Security Token Regulation in Europe in 2021 — Part 2

8 min readMay 6, 2021

Traditional security markets have several roles for intermediaries. To understand the different roles for intermediaries and the regulations that apply to them, it’s important to explain the technological process of investing in a Security Token versus the regulatory process of investing in a traditional security.

The first time a Security Token is offered to investors is called a primary issuance. An Investor that wants to buy the Security Token can pay fiat money or make a transfer of virtual currency to the Issuer. The issuer can then directly send the token to the investor’s wallet.[1] The issuer can enable secondary trading of Security Token by:

Option 1: Creating liquidity pools on decentralized cryptocurrency exchanges such as Uniswap that enable a private list of approved wallet addresses to trade the token.

Option 2: Creating a private forum where investors can trade with each other directly (bilateral trading not built on a decentralized ledger).

Option 3: Making agreements with centralized exchange platforms such as licensed exchange markets (multilateral trading not built on a decentralized ledger).

The most decentralized method (Option 1) involves no intermediaries. The blockchain technology allows a company to directly issue Security Token to investors, and those investors could trade those token on a decentralized exchange and store their token in a wallet where they control the private key. This is a very attractive option for illiquid investments such as CurioInvest’s tokenized collectible cars or RealT’s LLC shares representing equity in a specific rental property, because the automated market maker (AMM) smart contract helps ensure that liquidity is always available. However, a decentralized exchange does not fit neatly with MiFID II trading venue requirements such as the requirement to have a platform manager or operator that is a legal entity.

Regulations for Security Token Issuers

Although Option 1 does not involve counterparties, there are still regulations that apply to Security Token issuers and investors. So far, European countries have taken two main approaches regarding the regulation of issuers.[2] Countries such as France, Germany, Italy, Luxembourg, the Netherlands, Romania, Spain, and the UK are for the most part treating Security Token according to traditional securities laws with some additional requirements for the use of distributed ledger technology.[3] In contrast, countries such as Switzerland, Czech Republic, Poland, and the Slovak Republic do not apply securities laws but instead apply other laws such as Switzerland’s custom made laws regarding for distributed ledger technology assets, or Czech Republic’s intangible asset laws or the Slovak Republic’s property laws.

In September 2020, the European Commission’s draft proposal for markets in crypto assets regulation (MiCAR) was published. However, Art. 2 para. 2a MiCAR explicitly excludes financial instruments in the meaning of MiFID II. This means that while MiCAR is not applicable to Security Token, MiFiD II is applicable. If a token is sold to the public and that token meets the criteria of a “transferable security” under MiFiD II, then the Prospectus Regulation applies as well as the transparency Directive that imposes periodic and ongoing disclosure requirements such as annual financial reports. Art. 3 of MiFID II’s Central Securities Depositories Regulation (CSDR) applies if the security token will be traded on a trading venue in the meaning of MiFID II. In this case, legal settlement finality is defined by the Settlement Finality Directive (SFD).

Regulations for Security Token Exchanges

Options 2 and 3 for secondary market trading involve a forum or an exchange that are built and maintained by a centralized business. For example, a company could build a website that includes a discussion forum where investors can meet, interact, and exchange their securities with one another. An example of this is BnktotheFuture’s bulletin board for investors that bought structured products on their platform. Approved investors can advertise, buy and sell orders like in an Over-The-Counter Market. Sell Orders are filled manually by buyers. Also, buyers can post Buy Orders, which are filled by sellers. However, forums are known for having limited liquidity, and there’s no matching engine, therefore, order fulfilment takes longer than on an exchange.

In the EU, issuer-managed markets may raise regulatory red flags. The issuing company is not allowed to promote the trading of securities, so hosting the bulletin board on their website could trigger violations. To avoid legal problems associated with an issuer creating their own P2P market for investors, an issuer can offer to buy-back shares from sellers, and then privately connect with prospective buyers. However, Swiss regulators have taken a different approach. Swiss law exempts small, non-commercially run exchanges from requiring a license, for example when a company organizes a free blockchain-based market for its own shares as a service to its investors. The Swiss company Aktionariat specializes in enabling such markets and has already created P2P markets for Security Token issuers such as Mt Pelerin Group SAand SEBA Bank AG.

Another way to enable secondary market trading is to make agreements with licensed exchanges to list the security so that investors can trade the asset. For example, the UK’s Archax or Luxembourg’s BlackManta are examples of Exchanges paving the way for issuers such as Digibrixx, WeInvest, and Bakari to allow their investors to trade Security Token in a secondary market. In this example, the exchange acts as a custodian for the investor’s assets and final settlement is done on the exchange, so no further role for a separate central securities depository (CSD) for custody or settlement is necessary from a technological standpoint.

Exchanges or digital asset marketplaces that enable Security Token trading are referred to as DLT Trading Facilities (DLT-Handelssystem) in the Swiss regulation draft and as a DLT Market Infrastructure in the EU’s regulation draft both published in 2020. According to the EU’s 2020 regulation, only investment firms or market operators according to MiFID II are eligible to operate a DLT multilateral trading facility.[4] Therefore, the EU will most likely see the emergence of bank created marketplace for tokenized assets in the form of an organized trading facility (OTF) or multilateral trading facility (MTF) as defined in MiFID 2 regulations.[5] The potential approaches for banks can be divided into four categories, depending on whether it is acting as a principal or agent and what types of assets are being traded.

