A European Emissions Trading System Powered by Distributed Ledger Technology: An Evaluation Framework

: The European Union Emissions Trading System (EU ETS) is a major pillar of the European energy policy to reduce greenhouse gas emissions. However, the reportedly pervasive frauds in this market are constraining the beneﬁcial role of the EU ETS. In this conceptual paper, we propose to digitalize the EU ETS by distributed ledger technology (DLT), enabling the veriﬁcation of authenticity and provenance, proof of ownership, and lifecycle traceability of carbon certiﬁcates and assets. Our platform allows veriﬁable credentials to validate emission allowances, real-time tracking of trading participants’ emissions, and the audit trail reporting of the decentralized trading records. Furthermore, we complement the DLT application concept with a structured interdisciplinary evaluation framework. Our framework and analysis aim to stimulate further interdisciplinary research in this area to support regulators, such as the European Commission, in designing effective digital emissions trading systems.


Introduction
The European Union Emissions Trading System (EU ETS) is the cornerstone of European climate policy to combat climate change. Set up in 2005, it is the world's first and largest international mandatory carbon trading program, covering more than 11,000 power stations and industrial plants in 31 countries [1]. It regulates around 50% of the total greenhouse gas (GHG) emissions in Europe. The system supports stakeholders in the EU in finding cost-effective ways of reducing emissions, and is regarded as an important approach for the EU to reduce its GHG emissions by 80-95% by 2050 compared to the level in 1990 [1].
A critical challenge of the EU ETS is the lack of proper regulation and control of the system itself. Whereas the volume of emission allowances decreased from 2018 to 2019 by 12%, the total value of these allowances has increased: with a total value of EUR 169 billion in 2019; it grew more than five times since 2017 [2]. Despite the large magnitude of money in the European carbon trading market, it is criticized by Interpol [3] for the immaturity of regulation and the lack of oversight and transparency. The EU ETS is especially vulnerable to fraudulent activities. Interpol [3] has identified 10 different types of fraudulent activities, which include double counting, exploitation of weak regulations, and tax fraud. For example, within double counting, a firm uses a certificate twice or sells it to multiple parties. Europol estimates that approximately EUR 5 billion tax revenues were lost over 18 months between 2008 and 2009. In addition, that loss is only generated from the detected fraud, but it can be inferred that a substantial portion of committed fraud remains undetected. Based on the studies by Dyck et al. [4] and Bruehl and Basse Mama [5], can lead to a more efficient price building process of emission certificates. The idea to enhance carbon trading with DLT is not new [17]. A variety of different technical models have been developed and discussed (e.g., [18][19][20][21][22]). We contribute to these existing models by including the latest DLT developments in the identity layer. Schletz et al. [23] apply a framework to generally evaluate whether a blockchain solution can be recommended for the EU ETS. Nonetheless, the digitalization of the EU ETS is an extensive endeavor that affects aspects beyond pure technical factors. Therefore, we thirdly contribute by applying the evaluation framework of Janssen et al. [24] to the EU ETS and highlight financial, social, and ecological aspects and challenges that need to be considered in a final step of the decision-making process.
We expect a DLT-enhanced carbon trading to reduce fraudulent activities and thereby increase market trust. Hence, the efficiency in the price building process will increase, and climate policy instruments within the emission market become more effective and can strengthen the path of decarbonization and sustainable development.
The rest of the paper is organized as follows. In Section 2, we review the related literature, and in Section 3, we describe the EU ETS and DLT. In Section 4, we explain the theoretical relevance of our proposal, and in Section 5, we propose our application for a DLT-enhanced EU ETS. In Section 6, we evaluate our model with the evaluation framework of Janssen et al. [24], and in Section 7, we summarize the study.

Related Literature
The EU ETS has proven to be an efficient policy tool that has led to a decline in emissions of 35% within the regulated installations during the period from 2005 until 2019 [25]. Nonetheless, it can be argued that this policy instrument is below its full potential. For instance, Calel and Dechezleprêtre [26] claim that the introduction of the EU ETS has only led to an increase of 1% in European low carbon patenting, although the stimulation of low carbon innovations is a central pillar of the decarbonization strategy [1]. Assessing the quality of the carbon market, Medina et al. [27] show that trade frictions (relative spread, information asymmetry, etc.) reduced within the second trading period, whereas the volatility of real friction (noise-related frictions) increased, generating a persistent negative effect on the market quality. Reinforcing the results of Medina et al. [27], Karpf et al. [28] argue that the lack of well-identified trading institutions creates a need for financial intermediaries and imposes unnecessary additional costs that reduce the market effectiveness. The market quality further suffers from fraudulent attacks [3,29,30]. However, the rise of new technologies creates new opportunities to strengthen market efficiency. For example, Ainsworth and Shact [31] argue that blockchain technology can reduce costs, and build critical intergovernmental trust relationships, thereby reducing fraud and increasing efficiency in European VAT collection. Furthermore, the structure of the energy sector has changed due to the rise of renewable energies. Outside of Europe, Russia [9] and IBM China [10] have announced a blockchain-based carbon asset management platform. However, their effort is not published, and little is known from the existing literature. In this paper, we propose an emissions trading system powered by DLT to enhance emissions trading and avoid fraudulent activities.
The power generation by renewable energies increased the importance of prosumers, who produce and consume energy and thereby generate demand for decentralized peerto-peer energy trading. Soto et al. [32] structured the research in this area in the form of a literature review and conclude that although blockchain technology has the potential to make trading platforms more secure and efficient, challenges in the speed of data transmission and security levels remain. Further reviews of blockchain technology in the energy sector [33][34][35] recognize the transition from a centralized to a decentralized system in the energy sector, admitting the stage of an early development phase of DLT applications. For the emissions trading, a necessity to meet the Paris Agreement lies in a paradigm shift from international to transnational trading and is assumed to rely on information technology (IT) solutions within a public-private governance framework [36]. Zhao and Chan [37] apply a cost-and-risk analysis framework that evaluates the administration and transaction costs and, among others, technical, legal, and privacy risks for blockchain in carbon trading. Recently, Schletz et al. [23] create a general blockchain application concept for an Article 6.2 market mechanism of the Paris Agreement to enhance transparency and increase automation focused on internationally transferred mitigation outcomes. In their framework, blockchain is applied to store and analyze the mega amount of transaction registries among stakeholders across countries, such that information asymmetry is eliminated in real-time. Our framework does not focus on the registries. Instead, we provide a broader analysis on the use of DLT in the whole emissions trading system and discuss the relevant challenges and opportunities.
