It is becoming evident that regulators worldwide are closing in on centralised providers of financial services that are operating in an unregulated manner. Such efforts are mostly targeted towards operators of DeFi protocols & dApps that may be so operating under the pretence of decentralisation, yet may have various centralised pockets that would, for all intents and purposes, place them squarely within the crosshairs of regulation. In their latest Guidance on Virtual Assets and Virtual Assets Service Providers, the FATF has clearly stated that any DeFi platforms that are operated in a centralised manner are quite likely to be classified as VASPs, and would therefore be required to subscribe to the applicable AML laws & regulations, including FATF’s Recommendations.
Decentralisation is easily described, yet lofty to achieve. Many self-described DAOs are neither decentralised nor autonomous, with many suffering from various centralisation-related issues, such as generous token allocations to core team members & early investors, lack of community-wide participation in DAO proposal voting sessions, centralisation of development efforts, and generally speaking, a lack of a sufficient network effect to warrant the use of the word “decentralised”. While certain centralised links are at times inevitable, such as domain ownership, the use of the right legal entity structure along with an efficient DAO governance model that incentivises community participation in the long run is seen as the holy grail for various crypto projects.
Service Description & Features
We have recognised the need for assistance in decentralising oneself to such an extent as to ensure that the respective project runs autonomously, and more importantly, without any particular member/s being susceptible to personal liability in case of any mishaps. It is for this reason that we offer a comprehensive audit that focuses on the level of decentralisation attained by the project in question, as well as highlighting any particular incumbent legal risks, both vis-à-vis any legal structure in place, as well as any potential liability attaching to relevant team members. The audit is tailored to the protocol or dApp in question, but generally speaking, it would consist of the following:
Analysis of the operations relating to the development, hosting, and ownership of the UI/client-facing dApp
Analysis of the operations relating to the development and decision-making relating to the protocol
Review of internal policies and procedures
Review of any relevant legal agreements with structural partnered entities/platforms, including seed & angel investors
Analysis of the legal structure in place, including any relevant legal entities. This will include a review of the constitutive deeds, the laws of the country of establishment, etc.
Analysis of the tokenomics with particular focus on their impact on effective governance
Analysis of the relevant DAO proposals (including those that have been voted upon & passed, but not yet implemented)
Analysis of any prevalent trends in voting patterns, including an assessment of the key addresses participating in the voting processes
Assessment of the risk for the team members in their own personal capacity, as well as the residual risk for anyone occupying a position of importance vis-à-vis the project
The process of listing & delisting of tokens from the UI (if applicable)
The end goal of the audit is to draw up a report which delineates the findings of BCAS in the form of a detailed sectoral analysis, with each part accompanied by an ascending risk score; the higher the score, the higher the risk involved vis-à-vis the relevant sector. Recommendations are included within the report, with on-hand implementation assistance available as an added service offering. The audit should serve as both a de-risking exercise, as well as an opportunity to develop the respective project further with the arsenal of specific legal & regulatory knowledge that the team at BCAS brings to the table. We firmly believe that the transitory trend of regulating DAOs as separate legal entities may potentially solve the issue of personal liability of the core members involved, but would destroy the very concept of a DAO. The only solution is that decentralisation must not only be achieved, but seen to be achieved, and that is precisely the scope of our novel service offering.