The Crypto Council for Innovation (CCI) has released a whitepaper enclosing key elements of an effective Decentralised Finance (DeFi) framework. The CCI is a global alliance aimed at spurring the adoption of crypto products and related Web3 projects and have set their sights on tailored DeFi policy.
The whitepaper highlights that the risks posed by DeFi are fundamentally different from those posed by traditional finance, specifically because of there being no central intermediary that controls the activities of a DeFi system and warning that a traditional regulatory approach (such as the "same activity, same risk same regulation" tagline which has been pushed by international bodies) will not work.
The CCI notes that existing "entities-based" regulations were not drafted to address specific DeFi risks, underlining the CCI suggestion that the above tagline to be:
Same Activity, Different Risks, Different Regulation but Same Regulatory Outcome
This would acknowledge the inherent differences in DeFi and traditional finance and encourages policy makers to tailor legislative framework to the technology, but goes directly against the US SEC and IOSCO frameworks which assert that decentralisation is not real and there are individual actors and entities who can be located and regulated.
The CCI whitepaper proposes three policy recommendations designed to help policymakers to draft fit-for-purpose legislation relating to DeFi.
Recommendation 1
Mandatory disclosures by app-operating businesses: A standardised disclosure regime for app-operating businesses that includes information about the underlying De-Fi protocol and, at a minimum, how the protocol works, governance, funds and asset management information.
Disclosure under this recommendation can be broadly classified into four categories:
general software disclosures;
tokens disclosures;
financial disclosures; and
automation disclosures.
The intent of this is provide users enough information to quickly understand the risks of interacting with these businesses.
Recommendation 2
Independent certification of public good protocols: The establishment of an Independent Certification Regime Organisation (ICRO) to certify DeFi protocols that meet the ICRO's criteria, including security code audits. An ICRO could narrow the scope for businesses in relation to what disclosure obligations they are required to comply with and spur adoption with the introduction of a certification standard.
A self-regulating ICRO would assist to avoid placing excessive compliance burdens on software developers while incentivising them to implement best practices for user adoption. Projects that do not follow the ICRO criteria could be decertified.
Recommendation 3
Regulatory safe harbour program: Providing a clear pathway for projects that have true decentralisation as their objective. A safe harbour regime could allow progressive decentralisation to occur in a controlled manner that protects consumers and would be available to protocol developers that comply with mandatory disclosure requirements imposed by the above-mentioned ICRO, given many protects necessarily are centralised at some point of their development.
Safe-harbor criteria and thresholds are proposed to be established by the ICRO and developers' obligation to adhere to regulatory requirements should decrease as the protocol progressively decentralises.
The whitepaper comes shortly after the International Organization of Securities Commissions (IOSCO) consultation report which introduced 9 policy recommendations for DeFi, most of which involve asserting DeFi is not sufficiently different to existing financial services and so should be addressed in broadly the same way, which is apparent from the disclosure in the report that the US SEC had a heavy involvement in preparing the report and in IOSCO's working groups.
While both IOSCO and the CCI acknowledge the importance of the technology element that is pivotal in policy making, the CCI's recommendations are clearly proposed with careful consideration of the unique technological aspects set up a robust framework that focus on innovation and development while IOSCO's recommendations focus on the identification and disclosure of persons involved in DeFi projects.
The CCI draws an important distinction between businesses which operate DeFi protocols, and "public good protocols" which are decentralised and do not fit within traditional regulatory approaches.
While IOSCO holds very significant influence with securities regulators around the world the CCI has made an important contribution in calling out the critical aspects of decentralisation which need to be addressed if fit for purpose regulation is to be achieved.
By Michael Bacina and Luke Misthos