Although one of the first model application drafts of a decentralized blockchain-based emissions trading can be found in 2015 by Al Kawasmi et al. [17], a more popular discussion level is reached in the last few years. For the energy-intensive fashion apparel manufacturing industries, Fu et al. [38] present blockchain-based models for measuring carbon emissions in the production cycle. Beyond general application models of blockchain-based carbon emissions trading [19,[39][40][41][42], Kim and Huh [18] focus on the governance system, whereas Tang and Tang [20] concentrate on the accounting perspective. An integration model of blockchain-based peer-to-peer trading in the energy and the carbon emission market is given by Hua et al. [21]. They claim that the purchase of carbon allowances constitutes a part of the energy costs, and an efficient decentralized trading platform is therefore required to enable prosumers to trade energy and carbon allowances together.
To further enhance the carbon emissions trading system, a blockchain-based reputation system is proposed [43,44], where participants can promote their reputation by increasing investments in emission reduction or others indicating their emission reduction efforts. Khaqqi et al. [43] expect that the participants will have stronger incentives to set higher permit prices in order to compensate for their costly emission reduction strategy such that the carbon price will increase without extra supply shortage or the establishment of a price floor. Hu et al. [45] expand this concept by connecting the voting power of the emitting participant to its reputation value and introduce the Delegated Proof of Reputation consensus mechanism. For the Australian carbon market, Hartmann and Thomas [46] conceptually analyze how the blockchain technology could be applied to the existing carbon market and expect an improvement of efficiency, equity, and effectiveness for the Australian carbon market. Compared to this stream of literature, we applied an interdisciplinary framework that includes research areas beyond technical requests, including social and economic factors. In addition, our framework is not applied to answer the applicability of a DLT solution for EU ETS but serves as a tool to highlight critical challenges and stimulate further research.

The European Emissions Trading System
The EU ETS is the cornerstone of Europe's climate policy to combat climate change. It was introduced in 2005 and represents the first and largest emissions trading system of its kind. The EU ETS regulates all European countries plus Iceland, Liechtenstein, and Norway in a cap-and-trade system, covering 45% of all EU's GHG emissions. The cap limits the total amount of GHG that a regulated installation can emit, and it decreases over time. Some regulated installations received emission allowances for free or obtained emission allowances through an auction process. (The allocation of allowances takes place at the industrial installation level. According to DIRECTIVE 2003/87/EC Article 3 (e), an installation is "a stationary technical unit [ . . . ] which could have an effect on emissions and pollution"). They can use the emission allowance to cover their own emissions or sell them on the emissions trading market. Flexible trading seeks to ensure that emissions are cut cost-effectively, and a robust emission price should incentivize investments in low carbon technologies [1]. The trading volume of carbon emission allowances increased from EUR 130 billion in 2018 to EUR 169 billion in 2019 [2]. In order to safeguard the competitiveness of regulated industries, the production from sectors and subsectors that are expected to be exposed at high risk of carbon leakage receive a higher share of free allowances. Carbon leakage describes the situation where production is transferred to less regulated jurisdictions [1]. In a comprehensive literature review, Joltreau and Sommerfeld [47] conclude that for the first two trading periods, there has been no significant negative effect on firms' competitiveness due to the EU ETS, which can be explained by overallocation and the ability of a firm to pass through the costs onto consumers.
Beyond the various regulated industry sectors, the aviation sector was included in the EU ETS from the beginning of 2012, covering European and Non-European airlines alike that operate to and from airports in a member state. Despite improvements in fuel efficiency, the air traffic increased with flight distances on average 60% higher in 2017 than in 2005. The carbon emission from aviation accounted for 3.8% of the total carbon emission in Europe in 2017, and if global aviation was a country, it would rank in the top 10 emitters [48]. Therefore, the inclusion of aviation in the EU ETS is a necessary step to achieve the European climate goals. Conducting a Delphi study on emissions trading in aviation, Efthymiou and Papatheodorou [49] conclude that increased transparency and simpler monitoring, reporting, and verification are recommended for the regulatory authority.
The EU ETS generates a price for carbon emission (as presented in Figure 1) and thereby seeks to internalize the externalities arising from carbon emissions. A complete internalization is achieved if the carbon price equals the social cost of carbon (SCC). This theoretic construct represents the economic cost associated with climate damage that results from emitting an additional tonne of carbon dioxide into the atmosphere [50]. For the period of 2015, Nordhaus [51] estimates an SCC of USD 31 per tonne of carbon dioxide and predicts a price growth rate of 3% per year. These measurement models make assumptions about a variety of uncertainty parameters such as economic growth, social discount rate, and climate sensitivity. Although country-level SCC is heterogeneously distributed and explains challenges in common climate agreements, climate change is an international challenge, for which Ricke et al. [50] show a mean global SCC of USD 417 per tonne of carbon dioxide. Here, the global SCC describes the results of a worldwide damage function and equals the sum of all national SCC. of regulated industries, the production from sectors and subsectors that are expected to be exposed at high risk of carbon leakage receive a higher share of free allowances. Carbon leakage describes the situation where production is transferred to less regulated jurisdictions [1]. In a comprehensive literature review, Joltreau and Sommerfeld [47] conclude that for the first two trading periods, there has been no significant negative effect on firms' competitiveness due to the EU ETS, which can be explained by overallocation and the ability of a firm to pass through the costs onto consumers.
Beyond the various regulated industry sectors, the aviation sector was included in the EU ETS from the beginning of 2012, covering European and Non-European airlines alike that operate to and from airports in a member state. Despite improvements in fuel efficiency, the air traffic increased with flight distances on average 60% higher in 2017 than in 2005. The carbon emission from aviation accounted for 3.8% of the total carbon emission in Europe in 2017, and if global aviation was a country, it would rank in the top 10 emitters [48]. Therefore, the inclusion of aviation in the EU ETS is a necessary step to achieve the European climate goals. Conducting a Delphi study on emissions trading in aviation, Efthymiou and Papatheodorou [49] conclude that increased transparency and simpler monitoring, reporting, and verification are recommended for the regulatory authority.
