Defi Regulatory Takeaways: 6 Significant Events That Are Influencing The Regulatory Landscape Of The Industry
Defi Series: Blogpost #2
Written by:
Reading Time:

In our previous blog post about decentralised finance (DeFi), we discussed the exponential rise of the industry and a range of regulatory challenges and uncertainties that come along. With its growth to an $80 billion market, the craziness around yield farming and staggering losses from hacks, theft and fraud, DeFi hasn’t escaped the attention of regulators.

The Securities and Exchange Commission (SEC) has already put the industry under its radar. The World Economic Forum recently published an in-depth report hoping to explain DeFi and the challenges it faces. Decentralised protocols are considering opening their doors to institutional investors, which, in return, requires a certain level of regulatory control. The industry is getting its shape and direction and everyone is trying to keep pace.

This blog post dives into six significant events that are influencing the regulatory landscape of decentralised finance.


In June, the World Economic Forum published a DeFi toolkit that aims to educate and guide both regulators looking to understand the decentralised finance sector and DApp developers who want to operate within the regulatory frameworks.

The toolkit dives deep into the nature of DeFi and discusses five categories of risk for the industry: financial, technical, operational, legal and emergent. It also outlines and proposes potential regulatory and legal approaches that could be applied, including:

  • establishing specialised regulatory units with qualified staffing that “provide legal clarity to DeFi projects and encourage early-stage discussions with regulators”
  • developing regulatory sandboxes, “where companies may test and operate their technology in a limited scope and therefore with limited regulatory risks”
  • coordinating government action to “bring together different government entities for a harmonized response”.

However, despite being extensive when it comes to describing the current state of the industry and the challenges it faces, the toolkit doesn’t recommend specific policy steps for authorities and organisations. Rather, it highlights some areas where regulators need to catch up.


Aave, the largest DeFi lending protocol, has announced its plans to launch Aave Pro, which will cater to institutional investors.

According to the announcement, Aave Pro will operate segregated permissioned pools of ‘whitelisted’ users that have passed Know-Your-Customer (KYC) protocols. These pools will provide direct access to decentralised markets.

Participating in Blockworks’s webinar, Stani Kulechov, CEO of Aave, stated that  

demanding KYC will remove barriers for institutional investors to enter the DeFi arena: “Aave Pro provides accessibility to institutions without knowing their counterparties, while also mitigating their risk of compliance.”


One of the largest decentralised exchanges, Uniswap, decided to restrict access to dozens of tokens, including synthetic assets and those meant to track the value of gold and oil futures. Uniswap continues to monitor “the evolving regulatory landscape”, and many tokens are already banished from the exchange’s trading app. The announcement comes after the remarks of U.S. Securities and Exchange Commission Chairman Gary Gensler on 21 July, in a speech to an American Bar Association committee meeting:

“Make no mistake: It doesn’t matter whether it’s a stock token, a stable-value token backed by securities, or any other virtual product that provides a synthetic exposure to underlying securities. These platforms – whether in the decentralised or centralised finance space – are implicated by the securities laws and must work within our securities regime.”


Last year the European Commission published the Markets in Crypto-Assets Regulation (MiCA) proposal, which aims to set clear rules and establish a common framework for regulating digital assets throughout Europe. The publication of MiCA was followed by the opinion that such strict guidelines pose an existential and innovative threat for DeFi.

For instance, companies operating digital assets are required to publish a white paper and register a legal entity within the EU. Decentralised protocols, due to their distributed nature, would obviously struggle to comply with these requirements.

Another issue is to pinpoint an “issuer of crypto-assets”, who, according to MiCA (art. 3 (6)), is “a legal person who offers to the public any type of crypto-asset […]”. With decentralised protocols, it can be challenging to identify the responsible ‘legal’ person.


In March, the Financial Action Task Force (FATF)—the US intergovernmental watchdog—published new draft guidance for virtual assets, addressing the booming industry of DeFi and NFTs as well. According to the guidance, decentralised finance platforms should implement at least some form of Know-Your-Customer (KYC) compliance policies.

In addition, it discusses who might be held responsible for enforcing these KYC requirements. Although a DApp is not considered a virtual asset service provider (VASP), the FATF states that at least some parties fall within the definition during the product lifecycle. This includes parties responsible for maintaining the protocol, holding an administrative key or collecting fees. In other words, developers who take part in developing a decentralised protocol may be liable, even if they don’t have a role after the platform is launched.


In August 2021, the SEC brought charges against Blockchain Credit Partners, a decentralised lending protocol, and two of its top executives. According to the charges, the two executives and their Cayman-based company sold unregistered securities worth $30 million over the course of a year. The company promised to pay holders nearly 6.3% interest, stating that the funds would be used to buy real-world assets to generate income. The real-world assets, however, couldn’t produce enough income to cover the surging value of investments in tokens like Ether.  

The charges are another indication that the SEC is paying closer attention to the industry. To recall, in the aftermath of the hack of decentralised exchange EtherDelta, the SEC decided to bring legal action against its founder, Zachary Coburn, marking him responsible for the breach and charging him with operating an unregistered exchange. By the time the SEC pressed charges, Coburn was no longer part of any decision-making. However, he did write and deploy the smart contract and had control over the administration keys. And that was enough for the SEC.


Decentralised finance is an emerging and rapidly evolving space, with unique challenges when it comes to regulatory compliance. What are the options for addressing these challenges? How should authorities approach DeFi-specific issues?

Despite difficulties, a certain regulatory framework is necessary to protect consumers, safeguard assets and set minimum entry standards for participants.

There is no doubt that there will be a long regulatory road ahead.

Article headline