In 2019, the infamous Canadian cryptocurrency exchange – QuadrigaCX swindled more than USD 190 million from investors. This should have barred its co-founder, Michael Patryn, from being involved in the finance and crypto industry for the security of investors. Yet the decentralised finance (DeFi) platform has provided Michael Patryn with new opportunities, as it was revealed in January 2022 that the swindler has been working as the anonymous treasury manager of popular DeFi protocol, Wonderland.  

The disclosure has sparked heated debates on the safety and security of DeFi protocols. Consumers further question whether the benefits of DeFi outweigh its risks. As the adoption of DeFi becomes increasingly common, it is crucial for consumers to understand the security risks associated with DeFi ‌to make informed decisions when investing in the emerging market.


Introduction to DeFi

DeFi is a brand new internet-native financial system that functions similarly to other blockchain and cryptocurrency systems, based on secure distributed ledgers. It eliminates the need for intermediaries, such as banks and other financial institutions, while removing their control over money, financial products, and financial services. It is made possible via peer-to-peer financial networks that employ connection, software, upgraded hardware, and security protocols.

DeFi relies on software that records and verifies financial transactions in distributed financial databases. A person can borrow, lend and exchange from any place as dependent on only one condition: the availability of an internet connection. When all the conditions are met, a distributed database provides access from multiple locations and gathers and aggregates data from every user before validating it via the consensus process.


Advantages of DeFi

Undeniably, the rise and use of DeFi are accompanied by several advantages. DeFi enables all users to access financial services while maintaining the integrity and dependability of the whole financial system. This is attributed to the decentralised structure of a blockchain system. Anyone with an internet connection can access DeFi services and users may even keep their identity anonymous. Transactions on DeFi are also transparent as the distributed ledger records information of all activities on the blockchain network. Leveraging on cryptography and consensus algorithms, it is guaranteed that the recorded transactions are immune to alterations in a DeFi system. Many DeFi projects are built with open-source code, allowing opportunities for developers to constantly create and innovate many new financial products and services.


Risks of DeFi

Nevertheless, the financial freedoms offered by DeFi come with potential risks. As spokesperson for the Monetary Authority of Singapore (MAS) aptly pointed out, “Cryptocurrencies could be abused for money laundering, terrorism financing or proliferation financing due to the speed and cross-border nature of the transactions”. The lack of third-party mediators, rules and regulations also limits consumer protection from scams and frauds in the DeFi space, especially where culprits are harder to track down. In 2021, more than $10 billion worth of assets have been lost to DeFi frauds and thefts, and the number of crimes are even higher in the following year with notable attacks such as the hack on Axie Infinity’s Ronin sidechain and Harmony’s Horizon Bridge. The case of Wonderland DAO mentioned earlier also attests to the high level of risk posed by the large-scale and highly liberated DeFi market. 


How Can We Make the Environment More Secure?

There is a need to make the DeFi space more secure in order to safeguard the interest of both organisations and consumers. Perhaps tighter rules and regulations should be put in place in the DeFi industry; however, this could prove ‌counterintuitive since it might cause DeFi to become extremely similar to centralised finance (CeFi) which is highly controlled. In this case, DeFi exchanges could engage their vendors and implement security protocols based on their own terms. 

In many other parts of the world, regulators have classified DeFi related platforms as financial service providers and with this classification, the platforms will have to adhere to the prevailing AML/CFT regulations and conduct Know-Your-Customer (KYC) procedures on their clients. Reports have shown that enforcing KYC and AML laws is the key to reducing attacks in DeFi such as ransomware attacks. By forcing platforms to collect, verify, and screen identification data from users with proper KYC and AML protocols, it provides an additional layer of security to reduce potential identity theft and intrusion by suspicious individuals or fraudsters. 

With more advanced and comprehensive artificial intelligence and machine learning, Know-Your-Transaction (KYT) procedures can play a significant role in combating the risk of scams and frauds in DeFi as well through thorough screenings and analysis for suspicious transactions, especially when identifying and tracking the movements of stolen funds.


DeFi in the future

DeFi is a promising and thriving industry which goes beyond traditional norms and can bring many new opportunities and innovations to the economy. With adequate compliance and regulatory protocols, DeFi will be a much more secure space for organisations and investors and even encourages DeFi adoption in the long run.