Regulation of DeFi: a perspective from Singapore
Published on 9th Oct 2020
A radical shift in distribution structures brought about by decentralised finance will require a rethinking of how financial products and services are regulated
The development of decentralised finance (DeFi) – although nascent – has the potential to disintermediate traditional financial institutions. The term DeFi describes projects that harness digital currencies and their underlying blockchain technology to enable peer-to-peer distribution of financial products and services – and the implications of this are profound.
The transformative potential of DeFi is far-reaching given that centralisation has been a dominant driver of the development of the modern financial services industry. For example, shares are traded on a centralised stock exchange because the centralisation of aggregate demand and supply allows for more efficient price discovery and market efficiency.
Over the decades, laws and regulations governing many aspects of financial services have taken centralisation, or some form of gatekeeper approach, as a given. A radical shift in the distribution structure brought about by DeFi will necessitate a rethinking of how financial products and services are regulated. In the meantime, existing laws and regulations will continue to apply, but this will present stakeholders with a series of interesting challenges.
Blockchain projects
What are the characteristics of DeFi? Projects operate on blockchains. Most are built on Ethereum, which allows for the creation of smart contracts. These are self-executing contracts with the terms of the agreement written into code, which is deployed on the blockchain. This enables transactions to be executed automatically upon the fulfilment of certain conditions. Transactions are denominated in cryptocurrencies such as Ether, the related currency of Ethereum. Several other protocols such as Tezos, Algorand and Dfinity are also being developed with a view to supporting DeFi applications.
DeFi can be used to offer consumers access to a range of products including lending, derivatives and investments. For example, users can deposit cryptocurrency pursuant to a smart contract, which issues a corresponding amount of tokens to the user. The tokens may be used as payment for goods or services or if locked into another smart contract can earn interest. The user can retrieve their cryptocurrency once the tokens are returned with the prescribed interest payment. These transactions are executed automatically based on programmed protocol on the blockchain.
Tokens and exchanges
One of the first questions to ask is whether the DeFi token is a capital markets product such as a security or derivatives contract. This is regulated by the Securities and Futures Act (SFA). The Payment Services Act (PSA) came into force in January 2020 and regulates payment services such as e-wallets and cryptocurrency. Under this regime, a token may now also be regulated as a "digital payment token" or "e-money".
If the token is a capital markets product, a prospectus is required for the issuance of such a token, unless the project falls under an SFA exception. Dealing in a capital markets product or digital payment token also requires a licence, as does the issuance of e-money.
The securities and payments regimes also regulate the establishment or operation of an exchange for the buying and selling of regulated tokens.
In a recent article titled "DeFi, Law and Regulation", Rafael Padilla noted that the United States Securities and Exchange Commission "took the view that even a decentralized exchange could fall within the scope of the Exchange Act and be required to register as a "national securities exchange"…unless it can find some other ground for exemption".
Similarly, in Singapore, it is possible that a decentralised exchange may be considered an "organised market" under the SFA and so be required to apply for approval or recognition from the Monetary Authority of Singapore (MAS).
P2P lending
According to the Financial Times, the most popular DeFi applications "have focused on peer-to-peer lending markets underpinned by stablecoins, cryptocurrencies that are largely pegged to fiat currencies such as the US dollar."
P2P lending is not a new activity. In Singapore, much of this takes place over platforms that are regulated by MAS. However, the disintermediation effect of DeFi means lending that is truly – and directly – peer to peer. Such activities may then fall under the Moneylenders Act. This requires any person carrying on the business of moneylending in Singapore to be licensed, unless he is an excluded or exempt moneylender.
Section three of the Moneylenders Act states that any person "who lends a sum of money in consideration of a larger sum being repaid shall be presumed, until the contrary is proved to be a moneylender." However, the legal position is that this presumption is rebuttable, for example by proving that one is not carrying on the business of moneylending. This is why interest may be charged on loans to friends and family that do not require a licence.
The question is whether an individual making a loan (or multiple loans) to strangers on a DeFi platform will be considered as “carrying on the business of moneylending". If so, the definition of an "excluded moneylender" may have to be amended before DeFi lending is widely adopted in Singapore.
AML enforcement
Financial institutions are required to undertake know-your-client procedures to ensure compliance with anti-money laundering and counter-terrorism (AML/CFT) financing rules. Such rules are predicated on the presence of a gatekeeper institution with the resources, economies of scale, expertise and incentives to comply. However, this can be difficult to enforce in peer-to-peer situations. Further, identities of counterparties may be concealed.
The MAS recognised this in its March 2020 Guidelines to MAS Notice PS-N02 on Prevention of Money Laundering and Countering the Financing of Terrorism. "Decentralised exchanges would also present higher risk as they are often unregulated (due to the lack of a central administrator), and may not apply adequate AML/CFT measures." It remains to be seen how authorities would regard potential solutions. For example, tokens’ smart contracts may be programmed to require AML/CFT checks prior to the execution of transactions.
In Singapore, the MAS is responding to the changing landscape. For example, it intends to introduce a new omnibus act for the financial sector. In the July 2020 consultation paper for the new act, MAS noted its "intent to introduce, as a new class of [financial institutions], entities that are created in Singapore, but which are carrying on a business of providing [virtual asset] activities outside of Singapore. Such entities will be termed digital token service providers, and will be regulated under the new act." MAS identified AML/CFT regulations as a focus of this new regime.
The new act will provide MAS an additional toolkit for regulating tokens on top of the existing regimes under the SFA and PSA. The enhanced regulatory reach and extraterritorial powers provided by the new act may however stymie the development of peer-to-peer transactions relating to digital token services.
Public and decentralised
A fully public and decentralised blockchain is controlled or operated by a community of miners, nodes and users. The absence of a central entity means that it may be difficult to attribute responsibility to any one person on the network. Further, there is a dearth of precedent on enforcing smart contracts that constitute binding legal obligations. A suitably developed smart contracts network can potentially avoid or resolve disputes by itself without recourse to legal proceedings. However, this does not preclude a court challenge to the outcome of a smart contract, and it remains to be seen how courts will deal with this.
Given the difficulty in identifying a single person to regulate for DeFi applications built on a fully public and decentralised blockchain, we could see the development of innovative supervisory technologies (sometimes referred to as suptech or embedded supervision), which harness blockchain and smart contracts to exercise supervisory functions without relying on the regulation of intermediaries or institutions.
Authorities may also find it useful to have a voluntary registration system for DeFi applications. Applicants can be required to have a corporate entity and designated persons such as an administrator, who is appointed to carry out the representative and fiduciary functions in the administration of the corporate entity.
Malta has implemented something similar to regulate distributed or decentralised ledgers, smart contracts, and decentralised autonomous organisations. This approach may encourage participants in the DeFi industry to establish joint ventures or other co-operative models to assume the governance and liability of operating the platform. This also serves to provide some guidance and protection to DeFi application users or investors.