Written evidence submitted by The Aave Companies

1. Introduction

1.1              The Aave Companies (“Aave”) wish to respond to this Call for Evidence concerning the role of cryptoassets in the U.K. The cryptoasset industry has grown significantly over the past two years, specifically in the area of decentralised finance (“DeFi”). As described below and because we expect the Treasury Select Committee will receive responses regarding crypto-assets generally and centralized crypto-asset platforms, we have presented a discussion of DeFi in the context of this Call for Evidence. We thank the Committee for this opportunity.

1.2              Aave is a U.K.-based software developer that builds open-source, blockchain-based software, which creates gateways into Web3. Web3 refers to the next generation of the Internet, built upon public blockchain networks and owned by users of the software. The Aave Companies are currently best known for the development of the Aave Protocol, a decentralised and non-custodial liquidity protocol that allows users to supply and borrow cryptoassets and earn interest on those assets. We have also developed the Lens Protocol, a decentralized social media protocol where users own their profile, data and content - i.e., to participate in social networks without ever giving up any personal information. Decentralized software eliminates powerful, centralized intermediaries and allows individuals to retain ownership of their financial well-being, their data and their creations.

Summary

1.3              There are significant benefits of the DeFi system, including to promote efficiency, eliminate bureaucracy, and promote social and financial inclusion. While there may be identifiable risks in the DeFi space, we believe that many of these are addressed by the technology and, as such, a narrowly tailored, proportional approach to regulation is best suited to managing such risks and fostering growth, innovation and competition.

1.4              This response is structured in the following sections:

(a)                Background information on DeFi, including a description of smart contracts, protocols, and the hallmarks of DeFi.

(b)               Benefits of DeFi, with attention to consumers.

(c)                Risk of DeFi, including regulatory concerns and suggested mitigation measures.

(d)               Constructing a regulatory framework for DeFi, including a summary of key differences between DeFi ecosystems and centralised financial institutions, and suggested tailored regulatory requirements.

1.5              In response to the specific questions raised in the Call for Evidence, please refer to the Appendix, which cross-references to sections of this response.

1.6              In the event the TSC holds hearings or meetings relating to this Call for Evidence, we would be pleased to participate.

2. Background Information on DeFi

2.1              DeFi refers to an open, programmable system built upon public software, which allows users to engage in economic activities without the need to rely on intermediaries.

2.2              DeFi is built upon “smart contracts”, software code stored on a public blockchain, and programmed to be conditional and automatic. This means that the code is written on a series of “if-then” rules, e.g., “if X happens and Y condition is met, then Z will automatically occur”.

2.3              Smart contracts are self-executing, meaning that the terms of the agreement are written into the code and thus, operate at a user’s direction without an intermediary. The source code and the transactions facilitated thereby are recorded and publicly available, which increases security and auditability.

2.4              Compilations of smart contracts are called “protocols” – the applications of the DeFi system. Protocols establish rules for all users, including the types of transactions which can occur, the conditions for such transactions, and any associated fees.

2.5              Because the smart contracts underlying the protocols are publicly available, users are able to understand the inherent “rules of the road” – how all transactions will work in a DeFi protocol – before engaging in any transaction. The transactions in the DeFi system are best understood as being “peer-to-protocol” rather than “peer-to-peer” because when a user interacts with a DeFi protocol, the users are providing directions directly to the smart contracts to execute the desired transaction. This process differs from how a traditional financial transaction may be executed, as it does not involve any intermediaries, brokers, or counterparties. The process eliminates counterparty risk, as the user is interacting directly with the DeFi protocol.

2.6              In addition to transparency, at least two other critical hallmarks of DeFi distinguish the system from the traditional financial system:

(a)                Non-Custodial.  There is no person or entity (or even protocol) that takes custody of a user’s assets in a DeFi transaction. In other words, there is no disposition of assets in a DeFi transaction.  Rather, user’s retain custody of their assets at all times such that they have access to and control over their assets at all times.

