If structured as they are at present, most decentralized protocols may lead to sanctions-framework violations and — potentially — partial bans or heavy fines from the Treasury and other government bodies.
At the core of what we’re doing in defi, permissionlessness is a feature, not a bug. There’s no way to use what’s already in existence — Morpho, Aave, or whatever — and say, as an institution, There’s no chance that I’m not lending to North Korea. It’s not possible, because anybody can deploy money into this contract. I think the biggest question for … the pure defi world is, How do we build a social consensus around how much risk we are willing to tolerate? Is it truly binary? If North Korea could be in this pool, then can we not use it? If so, then defi doesn’t work: It needs a complete overhaul.
In under two decades, cryptocurrencies have gone from a whitepaper concept to, according to industry estimates and the forward-looking statements of its vanguard, a multitrillion-dollar sector with seemingly limitless capabilities: possessing the potential to accelerate global payments settlements and trade, disintermediate capital markets, facilitate new credit products, and more. The legality of these activities remained an existential question, however, as crypto platforms found themselves in the thick of Securities and Exchange Commission (SEC) enforcement actions, OFAC sanctions, multibillion-dollar currency collapses, high-profile fraud cases, and other major disruptions that called into question the fundamental utility of many crypto projects, if not the sector writ large, and suggested governments saw most of these initiatives as illegal, even as a subset of more buttoned-up entities strove to separate themselves from the industry’s seediest exemplars.
That regulatory “will-they-won’t-they” dynamic is changing. The July 18th passage of the GENIUS Act now means a tranche of cryptocurrencies, stablecoins, have the official sanction of the US government. The new legislation clarifies the treasury and compliance obligations of blockchain-based digital currencies which claim a “stable” value typically tied to a sovereign currency. GENIUS requires 100% reserve backing with US dollars, bank deposits, demand deposits, short-term Treasuries, and/or money market mutual funds; prohibits stablecoin issuers from offering yield on their product; outlines the marketing requirements for stablecoin issuers; subjects institutions to Bank Secrecy Act and anti-money-laundering and sanctions-compliance rules; and institutes other major changes.
The blockchain-focused activities of major financial institutions following GENIUS’s enactment suggests the law may have substantially greased the wheels for the deployment of technologies and products across the financial sector that trace their origins to the crypto sector, even as the separation of crypto from finance has previously helped prevent crypto volatility (granted, sometimes caused by bank collapses) from catalyzing contagion. Entities like JPMorgan Chase, Bank of America, Wells Fargo, Citigroup, Fiserv, and DTCC have all announced or launched stablecoin-focused projects. These firms are encountering a long tail of startups and publicly listed crypto-focused companies that have percolated within the blockchain realm for years, and that worked alongside legislators, lobbyists, and crypto-affiliated members of the Trump administration and family, to shape much of GENIUS (and future potential legislation, like the CLARITY Act) in their image.
Bulge-bracket and incumbent initiatives tackle many of stablecoins’ stated use cases: international payments, settlement, retail investment in blockchain-based financial products, automated banking systems, on- and off-ramps between fiat currency and decentralized-financial (defi) systems, and more. 1
In addition to some product-market-fit struggles, interviews with those in the industry suggest that — among other systemic risks — extant blockchain-based platforms fail to adequately address compliance requirements for certain core use cases and risk eroding the sovereignty of the US monetary system as well as those of foreign governments, potentially meaningfully exposing US capital markets to the participation of adversarial entities currently subjected to sanctions frameworks.
These shortcomings suggest the need for protocol-level changes to blockchain-based systems hoping to meaningfully scale and match; demand an equivalent to Finra for blockchain-based financial entities; should encourage more stringent regulatory oversight into the merging of crypto into finance; but also raise the question of decentralization’s purpose in the midst of financial digitization. As one financial services executive told Fintech Nexus following the passage of the GENIUS Act, “The toothpaste is out of the tube.” Metaphorically speaking, does the toothpaste cause anaphylactic shock?
The Department of the Treasury has previously explained what constituted “defi,” or “decentralized finance,” through the following definition:
The term broadly refers to virtual asset protocols and services that purport to allow for some form of automated peer-to-peer (P2P) transactions, often through the use of self-executing code known as “smart contracts” based on blockchain technology. This term is frequently used loosely in the virtual asset industry, and often refers to services that are not functionally decentralized. The degree to which a purported DeFi service is in reality decentralized is a matter of facts and circumstances, and this risk assessment finds that DeFi services often have a controlling organization that provides a measure of centralized administration and governance.
