FinCEN associate director says his agency has its eyes on DeFi projects

The Ronin Bridge attack has drawn attention to how DeFi projects can be weaponized in national security threats.
Alessio Evangelista, associate director of FinCEN. (courtesy of Chainalysis)

Decentralized finance products aren’t avoiding the scrutiny of the Treasury Department’s FinCEN division when it comes to the agency’s ongoing crackdown against the illicit use of cryptocurrency, a top official there says.

While the aim of DeFi projects is to eliminate the middle man in consumer transactions, allowing customers to send cryptocurrency directly to one another across the blockchain, FinCEN (short for “Financial Crimes Enforcement Network”) has found that many products and protocols aren’t as hands-off as they allege.

“If they’re not decentralized there are obligations,” Alessio Evangelista, FinCEN associate director, said Thursday at a New York City conference hosted by Chainalysis. “They have to comply with the law.”

In some cases, FinCEN has found that the platforms have intervened in user activity, making them liable under anti-money laundering laws.


“When you ask me to conduct an investigation or have a conversation with one of the protocols and find out whether they have, for example, the capability … or have they ever actually stopped a transaction, in many cases they have,” said Evangelista.

The DeFi industry has attracted scrutiny for being a frequent target of hackers. In April U.S. officials tied a hack of more than $600 million from the cryptocurrency bridge Ronin to North Korea’s Lazarus Group. The hack was the largest of a DeFI platform to date.

Evangelista cited the attack in encouraging the industry to make sure that it innovates in ways mindful of both consumer protection and national security: “We want to support responsible innovation that has compliance embedded in its DNA.”

President Joe Biden made a similar call to the industry in a March executive order aimed at examining security and competition issues in cryptocurrency. The order called out a lack of adequate cybersecurity protections in the industry.

The executive order is approaching its first deadline in June, a requirement that several government agencies including State and Treasury departments make recommendations and report findings on the use of digital assets by illicit actors.


Bloomberg first reported the change.

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts