Tokenisation - Permission to travel granted

August 17, 2023

How should financial institutions approach tokenisation from a legal and regulatory lens?

In previous LinkedIn articles in this series, my colleagues have explored tokenisation and the potential advantages it offers financial institutions as they move forward to implement their strategy for tokenisation, including an overview of key strategic considerations, risk and control management and technology enablement. This article is intended to focus on the key legal and regulatory considerations as financial institutions assess their readiness for the use of tokenisation. The questions surrounding legal and regulatory certainty have been highlighted by numerous stakeholders in the industry, and whilst it is important to take a prudent approach when reviewing the legal and regulatory risk posed by the increased desire to use tokenisation, recent months have provided further legal certainty and clarity of how we should view these risks going forward.

Why does being a “thing” matter? - the bedrock of legal certainty

In any legal analysis of a transaction, it is essential to understand the attributes and characterisation of the “thing” that is being

transacted. The root of this analysis is often based in the property rights attributed to that “thing”. Without these rights, the level of protection offered to financial institutions as they transact in financial instruments would simply not allow the market to have confidence to transact and settle in securities at the speed and volume it does.

Tokenisation involves tokenising an existing “thing”. For the purposes of this article, the existing “thing” I refer to is commonly known as securities (e.g., shares, debentures, bonds, units in collective investment schemes).

In this article, I use the terms “tokenisation” and “tokenised securities”, “tokenised security” based on the definition of “security tokens” set out in HM Treasury’s consultation paper “Future Financial Services Regulatory Regime for Cryptoassets” February 2023, as “crypto assets which use technology such as distributed ledger technology (DLT) to support the recording or storage of data and already meet the definition of a specified investment under the Financial Services & Markets Act (Regulated Activities Order) (RAO)”. We note that the Law Commission refers to crypto-tokens which encompasses the concept of security tokens but also refers to a broader use of crypto-tokens.

In general, there are three categories of “thing” to which personal property rights can be defined: (i) thing in possession; (ii) thing in action; and (iii) a third category thing. The Law Commission recognises that some digital assets may fall outside the definition of (i) and (ii) and may be more akin to a being defined as a “third category thing”[1].

As a result, financial institutions will be required to consider and obtain advice as to how a particular tokenised security may be categorised under one of these definitions (assessed on a

transaction-by-transaction basis). However, where in the past the advice sought was often subject to an individual legal practitioner’s willingness to think outside the box, this is no longer the case as the Law Commission’s report is helpful in re-emphasising the fact that a tokenised security has recognised legal character under English Law and sends a strong indication to financial institutions that there is a level of legal certainty that can be provided when assessing the viability of the use of tokenised securities.

Whilst the debate on whether this common law concept should be enshrined in legislation continues, for now, the Law Commission’s analysis, in our view, opens the discussion around the use of tokenisation and should give financial institutions the impetus to consider exploring the use of tokenised securities (labelled as digital objects) with more confidence.

Assessing each issuance on its own merits

Key deciding factors to assess whether a tokenised security would meet the criteria of being a “thing” in practice is whether the (i) thing would exist independently of persons and exist independently of the legal system and (ii) that the thing is rivalrous (i.e., the use or consumption of the thing would prejudice another using it). The case of Tulip Trading1 and the Law Commission’s report help provide analysis to allow financial institutions to review the tokenised securities they are issuing and make an assessment as to whether that particular tokenised security would meet these criteria.

However, as with traditional securities issuances, tokenised securities are likely to have multiple use cases and each issuance would need to be reviewed on its individual merits. The Law Commission sets out three main examples as follows:

The practical effect of this is that financial institutions will need to assess which use case(s) they are seeking to transact in and ensure that subsequent documentation reflects the different characterisation of the tokenised securities, i.e., will that tokenised security be used to link to, or embody, intangible rights in an underlying (such as a physical asset like gold or a traditional security) or will it be treated as a thing of value itself?

Practical considerations prior to launch

Whilst the Law Commission report has gone some way in providing a level of comfort as to the legal certainty surrounding recognising tokenised securities under English Law, it has also highlighted a few outstanding factors that financial institutions and others will need to consider when launching a tokenised security. In our view, this does not mean firms should stop short of executing their plans for tokenisation, but we emphasise the need to factor these considerations as you move towards launch;

• Analyse the technology underlying a tokenised product: Whether the tokenised security is built on a centralised versus decentralised system can have effect on the assessment of what is perceived to be in the control of one party against another. The law on this is nuanced and developing, and financial institutions will need to obtain advice as to what type of control may be ascertained for the product that they are issuing. Not all tokenised securities will be the same and the consequences of which category the product falls into matters as per the following factors.

