Strategy, Finance, and Risk Pod: Pod Creation Proposal

# Proposal Structure - Strategy, Finance, and Risk Pod

1. Executive summary
2. TL;DR: Key changes vs. last proposal
3. Re-cap Risk Pod Vote and learnings
4. Strategic product situation
5. Goal of the Strategy, Finance, and Risk Pod
6. Focus areas
7. Deliverables (per Focus area)
8. Team set-up and skillsets
9. Budget / Expectation
10. Guiding principles
11. Reporting
12. Domain evolution

# (1) Executive summary:

3 contributors (@Bernard, @exa256.eth , @pavel) with complementary skillsets forming a working Pod + engaging an independent reviewer (e.g. veFunder) for Risk assessment, requesting a total of $110k + 120k GRO tokens for a 6-month engagement. This proposal focuses on supporting the Gro DAO in strategy and finance, and risk management.

# (2) TL;DR: Key changes vs. last proposal:

• Detailed out focus on different risk areas: We have now looked at the risk issue in detail and have developed a comprehensive deliverable plan that focuses on operational risk, and includes a perspective on market risk, and other risk areas.
• Initial risk assessment supported by independent reviewer: Assessment supported by independent reviewer (e.g., veFunder) via bounty ($10-20k) which will be operationally managed by this Pod.
• Focus on Strategy: Support for Gro’s core product strategy, incl. internal analysis of capabilities and external analysis of market opportunities (these are not just buzzwords, but will be key part of the work)
• Treasury Mgmt slimmed down: Will be part of Strategic Finance and Tracking
• Size of Pod headcount reduced: Project management and facilitator role taken on by Exa and Bernard, due to focusing only on core deliverables and cutting out much of the Treasury Research, and Financial Reporting deliverables. Additional part-time contributors taken out.
• Pavel added to Pod: Added Pavel to team to split workload between 3 people with complementary skillsets.
• Slimmed down some of the other deliverables: To cater for heavy increase in deliverables on the Strategy side and capacity reduction, we slimmed out the deliverables we deem nice-to-have, but not vital at this stage.

# (3) Re-cap Risk Pod Vote and learnings:

Re-cap

1. Initial Proposal - Treasury Management:
I started with a proposal to join the then-planned Treasury Committee to assess what the actual mandate should be and help on the different arms depending on its focus (Yield Strategy, Asset Mgmt and Risk, Financial Reporting) (here)
2. Merged Proposal - Finance and Risk Pod:
Due to the DAOs current discussion about the Risk Pod, and because we identified substantial overlay between the Business and Risk function, we decided to speed things up and take part in the Risk Pod Vote with merging the Finance and Risk function (here) (while we were very confident about the Business and Finance functions, we saw Risk as an extra function for which we would have added another resource to the pod)
3. Risk Pod Vote:
The Risk Pod proposal didn’t pass due to understandable reasons. None of the proposals really hit the key part of what was needed. Imo graadient’s explanation in the Discord sums it up quite well: 1. Bernard, Exa: least specific on Risk, but good on project management/commercial; 2. Pavel: research-oriented and focusing on Market Risk; 3. Rex: light-weight with question mark how to manage project.
4. Way forward:
While none of the proposals really hit the Risk issue to a satisfactory extent, our lack of focus certainly was the key point for us (e.g., we pushed for the risk part even though we didn’t really focus on it). Nevertheless, we were very positive about the community feedback and saw it as a concrete basis for amending the proposal.
5. Merging powers:
While we reflected on the learnings from the following conversations with core Gro members (@graadient, @raambo), we also talked to Pavel. In the conversations, we saw the great benefit of focusing on the core deliverables of the pod and pooling more resources for that. This gives us the chance to have a pod-internal sounding board to double-check important decisions in an efficient manner. By focusing on core deliverables we can keep compensation at the lowest possible level.

We took some time to recap the passed vote and touched bases with the Gro team.