The EU ETS generates a price for carbon emission (as presented in Figure 1) and thereby seeks to internalize the externalities arising from carbon emissions. A complete internalization is achieved if the carbon price equals the social cost of carbon (SCC). This theoretic construct represents the economic cost associated with climate damage that results from emitting an additional tonne of carbon dioxide into the atmosphere [50]. For the period of 2015, Nordhaus [51] estimates an SCC of USD 31 per tonne of carbon dioxide and predicts a price growth rate of 3% per year. These measurement models make assumptions about a variety of uncertainty parameters such as economic growth, social discount rate, and climate sensitivity. Although country-level SCC is heterogeneously distributed and explains challenges in common climate agreements, climate change is an international challenge, for which Ricke et al. [50] show a mean global SCC of USD 417 per tonne of carbon dioxide. Here, the global SCC describes the results of a worldwide damage function and equals the sum of all national SCC. Even before the start of the EU ETS, Boemare et al. [52] anticipated tensions between national carbon markets and the EU ETS due to double regulation as well as challenges in the equivalence of effort and linkage. Analyzing the specific impact of the interaction between national climate policy instruments and the EU ETS on biomass use, Kautto et al. [53] acknowledge that the overlap and interaction create synergies as well as conflicts and that the separation of the effects is difficult. The International Emissions Trading Association (IETA) [54] analyzes consequences of overlapping emissions reduction policies, in- Even before the start of the EU ETS, Boemare et al. [52] anticipated tensions between national carbon markets and the EU ETS due to double regulation as well as challenges in the equivalence of effort and linkage. Analyzing the specific impact of the interaction between national climate policy instruments and the EU ETS on biomass use, Kautto et al. [53] acknowledge that the overlap and interaction create synergies as well as conflicts and that the separation of the effects is difficult. The International Emissions Trading Association Sustainability 2021, 13, 2106 6 of 21 (IETA) [54] analyzes consequences of overlapping emissions reduction policies, including economic efficiency, harmonization degree, interplay, and total emission reduction. They recommend increasing the transparency of the climate policies in terms of cost and emission reduction. Overlapping instruments are expected to reduce market efficiency, and thus, the IETA further recommends to regularly evaluate the interplay and transparency of climate policies affecting the EU ETS.
Similar to other financial markets, the European carbon trading market is subject to fraudulent activities due to high trading volume, immaturity of regulations, and a lack of oversight and transparency [3]. For example, a firm may sell its emission allowance that does not exist at all or sell the same allowance several times. The history of the EU ETS is marked by various fraud attacks.

Distributed Ledger Technology
A DTL is a decentralized repository of data [6] that enables secure transactions between untrusted parties with algorithmic-based consensus [7]. DLT covers different concepts, designs, properties, and characteristics, where blockchain constitutes a specific DLT concept [7]. The development of blockchain technology started with the cryptocurrency bitcoin under the synonym "Satoshi Nakamoto" [55]. This special DLT concept groups records (e.g., transactions) into blocks [6] that form a liked list [7]. Thereby bitcoin is a peer-to-peer network, where a transaction is timestamped by hashing it into an ongoing chain of the hash-based consensus mechanisms proof of work (PoW) that forms a record that cannot be changed without redoing the PoW [55]. The cryptographic hash function is a one-way mechanism that transforms input data into an output string with a specific length [34].
In order to validate a transaction and create new blocks, a consensus mechanism needs to be defined. Bitcoin uses PoW, which serves as a cryptographic puzzle that requires computational effort to limit denial of service attacks [34]. Applications of cryptocurrency blockchains with decentralized value transfer like bitcoin are labeled as blockchain 1.0 [6]. Further blockchain applications in the financial area [6], including smart contracts, smart properties, decentralized applications, autonomous organizations, and autonomous corporations, refer to blockchain 2.0 [56]. The application of blockchain solutions developed beyond the use in cryptocurrencies as blockchain "is immutable, transparent, and redefines trust, enabling secure, fast, trustworthy, and transparent solutions that can be public or private" [57] (p. 15). Blockchain 3.0 labels a wider spectrum of DLT applications that are not cryptocurrency-related [6]. Efanov and Roschin [58] anticipate a development from the digital economy to the digital society that includes cultural, public, and governance blockchain applications as smart living, such as smart use of resources, and smart citizens.

Effects of Fraud on the Carbon Market
Criminal activities are characterized by their multidimensionality. Beyond the committed and detected fraud, a probability of undetected fraud remains. Based on statistical decision theory, agency theory, or game theory, the probability of these undetected frauds can be estimated [59]. Clearly, social-control agents (auditors, market supervision authorities, etc.) should be most concerned about committed fraud that goes unearthed. The existing literature on fraud and organizational misconduct suggests that either because of the budget restrictions of supervision authorities or the secret agenda of these social-control agents, most of the committed fraud remains undetected. Dyck et al. [4] find that for every accounting fraud detected, between one and two additional frauds go undetected, while Bruehl and Basse Mama [5] report that for every three companies hit by allegations of corporate misconduct, seven more go unearthed. In order to put these estimates into perspective, we recall the estimated losses of about EUR 5.5 billion for the tax systems of the affected member states of the EU [30]. Extrapolations based on [4,5] indicate that the losses due to undetected VAT-frauds level out at EUR 5.5-12.83 billion.
Frauds increase market frictions, among others, in the form of asymmetric information, which result in substantial price uncertainty arising from factors beyond fundamental supply and demand [60]. Indeed, Akerlof demonstrates in [14] that the damage value of "dishonesty" lies beyond the direct loss and includes damage from resulting lack of legitimacy in the market. Thus, trust, as a form of informal guaranty, can be seen as a precondition for efficient trade and production in the market [14].
Dupont and Karpoff [15] investigate the multidimensional mechanisms of trust formation in an economic relationship illustrated in Figure 2. In general, it reflects a concept of accountability if an agent faces ex-post penalties after opportunistic behavior. The first channel of the Trust Triangle refers to third-party enforcement. In the case of the emissions trading system, this involves general national and international law as well as adjustments to the trading system. A further form of penalties, market penalties, arise from related-party incentives, which form the second channel. For the EU ETS, it directly refers to fraudulent actors if they participate in the trading market as traders and risk reputational damage after repeating transactions. More threatening for the trust-building process are presumably actors that cannot be tracked and indirectly influence the market trust of all related emissions trading participants. From Akerlof's [14] lemon problem in the repeated form, opportunistic agents get penalized due to their deteriorated reputation, but most fraudulent actions in the EU ETS cannot be traced back to an original trading party. Therefore, all traders are potentially opportunistic, and the overall trust in the trading market can be damaged. The third channel relates to the personal background and motivation of the agent in the absence of legal or market penalties. Motivation reflects the social norms of society; it captures the cultural dimension.
