The latest news has left the decentralized finance community in a collective fetal position. Responding to the threat of increased regulatory oversight, leading decentralized exchange Uniswap recently restricted the trading of certain tokens. Earlier in July, Dan M. Berkovitz, chairman of the Commodity Futures Trading Commission (CFTC), said that DeFi derivatives platforms might contravene the Commodity Exchange Act (CEA):
“Not only do I think that unlicensed DeFi markets for derivative instruments are a bad idea, but I also do not see how they are legal under the CEA.”
Most worrisome of all is the initial version of the United States Senate’s $1 trillion infrastructure bill, which would create impossible tax compliance requirements for crypto firms.
Related: Senate infrastructure bill isn’t perfect, but could the intention be right?
Be ready, DeFi — More is coming
Yet, as long as DeFi agonizes over these looming regulations, it risks ignoring an imminent and existential regulatory challenge that has yet to make headlines.
Crypto-related policies and regulations tend to come in three flavors:
- The first, such as the infrastructure bill, aims to raise revenue and enable the Internal Revenue Service to collect taxes.
- The second seeks to ensure safe and sound markets for investors. Such legislation includes the U.S. Securities Exchange Act, which empowers the Securities and Exchange Commission (the enforcer of the famous Howey test that determines whether an asset is a security) to regulate securities markets, and the Commodities Exchange Act, which gives the CFTC the power to regulate derivatives markets.
- The third flavor of regulation focuses on Anti-Money Laundering (AML) and Counter-Terrorism Financing (CFT). The U.S. Bank Secrecy Act, for instance, empowers the U.S. Treasury’s Financial Crimes Enforcement Network to ensure companies have a robust AML/CFT program, including explicit Know Your Customer requirements.
Related: The United States updates its crypto AML/CFT laws
Global standards for these regulations are set by the Financial Action Task Force (FATF), an intergovernmental organization created by the G7 to align AML and CFT efforts. Those who work in DeFi need to understand and abide by these regulatory regimes, which are not meant to burden businesses but to prevent transactions with profound national security consequences such as terrorist attacks, human and narcotics trafficking.
DeFi and AML/CFT
Here is where DeFi is on shaky ground, as many of its developers are convinced that AML/CFT regulations do not apply to them. For instance, Uniswap argues that since it does not control the funds within its protocol, it is a software development studio and thus not liable under AML/CFT requirements. While I understand this position, it imperils our industry and sells it short.
Related: FATF draft guidance targets DeFi with compliance
First, if DeFi developers aren’t liable, who is? The more logical party may be liquidity providers (LPs). After all, it is their capital in each pool that is the counterparty to each trade. While crypto-native LPs tend to shrug off this responsibility, traditional institutions and their personally liable officers need to know they are not inadvertently facilitating illegal transactions before allocating funds on behalf of their investors. Institutional capital will surely be required to catalyze the next phase of DeFi’s growth, so the DeFi community must find a way to offer regulators and traditional banks a clear-cut solution.
Second, laws change as quickly as security risks. Consider the Patriot Act, which became law not two months after 9/11 and added AML/CFT protocols to the Bank Secrecy Act. President Franklin Roosevelt likewise ordered the internment of Japanese-Americans less than three months after the Pearl Harbor attack.
Governments rarely allow bureaucratic red tape or legal hurdles to get in the way when it comes to national security. DeFi has yet to have a critical moment of national security importance, but such a rite of passage is not inconceivable — particularly as DeFi is a threat to traditional finance. Just look at the $4.4 million paid in Bitcoin (BTC) by Colonial Pipeline to end a ransomware attack in May. A major geopolitical security incident linked to a DEX transaction may not be a matter of if but when.
Third, as an industry, we have moral obligations. You are likely familiar with the assertion that we are building a “safe, transparent and robust financial infrastructure that empowers users around the world.” These should not be mere words: Realizing this vision requires doing everything in our power to bar any financing that might be linked to black markets, terrorist financiers, drug cartels or other problematic entities.
Related: Bitcoin can’t be viewed as an untraceable ‘crime coin’ anymore
Getting there will not be easy. Requiring Know Your Customer, for example, could drive traders to accept less compliant — and potentially less secure — DeFi protocols published by anonymous developers.
But practical and effective AML/CFT safeguards can be deployed at the protocol level. At my firm, we built our first DEX with an on-chain blacklist. That means any addresses flagged by the Office of Foreign Assets Control cannot trade on our DEX.
This safeguard has no impact on the user experience for everyday traders, most of whom are likely unaware of it, but it is highly effective in preventing problematic transactions. Developers can easily implement technical solutions like this whenever possible. But they are unlikely to do so as long as the leading DEX and de facto industry model says it is not liable.
DeFi will never go mainstream without accepting AML/CFT requirements. What’s more, if the DeFi community fails to regulate itself, governments will surely do the job for us — and with a much heavier hand. Just look at the infrastructure bill, which aims to hold DeFi developers responsible for users’ lack of tax compliance. Hastily written AML/CFT legislation for crypto could be even more debilitating.
Self-compliance is the moral thing to do, and it has the added benefit of ensuring the industry’s long-term survival. The alternative is waiting for the hammer of a much tougher forced compliance. The choice is ours.
This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
Mark Lurie is the CEO of Shipyard Software Inc., which develops the Clipper exchange and is backed by Polychain, 0x Labs, 1inch Network and other members of the DeFi community. Mark is a former investor at FJLabs and Bessemer Venture Partners and has an MBA and BA from Harvard University.