Our learnings here:

• Gro is at a pivotal stage in its journey.
• Operational Risk is a key focus area, and other types of risks vectors that can’t be reasonably covered by the pod can be done via bounties. Similarly this would result in significantly lower cost. Based on the assessment, we can then allocate additionally needed resources, if any needed.
• Current focus should be on the strategic direction and product set-up of the DAO

# (4) Strategic Product Situation

• Gro DAO is at a pivotal stage in its development, with 2 established products:
  • Product 1: Core product DeFi Vault: Has been performing reasonably well in the bull market. Now path to profitability has shifted due to two factors:
    • Decreasing DeFi yield. APY for core products has significantly fallen to currently c.1.4 and 2.9% for Vault and PWRD, respectively
    • Increasing TradFi yields: 3 months US Treasury Yields (“risk-free market rate”) currently at 4.2%
  • Product 2: Gro DAO
    • While the decision to build Gro products in a decentralized manner and establish the Gro DAO for decision-making posed challenges early on, it has resulted in a robust and active DAO that is strong in governance and experimentation.
    • This provides a strong foundation, flexibility, and a promising starting point to use the DAO to further develop products or to productize itself.

# (5) Goal of the Strategy, Finance, and Risk pod:

The goal of the Strategy, Finance, and Risk Pod is to ensure the long-term survival of the Gro DAO. To achieve this goal, we want to focus on finding and setting up new tangible products or business units, while ensuring transparent risk management, and clear communication to its members.

While focusing on the core strategy of Gro, we aim to bring rigor in analyzing Gro’s internal capabilities and finding and assessing market opportunities that match these. Hereby, we want to emphasize the importance of taking a step back, conducting data-driven analyses, and challenging existing beliefs, i.e., what are we currently building, where will this lead us, and aren’t there better opportunities out there. While conducting this work we want to assess and manage the Risk, that Gro is exposed to. This will predominantly cover the area of operational risk, with an additional clear view on market and smart contract risk.

For this endeavor we will team up to offer the best mix of Smart Contract/Technical/Market Risk (Pavel), with Operational Risk and and Strategic Finance (exa256.eth + Exponent), and Project Management and Business/Product Strategy (Bernard + web3 Studios). The Risk Assessment will be handled internally with wide coverage. We are confident that with this strong set-up we will be able to lead the Gro DAO through these adverse times in the market and strengthen its positioning within the wider DeFi ecosystem.

# (6) Focus areas:

1. Risk Management: Proactively identifying, predicting and preparing for uncertainties and hazards across the DAO, clarifying possible uncertainties within internal processes and systems. The pod will steer risk assessment and mitigations, and take full ownership of the processes.
2. Business Strategy: Analysing the long-term viability of Gro’s business model and evaluating strategic directions (i.e., What will Gro’s future look like? Which markets should it be in and with what products? What happens with current products?)
3. Strategic Finance: Managing the Treasury allocations - to match economic use of the treasury holdings with strategic and operational set-up ensuring operating expenses are covered with downside risk mitigated. Creating standards for financial reporting and delivering periodic financial reports, incl. forecasts - to establish transparency for the DAO members and act as financial decision support.

# (7) Deliverables:

### I. Risk Management:

1. Risk Management: The management is performed in close cooperation with Groda Pod, People Pod and Gro DAO through on-going audit of risk vectors, brainstorming sessions with relevant stakeholders, creation of organisation’s risk maps, risk constructs and risk functions. Priority will be on operational risks, but will expand to cover market, governance and smart contract vectors upon initial assessment. The outputs may include::

• Framework for risk management: map out and provide a framework for the pod moving forward.
• Scenarios Analysis: assess different risks scenarios and potential impact of
• Measurements, Monitoring and Reporting: measurements of risks categories based on quantitative and qualitative indicators, highlight priorities and report to the other stakeholders.
• Recommendations: proceed to recommend next actions for the DAO to mitigate, reduce or avoid different risk vectors.

