The Illicit Finance Risk Assessment of Decentralized Finance report by the U.S. Department of the Treasury examines the risks associated with decentralized finance (DeFi) services and their potential use for illicit finance activities such as money laundering, terrorism financing, and acquisition of materials for weapons of mass destruction (WMD) programs. The report identifies key factors such as non-compliant DeFi services, disintermediation, a lack of implementation of international anti-money laundering/counter-financing of terrorism (AML/CFT) standards in foreign countries, and cybersecurity weaknesses in DeFi services that continue to pose vulnerabilities that enable criminal use of DeFi services. The report highlights the vulnerabilities and potential exploits in open-source code, which can lead to widespread exploits if code reused in multiple DeFi services contains vulnerabilities. The public availability of many DeFi services' source code also presents the opportunity for other persons to reuse the code in smart contracts for a separate DeFi service. The document emphasizes that it is critical that the DeFi service identifies and addresses vulnerabilities and potential exploits in open-source code. Color interior. The report recommends several actions to address these risks, including strengthening AML/CFT supervision of virtual asset activities, assessing possible enhancements to the U.S. AML/CFT regulatory regime as applied to DeFi services, continuing research and private sector engagement to support understanding of developments in the DeFi ecosystem, continuing to engage with foreign partners, advocating for cyber resilience in virtual asset firms, testing of code, and robust threat information sharing, and promoting responsible innovation of mitigation measures. Overall, the report concludes that DeFi poses significant illicit finance risks and calls for increased regulato