The Virtual Currencies Subcommittee of the CFTC’s TAC gave a presentation on the growth and regulatory challenges associated with decentralized financial solutions, and various blockchain technologies, at the committee’s recent meeting.
Gary DeWaal and Aaron Wright, two of the world’s leading authorities on Decentralized Finance (aka "DeFi"), led an engaging and comprehensive discussion on this fast-growing sector of the blockchain ecosystem at the CFTC’s December meeting of the Technology Advisory Committee. DeWaal, Special Counsel at Katten Muchin Rosenman, and Wright, a Professor at Cardozo Law School, focused on recent trends in DeFi and practices and technologies, and then engaged in deep exploration of the associated legal and regulatory uncertainties in a presentation titled The Growth and Regulatory Challenges of Decentralized Finance.
Decentralized finance is growing. At the presentation’s onset, Wright provided an overview of DeFi protocols, which use smart contracts to create financial services and other products that are non-custodial in nature. He also identified some of the emerging smart contract-based financial services being built on top of blockchains. Wright observed that that ideally these protocols do not rely on one central party, but in practice many still do.
Wright stated that the DeFi landscape has been is growing with both smart contract-based protocols and centralized aggregation tools. Some of the developments he pointed to involve emerging protocols relating Decentralized Exchanges ("DEXes"), borrowing and lending, derivatives and synthetic products, as well as insurance prediction markets. The market has also seen a growth in aggregation tools relating to DEX’s themselves, as well as yield and asset management protocols. The potential benefits associated with DeFi services and smart contract-based financial protocols include:
- Lower costs;
- greater accessibility and permissionless access;
- greater financial inclusion;
- composability and interoperability in that different systems and platforms can readily interact with each other;
- the ability to have community-run financial infrastructure; and
- higher degrees of security, and potential privacy.
Risks and growing pains. At the same time, DeFi protocols and solutions often involve their own unique risks and concerns. These include:
- High barriers to entry,
- users need to be tech savvy to use these services safely as the software is more complex than otherwise already complex blockchain applications,
- entropy and complexity created by composability,
- limited ability of blockchains to process transactions (which are potentially addressed with innovations like Ethereum 2.0),
- comparatively low levels of liquidity,
- security and smart contract vulnerabilities, leading to hacks and other thefts, and not least,
- regulatory uncertainties.
Regulatory uncertainties and legal exposures abound. DeWaal explained that while DeFi protocols aim to thin the need for centralized custodians and other central actors, these core features create regulatory and legal challenges for the various participants in the decentralized finance ecosystem. In particular, DeWaal noted that many of today’s regulations look to these actors to apply applicable rules and regulations. However, to the extent DeFi applications implicate requirements or prohibitions under the Commodity Exchange Act or related regulations, these laws will still apply. According to DeWaal, the question becomes who should be liable, and he noted these are similar issues to what the SEC faced when analyzing The DAO in its 21(a) Report from 2017.
Difficulties in holding software developers directly liable. DeWaal also stated that as decentralized finance grows, it may become increasingly difficult to impute direct liability on the creators of decentralized protocols. He noted that in the US, software development is often a protected activity under the First Amendment, though noted this is not a complete bar. Still, DeWaal observed that bringing enforcement actions against developers can create challenges, noting that once a smart contract-based protocol is deployed, it is difficult to remove or shut down the smart contracts due to the tamper-resistant nature of a blockchain. Accordingly, a user can still interact with the software, even if developers are held liable, and a governmental agency, such as the CFTC, has commenced enforcement proceedings.
The perils of secondary liability. Noting the challenges of imposing direct liability on developers of decentralized DeFi protocols, DeWaal pointed to various legal theories premised on secondary liability to hold DeFi actors liable for their participation or interaction with these protocols. These include aiding and abetting liability, as well as controlling person liability. Under the 13c(a) of CEA, any person that aids, abets, counsels, commands, induces, or procures the commission of, a violation can be held liable. Likewise, under 13c(B), the CEA’s controlling person provision, any person that has directly or indirectly, controlled a person who has violated any provision of the Act, can be found liable for that wrongful conduct.
DeWaal described the secondary bases of liability as incomplete solutions noting their imposition may only serve as a deterrent and will not necessarily stop the use of the DeFi protocol due to the hard to modify nature of smart contracts. He also observed that these law enforcement tools might actually encourage more unregulatable solutions. For instance, DeWaal posited that developers might be encouraged to use more advanced forms of cryptography to obscure transactional records and frustrate enforcement efforts.
The refuge of a safe harbor. Towards the conclusion of the presentation, DeWaal advocated that the CFTC consider a safe harbor approach whereby software developers, and potentially users of DeFi protocols, would be afforded a regulatory incentive to build and support compliance through the provision of a "safe harbor."
DeWaal observed that conceptually, a safe harbor could excuse direct liability for software developers and other DeFi participants, if the protocol had a lawful purpose and entailed no fraud, interacted or excluded addresses or jurisdictions encouraging OFAC compliance, and limited or barred trading on margin trading. DeWaal added that the safe harbor could also contemplate requiring that protocols be able to implement any future CFTC-authorized software systems to enforce commodities related laws—in other words to use "code as law."
DeWaal suggested that one possibility on the safe harbor front was for CFTC staff to memorialize the relief in the form of a no-action letter. Other potential recommendations under consideration to the CFTC included:
- adopting a wait and see approach to see where risks manifest with these protocols;
- carefully consider whether to impose direct liability on smart contract developers or miners/ validators to prevent spillover effects;
- researching and exploring theories of secondary liability; and
- continuing to engage with blockchain developers to stay up to date on new services and ongoing innovation.
MainStory: TopStory Blockchain CFTCNews ClearanceSettlement CommodityFutures Derivatives Enforcement ExchangesMarketRegulation FinancialIntermediaries
Interested in submitting an article?
Submit your information to us today!Learn More
Securities Regulation Law Daily: Breaking legal news at your fingertips
Sign up today for your free trial to this daily reporting service created by attorneys, for attorneys. Stay up to date on securities regulation legal matters with same-day coverage of breaking news, court decisions, legislation, and regulatory activity with easy access through email or mobile app.