The Threat to Decentralised Finance is Not Regulation — It's the Lack Thereof
Part of the final assignment for the DeFi Talents program, cohort 4. DeFi talents are part of Web3 Talents — a group of 18-week-long mentoring programs designed to empower talent in the web3 space, organised by the Frankfurt School Blockchain Center.
Since its inception, decentralised finance (DeFi) has been promoting itself as an alternative or even a replacement to the traditional financial system — TradFi. The DeFi term was invented back in 2018 in a chat between Ethereum developers and has gained traction as the sector achieved remarkable growth. It only really took off in 2020 which can be seen by examining the so-called total value locked (TVL) — a figure reflecting the value of funds which have been invested into various DeFi projects¹.
Despite near-exponential growth, confidence in DeFi faded away in the wake of TerraLUNA and FTX collapses in 2022. In the aftermath, many still close their eyes and argue that these were isolated cases which occurred due to centralisation as these were centralised entities, in spite of earlier claims that TerraLUNA was decentralised. This centralisation is supposedly the reason which enabled them to behave like criminal enterprises, therefore, they should only be viewed as the black sheep of crypto and are not representative of the overall blockchain sector. Nevertheless, investors panicked and the crypto winter began. Despite representing only a “small” part of the entire crypto ecosystem, DeFi lost 83 billion dollars in a matter of weeks³.
In this article I examine the DeFi value proposition and introduce the biggest issues the field faces — not the regulators, but the decentralisation illusion, issues surrounding governance, and illicit finance — all of which contribute to financial instability. I argue that investors should be careful when investing in DeFi which is slowly coming out of the bear market, and should be worried not only about big spillages from armageddon events like TerraLUNA and FTX. Instead, a critical approach to DeFi should be taken — something practised far too seldom by the crypto community. As this article aims to show, DeFi still has a long way to go in fulfilling its promises.
The Organisation for Economic Cooperation and Development (OECD) defines DeFi as an attempt to replicate the traditional financial system in an open, autonomous, and decentralised way. The organisation acknowledges that DeFi applications have the potential to benefit financial markets by increasing execution speed, decreasing transaction costs, and disintermediating 3rd parties. This results in DeFi promoting innovation and enabling wider participation of users, potentially democratising finance⁴.
The chart made by researchers from the European Central Bank (ECB) shows how DeFi is disintermediating 3rd parties — not by inventing new financial products but by mimicking existing options provided by TradFi⁵.
Although everything up to this point seems acceptable, there are certain challenges DeFi fails to address — it is also the reason why some regulatory agencies like the Securities and Exchange Commission (SEC) in the US have been resorting to unfavourable methods of regulating the digital assets sector known as regulation by enforcement which is, as the industry claims, “hindering growth in the space”.
1. Decentralisation Illusion
In a paper released by the Bank of International Settlements (BIS), researchers argue that although DeFi is supposed to run autonomously, some sort of centralisation is inevitable as centralised governance is required to make operational and strategic decisions. They explain this is due to “algorithm incompleteness” or not being able to write code for actions in all contingencies⁶ — an idea of economic theory called “contractual incompleteness” where contracts can never be written to account for all possible scenarios⁷.
A similar point is brought up by the National Bureau of Economic Research (NBER) researchers who argue that just as in TradFi, DeFi has natural points where rents accumulate due to endogenous constraints to competition, effectively undermining decentralisation. In TradFi, when excessive rents are not restricted by market competition, regulators usually come in to protect the interests of users. However, as the DeFi sector is constructed to avoid regulation, users' interests cannot be protected⁸.
An example of decentralised exchange (DEX) is given, namely UniSwap and SushiSwap, with the latter being a clone of the first one. Just as in TradFi, DEXs are subject to economies of scale — the competitive advantage larger firms have over smaller ones⁹. This means that despite new exchanges being free to enter the market, they are going to find it hard to succeed as traders prefer bigger ones because of larger liquidity pools, or being more liquid. Not only that, these exchanges have now strengthened their dominance by introducing their own governance tokens — a method you would not see in TradFi — which are rewarded to traders who provide liquidity to their platforms. These tokens, namely $SUSHI and $UNI, allow their holders to vote (more about this in the next chapter) and to receive transaction fees — a business model which strengthens network externalities to limit copycats, and consequently, competition⁸.
In short, DeFi is far from being an equal playing field.
2. Dysfunctional Governance
DeFi claims to solve corporate governance issues seen in TradFi with something called Decentralised Autonomous Organisations (DAOs), which are, as explained by the Ethereum foundation, collectively-owned and blockchain-governed organisations working towards a common goal¹⁰. The idea behind them is to spread control across multiple parties via the governance tokens mentioned earlier. Usually, one token equals one vote and the more of them one has, the more voting power he gets. To ensure holders are incentivised to vote, a share of the network's transaction fees is distributed among participating parties. However, whereas corporate laws in TradFi usually require disclosure to prevent large shareholders from capturing control and imposing their own preferences, DeFi does not have such a rule and even if it had, it is impossible to enforce it as one can simply have multiple anonymous accounts⁸.
A great example of a consequence of the “one man, one token, one vote” system is a hostile governance takeover. In the case of Build Finance DAO, it was a result of one bad actor within the organisation. It was done by gathering a large number of governance tokens and voting in favour of a self-made proposal which nobody noticed. Soon, the perpetrator had full control of the DAO's treasury along with the ability to mint new tokens. The attacker then minted new tokens, drained the liquidity pools, and used a mixer called TornadoCash — a tool which obfuscates the origins of cryptocurrencies¹¹ — to hide his trails and cashed out nearly half a million dollars¹². Again, these sorts of hacks in TradFi are very unlikely and barely anyone has enough money to purchase that amount of shares to hijack an entire company¹³. Unfortunately for DeFi, these takeovers are serious threats impacting all DAOs and in order to prevent them, decentralisation has to be sacrificed¹⁴.
