top of page

Conceptual Framework for Combating Illicit Finance in DeFi

Conceptual Framework for Combating Illicit Finance in DeFi 

What happened? 

Last Monday, Rebecca Rettig, Michael Mosier, and Katja Gilman published a paper titled “Genuine DeFi as Critical Infrastructure: A Conceptual Framework for Combating Illicit Finance Activity in Decentralized Finance.”  

The paper proposes a new approach to “effectively detect, deter and prevent illicit financial activity in decentralized finance (DeFi), while preserving the technology as permissionless, neutral infrastructure.” It builds on the current regulatory regimes of Anti Money Laundering (AML), Countering the Financing of Terrorism (CFT), and sanctions schemes from the traditional financial system (TradFi), and adapts them to the realities of DeFi, which lacks “identifiable intermediaries.” 

First, the paper suggests that “where identifiable actors are performing the exact same functions as traditional financial intermediaries,” regulations should likely not differ from those applicable to traditional intermediaries just because on-chain software is involved. The paper defines these actors as “System Control Persons” (SCPs) and identifies them as those who exercise “independent control” over a system. This means that an SCP has the “unilateral ability” over the value of users of a system and can “admit, permit, restrict, deny, or modify” those who have access and the ways in which they use or access the system. The paper clarifies that this does not include those who simply hold the key of an emergency multi-signature wallet with “extremely limited powers.”

Second, the paper defines “genuine DeFi” as open source software in which users transact without intermediaries, maintain independent control over their own assets, and where all elements of a transaction occur on a permissionless blockchain network. From there, the paper proposes classifying such protocols as “critical infrastructure” — i.e., systems that are vital to “security, the economy, public health, public safety, or any combination thereof.” 

To address illicit finance risks associated with critical infrastructure DeFi protocols, the paper proposes to create a new category of regulated entities, "critical communications transmitters" (CCTs), those businesses that are “materially important for the transmission of user-initiated communications from a user to the software that allows [a] transaction to be finalized.” These CCTs, such as RPC-node-as-a-service providers, would carry regulatory responsibilities aimed at safeguarding U.S. national and economic security. However, unlike financial institutions, they would not fall under the BSA's regulations, as proposed by the authors. 

What does this mean? 

We have often argued that devising new regulatory approaches reflective of the inherent and fundamental differences between TradFi and DeFi is the only way to accomplish longstanding public policy objectives in DeFi. We welcome this paper’s innovative proposal to that end, which stands in stark contrast to existing proposals like Senator Elizabeth Warren’s bill, which would ban decentralized finance protocols and mandate intermediation writ large.


bottom of page