Staking is everywhere.
More and more service providers, banks, custodians, non-custodial staking providers and protocols are offering all kinds of staking services — from restaking to liquid staking and staking derivatives.
Staking has truly become a force in crypto, reaching an all-time high of $350 billion in total market cap. Institutional investors and financial institutions are finally starting to understand the new business models of blockchain and the role of staking — it’s like we will soon see an Ethereum staking ETF from one of the Wall Street giants.
But as the popularity of staking increases, institutional investors in many cases are accessing permissionless staking protocols, staking and node infrastructure without proper risk management and Anti-Money Laundering (AML) controls in place. Examples include the commingling of crypto assets on validator node infrastructure or using permissionless smart contracts to take deposits and make withdrawals with exposure to sanctioned funds.
As our industry matures, we must face the fact that a new guard of regulated crypto companies will emerge. These companies will need to meet regulatory requirements and oversight when offering services.
We cannot in good conscience claim that custodians and staking providers are not subject to regulatory oversight when offering staking services, because the services are a) just renting a server, or b) are non-custodial or sufficiently decentralized. This is misguided and, at worst, misleading to clients.
Blockchain technology and the reinvention of money, finance and the web will take place using distributed, and in some cases, fully decentralized networks that will set ownership free in the same way as information was on the early internet.
But existing regulatory frameworks and new crypto regulations will need to apply to institutions engaging in staking crypto assets. For example, the EU recently agreed to make all CASPs obligated entities that are subject to enhanced customer due diligence and strict AML regulation. This directive will extend to running staking validator nodes, which means regulators will oversee all entities facilitating custody and staking through centralized and decentralized counterparties.
How will regulators regulate staking?
The crypto market cap is rapidly being divided into open, permissionless crypto and regulated crypto. Regulated crypto is where institutions operate with known counterparties creating pathways for retail investors through vehicles like exchange traded funds (ETFs).
Regulators will regulate at the entity level, meaning they need a counterparty to sue if the entity itself is breaching anti-money laws, securities laws or violating sanctions. This drives already established practices with institutional clients, who rigorously counterparty-assess their service providers.
Read more from our opinion section: DeFi needs institutions — and regulation
In addition, crypto regulation will focus on points of centralization, as we know today from a similar type of regulation for the internet. For example, GDPR is enforced at the entity level, not enforced at the network or application level, requiring operating entities to show authorities that they are operating in compliance. This means that certain types of data cannot be stored in certain jurisdictions and the burden of proof sits with the operating entity.
GDPR can be directly compared with EU crypto regulation, where institutions will have to document to regulators that they, and by extension, their counterparties, are operating in compliance with current AML and securities laws and future crypto regulation.
It’s not about connecting your wallet
A crypto-native staker’s intent may well be to just earn passive income through their staking, which does not make staking a financial service in this context. But it will be hard to argue against regulating staking, as it exhibits all the characteristics of a financial service through the lens of an institutional investor.
Institutional investors have grown accustomed to the same ease of use as crypto-native practices which means they inadvertently opt in on services that they haven’t fully risk assessed. Investors often realize too late in the process that they are breaching their fiduciary duty to thoroughly risk assess all counterparties.
From a regulatory standpoint, how to securely stake in a compliant way may well have been poorly understood prior to the Ethereum Merge, spot BTC ETF approval in the US, and the recent crypto fraud and bankruptcy cases. The next blow-up in crypto will likely be connected to negligence in complying with current and future crypto regulations or exposure to sanctioned entities through instruments staking, as regulators gradually get the enforcement tools they need.
We encourage all investors and financial institutions to look past crypto’s technical complexities. Instead, they should make sure to pursue well-known and accepted practices that ensure they are not caught on the wrong side of regulation, just because they opted in on a service they didn’t fully understand or examine.