(b)               Decentralised.  The decentralised nature of DeFi protocols exists at three key levels, including:

(i)                 technological: the code behind DeFi protocols must be open source; they can be reviewed and used by anyone. This differs from traditional financial institutions, which involve a centralised intermediary that controls all functions, takes custody, and is required for the verification of transactions;

(ii)               governance: in true DeFi systems, protocols and their ecosystems, decision-making occurs through the proposals and votes of many, whether it be through tens, hundreds or thousands of governance token holders, or dispersed groups who vote through multi-signature wallets or other technological mechanisms; and

(iii)            development: although there is frequently a software developer who initially builds a DeFi protocol, as a system becomes decentralized, numerous independent, third-party actors develop the ecosystem around the protocol, such as performing risk management, treasury management, and continued software development.

3. BENEFITS OF DEFI

3.1              DeFi has numerous benefits due to its distinct characteristics. This section explores such benefits, with a particular emphasis on consumers.

3.2              A key benefit of DeFi is the access and control afforded to its users. DeFi empowers individuals to access the economy, and to maintain control over their assets and data. Although greater control is afforded to individuals through DeFi, these systems do not preclude individuals from receiving financial advice or guidance as to how to manage their assets, allowing them to make educated decisions but also retain independence over their financial well-being.

3.3              As has been described in Section 2 above, DeFi protocols are transparent, with the underlying software code being publicly viewable and available for a public audit. Furthermore, the software companies that develop the underlying software code frequently publish explanatory documents, which provide information as to how DeFi protocols operate. These qualities eliminate information asymmetries and promote greater consumer awareness of the underlying transactions.

3.4              DeFi systems promote efficiency, as the removal of an intermediary increases the speed and efficiency of the associated transaction processes. DeFi systems are also “composable”, which means that the protocols can built upon, and integrated into one another in an open-source manner. This process occurs without the need for costly bureaucracy or intermediaries. The removal of an intermediary also has the potential to mitigate anti-trust and competition risks, for example, by implementing a level of governance in the protocol which restricts the sharing of competitively sensitive information or barring individuals who breach certain conditions regarding anti-competitive behaviour.

3.5              Another key benefit of DeFi is that it fosters innovation and competition in the market. As a decentralised system, DeFi encourages its users to continually engage and work to improve the system. Furthermore, the publicly available nature of the underlying code permits a public audit, which enables the identification of flaws or potential vulnerabilities.

3.6              Furthermore, DeFi has the ability to promote financial and social inclusion, as the system continues to grow. Participation in transactions through DeFi systems is available to a diverse and wide range of individuals, provided that such individuals are capable of meeting the applicable conditions of the protocol (e.g., ownership of a cryptoasset wallet) and provided that the individual has Internet access. DeFi is a “blind system”, which does not discriminate between users and eliminates the potential for bias. 

3.7              In connection with promoting financial inclusion, DeFi protocols have minimal ongoing costs and do not have significant labour and operational costs such as those incurred by banks and other financial institutions. Further, DeFi protocols do not have third-party fees which need to be accounted for, or which may be passed on to consumers.

4. RISKS of DeFi

4.1              Whilst we draw attention to the significant opportunities for innovation and growth presented by DeFi, we acknowledge that there are risks associated with emerging technologies. In particular, we are mindful of concerns which have been identified by global regulators, including the Bank of England and the Financial Conduct Authority.

4.2              We note that regulators have expressed concern that as DeFi grows and gains greater interconnectedness within the financial system, there are potential risks to financial stability. Specifically, we acknowledge concerns connected to the price volatility of cryptoassets held by users and the deployment of cryptoassets throughout the DeFi system, such that if cryptoassets are used as collateral or otherwise back transactions, this may pro-cyclically amplify selling behaviour in a market stress or cause compounded user losses.

4.3              DeFi systems differ, however, not only from traditional financial systems where intermediaries control users’ assets in times of market stress but also from “CeFi” systems – centralized crypto-platforms and user cases where an intermediary is involved but the asset class involved are cryptoassets – who also control user’s assets in times of market stress.  In a DeFi system, volatility may impact users, but they remain empowered to take control over their own transactions rather than relying on an intermediary (and human judgment).

4.4              In response to this concern, there are technological solutions which may be deployed to mitigate against such outcomes occurring, such as:

(a)                The implementation of systems and controls, which are designed to mitigate the risk of leverage and liquidity mismatches. This may be enacted through basic protocol operations, which imbed algorithms to calibrate liquidity risk and optimise utilisation (for instance, through the use of indicators of available capital within the liquidity pool, which in turn impacts on the applicable interest rate). The applicable interest rates may also be calibrated to different parameters for each type of cryptoasset and their respective levels of volatility.

(b)               The application of mechanisms which can provide liquidity in times of stress or market volatility. This may be affected through additional tools which provide alternative sources of liquidity to enable the redemption of tokens when there is less available liquidity in the protocol.

(c)                The use of risk management systems and controls, which may include the use of siloed assets; isolated assets, which may restricts borrowing to isolated stablecoins; and the use of caps, such that asset reserves are configured with upper bounds in order to reduce exposure to certain assets.[1]

4.5              We are aware that UK regulators have expressed concerns about AML/CFT relating to DeFi protocols, because such automated systems do not conduct KYC checks. However, this risk may be mitigated through the implementation of transparency and analytics tools – at the appropriate technological juncture (which is not the protocol layer).

4.6              Although some have expressed concerns about the absence of credit assessments for DeFi users, DeFi protocols introduce technological conditions requiring users to over-collateralise when engaging in transactions, which acts as a proxy for creditworthiness.

4.7              In connection with security and data privacy risks, we note that there may be concerns as regards the lack of an intermediary who may act as a guarantor for personal data, and which may be held accountable in the event of a data breach occurring. A distinction should be drawn between the various actors and structures, as no data is stored directly on DeFi systems and custody of personal data is retained by individuals (e.g., stored on user’s personal wallets).

4.8              The environmental cost of cryptoasset and related technologies is a recognised concern. While it is acknowledged that blockchain verification through Proof-of-Work can be energy intensive, more recently, there has been an industry shift to verification through Proof-of-Stake. Proof-of-Stake does not require additional energy for the verification process to occur and has the additional benefit of permitting participation to a greater range of people as the mining process has a lower entry requirement. 

4.9              DeFi systems may also face technology and cyber risks due to their operation being reliant on technology. Potential risks include rug pulls, whereby crypto developers create tokens, which are listed and swapped with a leading cryptocurrency (such as Bitcoin or Ethereum). The developers may then withdraw all tokens from the liquidity pool, which forces the value to zero, causing investor losses. This risk may be mitigated by ensuring that the pool has a minimum liquidity reserve, by imposing gates on redemptions should liquidity fall below prescribed levels, or by building in “locks” on a given token’s pool. Another technology risk is that there may be economic exploits by bad actors. This risk may be mitigated by introducing functionality into a smart contract, which enables an automatic “freeze” of stablecoins which are held in a particular wallet when required by law enforcement agencies or regulators. Code errors and bugs may occur, as DeFi is an emerging industry which remains in the research and development stage. However, continual improvements are being made to the code underlying such systems and the engagement of users in improving DeFi systems means that these systems are becoming increasingly secure from technological risks. 

5. constructing a regulatory framework for DeFi

5.1              In constructing a framework for DeFi, the UK can seize the opportunity to foster and lead growth, innovation, and competition by setting an international standard for DeFi, which can be replicated in other jurisdictions. We have already engaged in encouraging engagement from the U.K. Government (and attendant regulatory bodies), recognizing the opportunity for the U.K. to lay down a global footprint in this space.

5.2              We are mindful that regulators are concerned with achieving equivalent regulatory outcomes in respect of equivalent risk.[2] Although we believe the risks in DeFi differ than those in traditional financial systems – especially given the fact that the technology “corrects” for certain risks on its own (e.g., certain information asymmetries, differing levels of access to economic systems), this regulatory goal is achievable through the adoption of a narrowly-tailored approach which balances the need for consumer and market protections against the advancement of innovation.

5.3              Although some argue that DeFi protocols perform similar economic functions to those in the traditional financial markets, to merely extend the existing regulatory perimeter (for example, as U.K. laws and regulations apply to credit institutions or exchanges) fails to acknowledge and account for structural and functions differences in DeFi. Thus, any framework for DeFi must be bespoke.

