ISO20022 Ecosystem Research, Technical Design and Strategy for Polkadot

In this article we will discuss ISO20022, what initiatives various blockchain ecosystems are taking to integrate with it and what opportunities there are for Polkadot regarding the standard. The article was written within the scope of a grant from the Web3 Foundation.

Introduction

What is ISO20022?

According to the official website, ISO20022 is a "single standardisation approach (methodology, process, repository) to be used by all financial standards initiatives". It specifies messages in either XML or ASN.1 format to describe all kinds of financial transactions that can be exchanged by participants of a network that want to execute financial transactions (like banks, credit card companies, their customers, etc..). An example of such a message is pain.001, which is used to initiate a payment by a customer of a bank. An example can be found in the appendix.

ISO20022 and blockchains - Opportunities and Challenges

ISO20022 is an attempt to standardize all financial transactions and by the end of November 2025, most financial institutions will be expected to be compliant with the standard.

For blockchain ecosystems this presents opportunities as the standard might be a good entrypoint to get closer with the traditional financial system which would help cryptocurrency adoption for the broader masses.

On the other hand there are significant challenges in order to bring blockchains together with the ISO20022 standard. We see two main issues: decentralization and privacy.

Decentralization

Blockchains are trustless, transparent, decentralized systems and ISO20022 is a messaging standard designed to exchange messages between trusted entities. Those two approaches seem fundamentally incompatible. The straight forward approach is to use a centralized gateway that accepts and validates ISO20022 messages and then translates them into blockchain transactions. Unfortunatley, with this approach we lose decentralization.

Privacy

Should we decide to handle ISO20022 messages on the blockchain directly, without any centralized intermediary, we also face issues with privacy. ISO20022 messages may contain lots of sensitive user data that would be exposed if the messages were to be published to the blockchain.

Ecosystem Research

In this section we will present our research about what other blockchain ecosystems have been doing to integrate with the ISO20022 standard.

Research question

We are trying to understand what blockchains or apps built on top of them are actually doing in order to bridge the gap between a trustless, transparent, decentralized system and a messaging standard which is designed for communication between trusted entities. We are trying to figure out if some team has actually figured out an elegant solution to this seemingly non-trivial problem. Especially we are interested in decentralized, privacy-preserving solutions.

Methodology

In order to answer the above questions we first identified blockchain ecosystems that are said to be ISO20022 compliant. Following this article, we identified 8 blockchains that we will focus on in this analysis. Those are:

• Ripple
• Cardano
• Quant
• Algorand
• Stellar
• Hedera Hashgraph
• IOTA
• XDC Network

In order to find out more about the initiatives in the respective ecosystems, we conducted a mix of online search and outreach.

Online search

For each of the blockchains mentioned above, we search their websites and documentation for useful information on ISO20022. What proved especially helpful was specific google searches in the form of site:example.com 20022, which helped us to easily identify resources about ISO20022.

X outreach

We reached out to Ripple, Cardano, Algorand, Stellar and Hedera on their official X accounts. IOTA, Quant and XDC did not have their DMs open.

Discord outreach

We reached out to Cardano, XDC, Algorand, Stellar and Hedera on their discord servers. For Quant we did not find a discord server, in the IOTA discord we could not send messages, as we do not have a wallet and for Ripple we did not manage to get verified.

Webform outreach

Finally we reached out to all the above teams via their contact form on their respecive websites.

All three outreach categories were conducted on August 13, 2024 and evaluated on August 27, 2024.

Results

In the following sections we will now present our findings.

Ripple

Ripple achieves ISO20022 compatilibily via RippleNet which is a permissioned blockchain network. Ripple is a member of the ISO20022 Standards Body, but there is only limited information available online on how exactly the ISO20022 integration works technically. A one pager about ISO20022 avaiable on Ripple's website keeps information very vague as can be seen in the below screenshot.

Another article discusses the ISO20022 standard on a high level, but does not mention anything specific about the integration into the network.

