators, alteration is technically feasible — but any alteration breaks the cryptographic chain and is immediately detectable by any participant comparing their copy with the altered version. Tamper-evidence, not tamper-proofness, is the correct compliance claim.
Q6: False. The UK Law Commission concluded in its 2021 report on smart legal contracts that existing English law is sufficiently flexible to accommodate smart contracts as legally binding agreements, provided the standard contractual requirements (offer, acceptance, consideration, and intention to create legal relations) are met. The fact that the agreement is expressed in code rather than natural language does not prevent it from being legally binding. Interpretation disputes arising from code ambiguity present separate challenges, but they do not invalidate the contract's formation.
Q7: False. The conflict between blockchain immutability and GDPR Article 17 is real, but it can be resolved without forking the chain or permanent waivers. The standard architectural solution is to store only cryptographic hashes of records on-chain, with the actual personal data held in off-chain storage that can be deleted on receipt of a valid erasure request. Alternatively, personal data can be encrypted before hashing, with the encryption key held separately; destroying the key renders the data irretrievable, achieving the practical effect of erasure. Both approaches require deliberate design decisions at the architecture stage.
Q8: False. Regulated entities are responsible for their regulatory compliance at the time of relevant conduct — not merely at the time a system was designed. If a smart contract continues to apply a superseded margin calculation methodology after a regulatory update, the firm is using a non-compliant methodology. The code provides no regulatory defense. Smart contracts deployed in compliance-sensitive applications must be designed with upgrade paths and governance processes that allow the encoded logic to be updated when the underlying regulatory requirements change.
Q9. An oracle is a trusted data source that provides real-world information to smart contracts running on a blockchain. Because smart contracts execute in a deterministic, closed environment (they can only "see" what is on the chain), they require external inputs — market prices, credit ratings, regulatory thresholds — to respond to real-world conditions. Oracles bridge this gap. The compliance risk is integrity: if oracle inputs are manipulated (through data provider errors, intentional tampering, or oracle mechanism failures), the smart contract will execute on false information and produce incorrect results. For automated regulatory reporting, a manipulated oracle input could cause systematic mis-reporting — potentially at scale, without any individual human decision to file an incorrect report.
Q10. The three most important questions are: (1) Is the platform's ledger controlled by an independent set of validators, or can the platform provider or any single participant unilaterally alter records? The independence of the validation process is what makes the "immutable" claim credible. (2) What is the legal status of on-chain records in the relevant jurisdiction — are they recognized as authentic evidence of the transactions they record, and has this been tested in a regulatory examination or enforcement context? (3) Can the firm grant regulator access to the chain records — whether by providing a read node, a verified extract, or a hash-verified report — in a format the FCA will accept? Records that are tamper-evident but inaccessible to regulators do not satisfy the firm's record-keeping obligations.
Q11. The solution is a hybrid architecture. Only the cryptographic hash of each record is stored on-chain. The hash is computed from the full record data (including any personal information) and provides a tamper-evident fingerprint: if the underlying data changes, the hash changes and the discrepancy is detectable. The actual personal data is stored in conventional off-chain databases subject to standard access controls and deletion capabilities. On receipt of a valid GDPR erasure request, the off-chain data is deleted (or the encryption key is destroyed, in an encryption-based variant). The on-chain hash remains, proving that a record existed and that its historical contents were not altered, but without revealing who was involved.
Q12. The four-node, single-operator structure raises concerns primarily under Assessment Question 1 (who controls the ledger). A network where all validator nodes are operated by one company — even if it is technically a "permissioned" network — does not provide the independence properties that blockchain architecture promises. The platform operator could, in principle, collude with themselves to alter records. The immutability claim depends on the validator nodes being independent parties with independent interests. Rafael should also press on Assessment Question 5 (what happens if the technology provider exits or fails): a four-node network with a single operator creates significant concentration risk. If the operator ceases operations, network integrity may be compromised. The firm should require contractual protections around data export, independent record archiving, and continuity obligations.
Q13. Rafael's concerns are likely to be: (1) Regulatory update lag — if EMIR reporting requirements change (new fields, new thresholds, format changes), the smart contract logic must be updated. If the update process is slow or requires multi-party governance approval, the firm could find itself mis-reporting during the transition period, with the mis-reporting potentially systematic rather than isolated. The smart contract should have an explicit, tested upgrade path and a clear governance process for regulatory-driven changes. (2) Oracle integrity — the smart contract determines whether reporting thresholds are crossed based on notional values it receives from somewhere. That data source (the oracle) must be reliable, independently verifiable, and resistant to manipulation. An incorrect oracle input could cause either missed reports (failure to report when required) or false positives (reporting when not required). The architecture should specify the oracle data source, its reliability controls, and a process for detecting and correcting oracle failures.
Q14. Meridian's compliance team should request: (1) Technical evidence of the exchange's Travel Rule solution — which protocol or vendor (TRUST, Sygna, Notabene, or similar) is used, and whether it has been tested in live VASP-to-VASP transfers. A claim of "compliance" that does not identify the specific mechanism is insufficient. (2) Coverage confirmation — Travel Rule compliance requires the receiving VASP also to support the protocol. The exchange should be able to confirm what percentage of its transaction volume (by counterparty) is covered by Travel Rule-compliant exchanges, and how it handles transfers to/from non-compliant VASPs (typically either blocking them or applying enhanced monitoring). (3) Regulatory acknowledgment — whether the exchange has been assessed or registered by a relevant regulatory body (FCA, FINCEN, MiCA-authorized national regulator) that has independently verified its AML compliance, including Travel Rule procedures. Registration alone does not guarantee compliance quality, but combined with technical evidence it provides reasonable assurance.