Frauds increase market frictions, among others, in the form of asymmetric information, which result in substantial price uncertainty arising from factors beyond fundamental supply and demand [60]. Indeed, Akerlof demonstrates in [14] that the damage value of "dishonesty" lies beyond the direct loss and includes damage from resulting lack of legitimacy in the market. Thus, trust, as a form of informal guaranty, can be seen as a precondition for efficient trade and production in the market [14]. Dupont and Karpoff [15] investigate the multidimensional mechanisms of trust formation in an economic relationship illustrated in Figure 2. In general, it reflects a concept of accountability if an agent faces ex-post penalties after opportunistic behavior. The first channel of the Trust Triangle refers to third-party enforcement. In the case of the emissions trading system, this involves general national and international law as well as adjustments to the trading system. A further form of penalties, market penalties, arise from relatedparty incentives, which form the second channel. For the EU ETS, it directly refers to fraudulent actors if they participate in the trading market as traders and risk reputational damage after repeating transactions. More threatening for the trust-building process are presumably actors that cannot be tracked and indirectly influence the market trust of all related emissions trading participants. From Akerlof's [14] lemon problem in the repeated form, opportunistic agents get penalized due to their deteriorated reputation, but most fraudulent actions in the EU ETS cannot be traced back to an original trading party. Therefore, all traders are potentially opportunistic, and the overall trust in the trading market can be damaged. The third channel relates to the personal background and motivation of the agent in the absence of legal or market penalties. Motivation reflects the social norms of society; it captures the cultural dimension. Although complete trustworthiness is not a necessary requirement, distrust can have detrimental effects on market efficiency [61]. Some ex-post analyses have tried to assess the quality of the EU ETS market. Specifically, Medina et al. [27] evaluate the development of trade friction measured by the relative spread (relative spread is estimated by the bidask spread over the average trading price [27]), information asymmetries, and marketmaking profits within the first two trading phases of the EU ETS. They find a general decrease in trade friction from Phase I to Phase II. Among others, the recovery of the market quality was driven by the market collapse in 2007, which was followed by the financial crisis. In the testing period, Phase I, which spans from 2005 to 2007, the verified emissions were below the total quantity of allowances allocated by the governments, resulting in an oversupply of allowances [62,63]. Furthermore, the allowances could not be transferred to Although complete trustworthiness is not a necessary requirement, distrust can have detrimental effects on market efficiency [61]. Some ex-post analyses have tried to assess the quality of the EU ETS market. Specifically, Medina et al. [27] evaluate the development of trade friction measured by the relative spread (relative spread is estimated by the bid-ask spread over the average trading price [27]), information asymmetries, and market-making profits within the first two trading phases of the EU ETS. They find a general decrease in trade friction from Phase I to Phase II. Among others, the recovery of the market quality was driven by the market collapse in 2007, which was followed by the financial crisis. In the testing period, Phase I, which spans from 2005 to 2007, the verified emissions were below the total quantity of allowances allocated by the governments, resulting in an oversupply of allowances [62,63]. Furthermore, the allowances could not be transferred to Phase II and had to be canceled, losing any future value [63]. Despite the overall recovery of the market quality, Medina et al. [27] observe quality levels by the end of 2010 that were still below the precollapse phase. Similarly, Karpf et al. [28] perform a structural analysis that reconstructs the network of transactions of the EU ETS in order to analyze the market efficiency. They also find an improved market efficiency from the beginning of Phase II but claim, that an asymmetry between industrial and financial actors persists. Industrial agents have to resort to local networks and financial intermediaries in order to exchange allowances, which results in unnecessary market information related costs for industrial actors and underlines the key objective of reducing GHG emissions cost-efficiently [28]. As a natural measure of the market quality Hasbrouck [64] decomposes price volatility into efficient components and stationary components. The relation of both components can be used to describe the price or market quality. Specifically, for the EU ETS, Frunza [29] estimates the effect of VAT fraud from 2008 to 2010 on the market price of allowances. By the calibration of an arbitrage pricing model, Frunza [29] estimates the spread between the theoretical price based on fundamentals and the actual price, postulating a drop in prices of emission allowances due to VAT frauds of approximately a quarter.
Theoretical models on the behavior of criminal economic agents can be helpful to explain under what conditions the conduction of a crime becomes less likely. For instance, Karpoff [16] makes an ex-ante prediction of the different effects of technology change on frauds in the financial markets. Based on the theoretical model of Klein and Leffler [65], Karpoff [16] explains how single elements of digitalization affect the financial sector and expects a net decline in misconduct for the long-term trend due to lower information, search, and transaction costs. In the Klein and Leffler [65] model's optimality condition, a firm decides not to cheat if the real interest rate is sufficiently small and the price elasticity of a high-quality good (corresponding to an honest market behavior) is relatively high. A decrease in both information costs and transaction costs tends to increase the price elasticity of high-quality goods in financial markets, as trusted firms can raise capital more easily [16]. Interestingly, Chen [66] claims that the digital economy reduces market frictions due to reduced search, entry, transaction, and reproduction costs. Karpoff [16] observes that this condition relates to the related party enforcement of the Trust Triangle (Figure 2). In a more general form, the Becker model [67] illustrates that an individuum conducts crime when the expected benefits exceed the expected costs. We argue that the implementation of a DLT solution in emissions trading has two effects. First, due to the indirect impact through lower transaction costs and the increase in price elasticity, the probability of fraudulent attacks will decrease [16]. Second, the barriers for some types of fraud will increase, and therefore, the costs of financial misconduct in emissions trading rise.

Expected Fraud Reduction Opportunities
Motivated by the possibility of increasing transparency and the EU ETS's efficiency, we analyzed the fraudulent categories of the EU ETS and narrowed fraud reduction potentials.
We could identify the following four fraudulent categories where we expect a direct reduction of vulnerability due to selected DLT features. The first category, "sale of carbon credits that either do not exist or belong to somebody else", is related to the nature of carbon credits. Being intangible, the detection of this type of fraud is conventionally improbable because carbon credits enable ownership of the carbon right to be separated from the physicality. Carbon credits generated by the forestry industry are cited as an illustration by Interpol with an estimated USD 80 million of fraud in Sustainability 2021, 13, 2106 9 of 21 2010 [3]. Here, a well-known practice is the so-called double counting, where the owner of the emission right sells it to multiple parties or uses the emission right for higher amounts of verified emissions.
In the period between 2008 and 2009, the second category of fraud, "tax fraud", peaked with a loss of national tax revenue estimated by Europol at around EUR 5 billion [68] and related in particular to Value-Added-Tax (VAT) fraud. This form of VAT fraud, also known as intracommunity missing trader fraud or VAT carousel fraud, can be implemented primarily in cross-border trade of goods and even more efficiently in carbon credits. In the latter case, carbon credits are sold across European borders in a tax-free transaction. The buyer resells the carbon credit domestically and would have to pay VAT to the national government. This process can occur countless times, with VAT being charged each time the circle is passed [69]. However, before the national authorities can invoice the VAT, the intermediary has disappeared. In other words, as illustrated by Interpol [3], trader A in country 1 sells carbon credits to trader B in country 2. The transaction is cross-border and is, therefore, VAT free. Within country 2, trader B sells the carbon credit to trader C. Trader C must pay VAT on the sale to trader B, who is obligated to forward it to the government. In VAT fraud, trader B disappears without transferring the money. For this reason, the European Commission had already introduced the reverse charge mechanism as an option for member states in March 2010. According to this option, the VAT payable on the supply is shifted to the person receiving the supply instead of the vendor. In combination with the definition of EU ETS allowances as financial instruments, future VAT frauds are expected to be reduced [69]. Notwithstanding, this form of fraud remains to some level as the reverse charge mechanism's implementation leaves regulatory gaps. The optional adoption at the national level means that the mechanism is not implemented in all member states [30].
