The Rise of DeFi: Regulatory Thoughts

Feb 15, 2021 - 12 min read

Key Takeaways:

  1. DeFi should be seen as part of the “external wallet” world and not the “intermediary world”
  2. Intermediaries should take appropriate measures to integrate the use of DeFi into their AML risk framework
  3. AML effectiveness and efficiency will not be improved if DeFi is regulated on the same grounds as intermediaries, but only if point 2 is done properly


Mid 2020 the craze surrounding Decentralized Finance (DeFi) was one of the latest hypes in the adoption of decentralized business models. Just as the ICO boom in 2017 paved the way for more mature business models including STOs and tokenization in general, also DeFi is here to stay and grow further. The DeFi sector is growing fast both internationally as well as in Switzerland.
To accommodate these changes in the business world, the legal and regulatory framework has to adapt to the new ways. In this spirit, the Swiss parliament has just voted unanimously for a new DLT-law and a DLT-ordinance is in progress. The new Swiss regulatory framework is based on a technology-neutral approach and provides much needed legal certainty. In its substance and overall direction, the new regulatory framework for DLT is broadly supported and welcomed by the concerned industry.

Nonetheless, financial market supervision and regulation is never finalized as the world is changing constantly. The regulatory coverage of DeFi is one of those topics that necessarily will evolve with the ever-changing DeFi space. It is therefore useful to think about the principles and the history of financial supervision. Especially in the light of the proposed changes in the Swiss AML Ordinance, a closer look at this specific aspect of financial regulations seems to be warranted.

Historic Perspective

Historically, the target of anti-money-laundering regulation has been dominated by the US. In consequence, the reasons for the continuously tightened AML-regulations were mainly the war on drugs and on organized crime.

Switzerland has, under the impression of international and US efforts, followed these aspirations and introduced ever more stringent requirements for financial intermediaries. Also, international bodies such as the FATF or the OECD have substantially developed and evolved the international cooperation, but also did not hesitate to publicly blame individual countries if standards were not implemented or followed as intended.

It may not be immediately obvious why, in order to target organized crime and drug lords, more supervision and checks on financial intermediaries should apply. The idea was and is to isolate financially those who are in possession of tainted money and make it ideally impossible for the tainted money to be used and reintroduced into the realm of lawful business. Therefore, the guarantor status of financial intermediaries has been shaped in a more and more exhaustive way over the last years (e.g. including tax offenses or reduction of thresholds), providing an additional attack vector for the state next to the general penal law provision of the Swiss Penal Code.

Expansion of Financial Regulation

It is a characteristic of regulatory activity that it thrives after crises, since those reveal the weak points of the existing and highlight the need for the new. The financial crisis of 2008 has been no different: an endless flurry of new reporting obligations, forms and duties of care have since emerged.

The overall aims of the increased supervision of the financial world are contained in the Financial Market Supervision Act. The key objectives of the Swiss financial supervision are protection of creditors, investors and insured persons (some would include consumer protection as well) as well as ensuring the proper functioning of the financial market, both contributing to a sustained reputation, competitiveness and sustainability of the Swiss financial centers.

It is therefore only understandable, that also the DLT industry is subject to this cycle. One can assume that without the ICO boom in 2017 the whole regulatory activity surrounding the classification of tokens would not have been developed in the same way. While this was a strong signal from the regulator (for some it may still have been a surprise), it also provided much needed clarity for the industry. Today, these classification rules are implemented in the operational processes and are further shaped by practitioners. It is understandable, that the same will happen regarding the further adoption of DLT, especially in the DeFi space.

Specific Aspects of DeFi

Technical Complexity

Supervision of decentralized digital assets is inherently difficult, as there is no central institution with deciding influence. Another difficulty arises from the technical sophistication of these financial products, e.g. the blockchain versus a traditional bank’s books, smart contracts versus normal contracts, and so on.

In the explanatory report to the DLT blanket ordinance it is mentioned that supervisory authorities are facing difficult and disproportional assessments to evaluate which legal rules apply in the outlined context. In this spirit, the proposal of the current blanket ordinance is to dramatically broaden up the definition of activities and parties which are covered under the Swiss AML framework, rather than a fact-based assessment on an individual level.

Intermediary Activity

In Switzerland, the AML framework applies to financial intermediaries which are defined in the Swiss AML Act. It is an undisputed strength of the Swiss framework that this definition is rather broad, which – for example – made it possible that back in 2014 Bitcoin Suisse could be regulated as financial intermediary.

The challenge in the world of DeFi is that multiple actors work together not through a central intermediary, but based on smart contracts and individual interactions with their addresses on the blockchain. While in most cases someone is actively maintaining a DeFi protocol, there are also endless options to just deploy a certain functionality to the blockchain without anyone maintaining it any further.

The current regulatory direction of impact is therefore to broaden up the legal requirement of “power of disposal”, which lies in the core of the Swiss AML framework. It is planned to broaden up the supervisory activity and regulation to actors who are capable in supporting the transfer of virtual assets but cannot do this independently (e.g. in multi sig environments). Connected with an additional requirement of ongoing business relationship, the framework tries to avoid dealing with the technical reality and complexity of each case by broadening up the range of targets under AML supervision.