INCENTIVES
For all the momentum behind them, stablecoins still seem to be searching for product-market fit. Retail investors, for instance, have often taken up stablecoins less readily than they have the hodge podge of purely speculative “memecoin” tokens like Fartcoin and Pudgy Penguins, and some of these coins’ market capitalizations eclipse those of leading stablecoins. According to Tom Bruni of retail-investment platform Stocktwits, speculation is still the “easiest use case” for blockchain-based tokens “until the technology and underlying use cases are actually rolled out via larger financial institutions or [through] ways that are easy for people to adopt and access.”
“People are driven by the results, and right now the results are all market-based, as opposed to fundamental-technology- or or use-case-based,” he said.
Some platforms are attempting to merge these currently disparate motives (potential profitability and utility) and attempt to spur retail demand for stablecoins — a potential beachhead for retail investors already speculating on cryptocurrencies as well as consumers who have only traded and invested using fiat currency. Crypto exchange Coinbase has skirted around a ban on interest provision from stablecoin issuers under the GENIUS Act by offering a 4.1% “rewards” rate on Circle-issued stablecoins, as have other crypto exchanges with different stablecoin denominations, encouraging consumers to convert their US dollars and other fiat currencies into blockchain-based pseudo-equivalents.
“Where we are in the market net of this new legislation, different types of financial institutions are going to figure out how to make economics for their products compelling for different types of users,” said Brian Foster, Head of Crypto-as-a-Service, ETFs, and Government at Coinbase. “There are ways for nonbanks to make their clients happy and build competitive products, just like there are for banks to do the same. The shape and feel of what that looks like under the hood might be slightly different depending upon what those constraints are and how the firms are regulated.”
Foster said visible moments, such as stablecoin issuer Circle’s IPO, have moved awareness of stablecoins into the mainstream. Technological developments, like the introduction of high-throughput blockchains, enable quicker and more cost-effective asset-movement capabilities than what was previously available, he said. Foster added that on- and off-ramps provided by banks enable a network offering more use cases for stablecoins.
In the eyes of Morgan Krupetsky, VP of On-chain Finance at Ava Labs, which builds the smart-contract platform Avalanche, yield-generating stablecoin products can condition consumers to think about multiple stablecoin uses. The “order of operations in use cases” means people first think of stablecoins as stores of value, then as revenue-generating tools through decentralized finance, money market funds, and other products, and then as a vehicle for payment. The Bank Policy Institute recently came out strongly in opposition to what it’s dubbed “loopholes,” highlighting the potential for trillions of dollars in deposit outflows from banks, which, through “corresponding reduction in credit supply[,] means higher interest rates, fewer loans — as stablecoin issuers are not lenders — and increased costs for Main Street businesses and households.” For their part, stablecoin issuers say precedent (e.g. the introduction of money market funds into the financial realm) suggests stablecoins will not affect the overall provision of credit, and consider “rewards” a secondary-market innovation. (For their part, bank policy groups respond by pointing out that secondary-market entities like broker-dealers are regulated by the SEC. They say rewards go beyond the stated definition of stablecoins under the GENIUS act as “a means of payment or settlement,” and potentially make stablecoins an investment vehicle tout court, despite their explicit regulatory status as not-a-security.)
Central-bank researchers have also pointed to the potential for increased treasury demand through greater stablecoin issuance to affect the pass-through of monetary-policy changes. Research from the Bank for International Settlements suggests the rapid purchase of $3.5 billion in short-term government debt rapid inflows of Treasuries over five days can lead to a yield reduction of .025 percentage points, which is “comparable to that of small-scale quantitative easing on long-term yields” through central-bank activity. The BIS also warns that the privatized issuance of digital currencies, rather than a more unified system in the form of central bank digital currencies (CBDCs), may force us to “relearn the historical lessons about the limitations of unsound money,” referring to the pre-Federal Reserve Note era, which saw banks issue their own currencies that featured fluctuating exchange rates and inefficient and unpredictable monetary systems. Fed research has previously questioned the need for digital currencies to be blockchain-based. US lawmakers appear poised to ban the Fed from building a CBDC.
