Hong Kong Fintech Regulatory Update: From “A Leap of Faith” to “A Vote of Confidence” Part II: Exploring Technology (Tokenisation)

The Hong Kong Fintech Week organized annually is not only the mega event for fintech industry players worldwide to gather in Hong Kong. It has also been significant as the “traditional” venue where the Hong Kong Regulators (SFC and HKMA) pronounce new policy initiatives, publish new regulatory guidance, and advocate their policy approach to the world.

The SFC’s issuance of the following regulatory guidance on 2 November 2023, unveils a new chapter for Hong Kong’s development as an international fintech hub:

• Tokenized Securities Circular¹
• Tokenized Products Circular
  (together, the Tokenization Circulars)

By publishing the Tokenization Circulars, which supersede the Statement on Security Token offerings published on 28 March 2019², the SFC laid down its regulatory roadmap and provided guidance to intermediaries and technology providers on the conduct of tokenized securities–related activities. At the outset, the SFC expressed the view that a “see-through” approach is taken with regard to defining the types of assets/products to which the Tokenization Circulars apply.

Generally speaking, tokenization is viewed as a wrapper over “traditional securities” or “investment products authorized by the SFC for retail offering” (SFC Authorized Products) of which the SFC’s existing legal and regulatory requirements, including applicable product authorization requirements relating to the underlying product for the latter, continue to govern.

The guidance outlined in the Tokenization Circulars specifically address the impact of tokenization (as defined below) on business activities performed relating to “traditional securities” and SFC Authorized Products. For the Tokenized Securities Circular, it seeks to guide intermediaries in addressing and managing new risks arising from the use of new tokenization technology (Risks), while the Tokenised Products Circular outlines the SFC’s requirements to be considered by intermediaries when dealing with tokenized SFC Authorized Products.

Definition and Comparison

Global regulators have constantly been up a learning curve and continue to struggle with sculpting their regulatory ambit given the ever-developing nature and application of technology. Therefore, essentially, as a prerequisite to providing regulatory guidance to financial market participants, the Tokenization Circulars set the scene with its taxonomy to be applied, as summarized below.

Please refer to the table¹¹ below comparing the distinct characteristic of each distribution ledger network archetypes.

Upon defining that the asset falls within the definition of Tokenized Securities, existing conduct requirements and securities/investment offering regimes (Public Offering Regimes)¹² for securities-related activities apply to intermediaries depending on the types of activities performed. Please refer to the first article of our series.

To address the Risks identified, the SFC expects intermediaries to comply with additional conduct requirements and also prescribe various considerations for intermediaries to take into account before engaging in Tokenized Securities/Digital Securities–related activities and distributing Tokenized SFC Authorized Products.

Additional Conduct Requirements for Specific Intermediaries Engaged in Tokenized Securities-Related Activities

Considerations When Engaging in Tokenized Securities–Related Activities

Additional Specific Considerations²⁰ When Engaging in Digital Securities–Related Activities

Specific Considerations for Product Providers When Engaging in Primary Dealing of Tokenized SFC Authorized Products

Further, in relation to the Arrangement and upon the SFC’s request, the Product Providers should (a) confirm and demonstrate (to the SFC’s satisfaction) and/or (ii) obtain third-party audit or verification of the management and operational soundness of the Arrangement, recordkeeping of ownership, and the integrity of the smart contracts.²⁹  Additionally, the Product Providers should obtain satisfactory legal opinion to support its application upon the SFC’s request.

Noticeably, as the designated securities, futures, and VA regulator, the SFC offers guidance that transcends standard guidance over intermediaries’ conduct. The Tokenization Circulars seek to guide intermediaries on the considerations pertaining to each type of “product” offering involving DLT. As such, it would be best for intermediaries to adopt a “layering” strategy when exploring with tokenization by firstly complying with existing conduct/product requirements applicable to their conduct of “traditional financial business” and thereafter, considering the applicability of various SFC considerations highlighted in the Tokenization Circulars. To summarize, a quick-steps guide is to be:

• well versed in the suite of existing SFC and HKMA regulatory guidance covering the specific business conduct, Public Offering Regime and Complex Product Requirements (as applicable);
  
• knowledgeable in the nature of the DLT and its impact on product features and distribution channel;
  
• robust in conducting due diligence against Third Parties;
  
• capable of identifying the specific Risks pertaining to the product and formulating appropriate systems and controls to effectively mitigate Risks;
  
• vigilant in providing clear disclosure pertaining to the tokenized features of the product; and
  
• upfront and transparent with Regulators prior to launching/distributing tokenized products.

Sidley’s Insight

1. Definitions Count – Digital Securities

So, is it a “traditional security” that falls within the definition of “securities” under the SFO and structured in a manner that may also fall within the ambit of “collective investment schemes” defined under the SFO? If so, the Tokenization Circulars have provided tangible “layers”/”steps guide” for intermediaries when distributing, dealing, advising, and managing these Tokenized Securities, as summarized above. However, intermediaries venturing into structuring more bespoke, novel, or complicated investment products would have to adopt a “wait and see” approach as it does not appear that the SFC has yet finalized its regulatory approach/guidance with regards to Digital Securities.

2. Comparative Analysis – Secondary Trading of SFC Authorized Products

With regard to secondary dealings of tokenized SFC Authorized Products, the SFC has stated that this will warrant more caution and careful consideration to provide a substantially similar level of investor protection to those investing in a nontokenized product. The SFC’s concerns, among others, include understanding how best to (a) maintain proper and instant token ownership record, (b) assess readiness of the trading infrastructure and market participants to support liquidity, and (c) determine fair pricing of the tokenized products. Therefore, in line with the SFC’s application of the “same business, same risks, and same rules” standard, until and unless the concerns highlighted could be adequately addressed to the SFC’s satisfaction, the SFC will unlikely allow existing intermediaries to engage in secondary trading in tokenized SFC Authorized Products.

