Capgemini Simplifies the Letter of Credit Process with Amazon Managed Blockchain
By Pradyumna Pendse, Innovation Hub Leader – Capgemini
By Ganesh Prabhu, IT Consultant – Capgemini
By Shailendra Bhatt, Managing Solutions Architect – Capgemini
By Burak Unuvar, Partner Solutions Architect, and Anoop Nannra, Blockchain Segment Lead – AWS
A letter of credit (LC) in financial terms is a contractual agreement between a bank, customer, and beneficiary. The bank issues the overall process on behalf of its applicant and authorizes the beneficiary’s bank to complete the money transfer.
In global trade, a letter of credit is a commonly used financial instrument that ensures the payment of goods and services while reducing risks during transactions.
LCs conserve cash flow for both buyers and sellers. There is no need for buyers to make any upfront payment or deposit, as the LC will be in charge of the transaction’s total value. Sellers can deposit in cash through their existing LC application to cover expenses before the transaction closes.
In this post, we’ll share an architectural reference from Capgemini for an Amazon Web Services (AWS) solution that can help solve challenges in the LC process, including overdue payment, data breach, fraudulent activity, and limited visibility.
Capgemini is an AWS Premier Tier Services Partner and Managed Cloud Services Provider (MSP). With a multicultural team of 220,000 people in 40+ countries, Capgemini has more than 12,000 AWS accreditations and over 4,900 active AWS Certifications.
How the Letter of Credit Process Works
Parties involved in the letter of credit cycle are:
- Applicant: Customer who initiates the LC process.
- Issuing bank: Bank that issues the LC on behalf of the applicant.
- Beneficiary: Exporter to whom the LC is issued.
- Advising bank: Bank of the beneficiary.
The traditional LC cycle has a lot of inefficiencies and bottlenecks that can lead to issues delays, losses, and pilferage:
- Overdue payment: Too many steps in the cycle may result in longer turnaround time. The dependencies include connecting many stakeholders at different locations, delivering official documents via courier or other means.
- Data breach: All documents going through long workflows with multiple contacts involved increases the risk of data tampering or loss.
- Fraudulent activity: Scammers can deceive the banks by acting like proper applicants to receive the official bank documents, and it could end up with faulty business transactions.
- Limited visibility: There is no end-to-end monitoring in the above steps, which makes it harder to detect the root cause of any delay or other issues.
About Capgemini’s Solution
Capgemini has created a solution using Amazon Managed Blockchain that is built on an open-source Hyperledger Fabric framework. This framework creates, deploys, and maintains blockchains and ensures accountability, transparency, and trust in financial business transactions.
The solution also reduces human errors, eliminates out-of-sync ledgers, and reconciles the data added through the transactions.
The transactions include a letter of credit issuance by the applicant’s bank, and its acceptance by the buyer’s bank. The Hyperledger fabric framework defines the transaction logic that controls the lifecycle of the LC within a chain code. The defined chain code is deployed to the AWS Managed Blockchain network.
AWS Managed Blockchain amplifies the end-to-end security of the whole process by providing a single source of truth. It removes any risk of manipulation and improves customer experience by faster processing times. There’s also an additional feature for applicants working with multiple banks—it collects bids from the banks and helps customers get the best possible rates and terms.
Figure 1 – Letter of credit flow chart.
Capgemini’s solution addresses inefficiencies of the traditional LC cycle:
- Processing speed: This is increased by almost 90% by real-time tracking of documents digitally.
- Data protection: All of the documents and transactions are encrypted and stored on an immutable ledger, referred to in a chain of interlinked blocks. Individual transactions within a channel are restricted by attribute-based access control (ABAC).
- End-to-end security: Only the transactions which comply with the consensus configured for the network are committed to the blocks. These interlinked blocks are nearly impossible to tamper with and prevent any fraudulent activity. Access to the documents is controlled by certificate-based authentication. The documents can be retrieved directly from the immutable ledger, ensuring the authenticity of the documents.
- Higher visibility: Provides end-to-end, real-time monitoring of the complete process and helps identify root causes of issues. It also helps in faster reporting and decision making.
Capgemini’s letter of credit solution uses the following AWS services:
- Amazon Route 53 provides scalable cloud domain name system (DNS) service which routes clients to front-end application.
- AWS Amplify offers a fully managed web app and static website hosting service to host your frontend web app, create/delete backend environments, and set up CI/CD on the frontend and backend.
- Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Users can sign in directly with a username and password, or through a third party such as Facebook, Amazon, Google, or Apple.
- Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
- AWS CloudFormation is an infrastructure as code (IaC) service that allows you to easily model, provision, and manage AWS and third-party resources. It provides pre-built templates for launching Ethereum network or private Hyperledger Fabric network.
- Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. In this design, PostgreSQL is used for storing master data with login information. It’s configured with multi-Availability Zone (AZ) setup for higher availability, and scheduled backups are enabled for fault tolerance.
- Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service to run and scale Kubernetes applications in the cloud or on premises. It makes it easy to run Kubernetes on AWS without installing and operating your own Kubernetes control plane or worker nodes.
- Elastic Load Balancing automatically distributes incoming traffic across multiple targets, such as Amazon Elastic Compute Cloud (Amazon EC2) instances, containers, and IP addresses, in one or more AZs. When you create a Kubernetes service object, an Application Load Balancer is provisioned automatically by Amazon EKS that will split the incoming traffic across Kubernetes deployments based on path and domain-based routing.
- Amazon Managed Blockchain is a fully managed service that makes it easy to join public networks or create and manage scalable private networks using the popular open-source frameworks Hyperledger Fabric and Ethereum. For the LC process, Amazon Managed Blockchain improves the reliability of the “ordering service,” a component in the Hyperledger Fabric framework that ensures delivery of transactions across the blockchain network.
- AWS Key Management Service (AWS KMS) helps secure your network’s certificates, eliminating the need to set up your own secure key storage. The provisioned network can be integrated seamlessly with existing enterprise resource planning (ERP) systems and third-party tools.
- Amazon Simple Email Services (Amazon SES) is used for sending emails to stakeholders for all transactions and state changes.
Figure 2 – Letter of credit on Amazon Managed Blockchain.
How it Works
The solution’s setup can be done easily and consists of the following steps:
- Deploy the client facing frontend application on AWS Amplify.
- Create an Amazon EKS cluster with minimum of two worker nodes.
- Launch a private Hyperledger Fabric network on an Amazon EC2 instance by using CloudFormation’s AWS Blockchain Template.
- Use Amazon RDS to create a PostgreSQL database instance with multi-AZ enabled and scheduled backups.
- Perform user, group, and access control setup using Amazon Cognito. Amazon Managed Blockchain identities can integrate with Amazon Cognito.
- Deploy the smart contract application and services on respective environments.
- Expose the services through Application Load Balancer ingress. In order to integrate Amazon API Gateway with Amazon EKS in private subnet; HTTP APIs can be routed to an Application Load Balancer through AWS PrivateLink.
From Proof of Concept to Production
Any consortium planning to set up a blockchain network can start with the basic setup of members, nodes, and channels and scale out in minutes with only a few clicks.
New channels between the members can be added at any point of time. Capgemini’s reference architecture can be adjusted for efficient resource utilization.
To manage millions of transactions with letter of credit, Capgemini chose to go with AWS managed services for scalability and performance optimizations. This ensures the overall cost and runtime of the environments required can be minimized. Operational efficiencies in terms of patch management and upgrades are also addressed due to the managed services.
For full-scale implementation, it’s essential to have a team of domain experts to refine the existing LC issuance business process. There should be a reference roadmap to identify different stakeholders and units to develop a “trust network” which defines the value chain for the solution.
The traditional letter of credit (LC) process includes many challenges such as overdue payments, data breach risks, and fraudulent activities.
Capgemini’s letter of credit solution simplifies and secures the LC issuance process through digitization and building “trust networks.” The solution uses AWS CloudFormation templates that are built based on best practices in order to provision AWS resources in minutes.
AWS managed services in the design such as Amazon EKS and Amazon RDS enable optimum scalability and performance. Amazon Managed Blockchain records trading documents of the LC process and secures the bidding cycle. It enables better access control, secure integration, data protection, and trust within the stakeholders.
Furthermore, the accelerator reduces costs by eliminating duplication of efforts during data validation and reconciliation, provides higher transparency and agility.
Capgemini – AWS Partner Spotlight
Capgemini is an AWS Premier Tier Services Partner and MSP with a multicultural team of 220,000 people in 40+ countries. Capgemini has more than 12,000 AWS accreditations and over 4,900 active AWS Certifications.
*Already worked with Capgemini? Rate the Partner
*To review an AWS Partner, you must be a customer that has worked with them directly on a project.