2. Initial focus will be on operational risks assessment: different types of operational risks to be analyzed first hand may include: internal procedures, operational security, treasury and admin key management, software and third party disruptions, to name a few. Upon initial assessment, further decisions to monitor, measure and mitigate said risks will be derived.

3. Market risks relevant both for strategy whitelisting and treasury management assessment: The goal is to review strategies and the data framework periodically taking into account second order effect of a stablecoin or protocol failing. Risks on the radar including, but no limited to:

• Volatility risk: the higher the volatility of the collateral value, the less likely the full loan will be recovered by the asset issuer, including stablecoins, in the event of default.
• Qualitative risk: the less stable the fundamentals of the issuer, the less confident holders will be, and the more volatile the price will become.
• Liquidity risk: the less liquidity available in the market, the more likely the price impact will work against realizable value of the asset.
• Exposure risk: the higher the aggregate relative exposure to total supply, the more risk in trying to realize its value.
• Correlation risk: the higher the correlation, the less the diversification benefit; this is especially relevant for Curve pools.
• Price feed risk: low quality feeds create low confidence in value.
• DeFi Systemic Risks: Gro DAO is highly integrated in DeFi which continues to expand in total value locked and its complexity. In the long run, the Risk Pod team needs to evaluate how any potential parameter change or new yield strategy whitelisting at Gro DAO might affect systemic imbalances. Furthermore, it needs to monitor DeFi to properly address liquidity and other risk related concerns.

4. Once market risks are identified and understood, the following could form the scope to mitigate them:

• Pre-emptive mitigation plan
  • Recommendation on changes to strategy evaluation framework
  • Recommendations on allocation rules to avoid Gro protocol taking a substantial exposure in highly correlated strategies
  • Other recommendations based on identified risk areas and existing safety mechanisms
• Anomaly detection mechanism
  • Risk indicators and thresholds
  • Analytic framework to set the appropriate thresholds for risk indicators
  • Anomaly detection and alert mechanism
• Scenario planning and incident response mechanism
  • Scenarios of the identified risks materializing (to various degrees)
  • Process in managing an incident related to failing of a yield strategy or its underlying stablecoin(s)

5. Smart contract risk management is arguably the most advanced among all risks Gro faces: The bulk of work is duly done by the Groda product pod. However, in the interests of decentralisation and external peer control over the risk area which historically has been a top source of DeFi protocol crashes, Risk Pod will serve as extra oversight layer focusing, in particular on:

• Immunefi bug bounty report management
• Emergency state management
• Change management e.g., peer review, testing
• Dependencies management (esp. after smart contract block gets removed with G^2)

6. Other Risk Vectors: The pod attempts to take a holistic approach to risk management. Risks vectors including systematic (based on market outlooks or macro) and idiosyncratic such as smart contract and governance (inc. centralisation, voter apathy). This pod will continue to handle project management and ownership of all risks related activities.

7. Besides ongoing risk related work and tasks, the team also aims to perform regular research on potential new protocol design topics and how it might benefit Gro DAO’s risk profile. This also includes monitoring of DeFi addressed above and considering potential integrations with other protocols.
8. Risk monitoring is ensured by regular usage of our internally developed risk models. All risk estimates and methods used are being reported openly. Plan is in the long run to have all our risk models completely automated and run regularly with an open web access so that the community can get informed about Gro’s risk profile at any time. This also allows easier access to new Risk contributors and establishment of additional Risk Pods.

### II. Business Strategy:

1. Product strategy: Analysis of Gro’s core products and their competitiveness in the current market. Analysis of market opportunities that match internal capabilities. Market product benchmarking. This is a key deliverable and aimed at providing a clear view on potential products for Gro that sets it up for future success.

2. OKRs and Tracking: Objectives and key results per focus area and deliverable, transparent progress tracking for community

3. Execution structures: Outline responsibilities for contributors, decision-making structures, capacity and resource planning. The Pod will not have execution rights to the assets held by the DAO, but can facilitate the efforts.

