DeFi regulation around the world
As of June 2026 most countries have no standalone law for decentralized finance. Existing securities, commodities, and anti money laundering rules can still apply, especially where a protocol has an identifiable operator or front end. Several regulators are actively consulting on how to treat DeFi.
DeFi has few dedicated laws, but it is not a rule free zone: existing frameworks reach it wherever there is someone in control.
Quick answer
As of June 2026 decentralized finance sits in an unsettled space. Very few jurisdictions have a law written specifically for DeFi, but that does not mean it is unregulated. Existing securities, commodities, payments, and anti money laundering rules can apply, and the recurring question across regulators is whether there is a person or entity in control. Where a project builds, runs, or markets a front end, or where users reasonably expect profits from the efforts of others, regulators are more likely to assert jurisdiction. Truly decentralized protocols with no identifiable operator often fall outside current frameworks, but that gap is being reviewed in the EU, the United States, the United Kingdom, and elsewhere. Treat the position as fluid.
United States: existing law and a token taxonomy
The United States regulates DeFi through existing law rather than a single dedicated statute. As of June 2026 joint guidance issued by the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) sets out a taxonomy that sorts tokens into categories such as digital commodities, digital collectibles, digital tools, stablecoins, and digital securities, and applies a facts and circumstances analysis. For DeFi, the guidance does not automatically exempt activity, and the central test draws on the long standing securities law question of whether investors reasonably expect profits from the essential managerial efforts of others. The result is that some DeFi arrangements are treated as outside securities law while others are not, depending on how they actually operate.
European Union: the MiCA exclusion and MiCA 2
The EU drew an explicit line in its main crypto law. The Markets in Crypto Assets regulation (MiCA) excludes crypto asset services provided in a fully decentralized manner without any intermediary. As of June 2026 the practical issue is that few projects are fully decentralized: where a company develops, maintains, or markets a DeFi interface, or otherwise acts as an intermediary, that activity can be drawn within scope. The European Commission has signalled a follow up, often described as MiCA 2, and a public consultation on how to treat DeFi and related activities, so the EU position is expected to develop further rather than remain fixed at the current exclusion.
The FATF control test and anti money laundering
Anti money laundering standards reach DeFi through the idea of control. The Financial Action Task Force (FATF) has guided that where a person or entity has control or sufficient influence over a DeFi arrangement, they may be treated as a virtual asset service provider with obligations such as customer due diligence and the travel rule, even if the project is described as decentralized. As of June 2026 national regulators apply this through their own anti money laundering laws, so a development team or operator that retains meaningful control can face registration and reporting duties. The label decentralized does not by itself remove these obligations.
United Kingdom, Malta, and ongoing consultations
Several authorities are actively working out where DeFi fits. The United Kingdom's Financial Conduct Authority has been consulting on the perimeter of its crypto regime, with firms able to seek authorisation on a defined timeline as the rules are phased in. Malta's financial regulator published a discussion paper on decentralized finance and opened it for feedback during 2026. As of June 2026 these are consultations and works in progress rather than finished rules, which is itself the key point: in most places DeFi regulation is being designed right now, so the position can change quickly and should be confirmed with the relevant regulator.
How the major approaches compare
| Jurisdiction | DeFi approach (as of June 2026) | Lead bodies |
|---|---|---|
| United States | Existing law, token taxonomy, facts based test | SEC and CFTC |
| European Union | Fully decentralized excluded from MiCA, MiCA 2 coming | European Commission and ESMA |
| Global AML standard | Control test can make an operator a VASP | FATF and national regulators |
| United Kingdom | Perimeter consultation, regime being phased in | Financial Conduct Authority (FCA) |
| Malta | DeFi discussion paper open for feedback | Malta Financial Services Authority |
The pattern is consistent: regulators look for someone in control. The more centralized a DeFi project is in practice, the more likely existing rules apply.
Regulator and sources
The lead bodies appear above. These descriptions draw on SEC and CFTC materials in the United States, the EU MiCA regulation and European Commission statements on a follow up, FATF guidance on virtual assets and virtual asset service providers, the FCA in the United Kingdom, and the Malta Financial Services Authority discussion paper, reviewed as of June 2026. Because much of this is consultation rather than final rule, we describe it as in progress rather than settled.
- US Securities and Exchange Commission and CFTC, joint crypto guidance (sec.gov, cftc.gov)
- European Securities and Markets Authority, MiCA scope materials (esma.europa.eu)
- Financial Action Task Force, virtual asset guidance (fatf-gafi.org)
- UK Financial Conduct Authority, crypto regime consultations (fca.org.uk)
- Malta Financial Services Authority, decentralized finance discussion paper (mfsa.mt)
Check which regulated platforms are available where you live
Many people reach DeFi through a regulated exchange first. Availability depends on your country and on whether a platform is available there, so use the country pages to confirm which exchanges are genuinely available to you.
Subscribe to The Compliance Ledger
One short email when a rule changes that affects where you live or trade. Information, never advice.
Frequently asked questions
Is DeFi regulated?
Partly, and unevenly. As of June 2026 most jurisdictions do not have a dedicated decentralized finance law, but existing securities, commodities, and anti money laundering rules can apply, especially where there is an identifiable operator or front end. Truly decentralized protocols often sit outside current frameworks, though that is being reviewed.
Does MiCA cover DeFi?
Only partly. The EU Markets in Crypto Assets regulation excludes services provided in a fully decentralized way without any intermediary, but where a company builds, operates, or markets a DeFi interface that activity may fall within scope. The EU has signalled a MiCA 2 that may address DeFi more directly.
How do US regulators treat DeFi?
Through existing law rather than a single DeFi statute. As of June 2026 joint guidance from the SEC and CFTC sets out a token taxonomy and applies a facts and circumstances test, with the key question being whether users reasonably expect profits from the managerial efforts of others. DeFi activities are not automatically exempt.
Does the FATF travel rule apply to DeFi?
It can. FATF guidance says that where a person or entity has control or sufficient influence over a DeFi arrangement, they may be treated as a virtual asset service provider with anti money laundering obligations, even if the protocol is marketed as decentralized.
Is this legal advice?
No. This is general information, not legal, tax, or financial advice. DeFi regulation is unsettled and fast moving, so confirm the current position with the relevant regulator and a qualified professional before acting.