To sum up, the DeFi ecosystem will find it hard to solve its governance issues without seeking help off-chain.
3. Illicit Finance
The US Department of the Treasury released an illicit finance risk assessment for DeFi in April 2023. Despite acknowledging that most illicit finance still takes place via traditional methods like fiat, it shares other governmental organisations' criticism for being designed as appealing to bad actors and using the lack of regulatory clarity in DeFi as an excuse for not following existing guidelines. Because of the lack of anti-money laundering and combating the financing of terrorism (AML/CFT) measures, bad actors like cybercriminals, scammers, and enemy states like the Democratic People's Republic of Korea (DPRK) have all been found to exploit various DeFi protocols, as well as use DeFi to launder money¹⁵.
Elliptic — an intelligence company providing tools to combat financial crime in the crypto sphere — summarises that only in 2022, criminals used DEXs, cross-chain bridges, and coin swap services to obfuscate at least 4 billion dollars, highlighting the cross-chain problem. Like the US Treasury, the report makes it clear that this is made possible by the non-compliant nature of DeFi¹⁶.
As already said, DeFi in its current state is not only easily exploitable but also a functioning tool for bad actors.
4. Systemic Risk
Most important for anyone who does not want to deal with DeFi directly is the last risk—the risk to the financial stability of TradFi which impacts everyone. Unlike TradFi which relies on fractional reserve banking, DeFi is based on a narrow banking model meaning loans are overcollateralised, removing many of the risks otherwise present in the traditional financial sector. However, collateral in DeFi has one problem — it relies heavily on stablecoins, many of which are not stable at all⁸.
Although the subject of stablecoin stability is worthy of a standalone article, it is enough to mention that stablecoins have generally lost the promise of being continuously pegged 1:1 to the dollar. This has not happened only with riskier algorithmic stablecoins like TerraUSD ($UST) which have crashed spectacularly, but also to Circle USD ($USDC), the price of which temporarily fell from $1 to $0.87 after investors found out that part of the issuer's reserves were held at the bankrupt Silicon Valley Bank (SVB)¹⁷. All of this is without mentioning the most widely used stablecoin — Tether ($USDT). The issuing company with the same name was already caught lying about $USDT's backing and fined 41 million dollars by the Commodity Futures Trading Commission (CFTC) for holding insufficient reserves¹⁸.
In essence, the stability of DeFi is heavily correlated with the stability of stablecoins — the stability of which can be, justifiably, questioned.
To sum up, I would like to refer to NBER researchers who describe the state of the DeFi system perfectly — although it could be designed to create an equal playing field as the sector claims, the pseudonymous design on which it is built increases the presence of money laundering, causes issues for tax authorities, and does not benefit the rest of the economy⁸.
So how do we make the sector cooperate? I would argue through regulation, but not the one practised by the SEC and even less so with the one the now-jailed FTX CEO Sam Bankman-Fried (SBF) wanted when he went shopping for regulators — the CFTC to be exact¹⁹. As the message exchange with a Vox journalist shows, we have to be wary of crypto moguls advocating for regulation as the real agenda is often not the one seen in marketing messages²⁰. As a Washington Examiner reporter explains, the reason why SBF could have been calling for regulation was to create an entry barrier for smaller players which could endanger the market dominance of FTX, or simply to lure more investors into his Ponzi scheme, believing an entity calling for regulation was safer than the rest who are trying to evade it²¹.
Despite its complexity, the OECD explains that if DeFi activity is broken down into individual components, existing financial regulation can be applied to those areas. However, when DeFi activities fall out of the scope of existing regulation, risks rise after being unaddressed by existing regulations for too long⁴. But the real problem with regulating DeFi is the lack of regulatory entry points — often called chokepoints by the crypto industry — as explained by ECB researchers⁵. The sanctioning of a mixer TornadoCash is a perfect example. Being the only DeFi protocol to be sanctioned by the Office of Foreign Assets Control (OFAC), the move highlighted the difficulty of regulating DeFi and only showed mixed results. Although the website was taken down making the protocol harder to access, it still works as explained by the blockchain analysis firm Chainalysis²².
However, this does not mean that there aren't any chokepoints in the overall crypto space — these points are commercial banks which are needed for customers to deposit funds on centralised exchanges (CEXs). Recently, the US has been cracking down on banks dealing with crypto like Silvergate and Signature Bank which were forced to transform into normal banks practically overnight. Some have termed this “operation chokepoint 2.0” and are instead seeking refuge in other jurisdictions with better regulatory clarity²³.
A better solution would be creating incentives for DeFi to want regulation. A great example comes from an open-source liquidity protocol Aave²⁴. Called Aave Arc, it is an AML/CFT-compliant DeFi liquidity market which gives DeFi access to institutions which are required to perform know-your-customer (KYC) verifications²⁵. If only 1% of assets under management from the world's top 100 banks were to be injected into DeFi, this would mean the sector receiving a trillion dollars of fresh capital which is far more lucrative than any scenario where DeFi continues to resist regulation²⁶.
The Road Ahead
Although it is impossible to say for sure what will happen to DeFi, it is wise to remain cautious. As the regulatory crackdown on crypto continues in the US, other jurisdictions will likely profit from the exodus. However, as DeFi remains immune due to its intrinsic nature, so do its risks. This is why it is up to the regulators to find a smart way of regulating the sector, and if not, the game of cat and mouse will continue.