The Malta Digital Innovation Authority (MDIA) has recently published a guideline relating to the Forensic Node, an essential mechanism of an Innovative Technology Arrangement (ITA) which keeps track of the ITA’s behaviour. The main objective of this document is to specify the requirements necessary for this Forensic Node which is an intrinsic element of the certification process of ITAs by the MDIA.
The guidelines are a means of guiding ITA certification applicants as to what the minimal guarantees in their Forensic Node should be, as well as serving as a point of reference for Systems Auditors. For the latter, the document specifies the tools needed for an evaluation of the adequacy of the infrastructure proposed in an ITA’s blueprint.
The Forensic Node stores all relevant information on the run time behaviour of the ITA in real-time including, but not limited to, transactions carried on the DLT components of the ITA. Parts of an ITA may include an Off-DLT Application Layer. Therefore, any relevant information or events relating, and accessible, to the ITA on this layer are also to be stored on the Forensic Node. Such information and events may include relevant interactions with the front-end, as well as information stored on an off-chain database core to the ongoing ITA functionality.
It is important to note that, due to the comprehensive and possibly sensitive nature of the information stored on the Forensic Node, there is no requirement for such an apparatus to be a DLT node or to reside on a DLT.
For an ITA certification applicant to achieve the purpose of the Forensic Node, such a mechanism must be an integral part of the infrastructure to ensure an audit trail of all relevant ITA and related events, as well as any related data. This should be carried out in a manner which ensures that:
In cases where the creation and upkeep of a Forensic Node is not feasible in technical terms, technical reasons why this requirement cannot be met must be provided to the MDIA. The Applicant in turn must find an alternate technical arrangement that is deemed acceptable to the MDIA wherein all necessary ITA information is stored and synchronized in Malta in real-time and in a tamperproof manner.
The functionality of ITAs, as a general fact, varies widely. Given that the sort of transactions and data handled, amongst other factors, vary from one ITA to another, the Forensic Node’s infrastructural requirements would also vary. However, the purpose of the Forensic Node is the same in every case.
With this in mind, the manner in which the ITA will satisfy the requirements and purposes of the Forensic Node will vary depending on the ITA functionality. Nonetheless, there are standard practical requirements which such a mechanism must meet under all circumstances:
These guidelines are also particularly relevant in light of the recent consultation document issued by the MFSA which stated that the live replication server required of all VFA Service Providers must be setup in adherence to the MDIA’s Forensic Node Guidelines and that it will be within scope of the audits carried out by Systems Auditors as approved by the MDIA.
Article written by Dr Cherise Abela Grech and legal trainee Ms Emma Sammut.
For more information or assistance on Innovative Technology Arrangements and the Regulation of DLTs in Malta kindly contact Dr Ian Gauci on igauci@gtgadvocates.com or Dr Terence Cassar on tcassar@gtgadvocates.com.
This article is not intended to impart legal advice and readers are asked to seek verification of statements made before acting on them.