Site icon Forkast

As DeFi swells past US$140 billion, FATF stokes worries over KYC/AML

wooden blocks with the word kyc know your customer scaled

Image: Envato Elements

The decentralized finance (DeFi) market cap crossed the US$140 billion mark for the first time today, an increase of over 500% since the start of 2021, and there is now more than US$128 billion in total value locked in DeFi, according to CoinGecko data

DeFi, which exploded in popularity during the DeFi summer of 2020, has continued to grow in terms of total value locked in DeFi protocols and number of users. Last week, blockchain software technology company ConsenSys said that the number of monthly active users for its MetaMask crypto wallet — a gateway to accessing DeFi — had grown five times over the past six months and now surpassed five million.

DeFi refers to peer-to-peer financial services that are built on top of distributed networks with no central intermediaries. DeFi applications include stablecoins, blockchain-based lending and borrowing, margin trading, payments, insurance, gaming and non-fungible tokens (NFTs)

As the DeFi market matures, the industry is seeing a wave of regulatory focus on know-your-customer/ anti-money laundering (KYC/AML) requirements, in particular related to self-hosted wallets, according to a recent ConsenSys Q1 2021 DeFi report. Regulators are trying to keep pace with developments and provide clarity to users and companies, the report noted.

See related article: What’s in DeFi’s future — and what does it mean for traditional banks?

What is FATF and why what it does matters

In March, the Financial Action Task Force (FATF), the global money laundering and terrorist financing watchdog, released its Draft Guidance on a “risk-based approach to virtual assets and virtual asset service providers”. The guidance, which could be approved later this year, may pose an existential threat to the booming DeFi industry, some analysts say.

The FATF guidance, first released in 2019, placed anti-money laundering and countering the financing of terrorism (AML/CFT) obligations on virtual assets and virtual asset service providers — similar to the requirements typically required by banks and financial institutions. The 2019 guidance also extended FATF’s Recommendation 16 — commonly known as the “travel rule” — to VASPs. The travel rule requires financial institutions to pass on certain information to the next financial institution, in certain funds transfers involving more than one financial institution.

According to FATF, the changes to its pre-existing guidance aim to maintain a level playing field for VASPs, based on the financial services they provide in line with existing standards applicable to financial institutions, as well as minimizing the opportunity for regulatory arbitrage between sectors and countries.

What FATF recommends matters because it sets out the global AML/CFT standards for regulators to implement, and countries are assessed every few years for their compliance with FATF’s AML/CFT standards.

See related article: Hong Kong plans to ban retail investors from trading cryptocurrency

“MAS is keeping pace with the fast evolving virtual assets space. We stand ready to adjust our regulatory approach to continue to foster responsible innovation that adequately manages risks,” a Monetary Authority of Singapore spokesperson told Forkast.News in an email. “The FATF Guidance, which is being finalised, seeks to support jurisdictions and virtual asset service providers to address the risks in the sector. We are studying it carefully to assess if our rules should be modified.” 

Given how easily virtual assets can move across borders and the uneven global implementation of international standards, international cooperation and coordination will be vital for regulators, according to a recent report on “Supervising cryptoassets for anti-money laundering” by the Bank for International Settlements.

See related article: KPMG: Virtual asset service providers ready to professionalize and grow

If enacted, FATF’s updated draft guidance could significantly broaden the definition of VASPs to include cryptocurrency exchanges and owners or operators of decentralized applications (DApps), which consequently could require them to be regulated to carry out extensive KYC/AML checks for each party of a transaction, including self-hosted wallets. VASPs would have to collect the required customer information even for transactions involving unhosted wallets where there is no originator or beneficiary institution.

See related article: How FATF’s anti-money laundering guidelines for cryptocurrency are putting the heat on banks and VASPs

Industry responses to FATF draft guidance

The public consultation period for the draft guidance closed on April 20 with many blockchain and crypto industry organizations submitting responses to FATF and calling for more clarification. The draft guidance has not been approved and FATF will make further amendments at its June 2021 meetings.

The guidance is “overall a step in the right direction” in terms of providing greater clarity and certainty on regulations, said Chia Hock Lai, co-chairman of the Blockchain Association Singapore, in an interview with Forkast.News. However, Chia added, more discussion is needed on the implementation timeline as well as definitions for DeFi and NFTs. 

Others have expressed reservations or sounded concerns. They say that parties could be classified as VASPs even when they are not responsible for AML/CFT governance of a virtual asset project and as a result face an unnecessary regulatory burden, alongside increasing responsibilities for supervisors in general. 

The FATF draft guidance was “a little bit too broad” and needs to be more tightly scoped so as not to have the unintended consequence of bringing people into the ecosystem, particularly decentralized, that would subject them to regulations on a national level, said Malcolm Wright, chair of the advisory council for Global Digital Finance, an industry group.

“We are very supportive of the guidance, but we want to continue working with the FATF and with national regulators, as we do right now, to be able to shape that so that it doesn’t stifle growth, opportunity and innovation, and at the same time, mitigate the risks of money laundering, terrorist financing and those types of behaviors we want to exclude,” Wright said, in an interview with Forkast.News.

Grace Chong, a fintech regulatory lawyer at international law firm Simmons & Simmons, advocates a balanced approach and for FATF to take into consideration the practical implications of its draft guidance. 

“There have been a lot of concerns about how these recommendations if implemented, could pose a chilling effect on the industry,” she said in an interview with Forkast.News.

Lucy Gazmararian, co-chair of the Fintech Association of Hong Kong’s blockchain committee, told Forkast.News: “DeFi currently operates with minimal KYC/AML checks and is largely unregulated versus CeFi (centralized finance) where the regulatory framework is clear, and centralized VASPs at a minimum, need to adhere to the standards set for traditional financial institutions.” 

“While this imbalance between CeFi and DeFi should be addressed and the expansion of the VASP definition is a reasonable means of achieving this, the concern is that without clear guidance as to who/what/when becomes a VASP within a diverse decentralized ecosystem, regulators in different jurisdictions may err on the side of caution and enforce an overly stringent regime,” Gazmararian said. “As DeFi is still in its infancy and at the experimental stage, a heavy-handed regulatory approach may serve to stifle innovation and the further healthy development of the FinTech sector. At worst, a non-specific approach may drive DeFi innovation underground and with it any associated ML/TF activity.”

For now, CeFi companies are already taking steps to meet FATF’s requirements. Cryptocurrency exchange Crypto.com announced this week that it would use CipherTrace’s Traveler solution, the first commercial solution to enable compliance with FATF’s travel rule. 

But more remains to be done. In its response on the draft guidance, Washington D.C-based Blockchain Association highlighted that “newly captured non-custodial VASPs would be unable to comply with requirements like asset freezes because users of decentralized financial protocols retain total independent control of their assets. Entities potentially captured by the Draft Updated Guidance that would be unable to implement or comply with existing AML/CFT controls across decentralized financial protocols include governance token holders, software developers, noncustodial entities, and autonomous computer programs.”

The Blockchain Association wrote that instead of trying to regulate an intermediary that does not exist or force projects to function like regulatable forms, a more effective approach would be to concentrate efforts on the development and consensus-based adoption of new regulatory mechanisms that can be incorporated into decentralized finance protocols.

“This way forward will require a partnership between FATF and national authorities, on the one hand, and leaders in the digital assets industry, on the other, to devise standards and solutions that satisfy legal, technical, and commercial needs,” the Blockchain Association wrote.

Exit mobile version