DeFi Projects – Legal Challenges in Europe and Turkey

The Law on Amendments to the Capital Markets Law, which entered into force on July 2, 2024, the Crypto Asset Law, as we are familiar with, classifies various crypto assets, while also imposing significant obligations on Crypto Asset Service Providers (“CSA”). However, one of the important points to be noted is that the Law was prepared to regulate centralized CSAs, namely CEXs (centralized exchanges) in general. At least in the primary regulations, we understand that the Law focuses on regulating centralized CSAs and that its priority is in this direction. Although the definition of CSA given in the text of the Law does not define service providers as centralized and decentralized separately, it provides a very comprehensive definition of CSAs and foresees that they fulfill the same obligations by including both types.

This situation has caused uncertainty about the status of Decentralized CVSPs not only in Turkey but also in Europe, especially after the Markets in Crypto-Assets Regulation (“MiCA”) focused on Centralized CVSPs, and has led to discussions in the doctrine.

The wording in Recital 22 of the MiCA directive clearly states that the directive should apply to natural persons and legal entities and certain other undertakings, including those that provide crypto-asset services and activities directly or indirectly performed, provided or controlled by them, and where part of such activities or services are performed in a decentralised manner, while those that provide crypto-asset services in a fully decentralised manner without any intermediaries should not fall within the scope of this directive.

As can be understood from the wording of the directive, in this case, it can be understood that DeFi protocols are out of scope in the context of MiCA. However, this is where the real problem begins because the statement in the relevant recital of MiCA is quite open to interpretation.

It should be discussed to what extent decentralization is included in the doctrine and will be outside the scope of this directive. The reason why the legislator does not focus on decentralized KVHSs is to take precautions as soon as possible against large-scale grievances such as the FTX crisis that has recently occurred in centralized crypto asset exchanges. I predict that more comprehensive definitions will be made with secondary and subsequent regulations.

In order to understand the situation of decentralized KVHSs in Turkey, it is necessary to examine the definition of KVHS made in the Crypto Law. The Crypto Law defines KVHSs as “Platforms, institutions providing crypto asset custody services and other institutions determined to provide services related to crypto assets, including the initial sale or distribution of crypto assets in the regulations to be made based on this Law”. Since this definition is quite comprehensive, it initially covers crypto asset exchanges, as well as institutions that conduct ICO (Initial Coin Offering) and IDO (Initial DEX Offering). In addition, as we mentioned above, since there is no distinction between centralized or decentralized KVHS, we understand that DeFi protocols are also within the scope of this law along with the primary regulations. This situation may change with secondary and subsequent regulations, and since these obligations imposed on DeFi protocols are quite heavy and unjust in practice, I foresee that the scope will be narrowed or a separate definition will be introduced for decentralized platforms. However, I think that it would be beneficial for these businesses to take the necessary precautions at the first stage.

Although the concept of regulation is against the nature of DeFi, full decentralization does not seem possible at the moment. Therefore, it is essential that developers try to comply with existing regulations as much as possible. Here, it is a common practice that DeFi protocols impose geographical restrictions on jurisdictions where there are restrictions by regulations in their user agreements, of course, if they cannot comply with these regulations… On the other hand, if they do not comply with the regulations and stop providing service to the region where the regulations are valid, they must also stop advertising and community activities in this sense. For this reason, many DeFi, dApps and other decentralized KVHSs prefer to be established in island countries where regulations are lighter, such as the British Virgin Islands (BVI) and the Cayman Islands.

Here, I see the benefit of DeFi developers preparing various compliance policies and user agreements in accordance with the services they provide. Among these, preparing compliance policies regarding AML/CFT, data privacy, risk management, and the blockchain technology used will be very useful in preventing disputes that may arise in the future.

The vast majority of regulators conducting regulatory work on blockchain in the world have carried out legislative work by taking centralized KVHSs into consideration. The reason for this is that technology is developing very quickly and users can most easily transact through centralized exchanges. The legislator has made a choice here and focused on centralized KVHSs in order to take quick action and has put forward a study accordingly. However, with the problems encountered in practice, these regulations will also develop and will be developed for decentralized, semi-centralized, etc. KVHSs with different business processes.