Institutional demand for crypto-asset yield strategies has increased significantly in recent years. Treasuries, exchanges, fintechs and funds are all working variants of the same problem: how to generate consistent, compliant returns on crypto holdings, whether for their own balance sheets or as a product offered to their clients. For many institutional participants, yield generation has become commercially important.
But in the rush to capture income, the market skips a step. The first question is usually about rate: what is the APY? The second is usually about safety: is this product secure? Both are reasonable. Neither is the right place to start, because both assume that yield is a single category. It is not. Staking rewards, lending returns and discretionary DeFi allocation are three structurally different activities. They produce income through different mechanisms, carry different risks, sit under different regulatory frameworks, and create different legal relationships between provider and client. The word “yield” obscures these structural differences.
Before asking what the rate is, or whether the product is safe, an institutional evaluator needs to ask a more foundational question: where does this yield come from? The answer determines which regulatory regime applies, how assets are owned, what risks are present, and which due diligence framework makes sense. Without that answer, every subsequent question is being asked without context.
Three distinct yield sources operate in institutional crypto today.
Staking involves locking crypto-assets to support a proof-of-stake blockchain’s consensus mechanism. The participant validates transactions and receives protocol-issued rewards in return. On Ethereum, network-level rewards fluctuate based on protocol design and participation levels. The yield comes from the protocol itself. It is a function of the network’s economic design, not a counterparty relationship. The validator takes infrastructure risk (slashing for downtime or misbehaviour) and protocol risk (changes to the reward mechanism) but does not extend credit or deploy capital into third-party strategies.
Lending works differently. A depositor’s crypto-assets are made available to institutional borrowers, typically market makers, trading firms or funds, who pay an agreed rate for the use of those assets. The yield comes from the borrower’s willingness to pay for capital. The depositor takes counterparty credit risk: the risk that the borrower cannot return what was lent. In many institutional lending arrangements, legal title to the assets transfers to the borrower for the duration of the loan. The assets leave the depositor’s ownership and enter the borrower’s balance sheet. Returns tend to be contractually defined. Although the loan may be denominated in the same asset, the depositor remains exposed to counterparty and liquidity risk.
Managed DeFi sits in a third category entirely. A licensed manager deploys client assets across decentralised finance protocols, often structured as crypto vaults, selecting, monitoring and adjusting positions on a client-by-client basis. The yield comes from protocol incentives, interest rates on on-chain lending and trading fees, filtered through the manager’s strategy decisions. The client takes strategy risk and smart contract risk. Returns depend on execution quality and market conditions. Drawdowns are a structural possibility, because the manager is making active allocation decisions that can produce negative performance in adverse conditions.
These are not different flavours of the same product. They are different financial activities with different sources of income, and that difference is where evaluation should start.
The mechanics of the yield source, not the provider’s marketing, determine what follows.
Most immediately, the yield source dictates regulatory reality. Under MiCA, the discretionary allocation of crypto-assets on behalf of clients on a client-by-client basis may constitute portfolio management as defined in Article 3(1)(25) of Regulation (EU) 2023/1114, requiring CASP authorisation and compliance with conduct, safeguarding and reporting obligations. Crypto lending, by contrast, currently falls outside MiCA’s scope, with member states applying their own national frameworks. Staking has its own emerging regulatory treatment, including recent public statements from U.S. regulators and growing European regulatory attention to staking service providers. Same word. Three different regulatory outcomes, significantly influenced by where the yield originates.
Beyond compliance, the mechanics of the yield alter asset ownership. In lending-based yield arrangements, ownership of the crypto-assets may transfer to the borrower for the duration of the loan, a standard market mechanism known as title transfer. The depositor holds a contractual claim for return of equivalent assets, not a property right over the original assets. In managed DeFi arrangements structured under MiCA portfolio management, client assets may remain the client’s property throughout, legally and operationally segregated from the manager’s own assets as required under Article 75. In staking, the validator or delegator typically retainsprotocol-level ownership, though the economic rights during the lock-up period vary by implementation. The yield source determines which ownership model applies. That distinction has material implications in an insolvency scenario.
