This article was produced in collaboration with Fireblocks.
Cross-border payments make up a vast and often inefficient movement of money around the world. In 2021 alone, some $1.2 trillion in payments crisscrossed the globe. Among the challenges is that these transactions result in significant expenses for both financial institutions and users. Though the system has improved over the years, it remains far from perfect, and payers and payees would welcome a new way of cross-border payment.
A combination of digital assets and permissioned, decentralized finance (DeFi)—a blockchain-based financial technology—may finally support a cross-border payment system that is faster, cheaper, and more verifiable.
This article, coauthored by BCG and Fireblocks , a digital asset security platform, proposes a hypothetical payment model based on permissioned DeFi. For end users who make and take payments, the model offers more flexibility. For institutions that build this model, Know Your Customer (KYC) verification provides more control over payments. We estimate that the average transaction cost in the new model will be 60%–80% cheaper than the cost incurred by traditional models.
Understanding how this new model works and the assets that firms need to participate is key to realizing its potential.
How a Permissioned DeFi-Based Model for Cross-Border Payments Works
You may already be familiar with a cross-border payments model based on permissionless DeFi. Permissionless DeFi offers advantages over traditional payments, but it also carries risks. (See “The Limitations of Traditional Payments and Permissionless DeFi.”) One of its benefits is the ability to execute a near-instant transfer of actual value across borders. Additional benefits of permissionless DeFi include better traceability (transactions are logged on the blockchain), more user control over their assets, and the ability to interact directly with each other. However, permissionless DeFi transactions are left exposed by insufficient anti-money laundering (AML) and KYC functions, opening the way for fraud and erroneous payments. These weaknesses are why institutions have been reluctant to adopt the technology at scale.
The Limitations of Traditional Payments and Permissionless Decentralized Finance
For instance, when a sender pays US dollars to a receiver who prefers Japanese yen, the sending bank and receiving bank bookend the transaction. The sending bank typically confirms the transaction path in a corresponding banking network. Foreign exchange operations convert the fiat currencies from one to another.
While these limitations slow down payments, a permissioned DeFi model for cross-border transactions is much faster and more transparent. (See the exhibit.)
Permissionless DeFi carries several risks that emerge both in cross-border payment and broader financial use cases.
Lack of Regulation. At the time of this report, DeFi is not regulated by traditional financial regulators, which exposes investors to various risks like fraud, market manipulation, money laundering, and terrorist financing.
Security Risks. DeFi platforms are vulnerable to cyberattacks, and smart contracts sometimes contain bugs or vulnerabilities that hackers can exploit for their gain.
Liquidity/Market Risks. The relative lack of liquidity in DeFi markets can result in price volatility and sudden losses for investors.
Custody and Operational Challenges. Users have full control and custody over their assets in wallets, which means they are responsible for storing, securing, and managing their assets themselves. They will also need to manage these wallets to access DeFi protocols, which can limit accessibility for users who are not adequately equipped with sufficient services and knowledge.
Scalability. DeFi protocols are built on blockchain networks that can be slow and expensive to use, particularly during periods of high network congestion.
Permissioned DeFi addresses these concerns by combining the efficiencies of the permissionless model with the required risk and compliance controls to offer significant advantages over traditional payments. In the cross-border payment context, these verification functions would help businesses face some of the endless challenges of managing financial risk.
The process for an end user to send a cross-border payment through permissioned DeFi goes through several steps.
Prior to the on-chain transaction, institutions X and Y undergo a KYC process that meets a platform-level KYC standard, conducted by whitelisters, a group that approves users. (See the exhibit.) The whitelister adds their wallets (digital wallets A, B, C, and D, respectively) to the allowed list.
Institutions X and Y could either act as whitelisters or appoint third parties to manage whitelisting. Other market participants, such as liquidity providers and arbitrageurs, go through a KYC process with the whitelisters.
The next steps are as follows:
1. A sender triggers a cross-border fiat money transfer. Once a sender has been successfully KYC-approved, the sender can initiate a cross-border transaction. The sender can be an individual, a business, or an institution.
2. An on-ramp instruction is sent to an on- and off-ramp service provider (OOSP). OOSPs act as entry and exit points for funds moving on-ramp and off-ramp—in other words, from the traditional fiat financial system to a token-based model and vice versa. The OOSP debits the sender’s fiat balance and credits the sender’s digital wallet with the amount of a specific type of token worth the same value as the fiat amount.
This model can use various types of tokens. These digital assets are tied to the value of a corresponding fiat currency and act as the transaction’s main payment format. In short, these assets are the money that changes hands during the payment. Examples include bank-issued stablecoins and central bank digital currencies (CBDCs). (See “Stablecoins, Tokenized Deposits, and Central Bank Digital Currencies.”)
Stablecoins, Tokenized Deposits, and Central Bank Digital Currencies
3. After the token is received in the digital wallet, it must be wrapped by a service provider into a token accepted by the permissioned DeFi model. Wrapping is a crucial step to enable interoperability across various blockchains. A wrapped token represents a different token existing on another blockchain with equal value.
In the wrapping process, the wrapping platform locks the initial token in the smart contract and mints the same amount of the corresponding wrapped token. Before the wrapped token wallet can accept the token, a whitelister must check that the wallets involved in the transaction are KYC-approved and whitelisted to allow the transaction.
The smart contract then queries the on-chain/off-chain list of approved wallets with the whitelister(s) and confirms wallet B’s approval.
