ECB paper says DeFi DAOs may be too centralized for MiCA loophole

The European Central Bank (ECB) has published a working paper arguing that governance in flagship DeFi protocols like Aave, MakerDAO, Ampleforth and Uniswap is far more centralized than their “decentralized autonomous organization” branding suggests, a conclusion that could strip them of regulatory safe harbor under the EU’s MiCA regime. The staff study, titled “Who to regulate? Identifying actors within DeFi’s governance,” finds that the top 100 holders in each of the four protocols collectively control more than 80% of governance token supply, with “around half or more holdings linked” to the protocols themselves or exchanges.

According to the ECB researchers, voting power is even more concentrated than token ownership, with top voters “mostly delegates, who, in many cases, could not be identified nor linked to token holders.” In Ampleforth, the paper highlights that the top 20 voters account for roughly 96% of proxy voting rights, a structure that leaves real control in the hands of a small, opaque elite. That concentration, the authors warn, turns many DAOs into what prior academic work has called “minority rule,” where a few large token holders or delegates can effectively dictate protocol outcomes.

Under the EU’s Markets in Crypto-Assets regulation, crypto-asset services that are “provided in a fully decentralised manner without any intermediary” can fall outside the core licensing perimeter. The ECB paper directly questions whether Aave, MakerDAO’s Sky ecosystem, Uniswap and Ampleforth can plausibly claim that status when more than half of governance tokens in some cases are linked to founding teams or centralized exchanges such as Binance. “The concentration of governance power remains stable over time,” the authors write, arguing that decentralization here is “form over substance.”

For policymakers, the study’s aim is explicit: identify “regulatory anchor points” in systems that were designed to avoid having a traditional issuer, board or CEO. The authors stress that limited on-chain transparency about the real-world identities behind key delegates “complicates efforts to assess accountability and reinforces concerns about the concentration of power.” That, in turn, bolsters arguments from EU agencies and legal commentators that MiCA’s decentralization exemption must be interpreted narrowly, with regulators focusing on where effective decision-making and operational control actually sit, rather than on marketing language about DAOs.

In practice, the ECB’s approach signals that supervisors are ready to treat DeFi governance structures with the same forensic scrutiny applied to large banks’ shareholder registers and control chains. If Aave, Uniswap or MakerDAO cannot demonstrate materially dispersed and accountable governance, their DAOs may be forced into the same kind of licensing, capital, and compliance obligations now facing centralized crypto-asset service providers across the bloc.