This is the second in a series of alerts about risk mitigation in the digital assets sector. This alert focuses on the meteoric growth of decentralized finance (DeFi) protocols, which have enabled ungated retail participation in myriad financial activities, including lending, token exchange, and derivatives trading. This alert will provide a brief overview of DeFi protocols and the potential benefits, including trustless transaction auditability, an especially salient issue given recent volatility in the capital markets. We also highlight areas for institutions to consider in light of recent guidance by the Office of the Comptroller of the Currency (OCC), which points to the possibility of regulated institutions interacting with autonomous, decentralized financial protocols in the future.
DeFi is programmable and permissionless finance. It enables counterparties (individuals or businesses) to conduct financial transactions executed by software in a “trustless” manner, meaning without validation by intermediaries. Bitcoin is the first DeFi network that has achieved scale. It enables trustless, peer-to-peer value transfer by means of a distributed database (the blockchain) and decentralized nodes (miners) that independently validate transactions by means of cryptographic protocols.
The recent explosion of DeFi activity has been built on another decentralized protocol, Ethereum. Unlike the Bitcoin protocol,1 Ethereum provides flexibility for financial innovation through its algorithmic “smart contracts,” which can provide custody of cryptocurrency funds and support a multiplicity of deterministic financial applications. Financial services already being unlocked through DeFi protocols include:
As of February 11, 2021, there was an equivalent of $40.1 billion locked in DeFi contracts, an increase of 160% since the end of December, with the majority locked on the Ethereum blockchain.
One of the simplest DeFi applications (dApps)2 built on Ethereum is Compound, a decentralized protocol that allows disintermediated lending and borrowing of cryptocurrency. Anyone in the world can access the Compound protocol, 24 hours a day, seven days a week.
Users are able to lend certain digital assets (e.g., USDC, Dai)3 to the Compound network and earn interest against the collateral they have staked.4 Once lent, the digital assets are added to a large pool of the same token in a smart contract on the Compound protocol.5 Interest earned on the Compound protocol is paid out every time an Ethereum block is mined and is denominated in the token lent.6 Interest rates are a function of the amount of crypto available (i.e., the size of the liquidity pools) in each market and fluctuate in real time based on supply and demand to reflect current market conditions.7
Meanwhile, Compound allows users to borrow other digital assets against the crypto they’ve locked in the protocol. Compound determines how much a user can borrow based on the quality of the asset lent, set as the “collateral factor” (CF). For example, if a user sent 1,000 USDC worth $1,000 and the Compound network has set the CF for USDC at 75%, the user can borrow $750 worth of any other crypto that Compound supports.
Figure 1: Conceptual View of the Compound Lending & Borrowing Functions
Unlike centralized lending companies (in traditional finance or in crypto), which require a host of administrators to underwrite risk, accept collateral, and pay out interest, DeFi protocols are entirely peer to peer and autonomous.8 In theory, this could democratize access to financial services, eliminate lender bias, and reduce costs of lending and borrowing due to the elimination of intermediaries.
Furthermore, DeFi protocols are transparent: the smart contracts that administer lending and borrowing on the Compound network can be inspected by any third party at any time, reducing the possibility of market manipulation or fraud.
Unlike regulated institutions, some DeFi protocols are accessible to users without KYC and credit checks. This introduces the risk that bad actors, such as criminals or US-sanctioned persons, may leverage a platform to borrow or lend funds. Second, decentralized lending models without credit checks on borrowers introduce default risk to lenders. In the case of Compound, this risk is mitigated since the “lenders” are an aggregated pool of assets, while individual borrowers have borrowing limits based on the value they have staked to the network. Finally, there is financial risk for borrowers since the interest rate is variable and a sudden increase could adversely impact their ability to repay and force automated liquidation of their collateral. Compound manages this risk as its lending model is based only on fungible assets, as opposed to traditional lending models in which nonfungible assets (e.g., real estate) form assets or liabilities on the balance sheet.
The risks above may appear minimal given the simplicity of Compound’s model and the transactions it supports, but these risks multiply as the complexity of the smart contracts and financial transactions increase. The automated and decentralized nature of smart contracts means a contract gone awry, due to a defect or a bad parameter, may not be able to be stopped before a significant loss has occurred. Synthetic assets, such as wrapped bitcoin, pose additional risks, as they can be introduced in one DeFi protocol and then utilized in the smart contracts of another protocol, increasing dependencies and potentially decreasing transparency. 9
In addition, software vulnerabilities have resulted in the unexpected loss of the equivalent of millions of dollars of user funds due to poorly audited code. For example, the YAM protocol (a DeFi project) attracted $600 million of liquidity within 24 hours of launch before a critical bug in the rebasing code was discovered. This defect led to the minting of too many YAMs (the protocol’s native token), resulting in an estimated $750,000 of lost funds before the bug was patched.
DeFi applications interact with oracles such as external pricing feeds sourced from APIs of centralized exchanges or algorithmically derived “on the spot” based on market conditions. Pricing oracle manipulation has become a recent DeFi vulnerability exploited to cause unexpected behavior in the protocol’s underlying smart contracts. For example, Harvest Finance, a DeFi protocol with over $1 billion of collateral locked in its contracts in late October 2020, was attacked by hackers who executed a series of transactions (flash loans, re-entry, etc.) to artificially deflate the price of USDC and USDT10 in the liquidity pools consulted by the Harvest protocol smart contracts. The resulting losses are estimated at $33.8 million.11
The volume of DeFi activity and its rapid growth in recent years has caught regulators’ attention. Brian Brooks, chief of the OCC, wrote a Financial Times note titled, “Get ready for self-driving banks,” in which he outlined the potential benefits and risks of DeFi, indicating federal regulators such as the OCC will have to play a major role to avoid “a patchwork of inconsistent rules (filled in by the states) that impede the orderly development of a national market.”
While Brooks concluded that regulators are not in a position—yet—to start thinking about giving these automated, anonymous protocols banking licenses, the OCC at large has pointed to an eventual melding of traditional finance with these new “self-driving” banks. In July 2020, the OCC issued an interpretive letter stating national banks can provide custody services for cryptocurrencies like bitcoin, including the “unique cryptographic keys associated with cryptocurrency.”12 It also clarified national banks’ ability to hold reserves on behalf of bank customers who issue stablecoins.13 Most recently, the OCC issued an interpretive letter clarifying that US national banks and federal savings associations can use public blockchains and USD-backed stablecoins to conduct payment activities and other bank-permissible functions.14 Specifically, the OCC noted public blockchains are in a category with ACH (Automated Clearing House) and Fedwire, as they are networks that can move value between financial systems.
Stablecoins are the collateral that drive many of today’s DeFi engines. Given that US banks are permitted to receive, hold, and settle transactions in USD-backed stablecoins, banks will likely increase their interaction with DeFi protocols in the future. Retail and institutional customers of banks and other financial institutions may demand products and services only available in the context of these protocols. This introduces several areas of unprecedented risk and regulatory concern.
Financial institutions, fintechs, and technology companies that transact in cryptocurrencies or stablecoins should identify and mitigate the risks from: