- In an increasingly decentralised financial sector, asset tokenization (whereby a surrogate value is stored on a blockchain and represents digital or physical assets) has been expanding over the last few years. Different types of tokens include non-fungible tokens or NFTs, as well as fungible and security tokens.
- One of the key challenges facing the operation of decentralised tokenization is the need to adapt the global regulatory environment and strike the right balance between encouraging innovation and minimising risk.
Key in the words ‘tokenization’ and ‘definition’ into any search engine and you are spoilt for choice. Take, for example, the following:
‘Tokenization refers to a process by which a piece of sensitive data, such as a credit card number, is replaced by a surrogate value known as a token. The sensitive data still generally needs to be stored securely at one centralized location for subsequent reference and requires strong protections around it. The security of a tokenization approach depends on the security of the sensitive values and the algorithm and process used to create the surrogate value and map it back to the original value’ (per Gartner Information Technology Glossary ).
It should be added that the generated token has ‘no extrinsic or exploitable meaning or value’ (according to the World Bank Practitioners’ Guide). Thus, the essence of tokenization is to replace sensitive data with non-sensitive strings that are meaningless without access to the tokenization system to reverse the process and ‘map back’ to the original data and value.
The original purpose of tokenization was, thus, to protect sensitive data during a transaction, eg, as already noted, safeguarding a customer’s credit card information. It is akin to (though, technically, not the same as) encryption. That form of tokenization is not new; it has been around for 20 years.
However, over the past five or six years, a different type of tokenization—asset (rather than transaction) tokenization—has developed, especially in a decentralised context.
Non-fungible token or ‘NFT’ is the buzzword du jour. NFTs have arguably stolen the limelight. They are, though, only one part of a much bigger picture—the ‘NF’ is a differentiator. This distinguishes them from the popular, fungible types, such as payment tokens.
In a decentralised context, cryptography is important. A digital token thus becomes ‘a string of characters that constitutes a cryptographically-secure representation of a set of rights’ (Global Cryptoasset Regulatory Landscape Study, at p14). As such, a token is no longer simply an instrument of process—it acquires an inherent value. Thus:
‘A token in the crypto context is a small piece of software code (smart contract) that represents real value and stores it digitally on… a blockchain, the most popular being Ethereum. Tokenization is the process of digitally embedding an asset such as a good or a right into a (crypto) token and storing and issuing it on a blockchain network’ (Tokenization—Definition, Challenge and Use of the Token Economy, M Hammer, 20 February 2022).
As the token lives on a distributed ledger, or blockchain, it has a permanence. Once tokens are recognised as possessing value and permanence, they can be applied in a multitude of applications and can be categorised—for example, according to quality (fungible or non-fungible), purpose (security, utility, payment, etc) and use (representing rights to real property, financial instruments, art, sports paraphernalia, and the like).
Different types of decentralised tokens
Non-fungible tokens, or NFTs, derive value and create rights and benefits in a unique digital asset. An NFT cannot be replicated nor can it be exchanged for another identical token. Moreover, because it lives on a blockchain, the origin and history of the NFT is indelibly retained in its metadata. An NFT is, therefore, not just unique; it is self-authenticating.
Fungible tokens, on the other hand are ‘divisible, identical, and replaceable by another identical item, such as general admission concert tickets or loyalty points. If two parties have equal amounts, they can swap them without losing or gaining anything’ (see 'What is tokenization?). Just as a ticket has served its purpose once admission has been gained, or loyalty points cease to have a value once redeemed, fungible tokens can be cashed in and relinquished (back to the provider).
Security (or asset) tokens have been defined as ‘a digital representation of an investment product, recorded on a distributed ledger, subject to regulation under securities laws’ (see Security Token Offerings, T Lambert, D Liebau and P Roosenboom, July 2020, p5). Here is not the time to venture into greater definitional detail, save in respect of regulation. As Lambert et al say:
‘Security tokens also come under the purview of securities laws. This means that all security tokens, as investment products, have the status of regulated securities. However, the converse is not necessarily true. In some jurisdictions, such as in the United States, utility tokens are also considered as “regulated securities”, whereas they are another type of product than investment products. Therefore, our definition is not reciprocal since not all regulated securities are security tokens but all security tokens are regulated securities.’
The need for regulation of security (and other) tokens can only be noted here. Space does not permit a full discussion. For present purposes, it is sufficient to note that not all jurisdictions classify tokens in the same way and not all jurisdictions regulate particular categories of token in the same way. It will be some time before there is consistency of approach and uniformity of international best legal practice.
As can be seen above, security tokens are to be differentiated from utility tokens. The ‘main purpose of a utility token is to grant access to a community-based ecosystem by giving its holders a consumptive right on a product or service’ (Initial Coin Offerings and the value of crypto tokens, C Catalini and J Gans, March 2018). The intention of a utility token is that it is used or expended and, as such, is similar to a voucher.
