Building a Sustainable Regulatory Environment for Onchain Innovation

Takeaways

• DeFi-focused rulemaking and legislation should balance consumer protection with innovation by acknowledging genuine regulatory complexities while strengthening sustainability, safety, and broader institutional adoption.
• We believe policymakers should apply two key principles: a) recognize architectural differences and b) establish clear standards.
• There are three critical areas in need of clarification: a) disclosures and transparency, b) responsibility and liability, and c) compliance in self-custodial systems.

“Crypto regulation is not easy to do well… The decisions we make now could have profound consequences not only for the development of the technology, but for human freedom.” SEC Commissioner Hester Peirce, January 20, 2023.

In April, the first US-based cryptocurrency bill was signed into law, repealing the IRS "DeFi Broker Rule." Just last week, the GENIUS Act also became law following bipartisan votes in both chambers, and the US House passed the Digital Asset Market Clarity Act with strong bipartisan support. What seemed improbable just a few years ago is now reality.

In June, SEC Chairman Paul Atkins announced that his agency was considering an “innovation exemption” for decentralized finance (DeFi) intermediaries and issuers to protect onchain innovation in the United States. 

As DeFi continues to redefine the financial landscape by removing traditional intermediaries through self-custodial architecture, a conversation is emerging around regulation that will shape our industry’s future. However, echoing Commissioner Peirce, “crypto regulation is not easy to do well.” The same goes for DeFi.

Success in regulating DeFi lies in balancing consumer protection with innovation, acknowledging that while DeFi presents genuine regulatory complexities, thoughtful rules will ultimately strengthen the ecosystem's sustainability, safety, and broader institutional adoption.

As beneficiaries of American markets, we confidently assert that the uniquely American traditions of free commerce, individual autonomy, and respect for property rights are enhanced by DeFi’s promise. In turn, our policy and regulatory frameworks can now enhance the promise of DeFi.

Below, we explore how policymakers can approach DeFi regulation to build a sustainable environment for onchain innovation. We highlight the unique architectural differences between DeFi and traditional finance that make existing frameworks impractical, suggest a framework to approach this topic, and outline critical questions we believe DeFi regulations should address.

The Intersection of Risk Management and Regulatory Reality

With over $1.3 billion supplied to Gauntlet-curated vaults, $42 billion in digital assets optimized through Gauntlet’s risk management platform, and seven years of deep cryptoeconomic research and modeling through multiple cycles, we have witnessed firsthand how DeFi's fundamental architecture complicates traditional regulatory frameworks. This experience positions us uniquely to contribute to the dialogue around creating thoughtful DeFi policy.

Our work has expanded beyond our roots managing risk, driving incentive campaigns, and enhancing governance structures for prominent DeFi protocols and participants, including Coinbase, Uniswap, and NEAR. We are now leaders in vault curation, optimizing yield by allocating user supply to lending markets, building trading strategies using perpetuals, and optimizing restaking vault strategies. 

This operational perspective reveals a stark reality: the regulatory frameworks designed for traditional finance could not have anticipated a world of self-custodial, permissionless, autonomous actors designing infinitely composable transactions on their own terms that can settle near instantly without the intervention of third parties. That world has arrived. 

From a Siloed Financial Present to a Disintermediated Future

Existing financial regulations assume custodial intermediaries who control user funds, monitor transactions, and fully dictate the terms of their customers’ experience with the capital markets. As a limited group of familiar intermediaries, traditional banks, centralized exchanges, and custodians are uniquely accessible for straightforward regulatory oversight. 

DeFi operates differently. Our ecosystem ethos demands the continuous lowering of cost and friction between users and the markets. DeFi abhors gatekeeping, single points of failure, sustained rent-seeking, and the establishment of walled gardens of captive capital.

This fundamental difference isn't a bug; it's a feature that enables continuous, universal, and equitable access, infinitely composable user-driven economic interactions, and minimal barriers to entry. Said more plainly, DeFi’s very nature optimizes choice, competition, and cost effectiveness. 

