GIP-31 - Goldfinch Risk Management Framework

Authors : CRobins, General Counsel of Warbler Labs

Summary : Despite positive feedback from current protocol users, prospective protocol users have expressed a desire to better understand the protocol’s risk management controls. The Warbler Labs team currently provides the community with certain risk management support; however, the vision has always been for the community to govern all aspects of Goldfinch protocol. This proposal seeks community approval to develop a documented risk management framework for the Goldfinch protocol.

Motivation : The primary motivation for developing a risk management framework for Goldfinch is to provide the community with additional tools to identify, monitor, and mitigate risk. Goldfinch must be a leader in DeFi risk management for the protocol to continue its maturation. Goldfinch must be “boring,” and for the protocol to be “boring,” there must be core risk management controls in place to mitigate the unique risks associated with the protocol and its users. DeFi communities, including the Goldfinch community, have spent a significant amount of time and resources on “protocol” risk management. Given the importance of reliable smart contracts, this was a necessary first step. However, as Goldfinch continues to evolve and bring traditional deals on chain, the community must meet certain standards that lenders in off-chain private credit markets have come to expect. Robust risk management is one of those expectations.

One of those tools is the development and use of an enterprise risk management (“ERM”) framework. ERM is a defined process to (i) identify, (ii) measure, (iii) monitor and report, and (iv) mitigate risk. The inherent nature of being decentralized, however, means there is no “enterprise” in the traditional sense. The absence of a centralized enterprise does not alleviate the need for the Goldfinch community to maintain sound controls to mitigate risk. In lieu of a traditional ERM, the Goldfinch community can and should develop a Goldfinch risk management (“GRM”) framework that draws upon key ERM principles, but is tailored for a decentralized set of actors and risks. The development of the GRM will allow the Goldfinch community to align on key risk terms, assess appropriate roles and responsibilities, and develop policies, procedures, and processes for risk identification, measurement, monitoring, reporting, and mitigation.

Specification & Requirements : There are three key aspects of the requirements under the proposal:

  • Risk Appetite Statement (Community Approved) - Broad description of the amount and types of risk the Goldfinch community is willing to accept. A separate GIP for the risk appetite statement has been posted.
  • Risk Management Framework – Tool that the community will rely on to make decisions about how to manage risk. The framework should be inclusive of policies, procedures, roles and responsibilities, as well as applicable risk models.
  • Sourcing of Resources – Identification of community members or 3rd parties to implement the risk management framework.

Benefits : Some of the benefits of developing a risk management framework for Goldfinch include: (i) transparency regarding the community’s processes and tools used for identifying, monitoring, and managing risk; (ii) use of Goldfinch community members with expertise in risk management; and (iii) increased credibility for the protocol.

Downside : I do not believe there is a material downside in approving this proposal. As a DeFi protocol and community, it would be irresponsible to not begin the process of developing community-governed risk controls to protect the protocol and its users.

Voting : A “yes” means that you support the Goldfinch community developing a risk management framework. A “no” means that you do not support the Goldfinch community developing a risk management framework.

Resources : None at the moment. Future GIPs will describe resources needs for specific tasks.


We definitely need to support a risk management framework for Goldfinch, especially since it is uncollateralized lending. Is there a possibility that we should be looking at macroeconomic risks as well as part of the risk management framework?

E.G. Given a black swan event, how likely will the company lending falter? Do they have plans for long term sustainability? Do they have enough liabilities to sustain? Is it possible to give real world collateral?

1 Like

Thank you for your input @decollation! Those are all great questions! I believe that they should be certainly considered while actually developing a risk management framework and I wish you would be a part of task force working on this together with @CRobins

I hope that you will vote “yes” for this proposal on the snapshot, which means that you support the Goldfinch community developing a risk management framework.

Btw, our borrowers at Goldfinch can already provide an off-chain collateral while setting up a pool:) Hence, it is possible already!

I vote “yes” for this proposal!

I vote “Yes” for this proposal as well!

1 Like

Council has approved the proposal.