5.4              Key differences between DeFi and traditional financial institutions include:

(a)                There is a higher level of transparency in DeFi ecosystems, as the blockchain is publicly available and auditable. This differs from traditional financial institutions which are highly opaque, and reliant on internal audit systems which may contain vulnerabilities or deficiencies, including potential errors in human judgment.

(b)               The risk management or liquidity control measures in DeFi are automated and written into the underlying protocols. This differs from the typical risk and credit management controls which are in place in banks, which are subject to human error or override.

(c)                The decentralised nature of DeFi governance frameworks, whereby there is no centralised management body making decisions as regards the operation of the ecosystem and the transactions executed therein.

5.5              As such, we consider it beneficial and proportionate to adopt an approach which is tailored and recognises the nuances in how DeFi systems operate and how they are structured.

5.6              This may be achieved through the imposition of reasonable and proportionate requirements on testing and other pre-decentralization and pre-deployment standards (which will ensure that software developers are not treated as, or turned into, traditional financial intermediaries). Examples of how this may be achieved include:

(a)                Imposing disclosure requirements on the underlying software development companies prior to launch. This may include the disclosure of corporate information, including financial reports, disclosure of identities, AML screening, and criminal record checks of validators. This may assuage regulatory concerns as regards any malicious actors within these ecosystems and provide comfort as regards the transparency of concerned parties.

(b)               Setting requirements as regards security audits, in order to ensure that the code is secure and will function as intended before it is launched and available to the public. Another feature which may be used to ensure that the technology works effectively is to operate a gated launch of the software, to provide an opportunity for stress-testing and to maximise operability. This may alleviate concerns as regards cyber-threats and technological vulnerabilities.

(c)                Introducing requirements as regards the potential reserves which are held, which are designed to cover anticipated losses which may be suffered by consumers. This would be designed to minimise consumer harm.

6. conclusion

6.1              We consider the U.K. to be well-positioned to develop a tailored and proportionate standard in regulating the crypto and DeFi industries, which is capable of setting an international standard. There is potential for a regulatory regime that will allow for continued innovation while simultaneously protecting consumers and protecting the integrity of the financial markets.

6.2              We wish to express our thanks the Treasury Select Committee for its time in reviewing our response and welcome the opportunity for further discussion and engagement.

APPENDIX

1.              How can distributed ledger technology be applied in the financial services sector?

Please refer to the use cases described in Section 3 of the Response, “Benefits of DeFi”.

2.              What impact could the use of crypto-assets have on social inclusion?

Please refer to paragraphs 3.6 and 3.7 in the Response. 

3.              The environmental and resource intensity of using crypto-asset technology.

Please refer to paragraph 4.8 in the Response. 

4.              What work has the Government (and its associated bodies) done to understand, prepare for and, where relevant, encourage changes that may be brought about by increased adoption of crypto-assets?

              We have been encouraged by affirmative engagement with industry stakeholders by His Majesty’s Treasury, the FCA, and the Bank of England to understand DeFi.

              We believe these Calls for Evidence by the Government (and its associated bodies) allow for consideration of varying viewpoints and look forward to continued engagement with regulators in order to build an evergreen set of rules that will grow with the technology and allow the technology to grow.

5.              Are the Government and regulators suitably equipped to grasp the opportunities presented by crypto-assets, whilst at the same time mitigating against the risks?

The UK Government and regulators are well placed and equipped to grasp the ample opportunities presented by cryptoasset related technologies, including DeFi, provided that all stakeholders are invested in understanding the particular nuances of the industry and how these technologies and their deployment differ from traditional financial services. 

In this regard, please refer to the “risks of DeFi” described in Section 4, in particular paragraphs 4.2 to 4.4, which focus on key regulatory concerns.

6.               Could regulation benefit crypto-asset start-ups by improving consumer trust and resilience?

              Please refer to Section 5, in which we have shared our thoughts and high-level proposals for constructing a UK framework for the regulation of DeFi, as well as the ways in which regulation may benefit DeFi and its users.

September 2022