DeFi’s Future: A Summary of IOSCO’s DeFi Policy Paper
24 January 2024
Taken from the published LinkedIn pulse article.
Due to the ongoing growth and innovation that is driving the Decentralised Finance (DeFi) market the International Organisation of Securities Commissions (IOSCO) on the 19th of December 2023, released its Final Report with Policy Recommendations for Decentralised Finance (DeFi). IOSCO is the standard setter for securities market regulators around the globe.
Aimed at providing greater consistency to regulatory frameworks in IOSCO member jurisdictions, which cover more than 95% of global securities markets, the Report provides nine Policy Recommendations to guide member regulators on how to address the core risks posed by DeFi, without suppressing responsible innovation within the space.
In March 2022, IOSCO published its Decentralised Finance Report, presenting a thorough description of the DeFi market as it then stood. The Defi Policy Recommendations build upon this, to provide recommendations and guidance to IOSCO members scrutinising DeFi within their regulatory frameworks, underpinned by a “same activity, same risk, same regulation/regulatory outcome” approach.
The DeFi Policy Recommendations come in addition to IOSCO’s Policy Recommendations for Crypto and Digital Assets (CDA) Markets published on 16th November 2023, with both sets of recommendations developed in line with IOSCO’s Crypto-Asset Roadmap 2022/2023. The compatibility between the two recommendation reports is detailed in the Umbrella Note published by IOSCO.
The DeFi Policy Recommendations cover six key areas. These are:
(1) Understanding DeFi Arrangements and Structures
(2) Achieving Common Standards of Regulatory Outcomes
(3) Identification and Management of Key Risks
(4) Clear, Accurate and Comprehensive Disclosures
(5) Enforcement of Applicable Laws
(6) Cross-Border Cooperation
Below is a concise summary of the key points and aspects of each of the 9 recommendations made by IOSCO, followed by an analysis of the efficacy of the recommendations.
Recommendation 1: “Analyse DeFi Products, Services, Activities and Arrangements to Assess Regulatory Responses”
This recommendation emphasises the need for regulators to develop a comprehensive understanding of DeFi operations at all operational levels within their jurisdiction.
It highlights the importance of understanding the enterprise, functional, and technical aspects of DeFi, necessary to build a regulatory strategy that balances innovation with market integrity and investor protection.
Regulators are also advised to equip themselves with technical expertise and extensive data on DeFi transactions and activities. They are also recommended to engage actively with market participants and stakeholders to effectively assess regulatory responses.
Recommendation 2: “Identify Responsible Persons”
This recommendation outlines the need for and outlines a framework through which regulators can identify individuals or entities with significant control or influence (known as Responsible Persons) within DeFi.
IOSCO emphasises the need for identifying Responsible Persons with actual control or influence over activities and financial operations within DeFi, particularly in cases of decentralised governance, or decision-making mechanisms using governance/voting tokens and DAOs. IOSCO recommends regulators assess entities like founders, developers, token issuers, DAO participants, and those with smart contract rights to identify Responsible Persons.
Once identified, IOSCO advocates for a regulatory framework in which Responsible Persons are also subject to legal responsibilities beyond regulatory compliance, including potential liabilities for fraud or insider trading.
Recommendation 3: “Achieve Common Standards of Regulatory Outcomes”
This recommendation sees IOSCO call for regulators to align DeFi regulatory frameworks with traditional financial market standards and regulatory outcomes.
IOSCO urges regulators to adopt standards focusing on investor protection and market integrity and uphold these standards through comprehensive disclosure requirements and orderly trading protocols. The recommendation stresses the need for mapping DeFi to conventional financial systems while adapting regulatory strategies to accommodate the specific features and risks of DeFi.
Recommendation 4: “Require Identification and Addressing of Conflicts of Interest in DeFi”
This recommendation highlights the need for stringent oversight of conflicts of interest within DeFi.
Acknowledging the complexities and potential opacities of DeFi arrangements, IOSCO recommends regulators require Responsible Persons to proactively identify and resolve conflicts arising from various roles or affiliations.
IOSCO emphasises the need for regulators to have a framework emphasising clear role delineation, particularly in fiduciary relationships where entities manage assets on behalf of others. IOSCO urges regulatory bodies to proactively enforce conflict of interest policies within DeFi and consider robust intervention for significant conflicts such as enforcing legal disaggregation and separate registration and regulation of certain activities.
