The International Organization of Securities Commissions (IOSCO) has published its Final Report with Policy Recommendations for Decentralized Finance (DeFi) on 19 December 2023. Complementing the Final Report with Policy Recommendations for Crypto and Digital Asset (CDA) Markets released on 16 November 2023 (previous Access Alert here), these policy recommendations for DeFi likewise aim to address market integrity and investor protection concerns, and support greater consistency of regulatory frameworks and oversight in member jurisdictions. Both sets of policy recommendations follow the guiding principle of “same activity, same risk, same regulation/regulatory outcome”, focusing on the economic substance and the substitutability of the crypto and DeFi products offered, services provided, and activities engaged in, vis-à-vis traditional financial instruments. This principle is crucial to regulating DeFi, as many DeFi services essentially mimic that of traditional finance, with the added feature of decentralisation through blockchain technology to remove the need for centralised governance and intermediaries to execute transactions.
Developed under the stewardship of the IOSCO Board’s Fintech Task Force (FTF), the policy recommendations on DeFi outlines nine policy recommendations. There is a focus on six key areas, including: 1) Understanding DeFi Arrangements and Structures; 2) Identification and Management of Key Risks; 3) Clear, Accurate, and Comprehensive Disclosures; and 4) Cross-Border Cooperation, among others.
Notably, it will be particularly important to understand DeFi arrangements and structures, considering it has been a longstanding challenge to identify regulatory touchpoints due to DeFi’s cross-border and decentralised nature. In the event of a default or failure of a DeFi protocol, users have no recourse and often struggle to identify a responsible party or central authority to address their concerns. As part of the policy recommendations, IOSCO offers guidance to analyse the involvement of persons and entities involved in the development and provision of DeFi provision and services to determine responsible parties and entities to impose requirements on, such as disclosure requirements.
In unpacking the interoperability between the two sets of IOSCO recommendations – for CDA and DeFi, an Umbrella Note has been published to offer that guidance. IOSCO highlights that the CDA Recommendations are aimed at the centralised activities performed by crypto-asset service providers (CASPs) while the DeFi Recommendations’ primary focus is on products, services, activities, and arrangements that self-identify, or have been identified by a regulator, as “decentralised”. However, to the extent a regulator determines that a particular DeFi arrangement is conducted by a CASP, the CDA Recommendations will apply.
With delivery of these recommendations, IOSCO is now shifting attention towards implementation monitoring, capacity building, and technical assistance needs of its members, where Jean-Paul Servais, Chair of IOSCO, had previously iterated in the Singapore FinTech Festival that a roadmap will be developed to support adoption and implementation of these recommendations for the next three years.
Access Partnership is tracking digital economy, financial technology (FinTech), and digital payments developments closely. If you would like to have a briefing and more information on these issues, please contact Royston Wah at [email protected] or Kar Joon Fan at [email protected].