Decentralized finance, commonly known as DeFi, is a new use of fast-growing blockchain technology, with more than $237 billion in DeFi projects opened since January 2022. Regulators are aware of this phenomenon and have begun work on regulating it. In this article, we’ll take a quick look at the basics and risks of DeFi before presenting the regulatory context.
DeFi is a set of alternative financial systems based on the blockchain that allow more complex financial transactions than a simple transfer of value, such as currency exchange, lending or loans, in a decentralized manner, i.e. directly between peers, without a financial intermediary (for example, centralized stock trading) .
Schematically speaking, a protocol called a DApp (for decentralized application) like Uniswap or open source Aave has been developed on a public blockchain like Ethereum. This protocol is controlled by smart contracts, i.e. contracts that are executed automatically when certain conditions are met. For example, the Uniswap DApp allows you to exchange funds between two cryptocurrencies in the Ethereum ecosystem thanks to smart contracts designed to perform this process automatically.
Users are encouraged to collect cash as they receive a portion of the transaction fee. When it comes to lending and borrowing, smart contracts allow those who want to lend their money to make it available to borrowers, and borrowers can directly borrow the offered money, ensuring a loan with (or without) collateral. Currency and interest rates are determined by supply and demand and negotiated between DA applications.
The great thing about DeFi protocols is that there is no single central organization responsible for verifying and executing transactions. All transactions are executed on the blockchain and cannot be undone. Smart contracts replace the intermediary role of central financial institutions. The code for DeFi applications is open source, allowing users to inspect, build from, and make copies of protocols.
Blockchain technology gives more power to a person. But with greater power comes greater responsibility. DeFi risks come in several types:
Technological risks. DeFi protocols depend on the blockchains they are built on, and blockchains can be vulnerable to attacks (known as “51% attacks”), bugs, and network issues that slow down transactions, making them more expensive or even impossible. DeFi protocols themselves are the target of cyberattacks, such as exploiting a protocol-specific bug. Some attacks occur at the intersection of technology and finance. These attacks are performed by “quick credits”. These are loans in the form of unsecured tokens, which can then be used to influence the price of the chips and earn money before paying off the loan quickly.
financial risks. The cryptocurrency market is very volatile and a sharp drop in prices can occur. Liquidity can end if everyone withdraws their cryptocurrency from liquidity pools at the same time (bank management scenario). Some malicious DeFi developers have “back doors” that allow them to obtain locked tokens in smart contracts and thus steal from users (this phenomenon is called “rug pulling”).
organizational risks. Regulatory risks are greater because the scope of DeFi is global, peer-to-peer transactions are generally anonymous, and there are no specific brokers (for the most part). As we will see below, there are two topics that are particularly important to the regulator: AML/CFT on the one hand, and consumer protection on the other.
FATF ‘Test’: Is It Really Decentralized?
As of October 28, 2021, the Financial Action Task Force on Money Laundering (FATF) has published its latest guidance on digital assets. This international organization sought to define rules for identifying responsible participants in DeFi projects by proposing a test to determine whether DeFi operators should be subject to a VASP or a “VASP” system. This regulation imposes, among other things, obligations to combat money laundering (AML) and terrorist financing (CFT).