On https://xrpl.org/, a community driven platform for Ripple documentation, we found one project named CryptoIso20022 Interop, which translates ISO20022 messages to blockchain transactions. The code is available in their Github repo.

Digging deeper into Ripples documentation, we found that the RippleNet Payment Object (RPO), which is used to exchange messages beteen RippleNet members, "use[s] the ISO 20022 pacs.008 message definition as a basis", as stated here. What this exactly means and how ISO20022 messages are translated into RPOs does not become clear. The pacs.008 message is named FIToFICustomerCreditTransferV12 and is used to to send transfer instructions between two financial institutions. Various other definitions within RippleNet such as externalclearingsystem or levelofpurpose are inspired by the ISO20022 messaging standard.

Critical voices state that Ripple's marketing might be stronger than their tech. Ripple's whitepaper is very vague and outdated and an up to date version could not be found.

For Ripple neither webform, X, nor discord outreach yielded any additional results.

Cardano

The websearch site:cardano.org 20022 yielded only forum entries of community memebrs discussing and clarifying how ISO20022 relates to blockchains, but no results at all from the offical Cardano website indicating and integration with ISO20022. Also neither webform, X nor discord outreach yielded any results.

Quant

For Quant network we found two documents mentioning ISO 20022. The first one states that "The adoption of ISO 20022 for payments offers a unique opportunity to improve financial crime controls and reduce payments friction", but not how this is achieve. The second article states that ISO20022 would help facilitating CBDCs, but it does not mention any details.

Neither webform, X nor discord outreach yielded any results.

Algorand

Neither websearch, X nor webform outreach yieleded any results for Algorand. In the discord server, we received the following, rather generic answer:
I understand that this concept of ISO20022 standards compliance for blockchains generates a lot of interest. Algorand has the ability to post arbitrary data on chain in various ways and Turing-complete capabilities in its smart contracts, so that would include being able to do whatever a business needs to do with SWIFT messages or data. Standards like this are more applicable to the applications that people build on the blockchain. Algorand can certainly handle solutions that people want to build to be ISO20022 compliant, but the chain itself is a step removed from where the actual work of integration/compliance would happen in a business application that interfaces with the chain. Hope that helps answer your question!

After asking more questions about projects that tried to tackle the challenges of handling ISO20022 messages in smart contratcs and about more higher level applications using ISO20022, we received no further answers.

Stellar

For stellar there were no results in websearch, X and webform outreach. In the discord server, we received a link to a statement of BPVentures announcing a software solution integrating financial institutions with the Stellar blockchain using ISO20022. The proposed solution is aimed to for "financial institutions to upgrade their infrastructure" and "improve operational efficiency". This seems to be an application focused on financial instutions and no so much touching blockchain tech itself.

Hedera Hashgraph

The websearch for Hedera yielded two results. One is an article on CBDCs superficaially mentioning ISO20022 and the other one is a documentation page indicating that the HBAR token of Hedera adheres to the ISO20022 standard, but not stating how.

Webform and X outreach yielded no results and in the Discord server we were insulted and received no further information.

IOTA

For IOTA neiter websearch not any of the outreach channels yielded any results.

XDC Network

Then websearch and X outreach yielded no results. In answer to the webform outreach, we received a friendly but generic answer and the discord server pointed us to the company Impel, which "is a fintech innovator that uses blockchain technology to deliver financial messaging (ISO 20022) with optional collateral for instant settlement, and a bridge to the R3 Corda platform to future-facing banks and fintechs". They have a ISO 20022 Demo GitLab repo, indicating that this is an application run by banks in order to exchange messages. When first reading the documentation we found that the application relies on gateways sending/receiving ISO20022 messages and uses the blockchain to publish transaction proofs. Unfortunately when trying to access the documentation again at the time of writing this, the documentation was no longer accessible.

Analysis

In summary, coming back to our original research question, we conclude that we did not find any decentralized, privacy-preserving applications that integrate the ISO20022 messaging standard with blockchain ecosystems. One narrative we often encountered was along the lines of "Our blockchain has turing-complete smart contracts and therefore we are theoretically capable of processing ISO20022 messages", which seems like a rather weak argument for stating compatibility with the standard. We did not find any projects that attempt to integrate with ISO20022 on-chain. The few projects we found like RippleNet or Impel seem to rely on some centralized components or permissioned networks. Also the materials found and the contained narratives indicate that ISO20022 might simply be a good keyword for marketing.

