DeFi security crisis blocks institutional adoption, banking executives warn
In brief
- DeFi's long-term value depends on fixing back-office operations, not replacing trading venues
- April saw breaches in 27 of 30 days—worst month in four years per CertiK
- Drift Protocol and Kelp DAO lost nearly $600 million to North Korean hackers
- Institutional clients prefer regulated banks and custodial solutions over open-source protocols
Security failures derail institutional interest
In April, breaches were reported in 27 out of 30 days, which CertiK CEO Ronghui Gu described as DeFi's worst month in four years. The damage runs deep. Drift Protocol and Kelp Dao were hacked by North Korean cybercriminals in exploits that drained nearly $600 million from the two lenders alone.
Legacy financial institutions are eager to adopt blockchain technology, but adoption is unlikely due to weaknesses in onchain security, especially in bridges linking different blockchains. The gap between interest and reality is widening.
"I don't think you see a growth in DeFi until we fix the first problem ... which is the hacks. I think it's an absolute problem until we solve the bridges." — Maja Vujinovic, CEO of OGroup
Developer negligence and institutional preferences
Ben Nadereski, co-founder and CEO of Solstice, attributed DeFi's growth slowdown to exploits caused by developers building innovative code without sufficient attention to capital management responsibilities. Speed over safety has become the industry's default. Institutions notice.
Stéphanie Cabossioras, chief strategy and global policy officer of Societe Generale Forge, stated that institutional clients prefer the safety of regulated banks over open-source, non-custodial DeFi protocols. That preference isn't ideological—it's practical. Individuals and enterprises prefer delegating asset custody to trusted third parties rather than managing assets in private wallets.
The back-office opportunity
Asset management and banking executives stated that DeFi's long-term value depends on transforming back-office operations of global banking institutions rather than providing alternative trading environments. Societe Generale Forge has already moved in that direction. The bank tokenized structured products and green bonds on public blockchains and developed regulated stablecoins EURCV and USDCV to fix the cash settlement layer for digital assets on blockchains.
Jenny Johnson, CEO of Franklin Templeton, said blockchain and crypto threaten numerous existing business models in traditional finance. The threat isn't to trading floors. It's to the plumbing—settlement, custody, and record-keeping. That's where real disruption happens. But first, DeFi has to prove it can be safer than the systems it wants to replace.
