Introduction​

In the first two blogs in this three-par​t tokenisation series, we explored how tokenisation could be viewed in financial markets (‘From digitalisation to tokenisation’) as well as possible operational and business implications (‘Tokenisation or smokenisation’). In this blog, we look to further reflect on tokenisation by considering its potential policy, legal and regulatory implications.

Principles for financial market infrastructures

Different countries would generally have different policies surrounding tokenisation and the specific regulatory treatment of tokenisation in their specific frameworks. To this end, the de facto global standard for financial market infrastructures (FMIs), which are analogously viewed as the ‘plumbing’ that allows financial markets to function effectively, are the 24 principles for financial market infrastructures (PFMIs). The PFMIs therefore provide a useful starting point for considering the new potential risks presented by tokenisation within the financial markets. Equally so, the efficient and reliable clearing, settlement and recording of transactions is critical to investor protection, financial stability, and fair and efficient markets. The potential application of the PFMIs provides a useful lens through which regulatory bodies may assess the impact of tokenisation on financial markets in order to ensure continued investor protection and fair, efficient and transparent financial markets.

While FMIs aim, through centralisation, to help participants address certain key risks more efficiently and effectively, this centralised model also concentrates risks and creates interdependencies – which means FMIs may also contribute to systemic risk and financial instability should they fail.​​

Security trading platforms (or STPs as we defined in the second blog) built on distributed ledger technology (DLT) have been described as ‘dFMIs’. Depending on how they are configured, and the views of those involved, the ‘d’ could mean ‘digital’, ‘distributed’, or ‘decentralised’ financial market infrastructure. Feenan and colleagues defined decentralised FMIs as “consortium entities whose members are comprised of the main participants in a market, organized in a peer-to-peer model, which is governed by dFMI participants themselves rather than a central intermediary” (Feenan et al, 2020: 13). It could be argued the more decentralised the market infrastructure the more it challenges existing legislation, which is based on a regulated institution within a specific geographical location through home / host regulatory and supervisory arrangements. We will consider some policy, legislative and regulatory impacts of tokenisation next.

Policy

The policy imperatives aimed at promoting financial stability, enhanced consumer protection and market integrity remain relevant in the context of tokenisation within the financial markets. Regulators may follow two broad approaches to regulation, as relates to technology i.e., technology-neutral (adopted by most regulators) or technology-specific (tailored regulation) (OECD, 2021: 3). From a SA perspective, the approach has been to assess the activity regardless of the underlying technology used to perform such activity (i.e. technology-neutral, while not being technology-blind). Stated differently, regulation should be principle-based and apply no matter what technology is used, however the technology cannot be ignored.

The IFWG on 11 June 2021 published its position paper on crypto assets recommending a staged approach to bringing crypto assets into the regulatory ambit in South Africa through the regulation of crypto asset service providers (CASPs), with one of the categories of recommendations focusing on how best to apply existing financial sector laws, or how they may be amended to appropriately bring crypto assets within the domestic regulatory remit (CAR WG, 2021: 3-4). Although STPs were not included as one of the five use cases initially considered by the IFWG (and indeed the position paper is largely silent on crypto asset funds and derivatives), security tokens are defined as a type of crypto asset (CAR WG, 2021: 15) and is accordingly captured by the CAR WG definition of crypto assets. It is therefore conceivable that (depending on how it is set up) an STP (issuing security tokens on DLT) may be considered a CASP as per the position paper, potentially serving as a trading platform and potentially also a token issuer and providing custody and wallet services (CAR WG, 2021: 31-32), and therefore, by implication, be subject to the future regulatory framework currently being developed to regulate crypto assets and related activities.