Polkadot and ISO20022

In this section, we would like to propose a variety of technical approaches that would facilitate an ISO20022 integration for Polkadot and discuss their strengths and weaknesses respectively.

Simple ISO pallet

One solution would be to add an ISO20022 pallet to the Polkadot codebase. This could initially have a very simple API, like parsing a constrained set of ISO20022 messages on-chain. We would propose to start with the message pain.001.001.11 (CustomerCreditTransferInitiationV11), which is used to initiate a transfer by a customer, see an example in the appendix. As a first step a lot of information could be omitted and we would simply use the CdtrAcct field to indicate the recipients Polkadot address.

We note here that this solution does not solve an actual problem, it simply changes the way we would initiate a transfer on the blockchain. Nevertheless is would be a starting point for the ISO20022 integration and it is fast to implement and quickly extendible. This would signal Polkadot's willingness to integrate with the standard and could nicely be used for marketing purposes.

On-Chain transaction proofs

In a previous W3F grant proposal, we proposed a solution similar to the one form Impel mentioned above. Here the idea is to let banks settle payments on the Polkadot blockchain using the ISO20022 standard. We will focus on customer-to-customer interbank payments and payment reversals, ie. Customer C1 with a bank account at bank B1 sending an amount of DOT to customer C2 with an account at bank B2 using ISO20022 messages. See on overview of the protocol below.

Pure client

Another approach would be to write purely client side application for banks that translates ISO20022 messages into blockchain transactions. This would be rather straight forward to implement and we could target actual pain-points of banks. In order to implement this, further research and collaborations with banks would be necessary to find out the actual needs of the tradiaitonal financial industry. Potential issues with this solution are also regulatory and legal matters regarding the software.

Integritee Integration

Coming back to our research question which was to find a solution that can integrate a blockchain with the ISO20022 standard while preserving decentralization as well as privacy, we would like to sketch such a solution for Polkadot.

Integritee is a Polkadot Parachain that "harnesses the speed and confidentiality of Trusted Execution Environments (TEEs) as well as the transparency and trust of public blockchains to create the fastest, most scalable Web3 protocol for securely processing sensitive data".

The idea here is to integrate the ISO20022 functionality into a Teeracle service enclave in order to achieve two main results:

• Banks can interact with Polkadot using ISO20022 messages and customer data will be kept private
• Banks will not have to sign any blockchain transactions.

A bank could send ISO20022 messages to a Swift-Gateway within the Teeracle enclave which could assure autheticity of the message using SSL-certificates. Then, within the trusted-execution environment, the ISO message will be translated into blockchain transations and executed. This will make sure that no private information leaves the enclave while still guaranteeing proper processing of the ISO20022 message. See a high level overview of this approach below (which omits some technical details like oracle whitelisting key management for the sake of simplicity).

While this approach would be costly to implement, the advantage is that we would actually get an Integration with the ISO20022 standard that is decentralized and privacy-preserving. One caveat is that this solution relies on trusted hardware which harms the decentralization argument. The most elegant solution would be to get rid of the requirement for trusted hardware by using Zero-Knowledge Proofs. Hyperfridge is working on solutions in that direction.

Conclusion and Strategy

We conclude this article by noting that in all the blockchain ecosystems we researched, we did not find a decentralized, privacy-preserving solution that integrates a blockchain with the ISO20022 standard. Most projects kept the technical details of an ISO20022 integration very vague and the ones that showed some details indicated the use of centralized gateways to integrate with the ISO standard. We see the following reasons for this:

• It is not straight-forward to bridge the gap between a trustless, transparent, decentralized system and a messaging standard which is designed for communication between trusted entities
• Regulatory and compliance problems will make it hard to write on-chain software that directly integrates with traditional financial institutions
• ISO20022 is simply a good marketing keyword
• The traditional banking world moves slow and it is unclear what their actual requirements and strategies for blockchain integrations are.