A Framework for Responsive Regulation

We believe policymakers should consider two key principles:

Recognize Architectural Differences: New frameworks must acknowledge that DeFi's self-custodial, permissionless nature requires different approaches than traditional intermediary-based systems. DeFi’s technological realities make some standards infeasible and provide new capabilities for establishing more transparent, efficient, and responsibly operated capital markets. Wise policymakers will acknowledge this and make use of such capabilities.

Establish Clear Standards: Provide specific guidance on disclosure requirements for protocol interactions, safe harbor provisions for interface providers, and reasonable monitoring obligations for self-custodial actors. 

The Critical Questions Facing Responsible DeFi Participants

Through our work with leading protocols and institutions with ties to both traditional and decentralized finance, we've identified several key policy questions whose answers will be most impactful.

Disclosures and Transparency

What constitutes adequate risk disclosure? How should protocols communicate potential risks when interacting with decentralized protocols and participants?

What we think: Adequate disclosure requires transparent communication of four key elements: a) how the relationships and protocols work, b) what could go wrong, c) who controls what elements of the relationship, and d) to whom the protocols and participants are ultimately responsible. 

When using a protocol, users need to understand the underlying mechanism, potential points of failure, the extent of centralized control versus autonomous operation, and any conflicts of interest or contractual obligations that might influence protocol behavior. The critical threshold is determining when sufficient information has been provided for regulators and courts to consider users capable of making informed decisions. We favor shifting the focus to outcome-based standards that enable true informed consent.

Responsibility and Liability

In permissionless systems designed to operate without central control, how should responsibility be allocated when things go wrong? What duties exist for protocol developers, interface providers, market actors, and governance participants?

What we think: Accountability should flow from direct control. 

Protocol developers tend to control access and security architecture; vault and risk curators tend to control product structure and risk parameters; users will always control their due diligence and risk appetite. While duties may not be clearly defined under existing frameworks, a control-based system of accountability provides the foundation for developing appropriate standards. 

The challenge lies in assigning responsibility when intermediation is removed by design. Determining fault becomes complex when systems operate autonomously, and value loss can stem from market risk, technical compromise, or user error. Effectively assigning responsibility in DeFi necessitates new frameworks that recognize the distributed nature of control while maintaining meaningful accountability.

Compliance in Self-Custodial Systems

What are reasonable monitoring obligations for protocols when they don't hold custody of user funds? How can compliance be demonstrated when control and knowledge are limited by design? 

What we think: For protocols operating without traditional gatekeeper functions, reasonable compliance efforts should include industry-standard screening tools to identify sanctioned actors, transaction pattern monitoring for manipulation, and clear disclosures about known risks and counterparties.

Existing legal frameworks can address the most serious violations: manipulation, fraud, and sanctions evasion, without compromising DeFi's trustless architecture. Regulators retain jurisdiction over the worst excesses in market conduct regardless of the underlying technology, while market forces and civil litigation provide additional remedies for negligence and recklessness. 

Financial Crimes Prevention: Balancing Innovation and Security

Current financial crime compliance obligations assume intermediary relationships with known users and gate-kept access points. In DeFi, transaction blocking becomes complex in truly decentralized systems. Traditional KYC requirements may be incompatible with permissionless design, and pseudonymity is inherent to protocol design, not a fringe practice.

This doesn't mean abandoning financial crimes prevention; it means developing approaches that work with DeFi's technical realities. Our institutional-grade security posture and partnerships with firms like Chainalysis, Hypernative, and zeroShadow, along with our engagement with industry groups like Security Alliance (SEAL Intel), demonstrate that sophisticated monitoring and risk mitigation are possible even in decentralized environments.

A World in Convergence

DeFi represents a revolution in financial infrastructure, offering benefits more impactful and broad-based than many of us could have ever hoped for in global finance. Our belief in DeFi’s promise inspires our work with both crypto-native and traditional finance actors to deliver safer, fairer, and more rewarding market outcomes for all who participate in this vision of capital markets.

As we continue advancing the vanguard of DeFi risk management and yield optimization, we remain committed to contributing our operational expertise to this critical regulatory dialogue. Our goal is not a world without rules; it is a world with rules designed for today’s and tomorrow’s game, not yesterday’s.