The International Organization of Securities Commissions (IOSCO) has, in a consultation report published on 7 September 2023, issued nine policy recommendations (“Recommendations”) to address market integrity and investor protection concerns arising from Decentralised Finance (“DeFi”). The IOSCO develops, implements and promotes adherence to internationally recognized standards for securities regulation.
The Recommendations are complementary to the Policy Recommendations for Crypto and Digital Assets Markets issued for consultation in May 2023. These sets of IOSCO recommendations have been developed in accordance with IOSCO’s Crypto-Asset Roadmap published in July 2022.
The Recommendations are aimed at DeFi products, services, arrangements and activities. The report acknowledges that there is no generally accepted definition of DeFi. In particular, it noted that while DeFi aims to eliminate traditional intermediaries, certain DeFi arrangements are equivalent to products / services provided by traditional market intermediaries and may be treated as market intermediaries in a particular jurisdiction.
The Recommendations
- (1) Analyse DeFi offerings to assess regulatory responses – Regulators should analyse DeFi offerings to assess the appropriate regulatory response, in accordance with the principle of “same activity, same risk, same regulatory outcome”
- (2) Identify Responsible Persons -Regulators should identify Responsible Persons. Responsible Persons include those exercising control or sufficient influence over a DeFi arrangement or activity.
- (3) Achieve Common Standards of Regulatory Outcomes – Regulators should adopt an approach that achieves regulatory outcomes for investor protection and market integrity which are on par with those of traditional financial markets.
- (4) Identify and Address Conflicts of Interest – Regulators should require providers of DeFi offerings and other Responsible Persons to identify and address conflicts of interest. A regulator should consider whether certain conflicts require enhanced measures such as legal disaggregation and separate registration and regulation of certain activities and functions.
- (5) Identify and address material risks – Regulators should require providers of DeFi offerings and other Responsible Persons to identify and address material risks such as operational and technological risks. Regulators should consider whether certain risks require enhanced measures.
- (6) Clear, accurate and comprehensive disclosures – Regulators should require providers of DeFi offerings and other Responsible Persons to disclose to users and investors detailed information material to the products and services offered in order to promote investor protection and market integrity.
- (7) Enforce applicable laws – Regulators should apply their investigation and enforcement powers to DeFi offerings, including bringing enforcement actions against Responsible Persons for breaches of applicable laws and regulations.
- (8) Promote cross-border cooperation and information sharing – Regulators should have arrangements for cooperation and information sharing with the regulators and authorities in other jurisdictions to facilitate the authorisation and supervision of regulated persons and entities and aiding in enforcement investigations.
- (9) Analyse correlations between the DeFi market, the broader crypto-asset market and traditional financial markets – Regulators should consider how these interconnections impact risks to investor protection and market integrity, and employ suitable methods to monitor and assess DeFi offerings.
Reference material
Further information on the Recommendations is available here:
Entra Law 