Here, Lambert et al go on to explain (at p7) the difference between a Security Token Offering (STO) and an Initial Coin Offering (ICO) as follows:
‘The issuance of utility tokens (through ICOs) often happens at a very early stage—that is, before any product or service has been developed. This contrasts with security tokens that can be issued (through STOs) regardless of the development stage of the firm. STOs thus draw significant parallels with equity-based crowdfunding, whereas ICOs compare to reward-based crowdfunding. However, STOs are usually restricted (by law) to a group of accredited or experienced investors and are thus akin to private placements—that is, privately negotiated investment products sold outside of a public offering’.
Different from both security and utility tokens are payment (or currency) tokens, which are cryptocurrencies; ie ‘a cash equivalent on a blockchain’.
The uses, applications & benefits of tokenization
It follows from what has already been said that decentralised tokenization has developed from a means of securely storing or transmitting sensitive data (eg numbers for credit/debit cards, telephones, passports, driving licences, bank accounts, and email and physical address lists) to the point where almost any real asset can be ‘mapped’ on a distributed ledger technology (DLT) system through tokenization.
Thus, a licence for one-time use might be granted by a utility token. Tokenization also facilitates fractional ownership in terms of space (a flat within an apartment block) or time (time-share interests in a single property). Such rights and interests can be created without tokenization, but tokenization makes recording such transactions both easier and immutable. Tokenization can also be applied to assets where fractionality has been close to impossible. It is difficult to conceptualise a one-hundred-thousandth physical share in a Picasso. It is easier to hold, as an asset, a token representing a one-hundred-thousandth of a Picasso (also: I cannot buy a Picasso, but I might be able to buy a one-hundred-thousandth share in one. I cannot enjoy any increase in the asset value if I have to buy a whole painting, but I can if I can buy an affordable share in one). As such, tokenization can make assets more liquid, encouraging trade in such assets on a 24/7, borderless basis. More trade creates more economic activity and value which, in turn, creates opportunities for profit and, for governments, opportunities to tax those profits (acknowledging that effective taxation of tokenized assets does present some problems, too).
One of the main intentions behind tokenization is disintermediation—ie stripping out the go-between(s). Intermediaries add time and cost. The decentralised financial (DeFi) sector is the most obvious example. Bitcoins and other cryptocurrencies (payment tokens) can be sent round the world directly from sender to recipient, all day any day, without currency conversion costs; so, too, can shares and other financial instruments (security tokens) be traded directly and, while domestic energy tokens (utility tokens) are unlikely to be traded, there would certainly be a secondary market in carbon credits and other ‘wholesale’ off-set instruments. Moreover, while the origin of Bitcoin lay in a libertarian anti-establishment response to the global financial crisis, tokenization will also become a key feature of Central Bank policy, through the development and use of Central Bank Digital Currencies (CBDCs)—certainly in facilitating banking reconciliations at a wholesale level and, possibly, as part of a retail banking offering.
Operating protocols & regulation
No introductory discussion of decentralised tokenization would be complete without referring to two fundamental requirements:
(1) the need for interoperability; ie the need for operating systems to be able to ‘talk to one another’ and interact, and
(2) the need for regulation.
Interoperability is a software issue that is frequently encountered and always (eventually) resolved: think ‘Windows for Mac’. It will be solved by compatibility or market acceptance (think VHS vs Betamax).
Regulation is a more nuanced and, therefore, intractable issue. It is not one-size-fits-all: decentralised security tokens (or, at least, some security tokens) will need stricter regulation than other tokens. There and elsewhere, an optimal balance must be struck between not too-heavy regulation (which would cramp innovation and entrepreneurship) and nor too-light regulation (which would leave consumers exposed to unacceptable risk). Regulation of tokens must also dovetail with other regulatory regimes, notably the General Data Protection Regulation. It must also be standardised internationally. There is, as yet, no equivalent to SWIFT (for the settlement of international banking transactions) or ICANN (standardising the assignment of names and numbers for internet domains). At present, there is what has been described by M Hammer, above, as ‘a country-specific patchwork’ of regulation. That must change if tokenization is to achieve its full potential.
There are encouraging signs that international convergence will emerge. At the end of June 2022, the EU announced provisional agreement on the text of a Markets in Crypto Assets (MiCA) Regulation. The intention of the MiCA Regulation will be to establish regulatory parity between DeFi and traditional financial services providers. It is impossible to go into any detail here, but it should be noted that MiCA will not apply to NFTs in general; only to those that fall within the categories of crypto-asset covered by the regulation.
Finally, on 28 July 2022, the Law Commission published its Digital Assets consultation paper (Law Com No 256, bit.ly/3xYSOLz). Again, space does not permit any detailed analysis of the paper, which focuses more on the legal status of tokens (see Chapter 10) and on aspects of holding and dealing in crypto-tokens (see Chapters 11-18) rather than tokenization per se. The discussion of the operative function of crypto-tokens in Appendix 3 of the paper (particularly at pp496–500) is relevant to the regulation of crypto-tokens.
Michael Patchett-Joyce
36 Commercial
