May 6, 2022
December 3, 2021

Why DeFi Is Keeping Regulators Up At Night

The Fintech, DeFi, and crypto industries have experienced an unprecedented upswing in growth in the past year. 

Cryptocurrency statistics provide insight into the market, which is expected to grow even further once there is greater adoption and clearer regulations in place. According to MarketWatch, the global blockchain market is predicted to rise to $23.3 billion by 2023. Global spending on blockchain solutions is forecasted to be nearly $19 billion in 2024, according to a new IDC Spending Guide. In the world of DeFi, the current total value locked (TVL) stands at around $253 billion. (DeFi Llama, Nov 2021)

As of November 2021, according to The Block, the total global market capitalization of all cryptocurrencies totals $2.69 trillion, making it enough to be the world’s 8th largest economy by gross domestic product.

The world of cryptocurrency is vast and continues to change and evolve at a lightning-fast pace. That makes it even more difficult for regulators to keep up with DeFi’s explosive growth.

Here are a few of the current regulatory concerns around crypto and DeFi:

The volatility of crypto markets

For crypto investors who have been in the market a while, volatility is a natural part of market activity. Volatility in the financial markets refers to how often the price changes on an asset. Volatility can be healthy, especially when increases or decreases in price happen within a general range. Crypto assets can also be extreme, with sudden price movements in either direction. Healthy volatility serves many purposes in a market, but it mainly creates opportunities for profit.
Regulator’s concerns: Protect consumers from losses

Risk of money laundering

With each crypto asset system or exchange, there is the potential to capitalize on technology that can be exploited. For example, the relative anonymity of cryptocurrency transactions makes it easier to allow acts of money laundering to be possible, or the security vulnerabilities present in some of those systems used to facilitate those transactions. 

The Financial Action Task Force (FATF) is a governmental body whose purpose is to establish international standards, and to develop and promote policies, both at national and international levels, to combat money laundering and the financing of terrorism. New guidelines could require more crypto firms to check their customers’ identities and report suspicious transactions to regulators. These risks can be consolidated into the following categories: source of funds, suspicious transaction patterns, risks within specific jurisdictions, and transaction frequencies and size.
Regulator’s concerns: Prevent criminals from accessing anonymous payment methods or committing fraud

Terrorist financing

Terrorist organizations use cryptocurrency to trade drugs, weapons, and other items on the black market or to commit extortion. For example, “Fund the Islamic Struggle without Leaving a Trace” is a dark website used to transfer Bitcoins to Jihadis. Some extremists have even published a book, Bitcoin wa Sadaqat al Jihad, which clearly teaches how to transfer value in Bitcoins from North America and Western Europe to Jihadists.
Regulator’s concerns: Combat illegal trade, extortion, and terrorism

Know your customer (KYC)

Know-Your-Customer (KYC) regulations are financial security protocols that are put in place to make sure financial transactions are attributed to verified, identifiable people. KYC involves a series of activities, which are regulated by financial companies that are designed to check for relevant information that’s required to safely do business with their clients. 
Regulator’s concerns: Prevent funds from unknown sources or people from being used

Fraud and scams

In today's fast-paced state of change in the cryptocurrency market, and the type of impact it will have on the future of commerce is definitely keeping regulators up at night. According to the Federal Trade Commission (FTC) Consumer Sentinel, from October 2020 through March 31, 2021, reports of crypto-related scams skyrocketed to nearly 7,000 people reporting losses of more than $80 million. These figures reflect a 12-fold increase in the number of reports compared to the same period a year ago and a nearly 1,000% rise in reported losses.
Regulator’s concerns: Prevent citizens from being scammed


According to the President’s Working Group (PWG) report on Stablecoins, digital assets fall under the jurisdiction of the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC), the SEC and CFTC have broad enforcement, rulemaking, and oversight authorities that may address some of these concerns. Stablecoins also pose illicit finance concerns and risks to financial integrity, including concerns related to compliance with rules governing anti-money laundering (AML) and countering the financing of terrorism and proliferation (CFT). 

To prevent misuse of Stablecoins and other digital assets by illicit actors, Treasury will continue leading efforts at the Financial Action Task Force (FATF) to encourage countries to implement international AML/CFT standards and pursue additional resources to support supervision of domestic AML/CFT regulations. 

