DeFi's Regulatory Environment

Kori Hale: Hello, everyone, and welcome to Public Live. I'm your host Kori Hale and of course, I'm always happy to be with you all, especially this afternoon. We're going to be breaking down what's going on in the regulatory environment as it relates to decentralized finance, better known as DeFi. We're going to be discussing crypto regulation, the recent actions taken by the US Treasury, along with the Securities Exchange Commission, and I am very thrilled to bring in our guest, Ari Redbord who is the Head of Legal and Government Affairs at TRM Labs to discuss crypto regulation. And of course, the road ahead in 2023. Ari, welcome to Public Live.

Ari Redbord: Hey, Kori, thanks so much for having me and really excited to join Public Live today. 

Kori Hale: Yeah, we're happy to have you and to have this discussion. We have a lot of crypto enthusiasts within our community and I'd love to start out by talking specifically about the US Treasury Department. They recently initiated a risk assessment related to illicit financial activities within the sphere of this DeFi space, in your opinion, are what are the primary vulnerabilities exploited by illicit actors in the DeFi sector? 

Ari Redbord: Yeah, no, it's a really important question. And to kind of set the conversation a little bit, this risk assessment was actually ordered by the White House framework on digital assets, which came out about a year ago. So while it sort of created somewhat of a regulatory framework, it definitely tasked a number of agencies and one of the tasks was for the US Treasury Department to do a risk assessment on D fi. And really, really important to note that this is just that it's a risk assessment with a focus on sort of what are the risks in the ecosystem/ It is not guidance, and it is certainly not regulation. And throughout the document, really Treasury talks about the need to engage with the private sector, with other agencies, and really have a conversation about ultimately, sort of what guidance or regulation should look like. 

All of that said, it focuses on the areas that you see also in this sort of centralized crypto space, whether it's ransomware. Hacks are a huge vulnerability for the DeFi ecosystem. In 2022, According to us at TRM, we saw about 3.7 billion in hacks, and about 80, or more percent of those hacks were against the DeFi ecosystem, bridges, protocols, Dex is and that's what it's a real concern. So there's a lot in this thing, but really, really important to understand, like, why does it talk about risk? Well, you know, that's exactly what it was intended to do is provide a risk assessment of the space.

Kori Hale: Well, a risk assessment, I think, many people would probably agree that's definitely needed, given the nature of DeFi. And especially what's happened in the past six to nine months in the broader crypto sector. But I'd love to dig into it a little bit more, because there are illicit actors, right? There are people that are, you know, in this space that are not necessarily trying to do good things. And that's what I'd love for you to explain to our audience. All right, how do these criminals actually use DeFi services? To do things like launder ill? ill gotten gains?

Ari Redbord: Yeah, no, it's really important. And whenever I talk about DeFi, I'm currently the vice chair of the CFTC Technology Advisory Committee as well. And as I said at our last meeting, look, if you're going to talk about DeFi regulation, you really have to start with the promise of this technology, right? This idea of sort of on-chain financial services, where we can have peer to peer transactions, you know, at the speed of the Internet. I think the technology is really, really extraordinary. But anytime you can move funds across border at the speed of the Internet, there are going to be vulnerabilities and illicit actors are going to try to take advantage of it and I think the challenge is for regulators, and Treasury really lays this out, is how do we sort of provide regulatory guardrails to make this ecosystem safe, but at the same time sort of not stifle innovation?

One of the really, really big takeaways, I mean, I think, for me, the most interesting of this risk assessment, is what it says is sort of about regulation. And again, you know, this is not guidance, this is not regulation, but Treasury says, look, if you are engaging in financial services, whatever your level of centralization is, right? DeFi, CiFi, or traditional finance, you have regulatory obligations under the Bank Secrecy Act, which is the US anti money laundering law. And I think that's probably going to be the most controversial piece of all of this, because there are a lot of sort of, you know, folks in the DeFi space who say, look, this is truly decentralized, disinter-mediated software that doesn't have teams of compliance professionals, it's sort of what we've seen in the traditional space.

So I think the regulatory piece is going to be a very big part of this. And to your question, I think what Treasury sees at least is, look, we have to ensure that there aren't gaps in regulation, and one of the gaps they see today is sort of non compliance in the DeFi space.

Kori Hale: I mean, there definitely seems to be a lot of noncompliance. I want to pick up on something you said in terms of the Treasury, to look at how to not slow down innovation, but also, you know, providing, perhaps some type of risk parameters specifically, because we've seen this in other versions of tech, right, in different sectors where regulation has been at a much slower pace, right, than the actual technology and the innovation that's occurring. Is there something in what the Treasury is kind of proposing or what they're looking at that is specifically not going to slow down innovation? Are they always going to be two steps behind where DeFi is going? It? 

