In particular, without additional checks in place, there’s the ever-present risk that a whale, or a special interest group, will at some point cause the DAO to take actions that are not in its best interest (or in line with the values of its community).
So far, most DAOs have skirted around this problem by relying on a multisig to officially sign off on proposals (as a sort of insurance layer against a malicious proposal being passed).
In other words, while the community can vote on proposals, these votes are not binding; a small set of trusted community members have to sign off on them. If the multisig doesn’t sign, the system cannot move.
However, while a multisig does act as a check on the power of whales, it doesn’t solve the concentration of power problem: it merely shifts it away from large tokenholders towards a small group of trusted community members.
There is nothing, apart from perhaps reputation, actually stopping the multisig from either executing an action that the community does not agree on, or vetoing an action that the community has advanced.
And even if we assume that this group is honest and will continue to remain so, as the value they secure with their keys increases they become more and more vulnerable as individuals to attacks from others (the law included).
In sum, multisig governance increases the risk born by both multisig holders and token holders, and leads to a somewhat fragile, and rather centralised DAO."