As it is not entirely clear what an ISO20022 integration for a blockchain should mean, we suggest the following strategy for Polkadot regarding ISO20022:

1. Build a simple ISO20022 pallet as outlined above. This will be a starting point of a Polkadot ISO20022 integration and its main purpose will be to signal Polkadot's willingness to integrate with the standard. This is simple to implement and easily extendible.
2. Build a client library for banks that translates ISO20022 messages to Polkadot extrinsics. This could start out as a very simple library with an XML parser and a Polkadot API instance and would need to be accompanied by more research on actual pain-points of banks and regulatory issues when writing software that needs to be integrated into a stack of banking software.

Those steps will be simple and low-cost to implement, signal Polkadot's willingness to integrate with the ISO20022 standard and aim at better understanding the needs of financial institutions.

Any input or feedback? Please reach out to pg [at] solid-bit.com

Bibliography

Below you can find a list of all resources used for researching this article.

• https://www.iso20022.org/about-iso-20022
• https://www.binance.com/en/square/post/5269189407018
• https://www.pymnts.com/news/b2b-payments/2024/iso-20022-migration-faces-fragmentation-deadline-pressures-as-rollout-accelerates/
• https://ripple.com/
• https://cardano.org/
• https://quant.network/
• https://algorand.co/
• https://stellar.org/
• https://hedera.com/
• https://www.iota.org/
• https://xdc.org/
• https://x.com/Ripple
• https://x.com/Cardano_CF
• https://x.com/AlgoFoundation
• https://x.com/StellarOrg
• https://x.com/hedera
• https://discord.gg/UGdAM7qa
• https://discord.gg/WQQ5u3DC
• https://discord.gg/algorand
• https://discord.gg/z6BV3hmD
• https://discord.gg/K5zhTGCu
• https://cointelegraph.com/learn/permissioned-blockchain-vs-permissionless-blockchain-key-differences
• https://www.iso20022.org/api-seg-member-list
• https://ripple.com/lp/iso-overview/
• https://ripple.com/reports/Trends-in-Regional-Payments-eBook.pdf
• https://ripple.com/faq/
• https://xrpl.org/blog/2022/cryptoiso20022interop#developer-reflections-cryptoiso20022-interop
• https://github.com/radynamics/DalliPay
• https://www.iso20022.org/iso-20022-message-definitions?search=pacs.008
• https://docs.ripple.com/payments-direct/glossary/#ripplenet-payment-object-rpo
• https://docs.ripple.com/payments-direct/glossary/#iso-20022
• https://docs.ripple.com/payments-odl/api-docs/ripplenet/resources/srpo/supporting-info-definitions/externalclearingsystem/#externalclearingsystem
• https://docs.ripple.com/payments-odl/api-docs/ripplenet/resources/srpo/supporting-info-definitions/levelofpurpose/#levelofpurpose
• https://medium.com/@solidity101/the-xrp-whitepaper-a-technical-masterpiece-not-140fe2aab1ec
• https://ripple.com/files/ripple_consensus_whitepaper.pdf
• https://quant.network/assets/uploads/2022/10/QuantAtSibos-2022.pdf
• https://quant.network/assets/uploads/2022/04/61f7b570d1b8222ed290b536_CBDC_Whitepaper_A.pdf
• https://docs.hedera.com/hedera/support-and-community/glossary#iso-20022
• https://www.impel.global/
• https://gitlab.com/Impel-official/open-source/iso-20022-demo
• https://developer.gs.com/docs/services/transaction-banking/pain001FedACHsample/
• https://www.iso20022.org/iso-20022-message-definitions?search=pain.001
• https://github.com/w3f/Grants-Program/pull/2221/commits/7c46250ba69832cb80381918aa6a5fc6dfdce4f9
• https://www.integritee.network/
• https://www.swift.com/
• https://github.com/w3f/Grant-Milestone-Delivery/pull/1125

Appendix

Empty Google Searches

Specific searches for 20022 in algorand.co, algorandtechnologies.com, iota.org and xcd.org yielded no results at all.