Ari RedBord:Look, I mean, government has always had this challenge. And I don't think we've ever seen anything move as fast in our lifetime, as we've seen the sort of crypto web three blockchain space. So it's always sort of this catch up game. Look, I think that you know, people are definitely appraising last week, the European Union, the European Parliament, passed Mica, the marketing crypto assets, legislation, really the first global sort of framework for digital assets, the sort of clear regulatory framework, and there's been a lot of praise around that. But when people sort of forget is that's about three years coming. That, you know, mica can't stem really from Facebook's sort of launch of the failed stable coin project Libra. So that's really three years ago, when European Parliament started thinking about Mica.

So the reality is that yes, you know, governments and regulators are always going to be sort of far behind the technology. But at the same time, I think what we're seeing in this risk assessment is an acknowledgement by Treasury and the US government that it's so important to bring the private sector into these conversations, because what we do well in the private sector is innovate. And so far, I think we've seen some of those conversations already take place, which I think is a really good sign. In other words, I don't know that we're going to see enforcement actions, I shouldn't say, I don't think we're going to see enforcement actions from Treasury, again, sort of DeFi for not having compliance controls in place over the next year. So I think what we're gonna see is conversation,

Kori Hale: if we start to see those conversations. are those conversations spearheaded by the DeFi, by industry, by that sector, right? So that, by the time, you know, the government, so to speak, decides to catch up and actually put some regulation in place. They're basically doing their own internal audits, as you mentioned, compliance sort of thing. And they're already kind of lining up the sector to say, hey, these are the standards and rules that we're setting across the board. You know, while the government back on Capitol Hill just tries to figure out what they think it is we should do? 

Ari Redbord: You know, it's an excellent question, this sort of self regulation question that permeates the space. And I think, look, if you think about the native qualities of public blockchains, right, they're transparent. They're immutable. So in other words, they allow for tracing and tracking the flow of funds in ways you really never could in traditional finance. And that also allows us in many respects, to kind of regulate ourselves right? 

At TRM and a bunch of different industry players Circle and Binance and of others launched something called Chainabuse, which is essentially crowdsourcing, I think of it as the ways for crypto scams and frauds. It's a way this community can crowdsource to ensure that other people aren't taken by fraud and financial crime and you can report to law enforcement. So I say all of that to say like, I think that there are ways we can self-police the space in ways that were absolutely impossible in traditional finance, where we rely on intermediaries. So I think definitely, we are already seeing a world where not just DeFi but centralized exchanges are sort of coming together to sort of propose regulation and support regulation. But again, it's so important that this regulation doesn't go beyond what is intended to do and sort of stifle innovation.

Kori Hale: When you talk about the companies and the things that people can do in this space, to perhaps self regulate, I guess it makes me think, Ari, what is what is after that, though, right? Because even if, regardless of if the government does it, or it's going to be self regulated, what happens to the illicit actors in the space? Are there sanctions? Are there obligations? If it's not going to be the government and it's going to be self regulated, who is the enforcer? 

Ari Redbord: Yeah, no, it'll be the government, don't get me wrong, I think there's an aspect of self regulation that can actually absolutely occur, but I think it's gonna be a combination to be sure. And I will say this, look, you know, the nature of cryptocurrency, right? Cross border value transfer, this speed of the Internet is always going to be attractive to illicit actors. But when we see, you know, we see about the same amount of illicit activity in crypto as we do in the traditional financial system, which is a very, very small amount at the end of the day, almost infinitely small. So you're always going to have bad actors, right? If you don't have illicit actors in a financial system, it means the financial system is not robust, right? Bad guys are always going to want to engage, where sort of funds are flowing. 

All of that said, sort of the nature of crypto and the ability for regulators to have a view of their regulated ecosystem, in real time for law enforcement to be able to track and trace the flow of funds on public blockchains. This all means that crypto could be a lot safer, ultimately, than Fiat, which relies on sort of, you know, siloed, intermediaries who report to the government suspicious activity reports and this sort of thing. 

So I think the promise of the technology is, in part, the ability for regulators and law enforcement to use it and essentially, that's what we do at TRM. We provide software that enables that type of investigation and regulation.

Kori Hale:  I mean, that's good to know that your company is obviously out there already in the marketplace providing solutions to some of these issues. I'd love to shift our attention, though, for a second really quickly towards the SEC specifically, because they did send Coinbase a WELLS notice in regards to the firm listing unregistered securities on exchange, and some time, as we know has passed since Coinbase actually received the notice are what specific violations of security laws has the SEC accused Coinbase of? It kind of seems like they sent a letter and like not much has happened. 

