Author: Xiao Sa Team
The U.S. Commodity Futures Trading Commission (CFTC) recently announced that its Digital Assets and Blockchain Technology Subcommittee has released a report titled "Decentralized Finance" (hereinafter referred to as the "Report"), which analyzes the risks facing DeFi and provides recommendations. The report aims to provide information for policy debates being conducted by the U.S. Congress, state legislatures, and regulatory agencies, including the CFTC. This is a response to the "Illegal Financial Risk Assessment of Decentralized Finance" released by the U.S. Department of the Treasury in April 2023 (hereinafter referred to as the "Risk Assessment"), which reported on the illegal financing risks of DeFi and recommended further engagement between federal regulatory agencies and the industry to explain how relevant laws and regulations apply to DeFi services, take additional regulatory actions, and issue further guidance. The Report reflects the beginning of this engagement.
Justin Slaughter, Policy Director of the crypto company Paradigm and a member of the CFTC's Technology Advisory Committee, pointed out that this report is a groundbreaking contribution to the investigation of opportunities and risks related to DeFi, stating that it "can be said to be the most comprehensive review of DeFi by any U.S. government agency to date."
Today, the Xiao Sa team will interpret these two related documents for everyone to analyze the future trends in review and regulation.
Risks and Challenges Facing DeFi
It is noted that the risks addressed in the "Risk Assessment" and the "Report" do not completely overlap. The "Risk Assessment" focuses on the risks of DeFi being used for money laundering and terrorist financing. The "Report" provides a more detailed and multi-layered identification of risks related to DeFi.
Specifically, the "Risk Assessment" emphasizes the misuse of DeFi by illegal actors. The report points out that key factors such as non-compliance of DeFi services, decentralization, failure to enforce international anti-money laundering/counter-terrorism financing standards, and weaknesses in the network security of DeFi services have led to the use of DeFi services by illegal actors, including ransomware users, thieves, fraudsters, drug traffickers, and North Korean proliferation financiers, to transfer and launder their illegal proceeds. However, the report also acknowledges that illegal activities are only a subset of overall activities within the DeFi space, and money laundering, proliferation financing, and terrorist financing most commonly use fiat currency or other traditional assets rather than virtual assets.
The focus of the "Report" not only includes the misuse of DeFi, but the Subcommittee also emphasizes from the perspectives of investors and consumers, market integrity, enterprises and ecosystems, financial system stability, and U.S. national security and leadership, the lack of clear responsibilities and accountability has led to a lack of motivation for DeFi industry practitioners to seek redress for victims and to lack effective prevention of illegal exploitation.
The Xiao Sa team believes that DeFi is expected to use the characteristics of blockchain to address the inefficiencies, structural issues, and security problems in traditional financial services, and to establish a more resilient financial system. However, many DeFi projects are currently not mature enough, and the lack of network security vulnerabilities and audit standards for DeFi services make them susceptible to being used as tools for illegal activities. The lack of regulation in the emerging industry of DeFi in various countries has exacerbated the neglect of safety risks and compliance systems by participants in the DeFi industry. Issues such as the centralization of DeFi organizational structure, governance of DAOs, and chaos in the NFT market urgently need to be addressed. In 2022, the collapse of algorithmic stablecoins caused by Luna exposed that many DeFi projects have not established effective internal control mechanisms. Currently, DeFi services generally do not implement anti-money laundering/counter-terrorism financing controls or other procedures to identify customer identities, and they have a relatively high level of anonymity. Although they have not been widely exploited by criminals, prevention is better than cure, and the risks of DeFi cannot be ignored.
Regulatory Measures for DeFi
U.S. official agencies generally believe that combating illegal finance, protecting customers and investors, and maintaining national security, among other obligations in the traditional financial industry, also apply to DeFi services. The "Risk Assessment" believes that the U.S. Bank Secrecy Act (BSA) and related laws and regulations require financial institutions to assist the U.S. government in investigating and preventing money laundering and terrorist financing, and whether DeFi institutions are subject to this obligation will depend on the specific facts and circumstances surrounding their financial activities. Although DeFi services claim to be "completely decentralized" or plan to be "completely decentralized," this does not affect their status as financial institutions under the BSA. Participants in the DeFi industry have an obligation to fulfill anti-money laundering/counter-terrorism financing obligations (this claim was recognized by the U.S. District Court for the Northern District of California in the CFTC v. Ooki DAO case in June 2023, which ruled that DAOs engaged in DeFi activities are eligible subjects under the BSA).
