Overview of legal and regulatory concerns that DeFi presents

When it comes to adopting new technology, the first and earliest adopters are the tech geeks. Next come the investors, drawn by a base of loyal customers, and the promise of getting in on the ground floor of something big. And then, several years later, regulators and lawmakers jump into the fold to try and figure out how to support, limit and enhance the use of the technology and its impacts.

Everything, from iPhones to Uber, experienced the same track.

However, decentralized finance — “DeFi,” as it’s commonly known — is entirely different because we’re talking about redesigning our financial lives through new technologies.

See, everyone sits up a little straighter when the technology in question involves money. Then, everyone pays even more attention when the technology that involves money promises to completely revolutionize the way that transactions occur all over the world.

As a result, the studies involving adoption and advancement of DeFi look a little different:

  • The first 2.5% are innovators
  • The second 13.5% are early adopters
  • The third are the early majority, which sit at 34%
  • Finally, the fourth group of 34%, which are the late majority, are somewhat skeptical and cautious when it comes to this new technology

With DeFi, it is hard to pinpoint where, precisely, the evolution sits on the scale of adoption. However, if there’s one thing that is certain, it’s that the legal and regulatory concerns have been at issue right from its inception — about the point where innovators opened the gates to early adopters.

What is DeFi?

Decentralized finance:

  • Is a sector of the digital assets industry, with its own products which revolve around decentralized financial instruments and application (separate from traditional instruments & institutions)
  • Include financial applications built on blockchain networks
  • Creates an open-source, permissionless, and entirely transparent financial service ecosystem available to everyone, without any central authority, control, oversight, and governance
  • Involves a number of projects that call on smart contracts. Smart contracts use computer code to delineate the relationship between entities entering into a contract. It is enforceable by computer code, but it also raises a number of risks and issues.

In July of 2020, the total value locked in DeFi markets (i.e. the use of blockchain, digital assets, and smart contracts in financial services like credit and lending, built on Ethereum) hit $4 billion.

At this point, as of September 1st, that figure has more than doubled to $9.60 billion

This kind of market cap proves that “interest” in DeFi as a viable “alternative” to basic financial functions is quickly becoming a certain willingness to engage. These functions include:

  • Borrowing and lending — Decentralized borrowing and lending based on public blockchains allows for instant transaction settlement, collateralizing digital assets, and eliminating the need for credit checks.
  • Monetary banking services — Involving the issuance of stablecoins, mortgages, and insurance. These services would use smart contracts, which would reduce the need for underwriting and a decrease in legal fees.
  • Decentralized marketplace — Allows platform users to trade digital assets without an intermediary to hold funds. Instead, trades are executed from users’ wallets directly, with the help of smart contracts.

As you can see the clear benefits of DeFi arising from its advantages, you might also be able to sense that these strengths also make it vulnerable to a number of legal and regulatory challenges.

Then again, no FinTech innovation is ever perfect on its first at-bat.

Five Major Legal and Regulatory Challenges Facing DeFi.

The difference between centralized and decentralized finance along with the novel execution mechanisms for the financial instruments via smart contracts make DeFi such an ambiguous zone for attorneys and regulators.

These differences hover around four specific areas:

  • Custody — who keeps users’ collateral and how is it stored and accessed
  • Governance — who oversees users as they use a platform’s functions and how this governance is flexed
  • Compliance — KYC and Anti-Money Laundering regulations keep a strict hold on centralized platforms. But how does one apply investor protection to a decentralized platform?
  • Profit model — How lending platforms make money, and how this money is then redistributed to certain “token” holders

However, the most overarching question policymakers should (and do) have is:

How can a system that is inherently designed to be free of all control, permissions, and identity-based authentication, also be one that ushers in a collaboration with regulators and enforcement?

Challenge #1: The Difficulty of Classifying Digital Assets

Taxation and classification of blockchain cryptocurrencies often land platforms into hot water with oversight bodies like the IRS and the U.S. Treasury.

Strictly speaking, it is currently illegal to create one’s own form of currency in the United States. Of course, we all know very well that digital currencies have been created and are alive and well. However, not all tokens are built alike. The discrepancies raise several regulatory and compliance issues under federal securities laws.

The U.S. Securities and Exchange Commission first introduced crypto rules after 3.6 million Ether (which amounts to $44.6 million) was stolen from The Dao, a decentralized autonomous organization.

In light of that matter, the SEC released a number of developments around the classification of DeFi instruments:

  • The SEC requires a trading platform operated as an exchange, offering digital assets that are securities to register with the SEC. If they are not specifically exempt, they’ll be in violation of compliance with federal securities law.
  • The SEC also requires that exchanges not undermine AML or KYC obligations. Payments and transactions in cryptocurrencies must be treated the same as cash transactions.
  • Trading platforms need investor protections including best execution, short-sale restrictions, prohibitions on front running, and custody and capital requirements.

The SEC also says that trade digital assets do not have the same standards of integrity as a registered national securities exchange.

Challenge #2: Enforcement, Regulation, and Jurisdictional Ambiguity.

Forming public policy around the use and execution of DeFi becomes particularly difficult when we try to consider issues of anonymity, jurisdictional uncertainty, and regulation over misconduct.

Avoiding Regulation

Because DeFi anonymizes users, regulatory authorities have a tougher time identifying misconduct or enforcing against such misconduct of illegal financial service offerings even though it falls within their jurisdictional purview.


If decision-making is decentralized and record-keeping occurs across multiple individuals, that makes it more difficult for regulators to follow breaches or misconduct.

Jurisdictional Uncertainty

As financial services are provided across borders thanks to DeFi, trading platforms and their operators could simply change locations to avoid regulatory actions.