The third category is "Internet crime and computer hacking to steal carbon credits". Especially for this fraud category, we expect a higher security environment by using a blockchain-based technology. Currently, an insecure registration process, as well as the various legal security standards, lead to a considerable susceptibility to fraud in the trading system. In 2010 and 2011, for example, a total of 3,606,052 emission certificates were stolen in Romania, Italy, Austria, the Czech Republic, and Greece, of which only 36% were verifiably returned [69]. Therefore, the European Commission has installed a union registry in 2012, which combines the individual existing EU ETS registries into a central EU registry, with the purpose of limiting emissions trading fraud. (Article 19 amended on 08.04.2018, DIRECTIVE 2003/87/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL.) However, a certain fraud potential remains due to the uncertainty regarding nonreturned or untraced stolen emission allowances and future internet security risks [69].
We consider the fourth fraudulent category, "Exploitation of weak regulations to commit financial crimes", to be caused by EU ETS's different national legislations. Trading across multiple countries allows loopholes and minimizes fraud detection. In general, companies prefer to operate in less regulated environments with fewer enforcement activities and expand their trading activities there. Furthermore, Gibbs et al. [70] analyze the EU ETS's opportunity structure for white-collar crimes. Conducting mental models from psychology research, the authors show that the structural features of the EU ETS motivate individuals to exploit the legal leeway using legitimate networks and components of the system and thus end up in white-collar crimes. In general, this category refers to the EU ETS state in 2013, where the system was marked by heterogeneity across different jurisdictions. Within the third trading period, the European Commission strengthened the central regulation of the EU ETS, e.g., setting a single EU-wide cap [1] centrally. Nonetheless, some differences in regulation of the member states remain. For example, the reserve charge mechanism to combat VAT fraud is optional to be implemented in the national regulation [30]. Furthermore, it can be questioned if all member states consistently track and punish EU ETS related frauds with a similar effort.
The reduction of the four presented fraudulent activities will influence the relatedparty enforcement of the Trust Triangle in Figure 2. In many cases, the fraudulent activity cannot be related directly to a trading participant and damage the reputation. Therefore, a systematic reduction of fraudulent activities will increase the general trust in other market participants.

Proposed DLT Application for EU ETS
In this section, we describe how a DLT application for the EU ETS should ideally be implemented in order to reduce the probability of fraudulent activities, increase trading efficiency, and automate regulatory controlling and verifying processes. This description only points out the main application areas without describing different design choices. The technical application is evaluated in a feasibility study, and further research should in-depth evaluate optimal features for the EU ETS that meet the criteria described in Section 6.
The current European Union Registry documents the ownership and transaction of certificates and is comprehensively described by German Environment Agency [71]. As the technical basis for European emissions trading, the European Union Registry is part of an international registry architecture. It is connected to other Kyoto registries via the International Transaction Log (ITL). ITL checks each transaction of Kyoto allowances for compliance with the Data Exchange Standards. Only if no discrepancies are found ITL will confirm the transaction. Similarly, the European Transaction Log (EUTL) verifies the compliance with the EU ETS rules. EUTL monitors the processes and transactions within the EU ETS, including account opening and closing. The purpose of our DLT-enhanced trading model is not to establish a new form of the EU ETS. It shall instead serve as a possibility to digitally retrofit the existing EU ETS architecture. Figure 3 illustrates the classical five-layer DLT structure [72,73] we are using. The hardware layer comprises the virtualization, where the decentralized distribution of the nodes is the core element. Each computer or terminator is called a node in a DLT network.
Transactions and values in a DLT will never be overwritten, which is the key difference compared to a traditional database. If an incorrect message is generated, all the nodes in the system would be notified. Both the incorrect message and its correction will be stored with traceability in the ledger and are shared among multiple nodes. Some nodes contain the full state of the ledger, while other nodes only contain part of the ledger. It allows a DLT network to provide transparency and optimal efficiency across the nodes. The distributed nature of DLT also enables the ease of scaling in a DLT network. By increasing the number of nodes, a suspected fraudulent actor's ability to influence the consensus protocol used by the DLT is reduced, thus increasing the resistance to such attacks. The realization seems favorable in a cloud-based system in order to reduce the maintenance hassle.
The data layer can be structured as a public (permissioned), private (permissionless), or consortium (hybrid) chain. Private blockchains, such as bitcoin, are entirely open access, and no permission is required to participate in the network. In contrast, in public chain ledgers, only specific known validators hold the right to modify the blockchain, and incentives are thus not required for the system's operation [34]. Although private blockchains are faster and more efficient, they relatively lack immutability and censorship resistance [74]. The classification of consortium ledger architectures refers to hybrids that incorporate features of public and private blockchains. We presume that the consortium's blockchain fulfills various advantages of a decentralized platform for a user group that is only party public and, hence, is of great benefit for organizational cooperation. Further internode communication is covered in the network layer. As for the blockchain DLT concept, most energy trading applications choose a peer-to-peer exchange network [34,43,75,76]. With this decentralized peer-to-peer trading possibility, all intermediaries are redundant, and the related costs can be saved [75]. bility 2021, 13, x FOR PEER REVIEW 11 of 21 The data layer can be structured as a public (permissioned), private (permissionless), or consortium (hybrid) chain. Private blockchains, such as bitcoin, are entirely open access, and no permission is required to participate in the network. In contrast, in public chain ledgers, only specific known validators hold the right to modify the blockchain, and incentives are thus not required for the system's operation [34]. Although private blockchains are faster and more efficient, they relatively lack immutability and censorship resistance [74]. The classification of consortium ledger architectures refers to hybrids that incorporate features of public and private blockchains. We presume that the consortium's blockchain fulfills various advantages of a decentralized platform for a user group that is only party public and, hence, is of great benefit for organizational cooperation. Further internode communication is covered in the network layer. As for the blockchain DLT concept, most energy trading applications choose a peer-to-peer exchange network [34,43,75,76]. With this decentralized peer-to-peer trading possibility, all intermediaries are redundant, and the related costs can be saved [75].