Legal

In the recently published Financial Markets Review, one of the recommendations relating to trading venue recommendations is that regulators should consider a regulatory regime for alternative trading venues ensuring trading controls, market surveillance and level playing fields (NT, 2020: 8). From a fintech innovation perspective the report recommends that regulators should assess market infrastructures’ competitive landscape, specifically exchanges and central securities depositories to encourage beneficial and responsible innovation (NT, 2020: 8). Tokenisation and the use of new technologies raise several questions around the appropriateness of the existing framework and the potential gaps or areas of the existing framework that require amendment to effectively capture new activities. In the context of tokenisation, several legal questions require further exploration including: whether legislative frameworks should remain technology agnostic and, for instance, accommodate DLT-based rights holder registers; whether a tokenised real asset should be permitted in a similar way to a dematerialised electronic security; whether the law should allow for native tokens; how does the payment leg of security settlement in DLT networks happen; how does one achieve settlement finality with a tokenised asset and what is the legal status of smart contracts and the enforceability of obligations in smart contracts. Data protection legislation is also quite relevant, particularly where the STP contains cross-border elements. In addition, clear guidance is required on what constitutes ownership since it may be difficult to prove control of a specific address or DLT wallet or account (ASIFMA, 2019: 41-58).

Regulatory

Although most regulators follow the principle of ‘same-activity, same-risk, same-regulation’ innovation may, however, introduce new activities (potentially requiring a shift in the regulatory perimeter) and/or introduce different challenges requiring different rules (OECD, 2020: 8-9). The fact that an asset is tokenised arguably does not affect its regulatory status, though it may add complexity to its regulatory treatment (ASIFMA, 2019: 36). As highlighted above, regulatory authorities would also need to consider the application of the PFMIs as the starting point for the regulatory treatment of tokenised assets. The PFMIs relating to legal basis; comprehensive risk management framework; and operational risk are initially explored.

In addition, the PFMI requires clear and transparent governance arrangements to promote the safety and efficiency of an FMI, as well as the stability of the financial system, considering relevant stakeholders and the public interest (CPSS-IOSCO, 2012: 1). Design consideration of different DLTs affect how they are governed, including the degree of decentralisation and whether it is permissioned or permissionless (DTCC, 2019: 15). The lack of a single point of accountability with decentralised arrangements may present new challenges in the effective regulation and supervision of such arrangements.

Furthermore, FMI should provide clear and certain final settlement, at least by the end of the value date (CPSS-IOSCO, 2012: 2). Settlement finality is reached when a transaction can no longer be unwound, which is determined by market rules (operational finality) and jurisdictional legislation (legal finality) (DTCC, 2019: 17). Tokenisation may introduce uncertainty surrounding the moment of trade entry, and when a transaction is irrevocable and enforceable, which may be complicated by the level of decentralisation. Operational finality will have to align with legal finality and, particularly where legislation is unclear, be defined in contract (ASIFMA, 2019: 30, 64). Where settlement is probabilistic further guidance is needed on when settlement is considered legally final (DTCC, 2019: 18).

Finally, and perhaps most important, the PFMI require that money settlement should happen in central bank money “where practical and available”. In instances where central bank money is not available for settlement, the FMI must manage the liquidity and credit risk stemming from the use of commercial bank money (CPSS-IOSCO, 2012: 2). Utilising commercial bank money introduces risk, including credit and liquidity risk, which needs to be addressed by the DLT platform (DTCC, 2019: 19). Whether, and how, STPs interact with central bank infrastructure (including tokenised central bank money in the form of central bank digital currency) and/or privately issued stablecoins is an important policy decision (OECD, 2021: 20-21). Tokenised central bank money could help to enable alignment with the PFMIs (payment in central bank money and settlement finality). Where not available a stablecoin backed by the central bank could potentially serve as a settlement asset, depending on what regulators may allow (OECD, 2020: 35-36). Enabling full delivery-versus-payment on DLT could eliminate principal risk (DTCC, 2019: 20).

In addition, the PFMI also require an FMI to safeguard its own and its participants’ assets minimising the risk of loss and ensuring access to it without delay (CPSS-IOSCO, 2012: 3). An STP should have the necessary rules and procedures in place to ensure the integrity of token issues, and managing as well as minimising custody and security token transfer risk (DTCC, 2019: 20). Custodians in tokenised markets would be expected to provide services related to the storing of private keys, providing custodial wallets or assisting clients with non-custodial wallets. These arrangements may require updates to regulation to address specific risks, such as the legal determination of property rights and transfer of a security to a wrong address without the ability to reverse the transaction (OECD, 2021: 24). Despite disintermediation, trades may still require a third-party authority to provide custody services, and particularly to verify and guarantee the existence of the off-chain tokenised assets backing tokenised assets (OECD, 2020: 33).