That ownership model shifts the risk profile. Lending yield carries counterparty credit risk as its primary exposure. If the borrower defaults, the loss crystallises. In pooled lending structures, that loss may be allocated pro rata across all depositors in the relevant asset pool. Managed DeFi yield carries strategy risk and smart contract risk. A protocol exploit, a liquidity event or a poor allocation decision can produce a drawdown, and in segregated structures that performance is attributed to the individual client’s position. Staking yield carries validator operational risk and protocol-level risk, including slashing conditions. These are fundamentally different risk categories. Applying a credit risk framework to a managed DeFi product, or a smart contract audit checklist to a lending book, produces the wrong answers.
Because the risks are fundamentally different, the due diligence framework must adapt. For lending yield, the material questions concern the borrower: who are they, what is the credit assessment framework, what collateral secures the loan, and what are the recovery mechanics in default? For managed DeFi yield, the material questions concern the strategy: which protocols are deployed, how are allocations decided, how is performance attributed, and are client assets structurally segregated? For staking yield, the questions concern infrastructure: what is the validator’s uptime record, what slashing protections exist, and what is the withdrawal mechanism? A single set of due diligence questions cannot cover all three, because the risks being assessed are different in kind.
These compounded differences force operational segregation. Providers may structure these activities across separate legal entities to reflect differing regulatory obligations and risk profiles. The entity you contract with, the insolvency regime that applies, the number of agreements you sign: all of these are downstream consequences of where the yield originates.
The institutional failures of 2022 shared a common thread: yield products where the source of income was unclear, inadequately disclosed or structurally misunderstood.
In one widely cited case, a protocol offered depositors annual returns approaching 20%. The yield was subsidised from project reserves and newly minted tokens — a mechanism that required continuous growth to sustain. When growth stalled, the subsidy model collapsed, leading to significant market losses over a short period. The yield source was not lending income, protocol fees, or validation rewards. It was a subsidy that looked like yield.
In another, a centralised platform offered interest-bearing accounts with advertised rates well into double digits. Regulators later found that customers did not receive critical disclosures about the platform’s financial condition, investing activities, risk factors, or ability to repay its obligations. In bankruptcy proceedings, the court ruled that under the platform’s terms, customers had transferred the title of their crypto-assets to the provider. They were unsecured creditors, not depositors with a property claim. The asset ownership question — determined by the yield source and its legal structure — became the deciding factor in who recovered what. Title transfer is a standard mechanism in many wholesale financial markets, but its implications for asset ownership and creditor status should be clearly understood in any yield arrangement.
These were not obscure platforms. They attracted billions in deposits from retail and institutional participants. The common failure was not that rates were too high. It was that the yield source question was either not asked or not answered with sufficient clarity. Where does this income actually come from, and what does that mean for my legal position, my risk exposure and my recovery rights?
“Where does the yield come from?” is not a single question. It is the first question in a decision tree. The answer determines which branch you follow.
Lending-sourced yield calls for credit analysis: borrower quality, collateral coverage, default mechanics, loss allocation. Managed DeFi yield requires portfolio assessment: strategy selection, protocol risk, performance attribution, asset segregation. Staking yield demands infrastructure assessment: validator performance, slashing parameters, withdrawal liquidity.
If the provider cannot clearly and specifically answer where the yield comes from, the evaluator cannot determine which framework applies. Without that clarity, it means the institution cannot assess which regulatory category the product falls into, whether its assets remain its property during the arrangement, what type of loss is possible, or what questions to ask next.
Regulatory frameworks are still developing. MiCA’s scope may be subject to future review as the European Commission assesses the regulation’s application, including whether currently excluded activities such as crypto lending should be brought within scope. The yield source question becomes more consequential as the regulatory perimeter widens, because the source is what determines which new obligations will attach.
For any institution evaluating crypto yield, whether as a direct participant, a distribution partner or an allocator, the starting point is the same. Not the rate. Not the brand. Not the track record. The source. Many subsequent risk and regulatory considerations follow from that assessment.
Disclaimer: This article is an educational analysis of yield source categories in the digital asset market. It does not describe or relate to any specific product or service offered by Tesseract or its affiliates. This article is provided for informational purposes only and does not constitute investment advice, a recommendation, or an offer of any crypto-asset service under the Markets in Crypto-Assets Regulation (MiCA). Regulatory analysis is based on published legislation and should not be treated as definitive legal interpretation. Mandatory service provider information under MiCA, details on distance selling as required by the Finnish Consumer Protection Act, and risk descriptions related to crypto-assets are available at www.tesseract.fi. Clients are advised to review this information before making investment decisions.