That legislative antagonism doesn’t exist in Congress for stablecoins. “In terms of infrastructure, a lot of pieces are in place now to actually see adoption grow, because these things didn’t exist back in 2017,” Krupetsky said, noting that the assets that investors could invest in using blockchain-based platforms were “not the best things” at that time. Where crypto capital markets once attracted entities that couldn’t tap into traditional capital markets — and still do, Krupetsky admits — “high-quality household names” like KKR, Apollo, BlackRock, and WisdomTree are now entering the decentralized-financial realm to the tune of “multiple billions.”
Most recently, Ava Labs announced that hedge fund Janus Henderson was joining the Avalanche institutional ecosystem in partnership with institutional-grade decentralized credit platform Grove. Grove aims to allocate capital into Janus Henderson’s Anemoy AAA CLO Fund (JAAA) with a target of $250 million.
Kevin Miao, who helped incubate Grove and leads its parent company, Steakhouse Financial, says institutional investors are not interested in the technology or efficiency benefits of blockchain-based platforms “because there are no efficiency benefits today at scale.” Rather, they’re moving on-chain “for the money.”
There are institutions that we work with — like Apollo, Janus Henderson, BlackRock — where they are starting to come into defi. What are they looking for? They’re looking to sell their assets. They’re looking to sell their tokenized money market fund or their private credit fund, and if you can buy it from them, they’ll be happy to jump through the hoops necessary to tokenize an asset or pay [tokenization platform] Securitize some fee, because for them, they view crypto as a sovereign wealth fund. They think, We can go out and raise money from the Middle East … [or] from endowments, but it’s getting really hard to do that, because there’s not that much money out there, and private-equity firms haven’t returned any capital meaningfully in the last few years. Who else can we go and sell these assets to?
The two places that they’re obviously going right now are 401(k), ERISA-eligible accounts like retirement accounts — retail, effectively — and then on the other side, it’s crypto. They look at crypto and see $250 billion of stablecoins outstanding, and think, Some of that should be mine. Some of that is generating 0% yield, and should be coming into my 11% private-credit fund. Crypto is selling money to them, and the day that crypto decides, We don’t want to sell this money, then they’ll leave. I think that part is where a lot of the fervor is today in the headlines, but it’s very distracting.
These monetary incentives only go so far; the capital flowing around in decentralized markets may carry greater risk of regulatory intervention. If structured as they are at present, most decentralized protocols may lead to sanctions-framework violations and — potentially — partial bans or heavy fines from the Treasury and other government bodies.
O, FAC
The GENIUS Act compels stablecoin issuers to abide by the Bank Secrecy Act and conduct AML/KYC processes. But, while stablecoins may be the onramp for greater retail and institutional participation in decentralized finance, and may fuel the rapid growth of decentralized finance writ large, application-level compliance checks (verifying users through solutions like Chainalysis, IP address evaluations, etc.) do not preclude permissionless access to many of the protocols undergirding them, and therefore the capital flowing within their pools.
Sanctioned actors have several tools at their disposal for accessing defi protocols that have applications on top of them complying with AML/KYC requirements. First, these entities can call smart contracts directly as long as they submit the right data, which often can be accessed using tools like block explorer and analytics platform Etherscan.
Functioning as a node on a blockchain, for instance through bundlers, enables externally owned accounts to interact with smart contracts and execute arbitrary calls. RPC nodes, which run blockchain client software, including actors like Alchemy and Infura, can also function as workarounds, but may be more likely to identify malfeasance.
The ability to skirt sanctions and access capital through defi solutions has worried regulators for years; this is especially true given the fragmented nature of defi protocols and their varying levels of compliance. For instance, the Treasury’s 2023 report, “Illicit Finance Risk Assessment of Decentralized Finance,” concludes that “illicit actors, including ransomware cybercriminals, thieves, scammers, and Democratic People’s Republic of Korea (DPRK) cyber actors, are using DeFi services in the process of transferring and laundering their illicit proceeds … [by] exploiting vulnerabilities in the U.S. and foreign AML/CFT regulatory, supervisory, and enforcement regimes as well as the technology underpinning DeFi services.”
Global access to defi services further complicates matters. Illicit actors can use defi services “with impunity” in jurisdictions with weak AML statutes, the report continues. Shoddy cybersecurity measures among some defi platforms can also enable sanctioned entities to access consumer assets and use them for their own gain.
