All manner of unwanted users—ransomware gangs, thieves, scammers, and North Korea—gleefully transact in decentralized finance and even launder funds. according to a new report from the Treasury Department. That’s because DeFi doesn’t comply with anti-money laundering and anti-terrorist financing laws.
Poor compliance with anti-money laundering measures and poor cybersecurity put DeFi users at risk of theft and fraud, Treasury says.
In the US, the Bank Secrecy Act, and some other regulations, mean that financial institutions must help the government detect money laundering. In this document, the Treasury notes that a DeFi service could well be a financial institution under the BSA, even if it is decentralized, and will have to comply with the law. Uh-oh! That sounds like a warning shot. If I worked in DeFi, I would worry that a crackdown was coming; the Treasury essentially says that DeFi services are vulnerable under existing laws.
The report finds that “many” DeFi services are non-compliant with the BSA, which isn’t exactly a surprise given, you know, the whole history of Bitcoin as a currency-based way of hating the government. In some cases, the document notes, DeFi services deliberately decentralize what they are doing to try to avoid enforcement of anti-money laundering measures. Unfortunately, says the Treasury, this is not how the law works.
There’s a second caveat in the document: It recommends “intensifying engagements with foreign partners to drive stronger implementation” of anti-money laundering laws, which sounds awfully like the US leans heavily on other countries where it is could establish DeFi. .
