Crypto News

Malta Drafts DeFi Rules Including DAOs Under MiCA Framework

Malta Drafts Defi Rules Including Daos Under Mica Framework
Malta Drafts Defi Rules Including Daos Under Mica Framework

Malta’s financial regulator has taken a step toward defining how decentralized finance (DeFi) and decentralized autonomous organizations (DAOs) could fit into Europe’s existing crypto rulebook. In a public discussion paper opened on June 12, the Malta Financial Services Authority (MFSA) proposes a potential legal framework for “software-based organizations,” a category intended to cover DAOs and other DeFi entities governed through software.

The consultation runs until July 10 and is explicitly tied to the European Union’s Markets in Crypto-Assets (MiCA) regime. While the MFSA acknowledges that truly decentralized services may fall outside MiCA, its paper argues that many DeFi projects still have elements that complicate any claim of full decentralization—creating uncertainty about who would be accountable under financial regulation.

Key takeaways

  • The MFSA opened a DeFi consultation on June 12 under the EU’s MiCA framework, inviting industry feedback until July 10.
  • The regulator suggests treating DAOs as a type of “software-based organization,” separating legal rules for the entity from rules for the underlying protocol.
  • MFSA emphasizes MiCA’s exclusion for fully decentralized models, but says many DeFi systems retain centralized features that raise regulatory accountability questions.
  • The push for clearer DeFi treatment aligns with broader EU work—including a European Central Bank paper and a European Commission MiCA review launched in May.

Why Malta is proposing a “software-based organization”

In its discussion paper, the MFSA frames a central regulatory challenge: MiCA does not neatly describe how governance and responsibility should work when a financial activity is coordinated through code rather than a traditional corporate structure. Rather than attempting to create a completely standalone legal concept for DAOs, the MFSA’s approach is more structural—defining DAOs and similar arrangements as “software-based organizations.”

According to the paper, this would allow regulators to focus on the legal characteristics of the organization using software governance, while keeping the rules for the underlying protocol and software distinct. The goal is to address a practical question for compliance and supervision: if governance is executed through decentralized mechanisms, who—if anyone—should be considered responsible for regulated activities and outcomes?

MFSA also underlines that MiCA’s scope is not meant to capture every kind of decentralized arrangement. The paper states that “MiCA excludes fully decentralised models from its regulatory scope,” adding that projects without intermediaries or central control may not need to comply with MiCA. The issue, in the MFSA’s view, is that many real-world DeFi projects do not convincingly meet that standard.

DeFi governance remains a scrutiny flashpoint in the EU

Malta’s consultation is arriving during a period of intensified EU attention to whether and how decentralized systems should be regulated under MiCA. Earlier in the year, a European Central Bank working paper examined governance and control across four major DeFi protocols and found that control remained highly concentrated. While the ECB analysis does not automatically determine MiCA applicability for every protocol, it added evidence to the argument that “fully decentralized” may be the exception rather than the rule in large DeFi markets.

That emphasis on governance structure continued in May, when the European Commission launched a targeted review of MiCA. The review sought feedback on several issues, including stablecoin interest payments and the treatment of DeFi—along with whether gaps in the framework justify further regulation.

Against this backdrop, Malta’s MFSA paper can be read as an attempt to convert a persistent policy debate into a workable legal taxonomy. If regulators cannot reliably distinguish fully decentralized services from arrangements with meaningful centralized influence, the burden falls on the market to anticipate which compliance obligations might apply.

Not everyone wants a second DeFi-focused rulebook

Even as Malta works on a DeFi-specific discussion framework, broader EU commentary suggests there is disagreement about whether DeFi requires its own separate regulatory track. In remarks reported earlier to Cointelegraph, European Commission adviser Peter Kerstens argued that policymakers should prioritize integrating tokenization into a broader digital asset framework rather than pursuing a “second version” of MiCA aimed specifically at DeFi.

That perspective highlights a tension within the EU approach: one camp believes decentralized finance needs clearer, DeFi-tailored treatment to address accountability and governance realities; another argues that tokenization and other digital asset developments are already broad enough for one coherent framework, reducing the need for a dedicated DeFi layer.

Malta’s “software-based organization” concept sits somewhere between these positions. It does not create a completely separate system from MiCA, but it does attempt to refine how key actors—especially DAOs—could be legally recognized so that MiCA’s responsibilities can be applied consistently when decentralized projects are not truly decentralized in practice.

What the MFSA’s proposal could mean for DeFi projects

For DeFi teams and governance stewards, the MFSA consultation raises a question that goes beyond legal vocabulary: how will regulators evaluate decentralization in ways that determine oversight and accountability?

By separating the legal framework governing the organization from the rules governing the protocol and software, the MFSA is implicitly pointing to a compliance model built around governance participation, decision-making authority, and the existence (or absence) of intermediaries. That approach could affect how projects document governance processes, define roles for contributors or administrators, and structure decision rights—especially where token holders, developers, or other groups retain meaningful influence.

At the same time, the MFSA’s emphasis on MiCA’s exclusion for fully decentralized models signals that the distinction will still matter. If a project can credibly demonstrate the absence of central control and intermediaries, it may argue it falls outside MiCA’s scope. If it cannot, the proposed legal categorization could make compliance planning more concrete—though it also suggests regulators may be looking closely at control concentration, not just the presence of governance tokens.

Whatever the final outcome, the consultation process itself is likely to be influential. By requesting input from the industry until July 10, the MFSA is effectively setting up a negotiation over definitions and boundaries: what exactly constitutes a “software-based organization,” and when does a DAO cross from a decentralized arrangement into something that demands traditional regulatory accountability?

For now, market participants should watch the submissions coming into Malta’s consultation and pay attention to how EU institutions continue to treat governance concentration and decentralization tests under MiCA—because the direction Malta is taking suggests regulators may increasingly rely on organizational accountability, not just code, when deciding whether DeFi fits within existing financial rules.

Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

The Crypto Breaking News editorial team curates the latest news, updates, and insights from the global cryptocurrency and blockchain industry.

Related Posts