1. What is DeFi?
Decentralised Finance (DeFi) is an emerging technology through which a series of financial services are provided to users without resorting to a centralised architecture (such as in a traditional financial system which involves both financial intermediaries and central authorities), but relying instead on a public distributed ledger. These financial services are provided through decentralised applications (DApps) which can be deployed on several blockchain-based ecosystems (namely Ethereum, Polkadot, Solana or Cardano etc.).
Smart contracts are the catalyst allowing transaction flows to operate on a peer-to-peer (P2P) basis, guaranteeing their execution through the code (programme) itself and their integrity by distributing the processing of every transaction through every network participant. They cannot be compromised or altered, ultimately enhancing the inherent trust and transparency of each on-chain operation. In turn, DeFi users are provided with programmable wallets which enable interaction with both smart contracts and DApps, ensuring their execution and performance.
2. DeFi Architecture, Categories and Governance
DeFi services allow their users to “securely store, exchange, and modify asset ownership information, replacing the execution and settlement layer or conventional financial services”, within an “open and composable”, “hierarchical multi-layered architecture”.
It is also possible to distinguish several fields in which DApps operate, namely stablecoins, P2P lending markets, decentralised exchanges (DEXs), automated market makers (AMM), derivatives (e.g. perpetual futures), portfolio management, payments, insurance services and DeFi aggregators.
A DeFi ecosystem can run on a partially or fully decentralised governance framework (as opposed to Centralised Finance (CeFi)), mostly thanks to Decentralised Autonomous Organisations (DAOs) – the holy grail of DeFi governance. When referring to both partially and fully decentralised governance, DAOs provide mechanisms for active community participation, namely governance tokens. These tokens confer their holders the possibility to vote on decisions that affect the community. In Decentralised Autonomous Organisations (DAOs) decisions are voted on by holders of governance tokens, to then be executed through smart contracts in the blockchain as if they were transactions. This is of great relevance when assessing whether a certain DeFi service falls under the scope of MiCA. If the service works on a totally decentralised basis then it falls outside the scope of application of MiCA due to the absence of a “natural or legal person who performs or provides those activities (…) to be held accountable”.
3. DeFi Regulation
A major component of the EU’s Digital Finance Strategy is a regulatory framework for crypto-assets, namely the Regulation on Markets in Crypto-Assets (MiCA), which is expected to be enacted in 2024. MiCA will amend Directive (EU) 2019/1937 with the aim of regulating assets which fall outside the scope of MiFID II, namely stablecoins and DEXs. Although MiCA, in its proposal, adopts a broad definition of crypto-asset as a “digital representation of value or rights which may be transferred and stored electronically, using distributed ledger technology or similar technology” (Article 3, paragraph 1, (1)), the material scope of MiCA will condemn to a regulatory grey area not only DeFi services running on DAOs, but also portfolio management, insurance, and P2P lending services.
In June, the European Central Bank President addressed the European Parliament expressing some concerns regarding the risks of excluding DeFi services from MiCA’s scope. President Lagarde is keen on making way for a MiCA II which shall cover and regulate certain DeFi modules, namely staking and lending, offered by Crypto-Asset Service Providers (CASPs). The collapse of crypto lender Celsius led to an outcry for a stricter regulatory approach to crypto lending activities. Celsius attracted savers by offering optimal conditions for deposits which were then to be used by provide loans to borrowers. However, in July, Celsius filed for bankruptcy with many of its investors seeing total capital losses, without the possibility of withdrawals prior to the dreadful event, due to Celsius having halted them. An unforeseen outcome at first sight, however expectable after the disclosure of its reserves – it was inevitable, but preventable if these platforms were to be subject to capital and liquidity collaterisation requirements, as it is proposed by MiCA.