The core layer of any DLT application is the consensus layer [22], as it orders and validates the blocks, and ensures interblock verification [72]. The most prominent consensus mechanism used in blockchain applications is PoW. It is characterized by the intensive effort to deter potential frivolous or malicious computing power usage and, therefore, results in a large amount of energy consumption and emission discharge. On the contrary, the Proof of Stake (PoS) consensus is evaluated by the wealth processed by the codes. It minimizes the computing effort and increases security, but at the same time, it leads to monopoly problems since the voting power is centralized. In our DLT system, we propose the Byzantine Fault Tolerance (BFT) for EU ETS. It defines a system that tolerates the class of failures that belong to the Byzantine Generals' Problem [77]. Compared to PoW consensus, BFT results in less system overhead and could improve trading speed. The core layer of any DLT application is the consensus layer [22], as it orders and validates the blocks, and ensures interblock verification [72]. The most prominent consensus mechanism used in blockchain applications is PoW. It is characterized by the intensive effort to deter potential frivolous or malicious computing power usage and, therefore, results in a large amount of energy consumption and emission discharge. On the contrary, the Proof of Stake (PoS) consensus is evaluated by the wealth processed by the codes. It minimizes the computing effort and increases security, but at the same time, it leads to monopoly problems since the voting power is centralized. In our DLT system, we propose the Byzantine Fault Tolerance (BFT) for EU ETS. It defines a system that tolerates the class of failures that belong to the Byzantine Generals' Problem [77]. Compared to PoW consensus, BFT results in less system overhead and could improve trading speed.
Finally, the application layer refers to the user interfaces and end-user applications [72]. We propose an application interface to the regulatory authorities and trading partners. The aim is to ensure that, in the future, the virtual machine is designed to connect to the installation holders' sensors. Such a virtual machine has the potential to monitor the actual emission behavior and the energy consumption [78]. The design of the trading platform needs to manage the transactions and provide a trading history, including all trades with trading partners, traded amounts and corresponding prices.
In addition to the classical five layers presented in Figure 3, we introduce a novel identity layer above them to ensure the authenticity of the participants and their data. This includes a decentralized identifier (DID) [79] and verifiable credentials (VCs) [80] standards. On the one hand, the DIDs work as an identity anchor for each participant. On the other hand, the VCs serve as the emissions certificate. This will result in a comparison of the benefits of this type of identity layer with a standard setup. Figure 4 illustrates the three application stages in this layer. identity layer above them to ensure the authenticity of the participants and their data. This includes a decentralized identifier (DID) [79] and verifiable credentials (VCs) [80] standards. On the one hand, the DIDs work as an identity anchor for each participant. On the other hand, the VCs serve as the emissions certificate. This will result in a comparison o the benefits of this type of identity layer with a standard setup. Figure 4 illustrates the three application stages in this layer. The first stage in Figure 4 describes the issuing process of emission allowances by the European Commission at the beginning of the trading period via auctioning or allocation free of charge. In the second stage, each installation holder and trading participant wil receive a DID for secure identification. In addition, each installation holder has a unique identity wallet, which contains the holder's information, emission credit balance, and the auditable transaction history, which provides traceability and supports the verification of traded emission certificates. The records of transactions of such a decentralized system the so-called "audit trail", are anticipated to be secure, trusted, and tamper-proof [34,75].
In the third stage, the virtual machine is connected with smart meters [34,81] on the installation level. They track the energy consumption [78] and, therefore, the emitting emission. With the real-time emission data, the monitoring of the EU ETS is simplified data availability increased, and costly verifiers become redundant. We believe that such a platform could increase transparency, simplify audit processes, and reduce managemen as well as verification costs. Most importantly, it creates incentives for installation holders to efficiently decarbonize. In the extensive literature review of Casino et al. [82] on different blockchain-based applications, the authors find that specifically cloud-based decen tralized and efficient blockchain technology solutions have the potential to overcome big data challenges and enhances secure and verifiable data management as one of the mos indisputable properties of blockchain. The first stage in Figure 4 describes the issuing process of emission allowances by the European Commission at the beginning of the trading period via auctioning or allocation free of charge. In the second stage, each installation holder and trading participant will receive a DID for secure identification. In addition, each installation holder has a unique identity wallet, which contains the holder's information, emission credit balance, and the auditable transaction history, which provides traceability and supports the verification of traded emission certificates. The records of transactions of such a decentralized system, the so-called "audit trail", are anticipated to be secure, trusted, and tamper-proof [34,75].
In the third stage, the virtual machine is connected with smart meters [34,81] on the installation level. They track the energy consumption [78] and, therefore, the emitting emission. With the real-time emission data, the monitoring of the EU ETS is simplified, data availability increased, and costly verifiers become redundant. We believe that such a platform could increase transparency, simplify audit processes, and reduce management as well as verification costs. Most importantly, it creates incentives for installation holders to efficiently decarbonize. In the extensive literature review of Casino et al. [82] on different blockchain-based applications, the authors find that specifically cloud-based decentralized and efficient blockchain technology solutions have the potential to overcome big data challenges and enhances secure and verifiable data management as one of the most indisputable properties of blockchain.
In sum, we expect the following effects on the different types of fraudulent activities presented in Section 4.2 from our proposed DLT-enhanced EU ETS. The emission allowances will be uniquely identified with VC, and an audit trail reporting tracks the certificate from the initial market allocation through all conducted trades. In this regard, carbon credit that does not exist is unlikely to enter the market, and possibilities to sell carbon credit that belongs to someone else will be decreased. All in all, the likelihood of double counting will be reduced due to a more secure unique identification and trade tracking.
The tax fraud remains a threat to the carbon trading market as the reserve charge mechanism is only optional and is not necessarily required to be implemented in all member states. In our model, each trading participant receives a unique identity wallet containing the holder's information, the emission credit balance, and the own transaction history. With the wallet information, each trade can be traced back to the original holder, and the scenario from the VAT fraud example in Section 4.2, where trader B disappears without transferring the money to the government, becomes unlikely.
The effects of internet crimes and computer hacking to steal carbon credit depend on the consensus mechanism. In an ideal BFT system, the information is transmitted and decided via multiple routes with at least N = 3 f + 1 replicas, with f representing the number of failures or faulty nodes [83]. (The proof that the relation holds can be found in Bracha [84].) In other words, N is the minimum number of nodes or routers in a system needed to guarantee that the system is working correctly for a certain number of failures. In this case, one-third of the nodes could suffer from failure, and the entire system could still be able to work correctly. Fault tolerance is important as failures obviously reduce the overall reliability, resilience, and availability of the computing service. If more hacking attacks are expected, the threshold of fault tolerance can be increased with a tradeoff in scalability [7]. However, in a BFT system, the hacker has to trace and break into the majority of routes at a limited time, which is a major challenge.