## III. Strategic Finance

1. Treasury recommendations and management: analysis and active market monitoring of current and future DeFi positions. The pod will conduct regular holistic portfolio analysis and perform rebalance suggestions through governance processes.

2. Increase Financial Observability: Improve visibility to DAO’s financial health over time. From capital and budget allocations to decision-making support for the Treasury.

This will include some of the following, depending on constraints of resources:

1. Portfolio summary: Treasury holdings over time
2. Protocol revenues: Average APR, Farming Funds, monthly and quarterly Revenue
3. Token rewards and vesting contracts: Vested $GRO token rewards, emissions management, liquidity pool incentives, $GRO token holder distribution
4. Liquidity mining positions in detail: Position, Protocol, Assets, Last month APR, Current APR, Monthly Revenues, Yearly Revenues
5. Holdings portfolio detailed: Coins, Price, #Tokens, Holdings, % of Portfolio, price movements (24h, 7d, 30d))

3. Treasury Risks Monitoring:

1. Monitoring of lighthouse events: Staying up-to-date with events in DeFi and assessment of financial threats to Gro DAO treasury eg. issues with bad debt on Aave. Detect and report treasury activities.
2. Financial dashboard: Dune analytics and custom DeFi position monitoring.

# (8) Team set-up and skill sets:

• The current team will consist of 3 contributors covering the 3 core areas and sharing the facilitator role. exa256.eth and Bernard are part of larger teams (exponent and w3s) that will be tapped for the dedicated support and contributions that make up the positions.
• The facilitator role is shared by the contributors with complementary skill sets and accountability functions. They hold the overarching responsibility for core topics of the Pod, steering it, and „putting the pieces together“.

### Working group set up

• Pavel (@pavel) - Contributor & Facilitator
• exa256.eth (@exa256.eth) - Contributor & Facilitator
• Bernard (@bernard) – Contributor & Facilitator

### Backgrounds of half-time contributors

Pavel - Focus: Smart Contract/Technical Risk oversight & Review of Strategy whitelisting + market risk modelling

• first Gro OG
• Gro DAO Treasury Management Committee
• involved with the Tezos community in its early days
• did UX work for Radar Relay
• Maker DAO Recognized Delegate
• served on the Tribe a.k.a. Fei DAO Optimistic Approval multisig committee, which successfully served as a testbed before Tribe’s transition to Orca Pod-based Liquid governance in May '22. During its 8-month run OA reviewed and voted on 130+ actions, including reviewing the input of the security audit vendor to verify the work done before wiring payment
• offchain background in ML and financial consulting

Exa256.eth - Focus: Strategic Finance (Treasury + Financial Risks) + Operational risks

• in full-stack dApp development since early 2017
• part of Exponent - a treasury and financial risk sub DAO, providing managed products and services- a corporate treasury desk for Web3. a team consists of data analysts, software engineers and treasury managers.
• supports on-chain financial operations within the team, from budget allocation to approving on-chain payment transactions
• experienced running operational risk assessment for a DeFi mainnet release
• member of Enzyme Technical Council and a Safe DAO delegate

Bernard - Focus: Project Management + Business/Product Strategy

• prior working for McKinsey’s Digital Practice
• part of w3s - a team of DeFi/TradFi contributors (ex-Blackstone, JP Morgan, DeFi) to support crypto companies and DAOs in strategic finance topics (M&A, Fundraising, Strategy and Finance Management)
• supports strategic advisory (growth, monetization, operations) and financial reporting topics within w3s
• steering committee at McKinsey-DAO (global community of former McKinsey employees incl. several top web3 founders).

# (9) Budget / Expectation:

Total budget over 6 months: 110,000 USDC + 120k $GRO Tokens

• 3 contributors: 90,000 USDC + 120k GRO tokens over 6 months

  • This compensation is based on Groda Product Pod (here) and People Pod (here) compensation
  • This covers the contributors named above (Pavel, exa256.eth, Bernard), and includes the use of our teams (Exponent, web3 Studios) and their internal resources that will be plugged in for specific tasks on demand (e.g., Dune SQL queries, Yield Research capabilities, etc.), as well as the compensation for the facilitator role that we will take on with shared responsibility.

