A decentralized autonomous organization (DAO) is an organization that’s governed by automated smart contracts. This should ensure that there are no managers or bureaucracy involved in organizational governance.
You don’t need to trust a centralized body, you just need to trust the DAO’s code which is transparent and open-source.
The rules and regulations in the DAO are usually governed by a governance token. For example, in MakerDAO, the token governing the ecosystem is MKR, at Armor the token was Armor etc.
The rules that are defined by the DAO code are normally immutable and free from malicious tampering. (If the code can be easily changed – without DAO approval -, then it’s probably better to GTFO as it might be a rug.)
However, token holders could propose changes via forks if and when needed. The DAO handles the protocol treasury which is controlled by the token holders.
As DAOs are a relatively new way of organising projects, they are often a work in progress. Many DAOs are actually quite centralized as voting power often resides with the founders and investors.
Practically DAOs face many challenges, not only regulatory but also practically, from taxes to simple things such as a lack of a physical address and the problems getting a TradFi bank account or credit card to pay for services.