• Legal transferability – know your tokenised product: Similar to analysis needed when issuing traditional finance structured products, financial institutions will need to help ensure that they obtain appropriate advice with regards to the enforcement of legal transferability of a particular tokenised product. Some rights under tokenised securities may be akin to the attributes of a bearer-like object and others may be more akin to a right-based system. In addition, depending on the technology used analysis will need to be applied as to whether the tokenised security creates a new right post transfer or whether the initial property rights persist upon the transfer of the tokenised security. In each instance the considerations around legal transferability and enforcement rights will vary.

• Application of trust law is key: The application of trust law remains an integral part of the English legal system. It is helpful to note that the Law Commission concludes that conceptually trusts can support certain custodial arrangements, including in instances where crypto-tokens are held on an unallocated basis for the benefit of multiple users. This is another example of where there is a greater

clarity under English law than may have been previously understood – though as with other elements of analysis, this will need to be applied on a product basis.

• Collateral arrangements – still work to be done: Whilst there is a recognition that some elements of title transfer and non-possessory security-based arrangements can be used in crypto-related collateral arrangements, the Law Commission report also highlights the need for further work to be done, particularly in relation to the tokenisation of securities. Much of this is again tied to the individual technology arrangements which form the basis of the tokenised security itself. In addition, the Law Commission has recommended that legislative changes are made to provide further clarity with respect to collateral arrangements with respect to digital securities. As such, financial institutions will need to take advice as to how the collateral arrangements would be viewed depending on the specific tokenised securities it seeks to transact in.

• Causes of action and remedies – there is an established route: In its report, the Law Commission affirms that there is a gamut of case law which sets out the rights of parties relating to causes of action and associated remedies under property law, which could be applied in instances where tokenisation is used (subject to the above principles being followed). Again, this allows financial institutions to have some level of comfort that the law and legal opinion is moving forward in the right direction as the financial services industry adopts further use of tokenisation. Nonetheless, financial institutions will need to consider what is likely to apply to the specific product they launch.

Tracking international developments

Financial institutions operate on a global basis and need to understand the relevant requirements to transact on a cross-border basis. It could be as simple as a financial institution wanting to understand the dos and don’ts of marketing and distributing a potential tokenised product versus a more complicated question as to which venue can their tokenised securities be executed/listed? In each instance, financial institutions will need to apply both a legal and regulatory lens as to the viability of their actions.

The current state of play makes this somewhat difficult as regulators do not yet have a consistent interpretation of what tokenised securities should be categorised as.

Having said that, great strides have been made in the last 12-18 months with both legislators and regulators setting out their views. Whilst this is by no means a consistent view, financial institutions can now at least begin to track these developments as regulators in particular set out their stall in terms of how they plan to regulate tokenised securities.

To better understand and prepare for the evolving legal and regulatory landscape outlined above, particularly given the complexity and speed of change around tokenisation, we expect institutions will need assistance. This is why EY has built a digital asset platform, EY Digital Assets Insights and Assessment Platform (EY DAIA), to help firms navigate the key considerations and conduct an end-to-end assessment of legal and regulatory considerations across multiple jurisdictions (e.g., United Kingdom, United States) for multiple digital asset underlyings. Click here to learn more.

Don’t forget compliance will be key

This article has focused on mainly the perceived legal considerations and constraints on tokenisation. However, a central part of this consideration will be for financial institutions to ensure that when developing their tokenised products and tokenisation initiatives they consider how to develop policies and procedures and map relevant risks attributed to tokenisation. Legal analysis therefore will need to form a central part of any compliance and risk programme you create. In another article “A smooth approach to risk and control is core for tokenisation take-off”, my colleagues explore specifically how to manage new digital asset specific risks, including key considerations for governance structures and control frameworks.

There has been a lot of momentum across a range of global jurisdictions with respect to tokenisation and digitisation. In our view this momentum is just the beginning, as legislators, the judiciary, and regulators in jurisdictions such as England and Wales focus their energies in providing legal and regulatory clarity with respect of how financial institutions can practically launch their tokenisation strategies. The mood music is shifting towards an acceptance that tokenisation is the way forward for the financial

services industry that should be explored. Acting quickly and being joined-up will be key. Financial institutions would be wise to take comfort in the recent findings by the Law Commissions as they develop their strategic thinking on how to launch their tokenisation strategy. To help capitalise on the opportunity, financial institutions should be proactive in navigating the complexity and impacts across multiple dimensions of their business model, such as strategy, legal, regulatory, technology, risk, compliance, control and the need for assurance. Our aim through this series of tokenisation articles is to help our clients navigate through the tokenisation journey, potentially transforming who they are, what they do and how they do it.

Disclaimer: The views reflected in this article are the views of the authors and do not necessarily reflect the views of the global EY organisation or its member firms.