Be it a makeshift solution or actually intended, it seems at least questionable if certain roles in DeFi are equivalent to those of traditionally supervised and regulated financial intermediaries. Whether they ought nonetheless to be treated equally should be judged with both the role of such platforms within DeFi as well as the objectives of the supervision and regulation in mind.

Goal of Regulation

The regulations’ objective (protection of creditors, investors and insured persons, ensuring the proper functioning of the financial market and thus contributing to a sustained reputation, competitiveness and sustainability of the Swiss financial centres) does not necessarily require DeFi business models to be subject of the regulation, as these platforms only connect those already willing to trade, without itself holding any positions or advisory mandates.

It is exactly those activities that in traditional finance justify the subjection of financial intermediaries like banks and fiduciaries to regulation and supervision. As these functions are not fulfilled by specialized entities within DeFi, but rather are also decentralized to all the participants, regulatory activity has to find another subject, in order to ensure achieving the objects of regulation.

Approach for a Solution

Power of Disposal as Proven Criteria

One tried and trusted criterion to determine who is to be subject of supervision and regulation is the authority to dispose over assets belonging to others. Keeping in mind the ultimate objective of AML regulation, to financially isolate those in possession of tainted money, this cannot be achieved if there is no one which has this power of disposal in DeFi business models. Also, without power of disposal, the potential subject of AML supervision could not ensure some of his duties, such as a blocking of assets, which would lead to difficult legal questions and less legal certainty for everyone.

Use of DeFi as Part of a Risk Framework

Currently, fiat currencies are only able to interact with DeFi models if stablecoins on blockchain protocols are available. It becomes evident, especially under the latest regulations connected to the travel rule and proof of ownership, that there will be two different worlds: The world of custodial wallets, and the world of external, individual wallets.

To interact with DeFi protocols, a person needs to choose either his individual wallet, or use custodial wallet of his provider. As soon as this person interacts with a financial intermediary (e.g. to convert digital assets into fiat, or to participate in an ICO, to exchange currencies which are not supported in DeFi), the history and economic background are to be clarified and documented while opening the relationship. It should be in the competence of each financial intermediary to assess and define to which extent the use of DeFi is impacting the risk assessment of a client. It can be imagined that financial intermediaries are applying enhanced due diligence for transactions or clients linked to DeFi. In any case, it requires a deep technical understanding, even if it is sometimes a lot to ask to fully understand a business model.

In case a person is using DeFi with his custodial wallet, the provider is subject to AML supervision and by law needs to ensure that he is aware of the transactions and risk connected to this service.

In both cases the AML risk connected to DeFi could be mitigated and detected without broadening up the supervisory focus to DeFi business models without a true intermediary. This would allow the supervision to rely on the technical expertise of existing financial intermediaries, who need to understand and assess such activities, and would be in line with the historic approach of using the intermediaries instead of trying to isolate tainted funds on an individual level.

Independent Use of DeFi

One side effect of regulation is that clients and investors can place trust in the system, in the supervised entities and thus need calculate with less mistrust in their investing decisions.

If DeFi were, as proposed here, regulated in accordance with the principle of authority to dispose, clients and investors could not trust on their counterparties being checked for trustworthiness for them and would need calculate with a certain risk.

However, in all other areas of business clients and investors are responsible for the choice of counterparties as well and cannot depend on the state vetting their counterparties for them. It appears therefore to be an acceptable trade-off.

Use of DeFi with Trusted Financial Intermediaries

However, clients and investors do not need to be entirely unprotected. Experience in traditional finance shows that one can satisfy the clients’ and investors’ justified need for protection in different ways, one of which is to regulate professional service providers. This approach, in contrast to purely regulating the financial products, regulates those with both great influence over the system and great opportunities to digress from the legal and moral path.

As professional service providers can also be expected to be more acquainted with the regulatory requirements, the regulation will also yield better results as they will be followed with more know-how. In addition, the objectives of regulation and in particular the protection of clients and investors can be ensured more effectively and efficiently than with regulating the DeFi products themselves.

It is also preferable from a systemic point of view. Regulating the professional service providers with their greater influence, greater power and thus creating a standard of services that can transgress into the entire system is likely more effective than regulating the minutiae of individual DeFi products.


This article shows how intermediaries are the target of regulations and how this may conflict in first sight with the rise of DeFi business models. It is however also visible that DeFi could be effectively regulated without broadening up the scope of the Swiss AML Framework. This could be achieved by mandatorily requesting financial intermediaries to include DeFi in their own risk framework, and act as guarantors, like with all other financial activities. In the end there is also some relaxation needed – as history showed, regulation can never cover all possible outcomes. Switzerland should not jeopardize its fabulous position by trying to cover DeFi business models without providing substantial benefits for the regulatory goals.


Bitcoin Suisse