Before the "Report" expressed support for this view, the "Digital Asset Anti-Money Laundering Act," jointly initiated by several senators in December 2023, had already clearly supported digital asset wallet providers, miners, validators, and other network participants who may verify, protect, or facilitate digital asset transactions to be subject to BSA obligations, including KYC ("Know Your Customer"). Furthermore, the "Act" expanded the scope of BSA rules regarding the reporting of foreign bank accounts to include digital assets, requiring U.S. persons to submit Foreign Bank and Financial Accounts Reports (FBAR) to the IRS when conducting digital asset transactions exceeding $10,000 through one or more foreign institutions. It is foreseeable that if this bill is formally enacted, it will cause another earthquake in the industry. The bill has not yet been passed, and the Xiao Sa team will closely monitor future developments.
The "Report" also requires DeFi projects to assume policy objectives and regulatory obligations when providing financial services, and it requires engineers to consider them as part of DeFi projects and to consider building the most effective and economical controls and security features in the early stages of DeFi development.
It is noted that over time, U.S. official agencies have become increasingly firm in requiring DeFi projects to assume corresponding obligations. The "Risk Assessment" explained the expansion of the subjects of obligations through a purposive interpretation method, that is, to strengthen the regulation of anti-money laundering/counter-terrorism financing. The report suggests allowing certain DeFi services to be regulated beyond the definition of financial institutions, but it reserves its opinion on the criteria for determining financial institutions under the BSA and the regulation of DeFi services that do not fall within the definition of financial institutions under the BSA, and welcomes public input on this matter. However, in the "Report," this obligation is considered obvious. The "Report" believes that what is more worthy of consideration is the exceptions to the obligations, i.e., which projects require exemption from recognized obligations to attempt to achieve regulatory objectives in providing financial services, and whether they have proposed specific control measures, possible time limits, and effectiveness testing.
In addition, the "Report" provides detailed recommendations for the specific regulatory and compliance direction for DeFi. The specific list is as follows, for reference:
Since 2023, the CFTC has focused its enforcement efforts on the decentralized finance (DeFi) sector. In the absence of formal laws and regulations, regulatory agencies such as the CFTC have expanded their interpretations of the subjects of obligations defined by relevant laws and regulations, gradually expanding their administrative regulatory authority through litigation, and have imposed penalties on multiple blockchain companies and their principals, including Opyn, Inc., ZeroEx, Inc., and Deridex, Inc. As of November 2023, the CFTC has taken 96 enforcement actions, 47 of which are related to digital assets, indicating relatively aggressive regulatory actions.
However, comprehensive regulation does not equate to stringent regulation. It is also noted that the "Report" calls for an increased understanding of DeFi, emphasizing the necessity of a detailed understanding of decentralized financial systems to avoid excessive demonization of DeFi and to ease the tense relationship between regulatory authorities and DeFi. Moreover, from the perspective of U.S. legislative and judicial history, U.S. regulatory policies have always been subject to adjustments. Therefore, from a historical perspective, while the legal actions of the CFTC and the lawsuits brought by the SEC are meaningful, they should not be exaggerated. Overall, regulatory agencies recognize the innovation and transformation of the financial industry by DeFi, and their attitude towards DeFi is gradually becoming more positive.
Conclusion
It is commonly believed in the industry that there is a lack of regulatory clarity in the DeFi sector, and there is a lack of clarity on whether DeFi meets the definition of financial institutions under the BSA, registration requirements, and other issues, which are used to resist the obligations imposed by the CFTC, FinCEN (Financial Crimes Enforcement Network), and the SEC on industry practitioners. However, this view has been refuted by precedents.
The Xiao Sa team believes that there is a lag in global regulation in the Web3 space. Although DeFi has attracted increasing attention from more and more countries and regions, the governance and norms of the industry are still in the exploratory stage. Advancing accountability and compliance mechanisms may become one of the focal points of the industry's future development, and requiring DeFi services to fulfill some or even all of the obligations of the traditional financial industry may become a regulatory trend. Rather than forcibly applying existing laws to DeFi, actively exploring paths for DeFi to adapt to existing frameworks, and obtaining secure and cost-effective channels for financial services should be prioritized in the future.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
