The Autorité des Marchés Financiers (AMF), the financial markets regulator in France, has published a summary report on the regulatory issues surrounding decentralized finance (DeFi). The AMF has published the feedback it received from respondent to its initial discussion paper in 2023 on the topic regulating this emerging ecosystem.

Key highlights include the following:

• Defining DeFi: Respondents emphasized the importance of clearly defining DeFi and distinguishing it from permissioned or permissionless blockchain protocols. The degree of decentralization is a key factor. Providing criteria to quantify the notion of decentralization is important because levels can vary across projects. Factors such as automation, network architecture, lack of single points of failure, and governance could be considered. Overall, there is a desire for an examination of the criteria that would allow for determining the level of control exercised over a protocol.
• Permission vs. permissionless protocols: Some argued that DeFi can exist only on permissionless blockchains because permissioned ones involve centralization. The distinction between public and private blockchains (access) and permissioned and permissionless (control) was clarified to understand how DeFi protocols are operated and to what extent this causes centralization. Permissioned public blockchains with application overlays were noted as a potential model. Thus, regulation may be more feasible at the level of service providers, enabling access to DeFi protocols rather than the blockchain layer itself.
• Smart contract: Respondents showed a marked interest in varying regulatory approaches for smart contracts. Various options were proposed, such as applying a definition to smart contracts between fully coded ones and those with an off-chain aspect, as well as assigning responsibilities to parties based on their role within the process of a smart contract. Smart contract certification is being discussed by the AMF in conjunction with Autorité de Contrôle Prudentiel et de Résolution (ACPR, France’s Prudential Supervisory and Resolution Authority).
• Open source code: This is a defining feature of DeFi protocols, as identified by respondents. Rules that would seek to control or centralize this process would be burdensome. However, it was noted that such open source code is not free from flaws or cyber threats, which are a key risk by nature.
• DeFi trading protocols: Decentralized exchanges (DEXes) and automated market makers (AMMs) can display similarities to centralized markets. However, creating a market rule would be difficult due to the decentralized nature of these protocols, and creating a centralized entity would also help in reducing certain risks. Additionally, integrating off-chain elements is constitutive of a DeFi trading protocol model, and because many centralized crypto asset trading platforms also make use of off-chain components, this would not necessarily centralize such protocols.
• Governance issues: The AMF examines governance-related aspects of DeFi, in which users can directly participate in protocol management through interactions with the blockchain and the use of governance tokens. User participation in protocol governance through blockchain interactions raises novel considerations that may require regulatory attention. There is not a legal framework for such governance yet, and DAOs (decentralized autonomous organization) typically have a sister entity that has a legal form. However, some consider them to also hold undue influence. Haut Comité Juridique de Place (HCJP, the Legal High Committee for Financial Markets of Paris) is in the process of reviewing how DAOs may function with the French legal framework.
• Regulatory approach: Most respondents favored developing a clear regulatory framework for DeFi to provide certainty for participants. A proportionate approach considering the relative size and impact of DeFi is needed. The “same activity, same risk, same regulation” principle was supported, though some suggested an alternative approach in which DeFi activities differ significantly from centralized finance. Specific regulatory obligations were proposed, such as risk disclosures, smart contract certifications, governance standards, transparency, cybersecurity, solvency, and measures for anti-money laundering and countering the financing of terrorism.

The following recommendations from the IOSCO report, which outlines that the ”same activity, same risk, same regulation” principle should govern the regulation, are applicable to the DeFi sector:

1. Analyze DeFi products, services, activities, and arrangements: Regulators should assess DeFi products, services, activities, and arrangements to understand the technical knowledge, data, and tools needed to form a comprehensive understanding.
2. Identify responsible persons: Regulators should identify the natural persons and entities responsible for a particular DeFi arrangement, including developers, foundations, and DAOs.
3. Achieve common standards of regulatory outcomes: Regulators should seek outcomes for investor and customer protection and market integrity that are consistent with traditional financial markets.
4. Require identifying and addressing conflicts of interest: Regulators should require DeFi providers to identify and address conflicts of interest.
5. Require identifying and addressing material risks, including operational and technology risks: Regulators should require DeFi providers to establish and maintain risk management frameworks.
6. Require clear, accurate, and comprehensive disclosures: Regulators should enforce clear, accurate, and comprehensive disclosures from DeFi providers.
7. Enforce applicable laws: Regulators should enforce applicable laws and regulations to ensure DeFi activities are compliant.
8. Promote cross-border cooperation and information sharing: Regulators should promote international cooperation and information sharing.
9. Understand and assess interconnections among DeFi, crypto assets, and traditional finance: Regulators should assess the interconnections among DeFi, crypto assets, and traditional finance.

The AMF continues to further understand and develop regulation and approaches for DeFi protocols to ensure a thriving ecosystem while ensuring better protection for investors. There are many initiatives in combination with other regulators at the national European and international levels.

In the rapidly evolving landscape of DeFi, particularly concerning DEXes and AMMs, the importance of navigating the complex regulatory frameworks that govern these platforms (thus ensuring that operations align with existing laws and regulations) as well as monitoring any developments, cannot be overstated. Staying compliant not only mitigates the risk of legal repercussions but also fosters trust among users and investors, which is vital for the long-term sustainability of DeFi projects. Additionally, ongoing regulatory monitoring is essential in adapting to the dynamic nature of the regulatory environment, allowing organizations to proactively address emerging challenges and maintain their competitive edge while safeguarding their interests.

[View source.]