Recommendation 5: “Require Identification and Addressing of Material Risks, Including Operational and Technology Risks”
In this recommendation, IOSCO emphasises the need for regulators to ensure that DeFi entities robustly identify and manage operational and technological risks.
The recommendation calls for comprehensive risk management by regulators, including addressing risks from distributed ledger technology, smart contracts, and related digital asset technologies. It also emphasises the need for regulatory bodies to evaluate DeFi automation and technology and manage smart contract and cybersecurity risks effectively.
IOSCO recommends introducing regulatory requirements such as “fit and proper” standards, requiring continuous due diligence and monitoring of DeFi service providers, and ensuring entities are accountable for managing risks such as through guarding against theft, loss of assets, and cybersecurity breaches.
Recommendation 6: “Require Clear, Accurate and Comprehensive Disclosures”
IOSCO recommends regulators focus on the necessity for clear, accurate, and comprehensive disclosures by Responsible Persons to reduce information gaps and enhance investor protection and market integrity.
IOSCO advises that regulators should ensure that disclosures cover all material aspects of DeFi products and services in a non-technical language, aligned with marketing and promotional materials, and consider the sophistication levels of potential investors, with the responsibility on regulators to enforce disclosure standards.
Recommendation 7: “Enforce Applicable Laws”
The seventh recommendation stresses the need for regulatory authorities to enforce legal frameworks assertively in DeFi, calling for the use of a comprehensive set of regulatory powers for oversight, including authorisation, inspection, investigation, surveillance, and enforcement.
IOSCO emphasises the importance of aligning DeFi regulation with traditional financial markets, addressing regulatory evasion and leveraging technological expertise and tools for effective enforcement.
Recommendation 8: “Promote Cross-Border Cooperation and Information Sharing”
IOSCO advocates for enhanced international cooperation and information sharing among regulators in the DeFi sector to address DeFi's global nature and the challenges arising from cross-jurisdictional operations.
Regulators are encouraged to establish cooperative frameworks and collaborate in areas like emerging risks, registration, effective supervision, and enforcement.
Recommendation 9: “Understand and Assess Interconnections Among the DeFi Market, Broader Crypto-Asset Market, and Traditional Financial Markets”
In its final recommendation, IOSCO underlines the importance of understanding and assessing the interconnectedness between DeFi, digital assets, and traditional financial markets to identify potential risks to investor protection and market integrity.
IOSCO recommends that regulators should address the influence of centralised platforms and stablecoins, identify regulatory touchpoints, assess traditional market participants' exposure to DeFi, and monitor market interlinkages to develop effective regulatory strategies.
Assessment of the Recommendations
IOSCO’s Recommendations for DeFi regulation represent an important step towards establishing a structured, consistent framework for regulating the DeFi space - theoretically acknowledging the global need for robust regulatory frameworks that address the unique challenges and risks of DeFi, protecting investors and ensuring market integrity, whilst also respecting the unique and innovative essence of the sector.
The Recommendations do offer a broad framework that covers essential regulatory aspects such as risk management, conflict of interest, transparent disclosures, and cross-border cooperation. Importantly, the recommendations also reference the need to engage with the industry itself when forming regulation, as well as suggest that a degree of adaptability to the evolving nature of DeFi is required by regulators, acknowledging the sector's unique characteristics compared to traditional finance.
Practically, however, the recommendations may not sufficiently address the challenges facing regulators in effectively regulating DeFi. Regulators will need a high level of technical proficiency to understand and effectively stay ahead of the complex and rapidly evolving DeFi ecosystem, as the guidance recommends. The borderless nature of DeFi, and the need for international cooperation, will also require levels of international coordination across jurisdictions that may be difficult to achieve in practice. Fundamentally, the rapid pace of change in DeFi means that regulatory frameworks will need to be exceptionally dynamic and responsive to new developments, which may prove a challenge for traditional regulatory bodies.
Ultimately, however, finding the right balance between preventing regulatory arbitrage, protecting investors, and not stifling innovation within Defi is a delicate task and as such, the success of these recommendations will be judged on their real-world implementation, and how effectively regulators can adapt these theoretical frameworks to the practical realities of the DeFi market. The task ahead for regulators is to navigate these complexities carefully and proportionately, maintaining a dynamic balance that respects both the innovative potential of DeFi and the core principles of financial regulation.
For further information, please contact:
info@appold.com