References

• ISO 20022 Message Catalogue
• Nice website describing payment flows
• Book ISO20022 For Dummies
• ISO20022 example messages

Previous Related W3F Grants

ISO20022 Research:

• https://github.com/w3f/Grants-Program/blob/master/applications/ISO20022.md
• https://github.com/w3f/Grant-Milestone-Delivery/blob/master/deliveries/ISO20022-milestone1.md

ISO8583 Research:

• https://github.com/w3f/Grants-Program/blob/master/applications/Integrating-ISO8583.md
• https://github.com/w3f/Grant-Milestone-Delivery/blob/master/deliveries/ISO8583-milestone-1.md

ISO8583 Implementation:

• https://github.com/w3f/Grants-Program/pull/2184
• https://github.com/w3f/Grants-Program/pull/1809
• https://github.com/w3f/Grants-Program/blob/master/applications/ISO-8583-implementation.md
• https://github.com/w3f/Grant-Milestone-Delivery/blob/master/deliveries/iso_8583_PoC_milestone_1.md

1. pain.001.001.11 message example (source)

<?xml version="1.0" encoding="UTF-8"?>
<Document xmlns="urn:iso:std:iso:20022:tech:xsd:pain.001.001.03" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:iso:std:iso:20022:tech:xsd:pain.001.001.03 file:///C:/pain.001.001.03.xsd">
   <CstmrCdtTrfInitn>
      <GrpHdr>
         <MsgId>431053</MsgId>
         <CreDtTm>2022-03-11T01:33:49</CreDtTm>
         <NbOfTxs>2</NbOfTxs>
         <CtrlSum>600.11</CtrlSum>
         <InitgPty>
            <Nm>Initiating Party Name</Nm>
            <Id>
               <OrgId>
                  <Othr>
                     <Id>Party Id</Id>
                  </Othr>
               </OrgId>
            </Id>
         </InitgPty>
      </GrpHdr>
      <PmtInf>
         <PmtInfId>13036902</PmtInfId>
         <PmtMtd>TRF</PmtMtd>
         <NbOfTxs>2</NbOfTxs>
         <CtrlSum>200.00</CtrlSum> 
         <PmtTpInf>
            <SvcLvl>
               <Cd>MURG</Cd>
            </SvcLvl>
            <LclInstrm>
               <Cd>CTX</Cd>
            </LclInstrm>
            <CtgyPurp>
               <Prtry>Mortgage</Prtry>
            </CtgyPurp>
         </PmtTpInf>
         <ReqdExctnDt>2022-03-11</ReqdExctnDt>
         <Dbtr>
            <Nm>Debtor Name</Nm>
            <PstlAdr>
               <StrtNm>Debtor Streeet Name</StrtNm>
               <TwnNm>Debtor Town Name</TwnNm>
               <CtrySubDvsn>Debtor country sub division</CtrySubDvsn>
               <Ctry>US</Ctry>
            </PstlAdr>
            <Id>
               <OrgId>
                  <Othr>
                     <Id>GS00005132</Id> 
                  </Othr>
               </OrgId>
            </Id>
            <CtryOfRes>US</CtryOfRes>
         </Dbtr>
         <DbtrAcct>
            <Id>
               <Othr>
                  <Id>Debtor Account Number</Id>
               </Othr>
            </Id>
            <Ccy>USD</Ccy>
         </DbtrAcct>
         <DbtrAgt>
            <FinInstnId>
               <ClrSysMmbId>
                  <ClrSysId>
                     <Cd>USABA</Cd>
                  </ClrSysId>
                  <MmbId>026015079</MmbId>
               </ClrSysMmbId>
               <PstlAdr>
                  <Ctry>US</Ctry>
               </PstlAdr>
            </FinInstnId>
         </DbtrAgt>
         <CdtTrfTxInf>
            <PmtId>
               <EndToEndId>Paymen end to end Id </EndToEndId>
            </PmtId>
            <Amt>
               <InstdAmt Ccy="USD">200.00</InstdAmt>
            </Amt>
            <CdtrAgt>
               <FinInstnId>
                  <ClrSysMmbId>
