The U.S. Securities and Exchange Commission will monitor decentralized finance transactions, after contracting with the blockchain cybersecurity firm AnChain.AI, which confirmed the agreement over social media last week. Legal experts suggest this and other recent moves preview increased regulation of the decentralized finance space.
The San Jose, California-based analytics firm – which uses investigatory and predictive analytics to track illegal activity across exchanges, DeFi projects and traditional institutions – confirmed the agreement via Twitter. The contract will help the SEC identify suspicious addresses and transactions, as the commission assesses the DeFi space and considers regulatory actions involving cybersecurity, data privacy, risk management and other investor protections.
On Twitter, the firm wrote, “We’re proud to work with the SEC to protect all #Crypto stakeholders in the virtual asset economy, and to contribute our technology to critical regulatory oversight efforts.”
The SEC’s contract with the firm – which reportedly went into effect in May – is worth $125,000 per year for up to five years, according to Forbes.
The SEC and AnChain.AI did not respond to requests for more information.
AnChain.AI CEO and co-founder Victor Fang told Forbes, “The SEC is very keen on understanding what is happening in the world of smart contract-based digital assets.”
‘No More Immune’
Some experts say the latest activity reflects a desire within the SEC to rein in digital assets.
Kara L. Kapp, an attorney for the Philadelphia-based law firm Cozen O’Connor, says the contract with AnChain.AI “is consistent with Commissioner [Gary] Gensler’s prior comments that the SEC is going to closely monitor the DeFi space.”
“It also demonstrates that the so-called decentralized exchanges are no more immune from oversight than any other cryptocurrency exchange,” Kapp adds.
Ross Rustici, former technical lead for the U.S. Department of Defense, adds, “This move by the SEC is a continuation of a trend of increased regulation in the U.S. and globally. … [It] only furthers the efforts by governments to wrestle control back in this space.”
“Governments across the world are becoming increasingly incentivized to solve both [de-anonymization and asset tracking concerns], especially as the criminal element that leverages the technology is becoming more brazen in their activity,” adds Rustici, who is currently managing director of the global advisory firm StoneTurn.
David Cass, vice president of cyber and IT risk at the Federal Reserve Bank, said in a recent blog post, “[With smart contracts and DeFi] you need attorneys who understand code; you need coders that really understand the business aspects of what’s going on – so you can get things properly aligned.”
“Otherwise … clauses can come up in the code that move money before conditions have been properly met,” warned Cass, who’s an advisor for AnChain.AI.
Cybersecurity Risks of DeFi
Cybersecurity risks remain at the core of DeFi, an umbrella term for a variety of financial applications in cryptocurrency or blockchain geared toward disrupting financial intermediaries. Indeed, DeFi does not rely on central intermediaries such as banks, brokerages or exchanges to deliver financial services, including lending, borrowing and trading. Instead, DeFi applications rely on smart contracts across blockchains.
DeFi projects involve participant-based blockchain transactions mediated by a “DeFi protocol.” Many of these protocols use open-source software. A lack of security controls remains a concern, although DeFi investment has grown exponentially since 2020, with some $82.4 billion locked in related platforms, according to tracker DeFi Pulse.
Some DeFi projects get hacked because of “developer incompetence, which causes coding mistakes that hackers can abuse,” says William S., a security researcher for the virtual private network firm Atlas VPN, in a recent blog post.
Lawmakers and federal regulators alike continue to wade into the cryptocurrency space – citing its volatility and recent high-profile breaches with initial losses amounting to hundreds of millions of dollars (see: Hacker Steals $97 Million From Crypto Exchange ‘Liquid’).
The Senate-approved $1 trillion U.S. infrastructure bill would impose expanded tax obligations on crypto operators. A proposed amendment to soften the requirements failed to pass the Senate. Supporters say the measure will generate $28 billion in new tax revenue, while critics say it burdens a wide range of crypto operators and can stifle innovation (see: Senator Seeks Input on Securing Crypto, Blockchain).
Additionally, a bill introduced in the Senate earlier this month – called the Sanction and Stop Ransomware Act – recommends regulatory actions around cryptocurrency (see: Countering Cyberthreats: 2 Legislative Proposals Introduced).
On Aug. 3, SEC Chairman Gensler called crypto markets “rife with fraud, scams and abuse” (see: PayPal to Hire Dozens of Cryptocurrency Security Experts).
Gensler called on lawmakers to provide the independent agency with additional authority to regulate crypto markets.
In an Aug. 19 interview with The Wall Street Journal, Gensler said DeFi projects, in particular, are not immune to regulation – with features that may warrant federal oversight.
Sen. Elizabeth Warren, D-Mass., echoed the call for regulation of the cryptocurrency space – penning a letter to Gensler in July addressing several concerns around cryptocurrency.
In a reply, Gensler again indicated that cryptocurrency platforms lack adequate protections and potentially run afoul of securities, commodities and banking laws.
In June, House Financial Services Committee Chair Maxine Waters, D-Calif., said a new working group under her charge would be reviewing the “minimally regulated” cryptocurrency space. The group, she added, will partner with regulators and industry experts.
Read More:SEC to Monitor Illicit Activity on DeFi Platforms