The US Treasury Department has released a report expressing growing concerns over “illicit” actors exploiting decentralized finance (DeFi) services and their associated vulnerabilities.
The report defines DeFi as virtual asset protocols and services facilitating automated peer-to-peer transactions using blockchain-based smart contracts. However, it notes that the term is often used “loosely” in the industry and may refer to services that are not “truly decentralized.”
Many DeFi services have a controlling organization or governance offering some centralized administration. However, the Treasury’s risk assessment report states that “illicit” actors, such as ransomware operators, cybercriminals, thieves, scammers, and Democratic People’s Republic of Korea (DPRK) cyber agents, are exploiting DeFi services to launder their ill-gotten gains.
The report also draws attention to alleged vulnerabilities in US and foreign Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) regulatory, supervisory, and enforcement regimes and the technology underpinning DeFi services that these bad actors are reportedly exploiting.
The Bank Secrecy Act (BSA) and related regulations impose obligations on financial institutions to aid US government agencies in detecting and preventing money laundering.
The report emphasizes that the most significant illicit finance risk within the DeFi sector stems from services that are “not compliant with existing AML/CFT obligations.”
According to the report, these obligations apply to entities classified as financial institutions by the BSA, whether centralized or decentralized. Therefore, DeFi services functioning as financial institutions must comply with the BSA’s obligations, including AML/CFT.
The risk assessment recommends that federal regulators collaborate with the industry to clarify how relevant laws and regulations, such as securities, commodities, and money transmission regulations, apply to DeFi services.
This engagement will help to clarify the regulatory landscape and ensure that DeFi services comply with relevant laws and regulations. The assessment acknowledges that the virtual asset ecosystem, including DeFi, is “changing rapidly.”
The US government will continue researching and engaging with the private sector to remain current with DeFi ecosystem developments. That includes their potential impact on threats, vulnerabilities, and mitigation measures to address illicit finance risks.
The assessment also raises several questions to be considered as part of the recommended actions to address illicit finance risks, including how to treat DeFi services that “fall outside” the BSA definition of financial institutions and areas requiring additional regulatory clarity.
The risk assessment underscores the need to address potential gaps in the “regulatory regime” and ensure that the DeFi industry operates securely to prevent illicit activities.
Establishing a regulatory framework that balances compliance with the law and fosters innovation and growth in the DeFi space is essential. Key industry players like Coinbase have long advocated for this approach.
None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.