The EU Commission published a proposal for the regulation of crypto assets: the “Markets in Crypto-Assets Regulation” (MiCA). Once adopted and in force, the MiCA will be directly applicable under the law in all EU member states and regulate all issuers and service providers dealing with crypto-assets.
Regulator’s concerns: Maintaining auditable 1:1 reserves to protect from a “run” on the coin

Decentralized Finance (DeFi)

DeFi is short for “decentralized finance,” an umbrella term for protocols and blockchain applications (many Ethereum-based) geared toward disrupting financial intermediaries. DeFi platforms give people the opportunity to lend or borrow funds from others, speculate on price movements on a range of assets using derivatives, trade cryptocurrencies, hedge against risks, and earn interest in savings-like accounts. Whether investing in ICOs or DeFi protocols, consumers risk being targets of exit scams. DeFi exit scams occur when the software developer abandons a project and confiscates funds placed in the protocol.
Regulator’s concerns: Maintain control and regulate security-like assets

Yield farming

Yield farming is a crypto investment strategy that often produces bigger returns than most conventional investments can offer these days, though at a higher risk. Yield farming can bring riches but is not for crypto beginners or those who can’t afford to lose their money. The U.S. Securities and Exchange Commission has put the industry on notice and that it has reservations, in particular, over whether the practice should be regulated as a securities offering. 
Regulator’s concerns: Prevent consumers from investing in unregulated securities

Smart contracts

Smart contracts work by following simple “if/when…then…” statements that are written into code on a blockchain. A network of computers executes the actions when predetermined conditions have been met and verified. For example, these actions could include releasing funds to the appropriate parties, registering a vehicle, sending notifications, or issuing a ticket. The blockchain is then updated when the transaction is completed. That means the transaction cannot be changed, and only parties who have been granted permission can see the results. 
Regulator’s concerns: Avoiding vulnerabilities in how the contracts are written, having auditability

Crypto exchanges

Cryptocurrency exchanges in the U.S. fall under the regulatory scope of the Bank Secrecy Act (BSA) and must register with the Financial Crimes Enforcement Network (FinCEN). They are also required to comply with anti-money laundering (AML) and combating the financing of terrorism (CFT) obligations. These licenses are required for cryptocurrency exchanges to stay open and legitimate. They allow for foreign exchange, background checks, money transfers, and sales with prepaid access. But they also come with substantial fees.  
Regulator’s concerns: Tracking flows of funds and taxable events

Digital wallet providers

Currently, in the U.S., there is no single overarching regulatory body for cryptocurrency. Instead, there is only a patchwork series of federal and state laws that address legal issues. FinCEN, a U.S. regulatory bureau, issues licenses for custody and exchange of cryptocurrencies. 

Businesses must register with FinCEN if they are (1) currency dealers or exchangers, (2) check cashers, (3) issuers of traveler's checks or money orders, (4) sellers or redeemers of traveler's checks or money orders, and (5) money transmitters. MSBs must register with the Department of the Treasury and renew their registration every two years.

Since digital wallets interact with blockchains to allow users to hold, send, and receive cryptocurrencies, they are sometimes subject to regulation. However, decentralized and non-custodial wallets where users are in control of their own keys are unregulated entities. 
Regulator’s concerns: Keeping track of large financial transactions and maintaining user safety


DeFi platforms – like any other form of financial services operations – also face the need to be vigilant from major cybersecurity threats. Security features have improved greatly since the notorious decentralized autonomous organization (DAO) hack in 2016. Many have been DeFi hacks called “flash loan attacks” that take advantage of temporary defects in price feeds. Other examples include attackers exploiting bugs or flaws in the protocol code.
Regulator’s concerns: Preventing all types of cybersecurity attacks and digital extortion

Regulatory risks will continue to persist even as the industry matures. There will need to be trade-offs and hopefully the industry and regulators will find ways to unite centralized financial systems with decentralized finance. Regulators, Fintech, and the DeFi industry will need to work hand in hand, make compromises, and do their best to create a global, 24/7, borderless marketplace with access for all.