Regulation in a Decentralised World: Frameworks for DeFi Governance & Oversight
Summary report written by Rahul Advani, Ripple and Angela Ang, TRM Labs
Discussions on the regulation of decentralised finance (DeFi) have gained momentum over the past year. Many regulators have looked at activity-based regulation for DeFi, with obligations applying to regulated activities even if they are decentralised.
The International Organization of Securities Commissions (IOSCO) has finalised its recommendations on how supervisory oversight could be applied in its Final Report with Policy Recommendations for Decentralized Finance (DeFi), which are predicated on the concept of ‘Responsible Persons’. Similarly, as a part of Project Guardian, the Monetary Authority of Singapore (MAS) is exploring the concept of ‘Trust Anchors’, which are regulated financial institutions that screen, verify and issue verifiable credentials to entities that wish to participate in DeFi protocols.
However, the question still remains - what are the challenges and opportunities when it comes to DeFi regulation?
Framing the dialogue
This was the very question posed to participants of a public-private roundtable hosted by Ripple and TRM Labs at the Elevandi Insights Forum 2023, held during the Singapore FinTech Festival. The roundtable included representatives from regulators including the Bank for International Settlements Innovation Hub Singapore Centre, Monetary Authority of Singapore, and Switzerland’s State Secretariat for International Finance. Industry representatives included Circle, Crypto.com, DigiFT, Marketnode, Metaco, and SBI Digital Asset Holdings.
DeFi is a rapidly growing industry, but it is clear that the industry needs regulatory clarity for responsible innovation to truly be unlocked. If properly developed and deployed, DeFi can lead to greater financial inclusion, consumer participation, and market efficiencies. Therefore, any regulatory framework for DeFi should encourage responsible innovation, while also ensuring appropriate risk management and consumer protection. Additionally, any regulations for DeFi should be principles-based and outcomes-focused, and align with the principle of “same activity, same risk, same regulation.”
The need for definitions
The clear consensus at the roundtable was that DeFi is sometimes misunderstood - both as a technology and as a concept. Many so-called DeFi applications and protocols that have failed or suffered security breaches were in fact controlled by a single party or through the efforts of a small group and, therefore, not actually decentralised. It was also noted by several participants that there is no single or generally recognised definition of DeFi at present, which can lead to confusion and misalignment in approaches being adopted.
Therefore, the need for a clear definition and taxonomy for DeFi that considers the multi-layered structure of DeFi — namely the infrastructure, token, and application layer – is an important factor for any future regulatory framework.
It is also clear that a network itself or activity on the network could have different levels of decentralisation, ranging from completely decentralised to completely centralised, depending on which layer is being analysed. A clear definition and taxonomy will help differentiate between those activities that are truly decentralised, and those that are ‘decentralised in name only’ (DINO).
Cross-border collaboration
There was also a consensus among roundtable participants that most of the activities in DeFi ecosystems mirror activities that take place in traditional financial markets. However, the cross-border nature of DeFi meant that different functions could be located in different jurisdictions. The lack of standardisation in regulation globally combined with the pseudonymous nature of the technology could lead to regulatory arbitrage which presents a challenge for regulators and policymakers to effectively regulate different activities.
One potential solution to overcome this is greater data sharing between jurisdictions in a transparent and standardised manner. Having clear data will help regulators understand the risks of DeFi, and the implication of such risks to the broader financial ecosystem.
Compliance by design
Lastly, the roundtable agreed that this could be an opportunity to establish a new paradigm for regulation. There needs to be greater public-private collaboration to incorporate ‘compliance by design’, namely encoding compliance requirements into smart contracts or DeFi protocols. Such a system will lead to better compliance outcomes, and could therefore help reduce the regulatory burden, which in turn will translate into lower costs and better outcomes for end users – realising the promises of financial inclusion and access for consumers around the world.
Additionally, a verification system that certifies compliance requirements have been met subject to the standards of a respective jurisdiction, similar to the ‘blue check marks’ used by social media platforms, will allow users to freely interact with the DeFi ecosystem while assuring regulators that they are compliant.
What next?
This roundtable was just the beginning of a much larger conversation on the challenges and opportunities of DeFi regulation. The public-private roundtable at the Elevandi Insights Forum 2023 highlights the importance of the need for a common understanding on DeFi, and continued collaboration to create the building blocks for a global DeFi regulatory framework.