                     <ClrSysId>
                        <Cd>USABA</Cd>
                     </ClrSysId>
                     <MmbId>Clearing system Membership ID</MmbId>
                  </ClrSysMmbId>
                  <PstlAdr>
                     <Ctry>US</Ctry>
                  </PstlAdr>
               </FinInstnId>
            </CdtrAgt>
            <Cdtr>
               <Nm>Creditor Account Name</Nm>
               <PstlAdr>
                  <Ctry>US</Ctry>
               </PstlAdr>
            </Cdtr>
            <CdtrAcct>
               <Id>
                  <Othr>
                     <Id>Creditor Account Number</Id>
                  </Othr>
               </Id>
               <Tp>
                  <Cd>CACC</Cd>
               </Tp>
            </CdtrAcct>
         </CdtTrfTxInf>
      </PmtInf>
      <PmtInf>
         <PmtInfId>13036906</PmtInfId>
         <PmtMtd>TRF</PmtMtd>
         <CtrlSum>200.00</CtrlSum> 
         <PmtTpInf>
            <SvcLvl>
               <Cd>MURG</Cd>
            </SvcLvl>
            <LclInstrm>
               <Cd>CTX</Cd>
            </LclInstrm>
            <CtgyPurp>
               <Prtry>Proprietary code </Prtry>
            </CtgyPurp>
         </PmtTpInf>
         <ReqdExctnDt>2022-03-11</ReqdExctnDt>
         <Dbtr>
            <Nm>Debtor Name</Nm>
            <PstlAdr>
               <StrtNm>Street Name</StrtNm>
               <TwnNm>Town Name</TwnNm>
               <CtrySubDvsn>country Sub Division</CtrySubDvsn>
               <Ctry>Country</Ctry>
            </PstlAdr>
            <Id>
               <OrgId>
                  <Othr>
                     <Id>GS00005134</Id>
                  </Othr>
               </OrgId>
            </Id>
            <CtryOfRes>US</CtryOfRes>
         </Dbtr>
         <DbtrAcct>
            <Id>
               <Othr>
                  <Id>270008045186</Id>
               </Othr>
            </Id>
            <Ccy>USD</Ccy>
         </DbtrAcct>
         <DbtrAgt>
            <FinInstnId>
               <ClrSysMmbId>
                  <ClrSysId>
                     <Cd>USABA</Cd>
                  </ClrSysId>
                  <MmbId>026015079</MmbId>
               </ClrSysMmbId>
               <PstlAdr>
                  <Ctry>US</Ctry>
               </PstlAdr>
            </FinInstnId>
         </DbtrAgt>
         <CdtTrfTxInf>
            <PmtId>
               <EndToEndId>NSMGSB13036911</EndToEndId>
            </PmtId>
            <Amt>
               <InstdAmt Ccy="USD">400.11</InstdAmt>
            </Amt>
            <CdtrAgt>
               <FinInstnId>
                  <ClrSysMmbId>
                     <ClrSysId>
                        <Cd>USABA</Cd>
                     </ClrSysId>
                     <MmbId>028000082</MmbId>
                  </ClrSysMmbId>
                  <PstlAdr>
                     <Ctry>US</Ctry>
                  </PstlAdr>
               </FinInstnId>
            </CdtrAgt>
            <Cdtr>
               <Nm>Creditor Name</Nm>
               <PstlAdr>
                  <Ctry>US</Ctry>
               </PstlAdr>
            </Cdtr>
            <CdtrAcct>
               <Id>
                  <Othr>
                     <Id>31062765</Id>
                  </Othr>
               </Id>
               <Tp>
                  <Cd>CACC</Cd>
               </Tp>
            </CdtrAcct>
         </CdtTrfTxInf>
      </PmtInf>
   </CstmrCdtTrfInitn>
</Document>