DeFi Is Not a Legal Vacuum: How MiCA Already Covers Axiom, Hyperliquid & Similar Platforms – and Why EU Supervisors Still Look Away
DeFi venues such as Axiom and Hyperliquid brand themselves as “permissionless infrastructure,” yet in reality they operate as extremely profitable trading environments for leveraged derivatives and cross-chain swaps, serving EU retail at scale. Under MiCA and existing EU securities rules, these are not parallel, unregulated universes. They are crypto-asset service providers (CASPs) – or even MiFID II investment firms – that are active without the necessary authorisations.
The core scandal is therefore twofold: MiCA’s imperfect coverage of “pure” DeFi, and the ongoing reluctance of EU regulators to apply the powers they already hold.
1. DeFi: A Supervisory Concept, Not a Branding Label
EU authorities have converged on a working definition of DeFi as a collection of financial applications on public blockchains that replicate traditional finance functions (trading, lending, derivatives, asset management) through smart contracts and often “open, permissionless” access (Source: ESMA).
MiCA is entity-centric. It applies to natural and legal persons that issue crypto-assets or provide crypto-asset services, even when parts of the activity are carried out in a decentralised manner. Only arrangements that are fully decentralised with no intermediary fall clearly outside MiCA’s current remit – and the Regulation explicitly flags this as a future policy challenge, not a permanent exemption (Source: EuroFi).
French and EU policy documents reiterate the principle “same activity, same risks, same rules.” While DeFi smart contracts themselves may not be regulated as standalone entities, the people who:
- design and deploy the protocol,
- operate or control web front-ends,
- market the products, or
- participate in fee extraction
can be assessed and classified as regulated service providers (DASP/CASP or MiFID investment firms) on a case-by-case basis (Source: Banque de France).
In short, describing an activity as “DeFi” does not transport it into a legal black hole – it merely shifts the regulatory spotlight to the humans and entities actually in control.
2. Axiom & Hyperliquid: DeFi Branding, Centralised Economics
Axiom is promoted as a decentralised trading terminal on Solana, offering:
- spot swaps
- cross-chain trading
- yield products
- perpetual futures with leverage up to 20x
It reportedly attracts around 4.3 million monthly visitors and generates double-digit millions in monthly revenue. Axiom’s own documentation indicates close integration with Hyperliquid for routing swaps and perps trading (Source: CoinGecko).
Hyperliquid has evolved into the dominant on-chain perps platform. Since launch, it has processed approximately $2.5 trillion in cumulative perp volume and now controls around 80% of the decentralised perps segment, with daily turnover exceeding $8 billion (Source: 21shares). Independent research and marketing materials highlight:
- absence of KYC
- availability in over 180 countries, including EU member states
- leverage up to 40x
- restrictions mainly for the US, Ontario and a few sanctioned jurisdictions (Source: datawallet, CoinPerps, CryptoNews).
Read our Axiom Compliance Report 2025 here.
Scam-Or Project’s own compliance tests from inside the EU (notably Italy and Austria) confirmed that Hyperliquid accepts deposits and allows trading in perpetual futures – a MiFID II financial instrument – without identity verification, geo-blocking, or any visible EU perimeter controls.
Economically and operationally, both Axiom and Hyperliquid resemble profit-oriented trading businesses with identifiable teams, web interfaces, fee structures and strategic roadmaps, rather than autonomous, ownerless protocols.
3. Why These Platforms Already Sit Inside the EU Regulatory Perimeter
From a MiCA / MiFID II perspective, several elements are straightforward.
3.1 CASPs Under MiCA
MiCA Title V covers crypto-asset services such as:operating a trading platform,
- executing orders,
- exchanging crypto against fiat and/or other crypto,
- providing custody and administration.
EU regulators (e.g. the AMF) have made clear that any firm offering such services to EU clients after 30 December 2024 must hold CASP authorisation, subject only to limited national grandfathering regimes (Source: DL News, AMF, ESMA).
3.2 Derivatives Fall Under MiFID II
Perpetual futures on BTC, ETH, SOL and similar crypto-assets are classified as derivatives under MiFID II. ESMA and legal analyses confirm that derivative contracts referencing crypto-assets fall within existing securities law when made available via trading venues or investment firms (Source: eur-lex.europa).
