DeFi: The Future of Finance?
Where next for DeFi?
DeFi services represent the cutting edge of financial technology, and in many ways, DeFi shows the cryptosphere at its most potent and complex.
Currently, DeFi activities appear to make up only a tiny fraction of the cryptoasset market, (which, in all respects other than news column inches, is dwarfed by the ‘traditional’ financial services industry or ‘TradFi’). However the DeFi area is rapidly growing in popularity and sophistication, and some of the true opportunities and risks of this emerging trend are only starting to become apparent.
Into customers’ pockets
The popularity of crypto-trading apps around the world provides fertile ground for the spread of mobile apps that incorporate DeFi solutions and DApps. A number of crypto-exchanges offer mobile apps already, and TradFi providers and tech companies that have already added crypto-trading to their offerings seem well-placed to follow suit. This could rapidly expand the reach of DeFi, and prompt even more investment in this space.
As we’ve covered in this blog post, payments in the metaverse are already heading towards some form of digital currency and there may be demand for simpler payment methods (especially for smaller transactions) as a replacement for physical cash. If digital currencies do become the norm, then the potential demand for DeFi solutions (which might enable users to invest or save that digital money when not otherwise using it to buy digital flying unicorns or the virtual Empire State Building in the metaverse) could well increase.
Into the metaverse
Enthusiastic proponents of ‘web3’ or the ‘metaverse’ imagine seamless travel across virtual worlds that do not align with real-world jurisdictional boundaries. This gives rise to the possibility of two avatars spending their days together in the metaverse while their real-life counterparts sit on opposite sides of the planet. DeFi sits at the intersection of financial services and the metaverse and may represent both a way of making money and a way of spending money through the metaverse.
The two avatars (and their real-life counterparts) may have found each other because of their shared interests and experiences. While they may be geographically separated, they could nonetheless have similar financial needs, which could perhaps be best served by a DeFi solution that would allow them to purchase and receive services entirely in the metaverse.
It is not beyond the realms of imagination to think that DeFi mortgage providers (specialising in metaverse real estate) and other financial services businesses could spring up to capitalise on people spending more time (and money) in the metaverse. A DeFi mortgage provider could make use of DeFi ‘credit’ and ‘staking’ solutions to replicate taking the metaverse real estate – likely to take the form of a non-fungible token (NFT) – as collateral and, in the case of non-payment, realising the collateral automatically through a smart contract that returns the NFT to the mortgage provider for onward sale. Even outside the context of the metaverse, as NFTs become more prevalent, the ability to use these as collateral in DeFi transactions may become more desirable.
Into regulators’ crosshairs
As DeFi solutions increase in popularity and reach, regulatory interest will also intensify. While most regulators are currently early in their journeys towards regulating DeFi, it is likely that priority areas will be:
Part of the fundamental concept of DeFi is the lack of a trusted intermediary. By its nature, this makes regulating it all the more difficult, despite the general consensus that the application of regulation should be technology-neutral. Regulators will need to grapple with whether the sector (or parts of it) need to be regulated and if so, how to do so. Traditional regulation focuses on the entities providing the service. In the DeFi context, we query whether regulators will seek to supervise those persons who create DApps (which could be tricky given the cross-border context and that a lone individual might create a DApp which goes viral), will create regulatory requirements that force DApps into more staid regulatory frameworks (in tension with their decentralised nature), or whether regulation might need a more fundamental re-think.
Consumer protection is at the forefront of most regulators’ minds and is one of the objectives of good regulation. DeFi tends to be permissionless and potentially accessible to all, including to those who might not fully understand the risks. Further, there are few intermediaries who fully understand DeFi and so any advice could be limited. Regulators will be mindful of the risks to retail investors of DeFi – in particular, complex products which might be leveraged or have an underlying which is very volatile.
Fraud and misleading promotions
One of the most immediate concerns relates to the potential for fraud and misleading promotions that capitalise on the public’s lack of familiarity with DeFi constructs. We expect early rulemaking to focus on misappropriation, conflicts of interest, misleading disclosures, misuse of information, and manipulative trading activities.
Another topic that will be on regulators’ minds will be the safety and security of DeFi protocols. Where a particular DeFi project has a large number of consumers (or rather, a high value of assets involved), cyber criminals are likely to be interested in exploiting weaknesses. It is not long since the DAO hack which resulted in the Ethereum hard-fork, where the DAO in question had vulnerabilities in its code. A variety of novel security risks are also emerging as DeFi proponents seek new mechanisms for interaction and exchange. Finally, in an increasingly decentralised world, questions will arise about responsibility and maintenance obligations pertaining to protocols. Thus, regulators will have concerns about familiar and wholly new risks associated with popular DeFi projects.
Despite the claimed move away from centralisation, it is possible that the operations and activities of DeFi protocols are governed by very small groups of developers or individuals. Regulators will want to ensure that responsibility for governance failings (which may lead to more costly failures and customer detriment) is appropriately allocated between the various parties. Legislators in a small number of jurisdictions have already started to create new rules to ensure that DAOs can be found liable for failings.
Money laundering and terrorist financing
The decentralised nature of DeFi potentially allows persons to undertake financial transactions without a clear framework for the applicability of KYC requirements. Without a responsible entity (or a clear regulatory authority), it is unclear how suspicious activity reports will be determined and who these will be reported to. The Financial Action Task Force recently provided guidance on how DeFi and DApps are covered under the FATF Standards. This may form a blueprint for regulatory approaches to limiting the money laundering risks presented by DeFi. FATF noted that creators, owners and operators or other persons who maintain control or sufficient influence in the DeFi arrangements, even if those arrangements seem decentralised, may fall under the FATF definition of a ‘virtual asset service provider’ (VASP). However, there may not be a central person that meets the definition of a VASP and countries should monitor for emerging risks in such situations.
BIS is monitoring for the emergence of financial stability risks relating to DeFi. Although BIS has indicated that DeFi risks do not currently pose a wider financial stability threat, this could change quickly, and the position could be different in other jurisdictions. Compared to ordinary cryptoasset trading, the power that smart contracts have to automatically effect transactions without external input (and the ability of participants to take on leverage) could mean that a collapse of one participant could quickly lead to a broader contagion.
Dr. Alexander Glos Partner & Co-head Financial Institutions Group
Frankfurt am Main
Matthew O'Callaghan Partner
Brian Rance Partner
Timothy Howard Partner
Brock Dahl Data privacy and security, Head of U.S. Fintech
Washington, DC, Silicon Valley
Kenneth Hui Counsel
Dr. Daniel Klingenbrunn Principal Associate
Frankfurt am Main