Table 1: Security Token Business Cases for Banks

Source: WIRESWARM / AlgoTrader[6]

[1] Excerpts from this article are taken from the upcoming Cointelegraph Security Token Report with research contributed by Andy Flury, founder of AlgoTrader in Switzerland. To learn more about legislation in Switzerland, please contact

After primary issuance, the issuer must still maintain the cap table of investors and pay out dividends. Traditionally, a public-listed company would hire a transfer agent, also referred to as a registrar or fund administrator, to manage changes in ownership of company stock or investment fund shares and manage the payment of dividends and other distributions to investors. However, small private companies normally do this internally with software or the help of an attorney. With Security Token, this role can often be managed by issuer or the exchange, and no additional transfer agent intermediary is necessary from a technological standpoint.

The reduced need for intermediaries poses challenges for regulating Security Token. The existing system for regulating traditional securities aims to create a degree of competition and separation of power in a centralized system. For example, Swiss regulations prescribe the maintenance of separate, licensed legal entities to operate various functions of the securities system such as exchange, the securities depository, clearing system, and the registry.

Fortunately, Swiss lawmakers have understood that forcing Security Token into existing regulations would:

  1. Negate the main benefit of blockchain technology i.e., reduction of counterparties
  2. Reduce Switzerland’s competitive as a hub for Security Token innovation since the traditional intermediaries such as clearing houses and registrars will take several years to build up the expertise required to handle cryptographic assets and/or startups with the expertise will take several years to acquire the appropriate licenses and capital to launch their intermediation businesses.

AlgoTrader and Bitcoin Suisse board member and digital asset expert, Luzius Meisser, who was involved in the consultation process during the drafting of the Swiss law, describes the implications as follows:

“Swiss lawmakers have recognized that crypto markets are structured differently than traditional securities markets. Consequently, they have decided to allow security token exchanges to integrate vertically: offering the full set of services necessary to operate an exchange. This enables them to be independent of traditional entities such as banks, settlement systems, and centralized securities depositories.”

In contrast with Switzerland’s approach, the European Commission’s approach of trying to fit Security Token into existing regulations such as MiFiD II, will require the separation of roles and licensing requirements for placement agents or underwriters, CSDs, and transfer agents. There are several ongoing tensions between the MiFiD II regulations and distributed ledger technology including the requirement to settle transactions with a CSD and the CSD must be a legal person. Also, MiFiD II’s Settlement Finality Directive requires that access to the securities settlement system is intermediated by a credit institution or an investment firm, meaning that natural persons are not generally permitted to have direct access to the settlement and delivery system, which is not possible for centralized or decentralized crypto asset exchanges that allow end-users to directly initiate settlement via an order or smart contract request.

Finally, there is a pesky requirement for the settlement of the payment for securities to be made in cash, in central bank or commercial currency, which makes challenges the ability to pay for Security Token with cryptographic assets including stablecoins.

The additional regulations put on virtual currencies under the new AMLD5 are most likely not applicable to Security Token because they do not constitute a means of exchange. However, this is not the case in all countries. For example, the UK expanded the scope of its regulation by referring to crypto assets instead of virtual currencies and the new term can be interpreted to encompass Security Token. France is following a similar approach. If AMLD5 does apply to Security Token, then any business that exchanges fiat currency for the crypto asset (brokers, exchanges, atms) or stores crypto assets on the behalf of customers (custodians, wallets) is required to register with financial market authorities where they are doing business and implement money laundering laws such as collecting and safely storing the identification data of users, monitoring user transactions, and reporting suspicious activity.

Bibliography & Annotations


[2] Some companies issuing Security Token prefer to call the offering a “regulatory compliant Token Offering” rather than Security Token Offering, because the latter can be a legal admission by the company that the assets being sold are securities. Different jurisdictions define token in different ways, and a popular approach is to let the token be treated as needed in each given jurisdiction instead of a uniform classification for the whole world. For example, In the US, a token can be a security where in another country it is a utility token (see XRP in U.S. vs. Japan).




[6] Excerpts from this article are taken from the upcoming Cointelegraph Security Token Report with research contributed by Andy Flury, founder of AlgoTrader in Switzerland. To learn more about legislation in Switzerland, please contact

Any views or opinions represented in this blog are personal and belong solely to the blog author and do not represent those of, unless explicitly stated. Although the information provided to you on this blog is obtained and compiled form sources we believe to be reliable, we cannot and do not guarantee the accuracy, validity, timeliness, or completeness of any information or data made available to your for any particular purpose. The information provided in this blog are neither an offer or solicitation to buy any kind of capital investments nor a recommendation for investments associated on the content of the contributions.

Originally published at on May 6, 2021.




Launch your own marketplace for traditional & tokenized financial products.