3.3 Active Targeting of EU Users
Data sources and marketing material for Hyperliquid explicitly reference broad access “across Europe” with no KYC requirements, while Axiom presents itself as a global retail “all-in-one trading platform” with both email-based and wallet-based onboarding and no visible EU-specific restrictions.
3.4 Summary Table: Practice vs. EU Legal Lens
| Aspect | Axiom / Hyperliquid Practice | Likely EU Legal Qualification |
|---|---|---|
| Trading venue functionality | Perps and swaps trading via web UI | Operating a trading platform (MiCA CASP / MiFID firm) |
| Users | Global retail, including EU, with no KYC | Cross-border services into the EU |
| Products | Perpetual futures, leveraged derivatives | MiFID II financial instruments |
| Governance & economics | Teams, fee capture, roadmaps, marketing | Identifiable service providers |
| Licensing status (EU) | No EU licences disclosed, no MiCA/MiFID registrations | Operation without required authorisations |
Viewed through this regulatory lens, DeFi front-ends such as Axiom – and potentially the entities behind Hyperliquid’s web interface and governance – are well within the EU’s legal perimeter. They look like CASPs and/or investment firms delivering services in the Union without authorisation.
4. MiCA and DeFi: Genuine Coverage or Regulatory Theatre?
MiCA 1.0 was never meant to be a complete DeFi framework. The Regulation openly concedes that fully decentralised arrangements are currently outside its scope and mandates an Article 142 review on DeFi and staking by 2025.
The joint EBA/ESMA DeFi report notes that DeFi still accounts for a limited share of the total crypto market but flags significant consumer and market-integrity risks. It recommends that policymakers explore additional tools, including:
- extending entity-based regimes to DeFi “gateways” and user interfaces,
- tightening the treatment of intermediaries that facilitate access to “decentralised” protocols.
The reality is therefore nuanced:
- For pure protocol DeFi with no identifiable operator, MiCA is incomplete and a second-stage regime will almost certainly be required.
- For Axiom-style terminals and Hyperliquid-style perps venues with real teams, fee extraction, product roadmaps and structured marketing, MiCA plus MiFID II already provide sufficient legal hooks. The missing ingredient is not legislation – it is enforcement.
5. Regulatory Inertia: The Emerging DeFi Enforcement Gap
From mid-2024, MiCA’s stablecoin provisions became applicable, and CASP rules started to apply from 30 December 2024, with only narrow transitional regimes for existing, law-compliant actors (Source: Banca d’Italia).
Yet DeFi perps platforms and access gateways continue to handle multi-billion trading volumes with EU retail users, while many national supervisors limit themselves to generic warnings about crypto volatility.
From Scam-Or Project’s perspective, this is starting to look like regulatory negligence:
- Supervisors have repeatedly endorsed “same activity, same rules” as the guiding principle for DeFi.
- They are aware that Axiom-style terminals and Hyperliquid perps are available from their jurisdictions and that these instruments fall within the MiCA / MiFID risk perimeter.
- Nevertheless, there is an absence of MiCA-based public warnings, cross-border cease-and-desist orders or visible supervisory coordination – precisely the vacuum being exploited by DeFi actors.
The signal sent to the market is dangerous: rebrand as “DeFi,” host infrastructure offshore, avoid KYC – and Europe will look the other way.
MiCA has been fully applicable since 30 December 2024. BaFin holds “name-and-warn” powers under KMAG. ESMA maintains a list of non-compliant providers. The EBA explicitly warns that “CASPs or issuers operating without regulatory approval pose several ML/TF risks.”
Why, then, are EU regulators allowing billions to transit through unlicensed channels without visible enforcement? This inaction:
- normalises regulatory circumvention,
- exposes EU retail investors to unmitigated risks,
- undermines compliant CASPs by placing them at a competitive disadvantage, and
- erodes MiCA’s credibility before it has truly established supervisory authority.
6. Call for Information and Evidence
Scam-Or Project will continue to scrutinise the DeFi enforcement deficit in the EU, with particular focus on Axiom, Hyperliquid and their on- and off-ramp partners.
We invite:
- insiders,
- developers and protocol contributors,
- compliance and risk professionals,
- affected traders and counterparties
to share documents, internal guidelines, geo-blocking evidence, correspondence with regulators, or other relevant material via our whistleblower section.
Your information can help clarify:
- who effectively controls these allegedly “decentralised” access gateways, and
- why EU regulators, despite MiCA and MiFID II, still fail to act decisively against unlicensed DeFi perps platforms serving EU users.
