QX DeFi Risks Compass
  • 💡GETTING STARTED
    • About
    • License
    • How to Give Attribution For Usage of QX DeFi Risks Compass
  • 🏦Risks in TradFI
    • Global Finance - Key Framework
    • Risk Frameworks
    • Basics I - Terminology & Concepts
  • ⛓️RISKS IN DEFI
    • Deciphering DeFi Risks
    • DeFi Risk Management
    • EEA DeFi Risk Assessment Guidelines
    • Basics II - DeFi
  • 🥷Systematic Risks
    • Market Risk
      • Defining Market Risk
      • Assessing Market Risk
      • Managing Market Risk
      • In Practice
      • Liquidity Risk
        • Defining Liquidity Risk
        • Assessing Liquidity Risk
        • Managing Liquidity Risk
        • In Practice
    • Compliance & Legal Risk
      • Defining Compliance & Legal Risk
      • Assessing Compliance Risk
      • Managing Compliance Risk
      • In Practice
    • Bridge Risk
      • Defining Bridge Risk
      • Assessing Bridge Risk
      • Mitigating Bridge Risk
      • In Practice
    • Oracle Risk
      • Defining Oracle Risks
      • Assessing Oracle Risks
      • Managing Oracle Risks
      • In Practice
  • 🥷UNSYSTEMATIC RISKS
    • Software Risk
      • Defining Software Risks
      • Assessing Software Risks
      • Managing Software Risks
      • In Practice
    • Economic/Financial Risks
      • Defining Economic Risks
      • Assessing Economic Risks
      • Managing Economic Risks
      • Tokenomics Risk
        • Defining Tokenomics Risks
        • Assessing Tokenomics Risk
        • Managing Tokenomics Risk
      • MEV Risk
        • Defining MEV Risk
        • Assessing MEV Risk
        • Managing MEV Risk
      • Credit Risk
        • Defining Credit Risk
        • Assessing Credit Risk
        • Managing Credit Risk
    • Governance Risk
      • Defining Governance Risk
      • Assessing Governance Risk
      • Managing Governance Risk
    • Standards Conformance Risks
      • Defining Standards Conformance Risks
      • Assessing Standards Conformance Risks
      • Managing Standards Conformance Risks
    • Security Risk
      • Security Risk Assessment
      • Security Risk Mitigation
Powered by GitBook
On this page
  • Intro to DeFi Risks
  • Systematic vs Unsystematic Risks
  • Risks Categories in DeFi
  • Resources

Deciphering DeFi Risks

Intro to DeFi Risks

While offering financial innovations, decentralized finance (DeFi) exposes participants to new kinds of risks not typically found in traditional finance (TradFi). Both traditional financial risks and new risks manifest in DeFi, often in unique or amplified forms due to:

  • The decentralized nature of these platforms. DeFi platforms have governance risks as they are managed by decentralized autonomous organizations with community participants who facilitate operations and make platform decisions through a consensus mechanism instead of a centralized entity. This introduces risks if proposals are manipulated for exploitation instead of platform growth.

  • The fact that blockchain and smart contract technologies which power DeFi applications are still emergent technologies. As smart contracts get adopted to decentralize traditional financial functions, vulnerabilities (if any) in their code can get exploited to compromise applications built using them leading to hacks and loss of funds. Hence rigorous testing including full audits are critical.

  • The nascent nature of the regulatory frameworks surrounding DeFi. There is ambiguity on how existing regulations and compliance standards might apply to these decentralized platforms leading to legal uncertainty. New policy frameworks specific to crypto and digital assets are still shaping up across global jurisdictions posing users to regulatory uncertainty.

The framework proposed by Weingärtner, Tim and Fasser, Fabian and Reis Sá da Costa, Pedro and Farkas, Walter aims to categorize and visualize DeFi risks, enhancing stakeholders' ability to identify and assess them effectively. This approach is valuable for navigating the DeFi space, where traditional risk management frameworks may not fully apply.

Systematic vs Unsystematic Risks

In TradFi, systematic and unsystematic risks are two fundamental types of risks used to characterize the causes and effects of risk

Systematic Risks: Also known as market risks, these are inherent to the entire market or market segment and influence all assets within that market. Systematic risks are challenging to diversify or hedge against because they are driven by external factors that affect the entire economy or large sectors of it. These factors include economic conditions, political events, technological advancements, inflation, deflation, recession, and conflicts. Due to their broad impact, systematic risks represent vulnerabilities that cannot be easily mitigated through traditional diversification strategies.

Unsystematic Risks: Often referred to as specific risks, these are associated with a particular asset or industry. Unsystematic risks can be diversified or hedged against because they arise from internal factors specific to a company or industry, such as the quality of management or the performance of a particular product or service. Unlike systematic risks, unsystematic risks pertain to issues that can be managed or mitigated at the company or industry level, without the broader market being affected in the same way.

Risks Categories in DeFi

Applied to DeFi protocols, we can define systematic and unsystematic risks as:

Systematic Risks These are risks that impact the entire crypto market or broad DeFi ecosystem. Examples include changes in overall crypto regulations, vulnerabilities in underlying blockchain infrastructure, shifts in monetary policies affecting crypto, and macroeconomic factors like recessions. These market-wide risks cannot be managed by individual DeFi protocols.

Unsystematic Risks: These are protocol-specific risks tied to the unique aspects of each application. For instance, smart contract risks, oracle failure risks, governance risks, and liquidity risks. Unlike the shared market risks, these can be addressed more directly within each decentralized finance protocol through audits, better tokenomics, governance structures, and risk management practices.

Systematic risk categories for a given DeFi protocol include

  • Market Risk: Pertains to the risk of loss due to changes in the market value of assets or liabilities, specific to the DeFi protocol's market segment, influenced by shifts in investor sentiment, liquidity conditions, and asset-specific factors.

  • Regulation Risk: Involves the risk of adverse impacts from changes in legal and regulatory frameworks, including compliance failures, legal penalties, and the evolving landscape of blockchain and cryptocurrency regulation.

  • and, External Technology Risk: Refers to risks stemming from technological threats external to the DeFi protocol, such as blockchain network vulnerabilities, third-party service failures such as oracle risks, and cybersecurity threats from hackers and malicious actors.

Unsystematic risk categories for a given DeFi protocol include :

  • Financial Risk:

  • Operational Risk: Relates to the potential for loss resulting from inadequate or failed internal processes, people, and systems within the DeFi protocol, including management failures, procedural errors, and other operational inefficiencies.

  • and Internal Technology Risk: Concerns the risks associated with the technical infrastructure and software of the DeFi protocol itself, including smart contract vulnerabilities, code bugs, and system downtime.

While the framework presented above provides a categorization of risks, it does not provide industry-tested guidelines on how to assess, manage, and account for those risks. For this, the Enterprise Ethereum Alliance (EEA) DeFi Risks Assessment Guidelines offer a more detailed, industry-focused set of guidelines and best practices tailored specifically to DeFi projects and their stakeholders.

Resources

Weingärtner, Tim and Fasser, Fabian and Reis Sá da Costa, Pedro and Farkas, Walter, Deciphering DeFi: A Comprehensive Analysis and Visualization of Risks in Decentralized Finance (October 3, 2023). Swiss Finance Institute Research Paper No. 23-96, Available at SSRN: https://ssrn.com/abstract=4607944 or http://dx.doi.org/10.2139/ssrn.4607944

Enterprise Ethereum Alliance (EEA) DeFi Risks Assessment Guidelines (16 January 2024): https://entethalliance.org/specs/drafts/defi-risks/20230116/

Financial Stability Board The Financial Stability Risks of Decentralised Finance (February 2023) https://www.fsb.org/wp-content/uploads/P160223.pdf

Systemic fragility in decentralized markets - https://www.bis.org/publ/work1062.pdf

PreviousBasics I - Terminology & ConceptsNextDeFi Risk Management

Last updated 7 months ago

Page cover image