• Independent Reviewer Bug Bounty (e.g., veFunder): 20,000 USDC over 6 months

  • This covers the cost for Bug Bounty ($10-20k, rest re-allocated to the Treasury)

# (10) Guiding principles:

The Strategy, Finance, and Risk Pod will work in a fully transparent manner to the rest of the DAO, contributing to Gro’s collaborative and trustworthy forms of interaction.

The focus areas and deliverables presented in this proposal are subject to discussion by the Gro DAO and may need to be adjusted to account for developments in the areas of governance, legal, or regulation. This proposal should not be used for making investment decisions.

# (11) Reporting

Risk Pod will update the DAO on its progress regularly through the community channels such as Community Forum and Discord including a 3 month report on the Community Forum.

# (12) Domain Evolution

We believe the best way to scale Risk at Gro DAO is to have emergent structures from the initial one proposed here. Risk Pod scaling should be ideally done in a way to have “risk field specialized units” separated from the initial one with its own facilitator. For instance, a team member within the Risk Pod may want to specialize on Labs products. He creates his own Labs Risk Pod with his own team and budget. He would be separated from the initial Risk Pod, but would still collaborate with it. In our opinion, such evolution of teams within one broad domain such as Risk is preferred because it doesn’t lead to work overlapping and cost inefficiency, which would be the case if we were to have multiple Risk Pods performing the same type of work initially. We do however support the development of separate additional Risk Pods and are willing to collaborate with them. We only believe the development of such units may be most efficient when developed from initial teams where a common language already exists and coordination is easier.

Thanks. Does the “120k $GRO” number requested in the budget mean $120k USD worth of Gro tokens, or 120k GRO tokens (equivalent to ~$11k USD at the time of writing)?

Thanks for asking @jaypow. It means the latter, 120k GRO tokens = ~$11k USD. (Edit: killed the $ sign there now to avoid further confusion).

For context, we have included the GRO token compensation for further incentive alignment between Gro’s success and our upside. The amount is based on the latest People Pod Proposal from @raambo (here).

on point 5)
As mentioned, the bulk of smart contract security work is currently being done by the Groda pod, as a lot of this work requires in-depth eng. understanding of the smart contracts/code - Could you clarify what sort of extra oversight this pod would provide, as I imagine that the bulk of work still would be with Groda (please correct me if Im wrong)?

After the last vote, I think this is a great synthesis that integrates several of the strong components into one proposal. Thanks for collaborating and putting this together @Bernard @pavel @exa256.eth !

It’s an exhaustive proposal that goes beyond just risk remit. I appreciate this as an opportunity to get several strong DAO contributors involved also in some of the upstream work.

@KD0x701137 Check point 5. Imagine for example @exa256.eth being able to pick up immunefi calls during Asia hours instead of you as a first line of defence. I just set up a group on Discord where you can chat on this point.

@raambo What should be the options in a next DAO vote on this?

The next DAO vote (take 2 of the risk pod vote), will include 3 options and will give members to rank their choices amongst the following:

1. @Rex_DeFiSafety’s Risk Pod Proposal
2. @Bernard/@exa256.eth/@pavel’s Risk (+Strategy and Finance) Pod Proposal
3. Reject all proposals

My apologies if I missed it. How much time does each member devote to this project?

Hi @kimymt, great question, realized that is implicit info, but should have been made clearer!

On our end, we will split the full-time contributor role between the 3 of us. And this will roughly also translate into the time being split. Being mindful, that in practice, especially in the ramp up phase, it probably won’t be service by the hour, but rather whatever time commitment is needed to deliver what we promised

Got it. Thanks @Bernard

Hey, just to follow up on @kimymt ‘s question - do you have an indication of how the requested budget will be split between risk, strategy and treasury functions?

Hi Raam The Budget will be split equally among us 3.