Cryptocurrency has brought us peer-to-peer payments and continue to increase the participation of millions of people in the global economy, who cannot access traditional banking services. The rise of decentralized finance (DeFi) is expected to further expand access to financial services, including savings, loans, derivatives, asset management and insurance products.
This innovation to enhance financial inclusion should be allowed to flourish in a regulated environment where individuals and institutions are protected and suspicious activities are identified and reported. But how to regulate these decentralized products without completely eliminating the core attributes of financial inclusion and decentralization?
Know your customer (KYC) procedure is Key function Assess risks and comply with legal requirements of anti-money laundering (AML) laws that vary from jurisdiction to jurisdiction. Most of these anti-money laundering laws are enacted for good reasons: to deter criminals by making it more difficult for criminals to launder money through illegal activities (for example, human or drug trafficking, terrorism, etc.). Anti-money laundering regulations require financial institutions to understand the true identities of their customers, monitor transactions, and report suspicious financial activities.
Why regulators see DeFi as a major issue
Given that there is no central control entity for decentralized applications (DApps), it is unclear who is responsible for ensuring that DApps, including DeFi applications, comply with existing legal and regulatory requirements. Suppose a ransomware attacker uses a decentralized exchange (DEX) to launder their stolen funds. Who is responsible for reporting their transactions? Who will go to jail or pay a fine for not reporting? Member of the Decentralized Autonomous Organization (DAO) that manages the DApp? The developer who developed the code?
Although most of these questions remain unanswered, the Financial Action Task Force (FATF), the global money laundering regulator, has recently Suggest The guidelines clearly state that “the owner/operator of the DApp may fall under the definition of VASP [virtual asset service provider] […] Even if other parties play a role in the service, or part of the process is automated. […] If any part of the elements defined by VASP still exists, the decentralization of any single operating element will not eliminate the coverage of VASP. “
This indicates that DApps (DEX and other DeFi applications) will be responsible for compliance with specific country laws that implement FATF, AML, and counter-terrorism financing (CTF) standards.
Related: Draft FATF guidelines for DeFi compliance
Take the Bitcoin Commodity Exchange (BitMEX) as an example: Although BitMEX is a centralized exchange, Enforcement action taken The platform founders of the Commodity Futures Trading Commission (CFTC) and the US Department of Justice (DOJ) have an influence on DeFi. The CFTC accused the operator of violating anti-money laundering laws, while the DOJ accused the founder of violating the Bank Secrecy Act (BSA). Therefore, DeFi platforms that provide financial products to U.S. residents will be required to register for appropriate operating licenses. Failure to do so may result in enforcement actions against identifiable founders/creators or operators.
Regulation and privacy: are they really contradictory?
Keep in mind that the current regulations are for companies, not individuals. Therefore, regulators do not care much about your peer-to-peer transactions unless you have laundered millions of dollars in cryptocurrency and remitted them through the payment network of the crypto platform. At that time, the exchange will be required to identify the transaction as suspicious and issue an alert to the regulators within its jurisdiction.
At this advanced stage of the investigation, if law enforcement agencies require certain personally identifiable information (PII) related to the transaction, the exchange must provide this information. This is why centralized exchanges require users to complete KYC-so that they have this PII when they need it. However, the vast majority of DEX does not have a fully compliant process. Does DEX need to cancel the freedom of our decentralized revolution to meet changing compliance standards?
Related: Will regulation adapt to cryptocurrency or will cryptocurrency adapt to regulation?Expert answers
Put users in control
By leveraging the same user control and privacy values that initially attracted millions of people to use cryptocurrency, we can enable users to selectively share PII when needed, and provide DApps with a built-in identity layer to help them achieve compliance goals . Although compliance will definitely be more complicated in a decentralized environment, the effective use of digital identities to enable licensed access to DApps is our way to ensure the long-term viability of a greater encryption economy and financial inclusion.
The views, thoughts and opinions expressed here are only those of the author, and do not necessarily reflect or represent the views and opinions of Cointelegraph.
Christopher Harding Is the chief compliance officer of Civic. After ten years in leading accounting firm KPMG in various risk management positions around the world, he joined the digital banking company Lending Club, where he developed, standardized and implemented new risk governance structures and risk management processes.