After the DeFi reports from the OECD and the Financial Stability Board earlier this year, there’s a new kid in town: IOSCO’s DeFi report. IOSCO is the International Organisation of Securities Committees, a club of securities regulators from around the world.
DeFi mostly copies traditional financial products, IOSCO’s report concludes, and also copies many of TradFi’s risks.
Part of the report is unsurprising: a (quite clear) description of the DeFi landscape and ist main actors. There’s not much room for discussing DeFi’s opportunities: the report mostly focuses on the risks. That’s perhaps unsurprising for a body consisting of securities regulators.
IOSCO doesn’t buy into the disintermediation benefit of DeFi, for example. Intermediaries provide valuable services and dis-intermediation strips away a layer of investor protection, it warns.
There are also a few surprising statements in the report.
First, like other reports, this document looks for ‚centralization‘ in DeFi. It goes quite far, however: if a DeFi project uses a website hosted on a centralized server, does this make it a ‚centralized‘ project rather than true DeFi? The report seems to suggest so, oddly enough.
Secondly, the IOSCO report puts a lot of emphasis on DeFi projects using ‚centralized‘ social media. The report suggests that these social media channels result in information asymmetry (the insiders know more than the outsiders). I’ve heard many concerns around DeFi, but this is a new one.
It’s not the first time that social media gets a special mention in a DeFi report: the crypto report by the Financial Stability Board earlier this year wrote that DeFi „governance may be concentrated, including through the use of committee structures for management purposes with regular meetings held through social media platforms“. Should the people managing DeFi and DAO Discord channels be concerned? Will they be a legal target? Not quite yet. But there is a trend.
IOSCO is setting up a DeFi taskforce, presided by the US Securities & Exchange Commission. That will likely set the tone.
As a general thought: the DeFi reports and guidance we’ve seen so far (from the OECD, the FSB and FATF) all have one thing in common: looking for points of centralization in DeFi, as a way to impose legal liability.
It’s important not to confuse various types of centralization. We can look for technical and economic centralization to understand how DeFi works and how it links to other on-chain or off-chain activities. That helps us identify single points of failure and interdependencies.
However, when we look for legal centralization, our focus is different: we’re looking for people with sufficient control over a DeFi project to impose legal liability. That’s a much narrower focus than mapping out all interdependencies.
If we accept that decentralization is a spectrum (which most DeFi reports do), the logical conclusion is that not every aspect of centralization justifies legal liability.
If you’re interested in DeFi & regulation, check out our interviews on the topic here (with US SEC Commissioner Hester Peirce, European Commission Principal Economist Dr. Joachim Schwerin, Wharton’s Kevin Werbach and Sheila Warren, formerly at the World Economic Forum and now the first CEO of the Blockchain Association.