Essentially, it comes down to a matter of addressing potential misconduct. Whereas centralized financial platforms are trackable, decentralized financial technologies open the door to financial activities occurring beyond boundaries like geographical locations or specific users.

Suddenly, authorities have a harder time equally applying and enforcing laws and regulations around potential misconduct. And that makes it more difficult to form blanket public policy with such fuzzy boundaries.

Challenge #3: Restrictions on Enforceability and Accuracy of Transactions

A smart contract is an agreement executed in computer code (not legal language), governing transactions placed on a blockchain. However, there are many defenses to a technically enforceable contract “in real life.” These are things like mistakes, duress, misrepresentation, undue influence, etc.

In response, states need to enact new legislation governing contract enforcement in blockchain while attorneys themselves address the details of the contract’s execution.

In Nevada, for example, regulators are proactive enough to at least define these contracts so they can be used as evidence.

The statute, which states that smart code is “a contract stored as an electronic record pursuant to chapter 719 of NRS which is verified by the use of a blockchain,” can also then allow the electronic record as proof of fraud.

To continue with Nevada’s example, the Act that defines the use of smart contracts places several restrictions such as:

  • What notices can be issued by blockchain (cancellation of a service, a notice of default, acceleration, repossession, foreclosure, etc.)
  • Taxation and fees of blockchain use

Besides these legal restrictions, there is still a matter of human error and accuracy of blockchain records. And that’s because code is not law.

If someone enters inaccurate information in the records on the blockchain, such as a user erroneously recording a deed, then the technology simply accepts and records. If the error needs to be refuted, that could prove to be exceedingly difficult because blockchain is anonymous and immutable.

So, to continue with this example, a property owner may lose rights to a property because blockchain essentially enables the transaction but does nothing in the way of verification — either of contract language or of whether the right buyer even receives the title deed.

As regulators begin to understand the way blockchain works, and how tenable smart contracts can be enforced when it comes to disputes or even filing suits, you can expect to see mechanisms that address these holes.

Challenge #4: Issues Around Smart Contracts

Traditional contract law has specific, defined meanings for offer, acceptance, consideration, and mutual assent. These are not open to interpretation, necessarily, but they’re also not executed in computer code.

There is a certain degree of mutability in legal language that blockchain’s static “smart contract doctrine” simply doesn’t have.

Thus, regulators will absolutely need to address these definitions especially if we’re operating with irreversible electronic contracting. Attorneys paying attention to and drafting these smart contracts need to be even more meticulous with outlining provisions, cases, and potential “room” for interpretation in the smart contract.

Why is that so essential? Because both parties in a transaction need to be protected and have some legal recourse should things go wrong. Consider the following scenario using smart contracting:

Party A wants to buy Bitcoin in exchange for Ether. Party A connects its hard wallet through a decentralized platform and finds Party B who is willing to trade Bitcoin for Ether. Party A sends Ether and Party B sends Bitcoin, both expecting the smart contract to self-execute, but nothing happens….

The “smart contract” program (because it’s an actual piece of code) runs its “if-then” logic, but malfunctions, the Ether went to Party X and the Bitcoin went to Party Z. Now what?

With smart contracts, you have certainty of self-execution. What you don’t have, however, is flexibility in remedying the possible breach. The terms are absolute within the blockchain until the contract ends.

Humans are simply not as cut-and-dry as computers.

How will lawyers address this issue?

  • First off, the contract must be meticulously drafted so the code matches the parties’ agreement.
  • Then, the lawyer must work with a programmer or developer in close collaboration to ensure that their clients understand the contours, details, and potential actions of the agreement.
  • And, finally, the computer code must execute according to the prose translation.

Currently, we have not tested the adjudication of smart contract disputes in the U.S. courts, so we expect the law to evolve as these issues of enforceability, traceability, and flexibility arise.

Challenge #5: Anonymity Could Bring About Criminal Activity

One of the benefits of blockchain is that it enables users who do not necessarily know each other to engage in transactions freely without worrying about whether the information recorded on the ledger is true.

In theory, this should make things safer and more secure. And it does. But only insofar as the verifiability of the transaction itself goes. The fact that users of smart contracts are identifiable via a public key only and not as a physically locatable person complicates enforcement. And where these complications arise, you can expect regulators to respond with increasing scrutiny and red tape.

Certain financial crimes like money laundering, securities fraud, and tax evasion will occur, regardless of whether we resort to centralized or decentralized financial services. In response, the regulatory authorities will address these issues by finding ways to build compliance rules into blockchain networks.

Does this subvert the very nature of DeFi? In some ways, yes.

But it is one way that smart contracts that do not conform to regulations can be paused when they trigger a regulatory violation. In the end, maybe this is the solution to allow parties to revise a red-flag agreement or cancel it completely.

Linked to the anonymity for users is the difficulty of “following the money,” as it were. Consider a situation in which a user creates several wallets with separate public keys to transact with other parties who are doing the same.

On the other end of the blockchain network sits an unlawful user waiting to take advantage of anonymity to circumvent the laws. So, we may be able to expect identification disclosure requirements for specific kinds of blockchain transactions or applications.

It is a cost that may get passed on to the user, or users, but it’s one of the ways in which law enforcement can monitor illegal activity.


Users reading this might think that these platforms are a ripe environment for general lawlessness. If we learn anything from history, we know that “opportunists” will always be there to take advantage of nascent industries. However, there are promising applications in DeFi the space and it would take a collective effort of industry masterminds (developers, lawyers, financiers, regulators, and more) to steer this industry into the right path. The risks will never be eliminated, but our ability to understand these risks must be enhanced.