Stablecoins are one of the main targets of MiCA. These crypto-assets offer very interesting investment conditions: investing in stablecoins offers the chance of getting an average 10% APY as opposed to the average 1% APY from traditional term deposits. There are mainly four types of stablecoins: fiat-collateralized stablecoins (e. g. USDC, USDT), crypto-backed stablecoins (e. g. WBTC, WETH), commodity-backed stablecoins (e. g. XAUT) and algorithmic-stablecoins (e. g. UST, DAI). The latter maintains its pegging to a certain underlying-asset by means of an algorithm that balances its price according to the market’s supply and demand, without relying on any kind of collaterisation. One of the newly announced measures to be enacted in MiCA, backing a macroprudential approach to the crypto market, is the ban of algorithmic stablecoins, as a consequence of the requirement of having reserves with a collateralisation on a 1:1 ratio (Article 32 and 33). This proposed measure comes in the aftermath of UST crash and Luna token (algorithmic asset-referenced token from Terra Foundation) that left many investors “holding the bag”. Asset-referenced tokens may also be qualified as “significant” (Article 39) by EBA, namely, due to surpassing certain thresholds among other criteria. Issuers will have to comply with additional obligations, namely stricter liquidity management policies and procedures (Article 41). Moreover, EBA, ESMA and the ECB will cooperate closely on setting up technical standards, as well as issuing non-binding opinions to support competent authorities on granting or refusing authorisation for issuers of asset-referenced tokens to operate in the European Union (Chapter I of the MiCA Proposal). Another of the proposed measures by MiCA is to prohibit issuers from providing interest to asset-referenced tokens holders (Article 36). Despite that, the role that such instruments play in enhancing traditional investment conditions is blatant, by bringing competition to the table and challenging the current monopoly held by traditional finance.
According to the MiCA proposal, decentralised token issuances or admission to trading will have to comply with three main requirements: publication of a white paper, notification to a supervisory authority and the establishment of a legal entity in the EU (Article 4), preventing fraud phenomena, namely exit scams as seen with ICOs. However, if a new decentralised token project, supported by a DAO, emerges after the enactment of MiCA, it will only be possible to list it on regulated platforms if a legal entity is incorporated under Malta’s Innovative Technology Arrangement and Services Act (ITASA) – currently the only EU Member State which provides for a legal framework for DAOs.
Moreover, as argued by the authors of the latest Chambers Global Practice Guide on Blockchain for Portugal, neither decentralised finance platforms, nor mining or staking activities have any “specific laws or regulations” rendered to be applicable in Portugal or in the European Union. Nevertheless, with the enactment of both Council of Ministers Resolution 20/2020 and Decree-Law 67/2021, Portugal is creating regulatory sandboxes in certain geographical areas, fostering the testing and development of innovative products and services, without compromising consumer protection and avoiding systemic risk.
4. Risks and Challenges
Considering DEXs’ transaction volume in the last 12 months of over $1 billion, DeFi projects’ gross total value locked (TVL) of approximately $70 billion, and DAOs TVL in treasury of over $10 billion, the risks that unregulated DeFi poses to its users are evident.
DeFi transactions may also create new challenges to Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) policies due to their pseudonymous-by-default design and non-custodial wallets, making it hard to link certain transactions to individuals or even to enforce regulatory obligations linked to AML/CFT policies “without traditional intermediaries”. However, if and when individuals access DeFi modules through CeFi platforms, they become subject to KYC procedures by default, as well as the very much debated Travel Rule designed by FATF, to be laid down in the Transfer of Funds Regulation (TFR). At the EU level, these risks were already anticipated with the 5th AML Directive (5AMLD), which encompasses Suspicious Activities Reports (SAR) to be filed by CASPs and the upcoming 6th AML Directive (6AMLD) will lay down new penalties and extend criminal liability to legal persons for money laundering, as well. In Portugal, Portuguese Law 83/2017 on AML and CFT, as amended, already provides for a regulatory framework for certain activities involving virtual assets and fiduciary currencies (e. g. Article 5, paras. x), ll) and kk); Articles 64 and 72), along with Bank of Portugal Notice No. 3/2021 which requires entities that provide financial services involving crypto-assets to apply for register and authorisation before the Bank of Portugal, mainly for AML/CFT purposes.
5. Final remarks
DeFi may lead to the emergence of new grey areas with services that do not fall within the scope of existing or anticipated regulations, demanding a continuous effort through legislative initiatives to cover emerging DeFi services. No solution can ultimately lead to a ban of such platforms to operate in the European Union, as it is not a viable solution to keep up with the innovation in markets in a neutral manner. Instead, the key to staying ahead of DeFi’s innovation may be the creation of highly technically skilled teams, well versed in the fields of finance, law and ICT, tasked with maintaining a close and flexible dialogue with DeFi service providers and the supervisory authorities to address these issues from a law-making level. The potential for DeFi to provide consumers with better financial services through a new, open, transparent, and trustworthy structure is huge and will certainly assist the much-needed transformation of centralised financial services and their traditional architecture.
 Aave, Makr and Compound are some examples of DeFi projects that provide for loans running on smart contracts, requiring cryptocurrency as collateral and drawing the required funds from pools built by locked deposits of other users.