Whether crypto and DeFi (decentralized finance) will become mainstream is no longer a debate. It is only a question of when and how. Crypto and DeFi companies have caught the attention of not only banks but regulators across the world. The responses from countries and companies in traditional finance will be uneven, but players in the current DeFi space need to stay aware of developments and engaged with how traditional finance evolves. Why should DeFi care about regulations? DeFi has emerged as an alternative to the existing global financial system. It has rebuilt finance with fundamentally different tools from traditional finance, with smart contracts and can remove intermediaries like banks as well as regulators like governments. DeFi is a vast, and still growing, landscape. Within this ecosystem, there will be actors who will remain outside the current global financial system. There will also be teams building services that intersect or interact with traditional finance. That’s okay. While DeFi represents a paradigm shift and is constantly giving individuals new ways to transact, part of the ecosystem expansion will mean a merger with the financial system, such as through collateralized loans. As DeFi grows more mainstream, certain services will adopt principles from traditional finance and traditional banks will seek to utilize DeFi’s instruments. Players in the DeFi space, both teams and individuals, are at the forefront of financial evolution and should not only stay atuned to regulations, but shape the future of digital finance. 3 Ways for DeFi to Navigate New Regulations 1) Stay Updated About the Legal State of DeFi How DeFi will continue to evolve will depend on how players in the DeFi space can demonstrate they can build robust, reliable, and trustworthy systems. Governments have been slow to respond to Bitcoin, let alone the crypto and DeFi ecosystems. However, new regulations have arrived for crypto and also for the traceability of funds because governments are attempting to curb fraud and money laundering. The EU’s European Commission’s explicitly obliges “all service providers to conduct due diligence on their customers…[to] ensure full traceability of crypto-asset transfers”. In conjunction with the EU’s Payment Services Directive 2 (PSD2), it increasingly requires traceability and strong customer authentication for electronic payments. By implication, anonymous banking is not legal within the EU. The requirements do not eliminate the possibility of DeFi in the EU but limit the types of possible DeFi services. The DeFi services that can do customer due diligence and know your customer (KYC) checks and trace asset transfers can still operate. In the EU, since DeFi exchanges may not have a company, the creators can be held liable. Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) package Unlike the early days of DeFi, where users could come from anywhere, DeFi teams now need to consider what markets they can serve if they wish to maintain user anonymity. However, DeFi teams can also find ways to verify the identity of their users for transactions or regulatory requirements that are nonetheless privacy-preserving. 2) Understand AML and KYC Principles for Fiat Many services in the DeFi space will have to handle fiat -- currencies like the USD, GBP, EUR -- which will have AML/CFT and customer identification requirements. Ultimately, the goal of having identifying customers (KYC) is to prevent fraud and the illicit use of funds, such as for human trafficking or arms dealing, in traditional finance. In some markets, KYC may not be required for account creation (as it would be for banks), but might be required for transactions. Doing KYC, collecting personal information, and keeping a paper trail for transactions is often seen as an invasion of privacy, especially amongst proponents of DeFi. For DeFi companies that have to implement KYC checks, clear communication with customers on why you are collecting personal information will give them more confidence about your intentions. However, some DeFi companies such as have opted to include KYC to build trust with customers from day one and instead invest resources into securely handling personal information. As many governments follow the recommendations of the Financial Actions Task Force (FATF), the world’s global watchdog for AML/CFT, , which includes DeFi services, can expect to have governments creating regulations in line with the principles outlined. Donut virtual asset service providers (VASPs) Ultimately, understanding regulators require KYC and need to trace funds can help you understand how to implement identity verification. why 3) If DeFi Does Not Act, Traditional Finance Will Verifying a user’s identity and ensuring a user’s privacy does not have to be mutually exclusive. This paradigm shift needs to happen with players in the DeFi space to stay relevant to rapidly evolving digital finance. Traditional finance is already incorporating blockchain technology, experimenting with cryptocurrencies and other tools. Traditional finance is already accustomed to regulatory requirements and already has KYC incorporated. Players in DeFi need to proactively decide how to build trust with users and verify their identities before regulators dictate them. DeFi services that are not stringent on anonymity, but want to preserve user privacy need to rethink their approaches to handling user’s digital identities. Depending on your service, privacy could be about giving a user the right to share or not share their identity with another party. Privacy also relates to securing a user’s personal information from hackers and identity theft. Privacy is often about keeping as little information as possible. You can know that a user’s identity has been verified, but have no information on the user stored in your systems. By separating the identity verification process and where a user’s identity is stored from your main service, you are also securing your business from cyberattacks and stolen user data. At the same time, the identity verification service does not have to know what a user is verifying their identity for and is only performing the checks. Having a separate identity layer of the internet gives people control over their digital identity -- some refer to this as Self-Sovereign Identity -- and with whom they share it. DeFi platforms can tap into this digital identity layer when necessary to verify users and otherwise limit the handling of sensitive user information. Identity verification service providers like Passbase that perform KYC checks help companies become compliant by collecting the information needed: photo ID, biometrics to face match, and liveness detection to prevent fraud. Passbase does not need to know what you are verifying the user for and you do not need to store the user’s identity information. This allows you to verify the identity of a user, whether for transaction reporting, compliance, or simply to build trust. DeFi companies need to dedicate resources to identity verification and privacy as they have to developing protocols. Understanding best practices from traditional finance, such as KYC, helps DeFi companies build better solutions that are more customer-centric and privacy-preserving. By incorporating KYC checks thoughtfully into your service, you are taking control of your trust system and compliance strategy. This allows you to communicate with users upfront and future-proof your operations. DeFi Needs to Chart its Course to the Mainstream DeFi has disrupted global finance. However, existing players in the global financial ecosystems are also learning fast. As lawmakers move to create regulations, private sector institutions such as banks are incorporating DeFi principles and tools into their infrastructure. Many concepts from blockchain protocols and DeFi, such as smart contracts, will be incorporated into traditional finance in the coming years. Builders of the DeFi ecosystem need to stay updated about new regulations for virtual assets and financial industry trends in order to stay relevant with mainstream developments. DeFi does not replace traditional finance but needs to borrow from traditional finance to navigate regulations and reach a mainstream audience.