Decentralized finance’s permissionlessness and global reach will remain a threat to the integrity of capital markets and existing sanctions frameworks as long as: the leading protocols sustaining decentralized-financial platforms offer side doors for executing contracts and gaining access to the capital therein; financial compliance frameworks remain haphazardly enforced across jurisdictions; and platforms uphold substandard security measures providing low-hanging fruit for illicit access to legal entities’ assets.
In addition to its colander-like penetrability, these protocols lack substantial monitoring and self-reporting requirements. Some private-sector solutions exist to monitor wallets and smart-contract pools for illicit activity in real time (e.g. Hypernative), but they are unevenly implemented. Instead, most account freezes and reactions to illicit activity stem from AML authorities’ requests. As a recent Bank for International Settlements bulletin states, “employing a request-based approach for billions of transactions with pseudonymous addresses would quickly overwhelm the capacity of those authorities.”
TENTATIVE RESOLUTIONS
Foster at Coinbase said application-level practices could create networks within protocols to address some of these shortcomings:
The way that we see this playing out in the market is that conservative and compliant firms are figuring out how to draw perimeters at the application level with other firms they trust on the network, which is analogous to how a lot of things on the Internet work. Just like any open protocol, there will be people playing by different rules. Coinbase is very conservative in how we do this, and so you can imagine the types of firms we’re interacting with there. But one example of how we’re seeing the more conservative firms operate is they might say, I am comfortable with my clients’ money moving on this specific blockchain, but at the application level, I’m going to ensure that the money is only moving to and from other brokers, banks, and exchanges whose compliance programs I have vetted and that I trust. And in this way, you have a network within a network that feels, depending on your risk posture, safer to that specific organization. And in this way, we’re seeing firms draw different boundaries around what they’re comfortable with. Separately, a developer in a garage on the other side of the world might build something that’s purely an on-chain solution and be able to have an asset play catch with another purely on-chain solution, completely outside of where a more tightly compliant financial institution type of network might.
This suggests defi actors’ standards for risk and compliance diverge, highlighting the need for an equivalent to Finra to set standards, enable self-reporting, and complement the retroactive capabilities of AML regulators. Absent a similar consortium, many institutional investors may perceive decentralized finance as an unjustifiable exposure to heightened risk and liability.
“I need to be able to get out and self-report to the government or to the regulator, and none of that infrastructure is built out today. Part of it is because there’s no demand for the market to pay for it, because everyone who’s using defi today is already comfortable with the risk that they’re taking,” Miao of Steakhouse Financial said. “You cannot use defi today unless you’ve already decided that the answer to that question is, Oh, it’s fine.”
“I think there are really smart people thinking through the best way to approach OFAC and KYC compliance in a way that maximizes democratic access to financial products without sacrificing the goals and regulatory considerations there,” said Lily Yarborough, an investor at crypto-finance-focused investment firm Valinor Group.
But in the meantime, crypto companies across the spectrum — from buttoned-up outfits hoping to woo institutional investors, to memecoins solving for short-term gain — are making the most of the Trumpian jubilee.
“It feels like so many companies are trying to get everything done within this administration, because who knows what happens, in future administrations,” said Krupetsky of Ava Labs. “Are things going to be rolled back? Is it going to be very different? We don’t know.”
The formation of self-reporting organizations (SROs) or more OFAC-compliant protocols assumes that the current presidential administration will meaningfully institute regulatory backstops before a crisis hits or a major scandal emerges — whether that means another scandal like Tornado Cash’s sanctioning by the Treasury, or the depegging of a stablecoin (the major stablecoin issuers have not been audited), the collapse of a crypto exchange like FTX, or one of the myriad other instances of blockchain-entity malfeasance from the past two decades. It also assumes that international standards will be compatible with those developed in the US; as Governor Christopher J. Waller of the Federal Reserve noted in February, “regulatory fragmentation could make it difficult for U.S. dollar stablecoin issuers to operate at a global scale.” And, with major cuts at existing federal regulators after the Department of Government Efficiency and the Trump White House slashed headcounts and budgets, regulators face fewer resources to oversee an uptick in novel financial activity.
If prior crypto collapses avoided triggering contagion because of the intentional separation of crypto from finance, these newly permeable barriers may bode poorly for systemic financial health. Especially as billions of dollars’ worth of institutional financial products are entering the blockchain realm, with the potential to balloon into the trillions, the liabilities associated with these assets is bigger than ever before.