The application of our proposed model is in the first instance directed to the European Commission. As regulatory authority, a DLT-based EU ETS enables them to strengthen the centralization and oversight across different jurisdictions. The fraudulent category "exploitation of weak regulations to commit financial crimes" is closely related to other types of fraud, and therefore, a reliable evaluation of the digitalization effect remains a challenge.
The proposed application model enables new instruments for regulatory authorities and law enforcement agencies to increase the possibilities of third-party enforcement (see Figure 2), and thereby strengthens another channel of the Trust Triangle.

Evaluation Framework for a DLT-Based EU ETS
The decision of the European Commission for or against the digitalization of the EU ETS and, if positive, the specification of different design choices cannot only depend upon technical factors. In this section, we structurally evaluate our proposed DLT application using the financial, social, and ecological factors proposed by Janssen et al. [24], and identify relevant key challenges. More specifically, Janssen et al. [24] conduct an intensive literature review with a focus on blockchain applications and identify 26 factors that influence the application, which they categorize following Koppenjan and Groenewegen [85] into social, market, and technical factors. We evaluate each factor with respect to the applicability for the EU ETS and elaborate on the consequential challenges for the EU ETS. The relevant factors and corresponding challenges that need to be considered for a final determination regarding the EU ETS are summarized in Table 1.
On the one hand, the digitalization of the EU ETS is a complex endeavor that should meet a variety of interdisciplinary criteria. On the other hand, it outlines the possibility to reduce fraudulent activities and thereby increase market trust, which is a fundamental requirement for this market instrument to efficiently reduce emission externalities, and to incentivize green investments.
The acceptance of digitalization through blockchain technology regarding traceability and transparency is a general issue [86,87], as the technology application still is in a nascent and evolving phase. Each user group needs to be adequately informed, and their expectations and system relevant demands should be considered. One central challenge will be to examine the optimal tradeoff between privacy preservation and trust assumption [7,88]. The users will have to accept a certain level of information shared within the system. However, the anonymity of users is not only a question of technical feasibility. Social perspectives and privacy needs, as well as the network behavior of individuals and groups, require special attention and further research [89]. The digitalization of an established system depends to a large extent on user acceptance. In this context, there must be a willingness to invest additional effort in the adaptation process. To increase the motivation, it is essential to raise perceived usefulness through information and management campaigns. Wu and Chen [90] highlight that individual technology fit and task technology fit positively influence perceived usefulness. Furthermore, the role of intermediaries needs to be redefined. For the EU ETS, it includes the European Commission, independent verifiers, and trading platform as the Intercontinental Exchange. From an optimistic point of view, the DLT-based EU ETS design seeks to reduce fraudulent activities in order to increase trading efficiency and costeffectively decarbonize the European market. However, the legitimate concern that this could function as a door opener for further 3.0 blockchain applications that risk cybercrime and other illegal activities, such as money laundering [91] remains.
From a regulatory perspective, the DLT infrastructure creates possibilities to include specific decarbonization incentives. One example is given by Khaqqi et al. [43], who propose a seller/buyer reputation feature that signifies participations' performance, and effort in emission reduction. The European Commission would be required to adapt its monitoring and auditing responsibilities. A governance framework includes user rights, liabilities, and corresponding privacy rules [24]. The European Securities and Markets Authority (ESMA) report [92] further stresses the necessity of rules to approve or reject authorized participants and correction mechanisms in the context of such a framework. The DLT system should guarantee the verification of compliance of each transaction with the EU ETS as it is currently done by EULT. Beyond the simplification and automatization within the monitoring process, some fundamental authorizations and responsibilities need to be clarified. Is the regulatory authority interested in tracking real-time emission consumption? Should the reporting periods be adjusted? Shall the regulatory authority grant the master read-only access to sensitive information? As general guidance, in September 2020, the European Commission proposed a pilot regime for DLT-based market structure [93] with the primary objective to create legal certainty for a DLT market.
The DLT structure of the EU ETS enables new possibilities in fraud detection methods for law enforcement cooperation like Interpol and Europol. Ainsworth and Shact [31] analyze how DLT solves VAT fraud and argue that the connection of invoice data in a DLT does not eliminate the first instance of missing trader intracommunity fraud, but it should detect subsequent efforts to execute the fraud. In addition, the embedment of the EU ETS in a DLT structure needs to be evaluated in primary civil law and data protection assessments, considering current national and European case law. According to Crosby et al. [94], new laws and regulations need to be considered to regulate the industry for compliance. Limits should be set to intermediary server providers with legislative aspects related to intellectual property and impose legally binding frameworks for decentralized transactions of any kind of goods [89]. In particular, the validation of emission certificates must be guaranteed. Finck [95] has, among others, evaluated the tension of blockchain technology and the established legal framework in Europe. His work underlines the challenge to enforce necessary law adaptions across all member states.
Security aspects must be considered from the design perspective and the method perspective. DLT provides a variety of value propositions for the financial industry [96]. These usually include enhanced identity measures, improvements in data integrity and storage, transaction efficiencies, increased system capacity, and compliance effectiveness. Professional organizations, services providers, and regulatory authorities must collaborate to form a comprehensive and standardized DLT security approach. Azouvi et al. [97] emphasize that incentive systems play an essential role for the security guard in order to enhance system security. DLT could also provide traceability to the access of information. The installation holder or authority needs to provide their unique pass key to access sensitive information. Thus, the risk of information leakage can be minimized. From the methods perspective, security includes data security and IT security (key management and cryptography), data provenance and authenticity, and data privacy and availability. For the robust protection of the private keys, the key management method of multiparty computation should be considered. This procedure has the potential to ensure the usability of a software key management method and the security of a hardware-driven method. To further ensure the authenticity of the participants and their data, an identity layer above the blockchain structure could be beneficial, as presented in Figure 4.
The market factors include, among others, the practical network and infrastructure in Europe. Al-Saqaf and Seidler [91] emphasize the necessary requirement of fast and reliable internet with significant processing power. For the EU ETS, this results in a challenge to guarantee that the national infrastructure of all participating countries and individual installation holders have access to similar high bandwidth, processing power, and storage capacity. For Europe, it will be a cost-intensive endeavor to establish a high-quality IT infrastructure across all member states to support the unrestricted functioning of the DLT system.
