The Risks of Smart Contracts

One of the outcomes of blockchain technology has been the development of smart contracts. At first blush, it sounds like a great idea - contracts that execute themselves without needing help from humans. The opportunities for automation and cost savings lurch into view.

The leader in this field has been Ethereum, which uses blockchain and its own bitcoin type currency to process transactions without the need for a trusted third party. Others are emerging.

There are definitely situations where smart contracts can be very useful, but as with any IT application, there are risks involved. One of the oldest rules around computer processing is that of GIGO (Garbage in, Garbage out). This applies in spades for smart contracts, since they at some point require input from other systems, and the contracts can execute wrong data as well as any other. This could go on for some time before being discovered.

Another basic issue is the computer code being used to write and execute the contracts and the transactions. Code can always be unreliable and or wrong. Possession of the encryption keys is always an issue as well.

So smart contracts might be useful, but it is really important to be cautious before implementing them. For a good summary, check out the ISACA Tech Brief "Understanding Smart Contracts" at

CPA Founding Partner

Chartered Professional Accountants of Canada (CPA Canada), one of the largest national accounting organizations in the world, has chosen to become a founding partner of ThinkTwenty20.