Regulatory Recourse - Quantifying Centralized Stablecoin Risk

This felt like it deserved its own post for others in the community to explore. It’s in response to the discussions of onboarding stablecoins that are off-chain non-synthetic assets and/or claim tokens.

IMO - Happy to personally do a webinar/Q&A style overview as I believe it’d be a better format for understanding the reasoning, and ultimately can help grow the knowledge base for the community. It’s also a better platform to disprove/shoot down any disagreements/oversight/etc… Poking holes in things is a great way to force progress.

----- (Example) Risk Quantifying Summary ------

tl;dr Example for evaluating the most optimal top tier/least counterparty risk

*It’s a public holiday, so this isn’t a complete report, but it may help articulate the varying considerations that are important.

image

Goal - Evaluate associated risk by quantifying the path for recourse (recovery of assets).

Ideal result - Provide the maximum amount of certainty that funds are in good standing and will always be recoverable for any entity that is holding a representation of the claim on funds at any point in time.

Important Note - The last thing that is evaluated is the audits or proof of reserves. All the others pieces must be in place prior to getting to that point.

Stablecoins (USD) - Tier 1 Example - What we should always be looking for…

  • Entity Location - Domestic.
  • Regulated - Federally (FinCEN Registered Money Services Business, minimum).
  • Regulated - State Licensing (Money Transmission Licenses in 25+ states).
  • Regulated - Licensed Custodian.
  • Regulated Custodian - SOC 1 / SOC 2 audits completed.
  • Crypto Custodian - Insured.
  • Crypto Custodian - Located Domesitcally.
  • Fiat Custodian - Domestically.
  • Insurance - FDIC accounts, FDIC pooled, or FDIC passthrough equivalent.
  • Custodian Insurance - Underlying custody setup of digital assets holding insurance policy for HW, and insurance for duress/captive as a bonus.
  • Fiat Investments - T Bills (Government backed).

------ END ------

NOW we can see if they’re publishing audits on a timely manner.
THEN look at the asset specifically as to whether it adds value, captures value, supports the mission/vision of Maker as established by the leadership team and community goals etc… For example (we could satisfy all of the above, but then we get to this point only to find a market cap of $1,000.

Thoughts you probably have now
- "Centralization sucks"
Sure, but this is an ongoing/evolving industry.
execution/consideration isn’t needed, but seems like a great attitude. Decentralization is a destination you never get to, but you just move towards. So moving toward it is healthy, and sometimes feels like you have to go backwards to go 10 steps forwards.

Why would you evaluate these first?
"Regulation sucks screw that"
I hear the sentiment, but tbh, in this scenario it’s fantastic. Why is it fantastic? Katie Haun from a16z (who are big investors in Maker) can likely give good support to the advantages / trade-offs I’m sure way better than I could (she’s got like a billion years experience in this domain).

Also - Regulation is what’s clinged to in the recovery of assets on the Black Thursday. So anybody supporting that class action approach is using regulatory recourse to be made whole. So it’s still very much a modern path for many to recover their assets.

FWIW - I was hoping these would be left to a later time for Maker to introduce, along with WBTC etc… As it’s seemed like a solvable technical problem, but overall the market dynamics changed a lot over the past 18 months, and even more in the past 2 months. So I support the spot we’re in regardless, and trust the judgement of the leadership team (both for MKR, and Risk). Anywho, for those interested, I hope this can spawn additional reading interest and if nothing else give a little more education for the community as a whole. Thanks!

Other posts previously where I’ve discussed similar topics if it’s helpful.

Autonomous Risk Evaluation Approach
:fries: McDAI Asset Risk Thoughts :fries:

Oooof - Man this took way longer. Sorry it’s so long, but hopefully there’s something peppered amongst this word salad that you found useful. If not, you probably never made it this far down the post so you’re likely not reading this and enjoying your day :blush:

Keep kicking butt everyone, it’s a process, but the team and community are doing awesome work and progress is the main objective IMO, which feels like is being made each day. So a big thanks for everyone contributing past/present/future.

mkrftw

8 Likes

Awesome post Mike, thanks for the deep insight. I particularly like the evaluation framework you presented:

  • Entity Location - Domestic.
  • Regulated - Federally (FinCEN Registered Money Services Business, minimum).
  • Regulated - State Licensing (Money Transmission Licenses in 25+ states).
  • Regulated - Licensed Custodian.
  • Regulated Custodian - SOC 1 / SOC 2 audits completed.
  • Crypto Custodian - Insured.
  • Crypto Custodian - Located Domesitcally.
  • Fiat Custodian - Domestically.
  • Insurance - FDIC accounts, FDIC pooled, or FDIC passthrough equivalent.
  • Custodian Insurance - Underlying custody setup of digital assets holding insurance policy for HW, and insurance for duress/captive as a bonus.
  • Fiat Investments - T Bills (Government backed).

We can start collecting this data for USDC, TUSD, and PAX and take it from there and slowly iterate over the evaluation process.

Do you have any sense of how to quantify the counterparty risk after having done the due diligence? Or is this more of a binary thing where you want to make sure all these boxes are checked, and not proceed otherwise.

4 Likes

Yep! Good question - re: Quantifying counterparty risk.

These are qualifying attributes (e.g. what would satisfy tier A+++).
Then if you’re evaluating the weighting of them in the system, you would look at the details of their qualifying attributes. If you need at a minimum, all assets insured in the custodian, then you can determine who has the highest amount of coverage. That would then weigh the asset heavier.

So those above factors are binary for determining a consistent risk profile, however if you wanted to be ultra granular, you would look at the specifics underneath. Lets take an example of GUSD vs USDC.

Custodian - GUSD has completed a SOC2 audit, USDC has not
Regulated entity - State licensing carry a thing called “surety bonds” so Money Transmission Licenses state by state is a must for tier 1 (in our perspective, not imposing).

A surety bond is something that the entity has held with the state (each state specifically). They’re a % of the AUM for that states users. E.g. California users hold a balance of $10M total, then the state might say they want 20% to hold in the event that we disappear off the face of the earth.

Translation in crypto language: Surety bonds are basically Proof Of Stake with the regulators. "I’m a good actor, and even if I screw up, you will slash 20% of our holdings."

1 Like

This is a good framework! I think it’s important to keep in mind varied regulatory entities as well at the portfolio level, not just quality of individual collateral and regulatory entities. But, that’s all I really have to add.