4. The smart contract deployed on the permissioned DeFi protocol handles the transfer of the wrapped token to the receiver side. This permissioned DeFi model uses an automated market maker (AMM), which are smart contracts that provide a pool of tokens, or a liquidity pool, to determine prices and facilitate trades. Examples of AMMs include Uniswap.
These assets are critical to the speed and stability of permissioned DeFi. AMM smart contracts enable an atomic swap between the two different tokens, ensuring near-instant settlement. Blockchain and the DeFi protocols built on top of them run 24/7, avoiding issues with settlement risk and fluctuations in traditional foreign exchange during market hours.
As shown in the exhibit in step 4:
- The tokenized US dollars are transferred through wallet B to the liquidity pool.
- The swap function is executed with wallet B as the sender address and wallet C as the recipient address.
- The AMM smart contract then transfers the tokenized euro to wallet C.
5. Receivers can use the token on another blockchain network. They must unwrap the received wrapped token through an unwrapping platform. This sends the unwrapped token to the receiver’s digital wallet.
6. If the receiver prefers to receive fiat currency, the optional off-ramp or burning step will then be applied, depending on token type, to receive the fiat currency. This would entail burning the token and crediting of the corresponding value of fiat to the receiver’s bank account.
As the slideshow shows, a number of entities must participate in this cross-border payment model for full effectiveness.
Quantifying the Cost Savings of Permissioned DeFi for Cross-Border Payments
This model offers both payment service providers and end customers considerable potential savings.
Payment providers must account for operational, IT expenses, and compliance costs.
Traditional Payments. The authors have estimated that traditional payment costs reach an average of $8 per transaction for payment service providers like banks. About 80% is related to operational and IT costs—or roughly $6.40. Compliance-related efforts account for about 15%–20% of the $8 of the traditional payment, amounting to approximately $1.20 to $1.60 per transaction.
Permissioned DeFi-Based Payments. For payment service providers using the permissioned model, the combined estimated operational and IT costs per transaction range between $0.05 and $0.09—far less than the $6.40 estimate.
Assuming that compliance costs for a permissioned transaction will be the same as for a traditional payment, the total estimated transaction cost in the permissioned model is $1.25 to $1.69—roughly 80% less expensive than the base cost of a traditional transaction (if the fee structure is in absolute amounts).
The cost-effectiveness of this solution lets financial institutions offer competitive prices, making it possible to charge lower fees compared to traditional models, reaching as low as a fraction of a percent.
Key Considerations for Implementation
Businesses planning to set up or participate in a permissioned DeFi-based model for cross-border payments should keep in mind the following considerations.
Speed. Permissioned DeFi-based payment models can settle transactions rapidly, while wrapping and unwrapping tokens may take a few minutes (depending on the blockchains used in the model). Foreign exchange conducted on smart contracts can occur almost instantly.
Processing duration varies depending on the platform, the type of tokens involved, and the network status. If users exchange within the network, the transaction will be instant. It can take up to an hour if the payment goes from the traditional fiat financial system through the permissioned DeFi-based model.
Smart Contract Risk. There may be flaws in the smart contract code that handles the wrapping and unwrapping of tokens. This could allow for vulnerabilities that result in loss or theft of funds or assets. Extensive auditing and testing can lower the risks of coding errors.
Wallet Security. User wallets that interface with smart contracts to wrap and unwrap tokens must be highly secure. Be mindful that any wallet vulnerability could expose the keys that control assets and allow theft or loss of funds.
Tech Development. Companies can join ecosystems to access various robust verification and operational capabilities required. For example, an ecosystem can provide robust identity management systems essential for transactions on the blockchain.
Capital Efficiency. Transactions in DeFi are always gross settlement transactions, meaning each transaction is executed individually. Netting of different transactions with each user in the network is not possible.
Governance Design. A well-conceived governance model, overseen by a consortium of stakeholders, provides a clear decision-making framework to ensure transparency, fairness, and accountability for the parties involved. Rules will guide conflict resolution and dispute management.
Regulation. As regulation around financial technology, data privacy, and related issues continuously evolves across jurisdictions, adopters should stay prepared to adjust their payment model to comply if and when regulation addresses permissioned DeFi-based models.
Implementation of this model must include integration into existing payment systems through gateways and the creation of related messaging around payment instructions. However, as these setups vary widely, we will not discuss these details in this paper.
Implementing the Model
As business leaders seek to establish a permissioned DeFi-based cross-border payments model, below are a few actions to consider at the onset.
Scope out requirements and key objectives and seek out the necessary infrastructure required. These necessary elements include custody wallets for participants in the transaction; AML/KYT services can screen for illicit transactions from compromised wallets. Analytics services can track the movement of all circulating tokens.
Ensure interoperability with existing payment infrastructure. Financial institutions and senders should integrate the model with their existing orchestration layers and connect to existing messaging layers like SWIFT.
Engage industry coalitions, competitors, regulators, and consumer advocacy groups. Awareness of permissioned DeFi will only grow if adopters inform their ecosystems of the advantages and workings of the model. Finding consensus on functional requirements and standardized processes should be the aim of participants in these payment models.
Permissioned DeFi offers several benefits in the cross-border payment context including lower transaction costs, more accurate foreign exchange conversion, stronger security, and faster transaction times. Due to the greater transparency and efficiency inherent to a permissioned DeFi model, anyone from small financial institutions to multinational banks can transact with any other KYC-approved counterparty around the world—an important step toward a more efficient global financial system.
The authors would like to thank Nikolai Pomortsev for his contribution to this article.
