Who Does Routine Due Diligence?

As the title states. Who does the routine due diligence on counterparties who wish to do business with us? This could be CUs, projects asking for grants, or entities offering to provide services to us directly.

This is not specific to new CUs, but I see no reference to very standard things like verifying employment history, credit checks, criminal background checks, etc. These are routine things that need to be done before handing millions in operating budget to what are effectively contractors scattered across multiple jurisdictions.

Is there some standard process for due diligence on people/entities that wish to do business with us? We have one for collateral, and we need one for parties we fund or do business with directly.

At the least, a standard process would make for a fairer evaluation of those requesting to do business than doing it ad hoc each time.

This is an urgent need

7 Likes

How do you do due diligence on @LongForWisdom ?

6 Likes

This summarizes it.

I think we’d be doing the DAO a major disservice if we only accept “known” individuals. Pseudonymity is a valuable tool in the face of adversaries. IMO this kind of DD is something we should do when it makes sense (e.g. when onboarding an RWA borrower), but not for Official DAO Members.

2 Likes

I think if someone wants us to give them large sums of money that we have no way to claw back, it’s foolish not to do very standard stuff. No one who is doing material amounts of business with us is going to be using a pseudonym.

1 Like

Fair, but then I think you need a good answer to @SebVentures 's question.

1 Like

Also worth noting that with Core units, if they wish to have a Governance approved Multi-Sig they have to give the ability for Governance to take back funds. The community is welcome to decide if they will be harsher on Core Unit’s asking for funds and not planning to use an approved Multi-Sig. Each budget dispersal represents a small portion of current revenues, MKR holders have the chance to say whether they trust the funds will be spent wisely when the proposals are made in Good Faith, adding a hard DD requirement seems to go against the spirit of the DAO.

1 Like

This is an interesting discussion!

I guess one could rephrase the question to be: Are we able to allow the people working for or with the DAO to remain pseudonymous or do these individuals need to be treated like conventional employees/business partners in centralized institutions?

So far, I’m not sure I’ve seen a situation where the pseudonymity was a problem but I can also imagine there might be some situations where no smart contract solution is sufficient.

I think we can probably pick a threshold where it’s risky to not know who we’re doing business with. Want to do business above X amount with us? Then we need to know who you are and that the things you say you’ve done in the past are true. Don’t like it? Find someone else to be the responsible party for your proposal.

I can think of other reasons we’d want to know who we are outsourcing our needs to, but just ask yourself where else in the world can you go and on the basis of some forum posts and maybe a Zoom call and be seriously considered for millions of DAI in funding?

This doesn’t need to be something onerous. But a basic level of confirming that people are not financial criminals or scammers is a must. We’re starting to throw around large amounts of money, and we need a way that’s not ad hoc to do due diligence on people.

I should stress this is not about any specific proposals before us right now – any due diligence will have to be ad hoc unfortunately. But we need to have a process in place so that basic due diligence is evenly applied to all future requests from unvetted parties to do business with us.

Otherwise we open ourselves up not just to the risk of being scammed or defrauded, but also just of being accused of not treating people equally when they come to us with proposals. So a process we can point to protects us from the most obvious attempts at fraud/conning, protects us from favoritism that promotes bad ideas for funding, and protects applicants from any discrimination that could prevent good ideas from receiving big funding.

I feel like this is a no-brainer. You can’t even be a bank teller without a credit check. Are we honestly going to fund or incubate startups that themselves have no history and not check on the people who are running them?

The proposed SES unit in particular should have an interest in shaping this process. @juan @wouter I believe are the folks I should have tagged at the beginning.

1 Like

IDK, feels like a lot of TradFi thinking. This is a Decentralized Autonomous Organization, adding KYC pulls us away from the heart of what we are trying to build. Plenty of companies like BlockFi if you wanna go the CeFi lending route.

In general we want to promote accessibility to Governance, not take it away. We incentive good debate on the forums in an attempt to make this as open and transparent as possible. There is no CEO of the DAO and contributors can come and go as they please. The reason we have the Facilitator Onboarding Subprosal is to give community members willing to shoulder more accountability and responsibility a chance to let the community know who they are and what they are committing to. Might be helpful to look over Kathleen’s Facilitator Onboarding if you’re worried about credentials, or maybe Long’s Subproposal to see what that looks like from a pseudononymous prospective.

2 Likes

They’re not our customers. We’re their customers. It’s one thing to let people self custody and talk about how we just provide the contracts and people do their own thing. But if we directly give large sums of cash to entities that use that money for nefarious purposes, get it stolen through lax security practices, or simply spend it on a private jet for their CU and have “meetings” in Cabo San Lucas, we’ve got a big reputation issue.

The money is part of it. But so is there not being a sign out front that says “we give money to strangers who we can’t verify they actually are who they say they are!”

At its most basic level, how do we verify someone has worked on project XYZ at company ABC if they’re telling us they can execute on something? Or that they aren’t $4 million in debt and skimming from us is easy because we don’t ask for more than a pie chart for a budget?

If someone is a criminal, deeply in debt, or outright fraudulently claiming identity or expertise they don’t have, we would be negligent not to take the absolute most basic steps to verify these things. They’re not expensive. They’re not tedious. They’re absolutely routine.

1 Like

We don’t get to this level of growth by not paying the people who contribute to it. There are lots of drawbacks to working for the DAO, but a huge advantage is the lack of traditional gatekeeping that stops qualified individuals from being able to contribute with their skills and expertise. Much like how we manage the risk of our vaults we ask MKR holders to manage the risk of distributions. If they are unhappy with a proposal they can vote it down (happens more frequently with things like Signal Requests, but I’d say part of that is due to our robust structure of requiring MIPs to be open for feedback for at least a month before they are submitted).

The reason you haven’t seen as much questioning on the background of CUs so far is because they are more or less completely know entities. They are the people that have helped build the DAO to what it is today and are the ones brave enough to take the first steps of the transition while others wait to check the temperature of the DAO. The fact is anyone can bring up topics for debate on the forums and perhaps that includes some elements of DD you reference, but one of reasons the protocol was created to avoid the biases of traditional finance systems. Would be quite odd if we provided that for interacting with the protocol but took things like credit checks as gospel for dealing with Governance.

2 Likes

I don’t want to make this thread about specific CU proposals.

Just because many people don’t like TradFi doesn’t mean everything they do is wrong. If someone comes and uses their work experience as evidence of why they should be given funds, we need to ensure they are who they say they are and that they have the experience they say they do.

We cannot seriously use the ability to write an articulate forum post as the main line of defense against things getting approved in a voting ecosystem where there’s almost no participation – and presumably not that much attention paid.

The crux of the issue is about trust. Whether that is through transparency of past performance or earned over time, whatever ways we determine that an individual or group is trustworthy enough to receive support from the DAO is up for debate.

2 Likes

3 Likes

I am thick and trusting…

3 Likes

So, an anon asking for non-anon people, my mind just blowed up !

1 Like

I’m not anonymous. I’m just too lazy to put a photo up :man_shrugging:

But I’m also not asking for large sums of money as a vendor or CU or whatever.

Paper makes great points – perhaps Dai could/should be allotted so the DAO can conduct background checks and search legal databases about CU candidates? Many of them are ex-Foundation now but with the sizable treasury and a growing ecosystem, it likely won’t be long before new faces (and perhaps some nefarious ones) join the fray. If those new persons want to receive funds from the DAO, perhaps their identities should be disclosed to a “DD CU”.

1 Like

2 Likes

But remember, El Pro, no one knows what happened to the Russian…

1 Like