BY DANIEL BULAEVSKY
I recently shared some thoughts in Coindesk and LendIt Fintech News about how crypto companies that are building products on top of Decentralized finance (DeFi) can effectively integrate with regulated financial institutions, which is necessary for DeFi’s long-term success.
In short, crypto companies building products on top of DeFi, including those that seek to connect DeFi and traditional finance using the aptly coined “DeFi mullet” strategy (fintech in the front, DeFi in the back) to increase adoption with regular consumers, must plug into the traditional financial system to succeed.
These products require integration with activities reserved for traditional financial institutions, such as fiat on- and off-ramps, trust accounts, secured loans, retirement vehicles and access to specific payment systems, among others. To integrate, crypto companies must either engage with those institutions (e.g., banks, institutional investors, investment advisors, rating agencies, etc.) or subject themselves to direct regulation.
Crypto companies that choose to engage with traditional financial institutions will need to meet the institutions’ risk management and compliance expectations, driven partly by the institutions’ regulatory obligations. But this is no simple task. Regulated financial institutions will, to different degrees depending on the context of the engagement, expect their crypto partners to have:
Clear and comprehensive business plans explaining their products, customers and markets.
Financial statements that demonstrate sustainable capacity to meet current and projected financial obligations.
Strong management teams with solid reputations, relevant experience and clear visions for strategic success.
Robust risk and compliance programs, along with supporting policies and procedures, likely including comprehensive:
- Risk assessments, identifying key risks and controls, which clearly explain the risks of the products offered and new technologies involved.
- Risk management and regulatory compliance policies and procedures reflecting the company’s unique risk exposures.
- Internal controls, including testing and monitoring, training, reporting, third-party risk management and certain product-specific controls, such as know your customer (KYC), fraud controls and consumer protections for payments, lending and other products.
Reliable technology systems and information security protocols aligned to best practices and industry standards, which may include third-party audits and plans for navigating business disruptions and recovering from disasters.
Crypto companies building on top of DeFi that invest now in experienced executives and robust risk management, compliance and security practices will score big dividends, both operationally and competitively. Put simply, traditional financial institutions and their regulators think and speak in terms of risk, compliance and security, and they want to see crypto companies that can do the same.