An additional aspect of the market factors consists of the interoperability of the DLT system. Besides the interoperation between different DLT systems, it also needs to be able to interoperate with legacy systems, which could be reached by using a universal standard [92]. Concerning the EU ETS, possibilities for the integration of the old system should be examined. To retrofit the old systems, a method could be used to take them as a root of trust. Notwithstanding, the tracking can also be achieved via new methods, excluding the old systems. For robust interoperability, particularly between the new systems, e.g., between wallets, one possible solution consists of the presented DIDs and VCs (see Figure 4). To evaluate these identity standards, which are built for interoperability, they need to be compared with the upcoming standards of ISO/TC 307 blockchain and DLT.
From a governmental perspective, the digitalization of the EU ETS is also a financial inquiry. The challenge here is to monetize the anticipated benefit and make them comparable with the costs over a reasonable period. We argue that the primary benefit arises from a decrease in fraudulent activities. As a by-product of the stronger security and transparency, the trust and, therefore, the efficiency in the carbon trading market will increase, reducing socially costly externalities. The increase in efficiency mentioned here comprises three dimensions. First, from the perspective of the regulating authority, it increases general oversight. The regulating authority will have in addition access to the following data: real-time trading volume, real-time emission consumption, and eventually real-time generation of green certificates. At its best, these datasets can support the regulating authority in its decision-making process concerning any regulation-related matters, such as setting an optimum cap level. Second, from the perspective of the trading participants, the overall reduction of fraudulent activities increases the general market trust as described in Section 4.1 and thereby increases market efficiency. In an efficient market, the equilibrium price reflects all available product-related information. Under the assumption that the regulating authority indirectly influences the price by adjusting the number of total carbon credits at an optimal level, the increased efficient market would generate an optimal price for emission allowances. As explained in Section 3.1, the optimal price equals the corresponding SCC and thereby eliminates any costly externalities. Finally, the audit trail of the consumed or verified total emissions saves cost by cutting the need for external verifiers.
In addition, ESMA argues that a key benefit arises from enhanced reporting and oversight [92], which creates new possibilities in the monitoring and regulation by the European Commission. The fact that DLT shares responsibility among nodes also means low IT maintenance costs (IT engineer, facility, or outsourced cloud computing cost) compared to centralized systems. The opposing costs can be summarized as installation, transaction, energy, and storage [98]. In our proposed system, the users are double-blinded, i.e., all nodes are anonymous to each other, which enables fair competition and eliminates conspiracy in the trading market. However, the central controller can specify the identifies of all users, which allows smooth and effective governance.
An important performance indicator is scalability that can be described as the capacity of a DLT to efficiently handle varying amounts of required resources like transactions per second [7]. The scalability depends on the consensus mechanism and therefore generates the challenge as the tradeoff between security and scalability [7,89]. In our proposed application, the focus will be to test the performance of a wallet-to-wallet communication process and simulate the trading of emissions certificates. Nonetheless, the Scalability Trilemma coined by the founder of Ethereum, Vitalik Buterin, will remain a central challenge [99]. It refers to the optimization problem between scalability, security, and decentralization. The DLT system must be able to function correctly and in a reasonable time when many users execute a transaction simultaneously. In primary stages, when the smart meter is not already connected with the installations, all installation holders will report their verified emissions in a restricted timeframe. The DLT system is required to withstand the peak of transaction flows while guaranteeing a security standard and level of decentralization. Further research could evaluate which of the technical scalability solutions (e.g., [100]) would be most suitable for a DLT-enhanced EU ETS.
As the primary purpose of a DLT-enhanced EU ETS lies in decarbonization due to increased market efficiency, a high energy-consuming DLT system [101] would miss its target. The high energy consumption in a public distributed ledger is driven by the consensus mechanism [82] and reveals an important weakness in blockchain solutions. Blockchain processes suffer from intensive energy consumption in the form of electricity for computation, network power usage, and require further energy for cooling [102]. In a comprehensive sustainability analysis, the energy consumption of the DLT constitutes only one aspect. Furthermore, from a pure software engineering point of view, the regular maintenance, as well as the generation of storage capacity, form additional sustainability aspects. Andes et al. [103] developed a sustainability evaluation framework that further includes the complete value chain with soft-and hardware, efficiency enhancement, and human and social aspects. In a general sustainability analysis of blockchain technology Giungato et al. [104] assume that under the assumption of DLT being a driver of social change, it may overcome related challenges. Our system uses the Byzantine Fault Tolerance instead of PoW consensus and can significantly reduce emissions while keeps security and distribution efficiency.
All in all, the decision-making process of the European Commission can be summarized as a cost-benefit analysis that includes and monetizes social, market, and technical factors. Following the Becker model [67], the optimal policy to increase transparency and combat criminal activities in order to strengthen market trust and efficiency is part of an optimal allocation of resources.

Conclusions
The primary purpose of this paper is to motivate and stimulate interdisciplinary research on various financial, social, and ecological aspects of a DLT-based EU ETS, including the technical design of the DLT, cost-benefit analyses, and sustainability evaluations. Our study supports regulators such as the European Commission in designing a cost-efficient and secure DLT-enabled emissions trading system and fight against global warming. We contribute to this process by presenting an ideal application of the DLT into EU ETS and structurally evaluate its potential challenges and opportunities.
Putting the relevance of this digitalization into perspective, our solution could detect fraud in emissions trading and prevent relevant VAT losses (Ainsworth and Shact [31] argue that a DLT architecture for the total EU VAT would reduce revenue losses of EUR 50-60 billion per year in missing trader intracommunity fraud). Furthermore, we anticipate an increase in audit efficiency as fraud detecting corresponds with high financial effort and increasing time consumption. In general, a performance enhancement and improved credibility [82] can be expected with potential effects on market trust and thus emissions trading efficiency reflected in cost-effective decarbonization.
Our study has several limitations. It only provides a generalized framework that is not specified for stakeholders from different industries. It does not consider international competitiveness with potential political issues in the European Union. Our framework assumes that all information is freely shared among stakeholders, but practically, users could have various data security concerns that might require additional effort to protect data privacy.
Based on our framework, future research could focus on electricity generation in Europe, the integration of green certificates trading and carbon emissions trading, and effects of emissions trading policy on carbon emissions reduction. Our research is rather conceptual and needs to be validated by future practices. Future studies could focus on such practical evaluations, which will in turn improve the structure of our framework. From a technical perspective, we propose to use the Byzantine Fault Tolerance algorithm, but another consensus could also be implemented in the digital trading system. An ideal BFT system requires much computing power, which makes hacking difficult but is also costly in terms of computing power to operate. It might be more convenient to apply Practical Byzantine Fault Tolerance and set thresholds to balance the cost and security [105]. From a sustainability perspective, the fraud and emission reductions should be empirically evaluated and compared with some of the classical literature, such as [65,67], so that the system could be improved. These changes need to be evaluated based on real tests when the DLT-enabled emissions trading systems or prototypes are in operation.