Ari Redbord: Yeah, no, look, there's this interesting..Certainly I'll first answer the question that is sort of, you know, the SEC is essentially saying look, Coinbase is listing unregistered securities, because certain cryptocurrencies are in SEC’s view, sort of most cryptocurrencies today are securities. And that's essentially the genesis of this letter. But that said, this is the issue that is permeating the entire space in the United States today. And it's really a definitional question, you know, are certain cryptocurrency securities? Are their commodities? Or are they something else? And every issue, whether it's sort of the CFTC, recent action involving finance, you know, talks about Ethereum as a commodity, but the SEC has talked about Ethereum as a security, or sees the asset rather as a security, and we see this letter to Coinbase. You know, there are cases involving, you know, sports celebrities and endorsers of FTX where one of the arguments in the case is that they were promoting unregistered securities. So ultimately, that question will be answered in that case, maybe from state to state courts. 

So I say all of this to say that the biggest issue today in our space is, you know, are things commodities? Are things securities? And ultimately, you know, we're going to continue to see see enforcement actions and regulatory action, until Congress ultimately provides legal clarity and actually says, hey, look, Bitcoin is a commodity, and these other assets are you know, securities, or maybe even something else. And I think my view is that, look, you know, this technology is so new and so extraordinary, that maybe this can be something else. But I think the real issue is we need that type of legal clarity and probably needed from Congress. And until we get that, we're going to continue to see sort of disagreement amongst regulators and continued sort of enforcement actions.

Kori Hale: Well, it definitely seems like the story continues to unfold in this space, because Coinbase as many of us know, here, they did take legal action against the SEC. And to be honest, that's not something you typically see companies do is take action against one of these government institutions, but this just happened on Monday related to the lack of clarity on securities regulations presented to the firm. Can you just explain for us? I'd love for you to break this down? What is Coinbase asking the court to do in its latest action against the SEC? And also did Coinbase do this, decide to take legal action against the SEC and for lack of a better term retaliation? 

Ari Redbord: Yeah, look, I think, you know, you know, obviously, this latest action by Coinbase is, you know, is sort of the latest example, but really what we've been seeing for the last, you know, several months or even more, really a year, are businesses looking for clarity from somebody, whether it's the courts, whether it's guidance from regulators, which is really in this case, sort of what Coinbase is asking the court to make sure to get the regulator to provide, but it's like, look, you know, there's enforcement actions, you know, against us for listing unregulated securities in the words of Coinbase. But, you know, no one's ever told us, you know, what’s a security and what's a commodity here, they've only sort of proposed that, you know, we have obligations under a, you know, 60, or 70 year old Supreme Court case called US versus Howey where there's a conversation of whether or not orange groves and enterprise around orange groves are securities, are investment contracts. So I think what it is, is Coinbase and really, it's not just Coinbase it’s across the entire industry, is looking for clarity, you know, before you bring an enforcement actions, says Coinbase, or other entities, you know, we need an explanation, we need guidance from you as to what is a security and what is not a security?

Kori Hale: Yeah, and whether or not they get that guidance before all of this back and forth, you know, legal dispute that's now, you know, taking plays really comes to a head, I guess, only time will tell because, as you mentioned earlier, things are happening so quickly in this space quicker than we've seen, and other tech enabled spaces and there, there's a lot of moving parts right, Ari to work out here?

Ari Redbord: There are so many and at this point, you know, we have the executive branch I mentioned, you know, our conversation today started with Treasury, right, and you have the SEC, and you have the CFTC. And you have the Fed, all involved in this. We have the legislative branch, we had a hearing last week on stable coins. And there's a proposed stable coin bill out there, which we're told is not going to necessarily, you know, move without some revisions. We have a number of other bills that have been proposed in Congress, but really no activity there. We have. And then we have the courts to your sort of last point, right. 

So we have all these different branches of government, you know, trying to sort of parse out a lot of these questions. But ultimately, it will come down to Congress to provide that sort of legislative clarity. And I'm not I'm not entirely sure that will be anytime soon. So we're likely to continue to see some of this sort of regulatory action from these agencies. 

Kori Hale: Well, I'm sure that your company will, of course, be keeping a close eye on all the movements in this space, and we at Public will be definitely updating our community as things progress. Alright, I just want to thank you so much for joining Public live this afternoon, everyone. Once again, this is Ari Redbord - he's the head of legal and Government Affairs at TRM Labs. Thank you so much, Ari.

Ari Redbord: Hey, thanks so much for having me and looking forward to coming back soon. 

Kori Hale: All right, perfect. And guys, that's going to wrap up this afternoon session. Thank you so much for joining us and enjoy the rest of your day.