What Should Community Driven Compliance in DeFi Look Like?

In our previous article, we discussed the convergence of DeFi and CeFi as an inevitability. For the DeFi industry to mature, new ideas, concepts and applications must take into account how to lower the cost of entry and stabilize the volatility that is seen in the space. To do so, we, as a community should start thinking about how compliance in DeFi should look like.

Unlike CeFi, DeFi has no governing body to regulate against bad actors. Though there are inherent risks, the advantage of permissionless and trustless banking is that it allows for the millions of the unbanked to access capital and services that are traditionally offered only to corporations and wealthy individuals. Down the road, we’ll see products centered around user experience in order to remove the friction of DeFi and attract nontechnical users from the traditional markets as well as new investors. In addition, individuals should be able to make their own choices on how to grow financially regardless of their standing in the eyes of a central bank that governs a currency or sets monetary policies. In short, for mass adoption to happen, the DeFi community needs to come together in order to establish a set of standard compliance requirements in order for the rest of the world to participate.

What would a set of compliance measures look like? Many in DeFi believe the following list should form the basis of what compliance standards should look like.

  • Whitelisted Addresses
  • AML and GDPR compliant systems
  • Audited Codebases and Third Party Certifications
  • Insurance
  • Limits and Safety Margins

At NAOS Finance, we’ve currently adopted whitelisting, audited codebases and insurance as primary pillars to our core concept of compliance.

Know Your Customer Diligence/Whitelisting

Onboarding an asset into MakerDAO(or AAVE) requires a multi-step process in which each respective community acts as an intermediary by voting. Invariably, the process still requires off-chain involvement as documentation and records are needed for the community to properly asset the worthiness of each applicant. Additionally, the concept of VASPs(virtual asset service providers) could also be leveraged to bring about sufficient expertise and preserving elements of highly sensitive information.

In the NAOS world, we think reputation and the KYC process can be simplified through smart contracts. Borrowers and lenders should have sufficient access to each other’s transaction history in order to determine the optimal relationship between two parties. A borrower can establish a reputation through timely paybacks and solid returns to lenders so that they automatically become “whitelisted” to use the protocol as long as they maintain their good standing. This unfettered access to information allows for individuals who are excluded from traditional banking, savings and trading ecosystems to choose the level of involvement they desire. Leading to higher active participation and a wider breadth of interest bearing products in the market.

Codebase Audits

With the level of TVL in DeFi increasing by the day, the sophistication and cadence of security exploits will increase alongside it. Scott Lewis from DeFi Pulse proposes the concept of audit standardization where audits would involve identifying the hours of engineering work involved in a project, number of bugs found, risk assessment of each bug and an overall project assessment based upon usability. Lately, there has been discussions around the importance of establishing a DeFi Score, a metric used to measure project risk. But ultimately the awareness of these risks and knowledge to patch the exploits must be promoted in the DeFi space and be driven by community involvement.

For many new and upcoming projects(like NAOS), the key to earning trust from members of the community and the general public is to ensure our codebase is properly audited and secure. Though security standards in DeFi are rather nascent, the willingness to experiment and adapt will prevent repeated exploits from happening again. In addition, we see audits becoming a growing separate industry whose significance cannot be understated in part, driven by heavy influence from the entire DeFi community.


Decentralized insurance acts as a safety net for the DeFi ecosystem. Services range from wallet insurance to smart contract insurance, the comfort of knowing that assets are protected in the case of a bug or hack creates a peace of mind for crypto investors. Unlike legacy insurance, which often times are full of shady and unethical players, the transparency and trustless nature of DeFi allows for openness into how insurance is managed and granted. Projects such as Nexus Mutual and Etherisc are prime examples of projects bringing insurance to DeFi in different areas. Insurance can also be seen as a gateway to capture a wider audience that is more willing to take on more market risk and less security.

As DeFi continues to mature, the community will be the drivers in establishing compliance standards and product offerings. The accessibility that DeFi offers presents opportunities to address markets in developing and mature countries for an entirely new slew of users.

About NAOS Finance

NAOS Finance is a DeFi lending protocol allowing lenders and SME borrowers to facilitate permissionless and borderless loaning/borrowing transactions on the blockchain. Built on Ethereum, our platform lets users tokenize real-world assets and subsequent lending.

We operate compliantly and legally in top markets around the globe, maintaining safety as a top priority and fostering enhanced trust in the lending/borrowing process.

To remain informed on everything about our project, be sure to visit our website and join the family by following our social media platforms:

Website | Whitepaper | Telegram Announcements Channel | Telegram Community | Discord | Twitter



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store