That said, we are aware that there is a licensed VATP that has submitted a proposal to the SFC to explore tokenization of SFC Authorized Products.³⁰ As Hong Kong’s first licensed VATP continue to innovate with the support of the SFC, it can be expected that Hong Kong will continue to be at the forefront of the international arena in expanding investment opportunities to the next generation of digital-savvy retail investors.

3. Prospective Relaxation – Exclusion From Compensation Arrangement

Contrary to the majority of global regulators’ appetite against providing retail investors with access to VA, the SFC has taken a great leap forward by simultaneously supporting intermediaries in their experiment with tokenization. With the VATP embarking on developing and designing new tokenized financial products that will be made available to public investors, the SFC has also indicated that it may consider excluding certain Tokenized Securities from the SFC’s requirements imposed on VATPs. Specifically, the SFC has indicated that it may exclude VATPs on a case-by-case basis from meeting the compensation arrangement requirement if risk of financial loss to clients holding Tokenized Securities can be effectively mitigated. This is a much welcomed second round of relaxation if this materializes.

The SFC has only recently laid down groundbreaking guidance effective in June 2023 introducing a licensing regime for VATPs. According to the Guidelines for Virtual Asset Trading Platform Operators, VATPs must put in place insurance/compensation arrangements to satisfy the SFC’s requirements in support of its regulated platform business. The SFC originally took a much more conservative stance demanding “opt in” VATP operators to meet strict insurance requirements.

The SFC’s announcement in this respect signifies and demonstrates the SFC’s strong conviction that the trend of technology immersion into the financial markets is irreversible, and it remains flexible and open to refinements to its regulatory guidance. Ultimately, the regulatory requirements imposed by the Regulators may apply to both traditional financial and VA market players in a manner that would truly be recognized as a level playing field for all. With this first mover advantage, the Hong Kong government welcomes both traditional financial and VA market players to become part of Hong Kong’s fintech hub.

Please refer to our next article for the unlimited opportunities on offer in Hong Kong to existing intermediaries and market entrants in view of the impact of the Joint Circular and Tokenization Circulars.

Please click here to see Part I: Expanding Clientele (Retail Access).

¹ List of relevant paragraphs and Appendix to the Tokenized Securities Circular is accessible herein: chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://apps.sfc.hk/edistributionWeb/api/circular/openFile?lang=EN&refNo=23EC52.  
² Statement on Security Token Offerings, 28 March 2019, https://www.sfc.hk/en/News-and-announcements/Policy-statements-and-announcements/Statement-on-Security-Token-Offerings.  
³ CIS generally has four elements:
(i) it must involve an arrangement in respect of property;
(ii) participants do not have day-to-day control over the management of the property;
(iii) the property is managed as a whole by or on behalf of the person operating the arrangement and/or the contributions of the participants and the profits or income from which payments are made to them are pooled; and
(iv) the purpose or effect of the arrangement is for participants to participate in or receive profits, income, or other returns from the acquisition or management of the property.
⁴ The SFC referenced pages 20 and 21 of the “Impact of Distributed Ledger Technology in Global Capital Markets” published by the Global Financial Markets Association in May 2023 and summarized the nature of three different types of DLT network archetypes.
⁵ For example, are these CIS, securities or digital securities?
*tokenization of fractionalized interests in real world or digital assets such as artwork or land;
*native token with CIS characteristics trading on a public-permissionless network; or
*tokenization of a profit-sharing arrangement.
⁶ As defined in paragraph 1.7 of Section I: Overarching Principles Section of the SFC Handbook for Unit Trusts and Mutual Funds, Investment-Linked Assurance Schemes and Unlisted Structured Investment Products.
⁷ Heightened for use of public-permissionless network
⁸ The SFC referred to and indicated that key concepts surrounding tokenization may be found in Part III of the “Annual Economic Report 2023,” issued by Bank of International Settlement in June 2023.
⁹ Holder [of the Tokenized Securities] has practical control of the token according to the blockchain records and can exercise the token holder’s rights, for example, to repayment of the principal for a tokenized bond.
¹⁰ The SFC does not expect Product Providers to issue SFC Authorized Products in bearer form.
¹¹ Extracted from page 21 of the “Impact of Distributed Ledger Technology in Global Capital Markets,” published by the Global Financial Markets Association in May 2023.
¹² Companies (Winding up and Miscellaneous Provisions) Ordinance (Cap. 32) and Part IV of the SFO
¹³ Appendix to the Tokenized Securities Circular
¹⁴ Marked-up revisions to the RA9 T&C are applicable to intermediaries engaged in asset management services in respect of VA that meet the “de minimis threshold” as set out in Appendix 7a of the Joint Circular and will not apply to fund managers managing a portfolio investing in Tokenized Securities unless the Type 9 manager also invests in VA meeting the “de minimis threshold.”
¹⁵ See footnote 1 regarding Part A and Part B of the Appendix to the Tokenized Securities Circular.
¹⁶ Implementation of administrative controls (i.e., transfer restrictions or whitelisting) by issuer to protect holders of Tokenized Securities using public-permissionless networks against risks of theft and hacking.
¹⁷ For Tokenized Securities in bearer form, additional considerations for use of public-permissionless networks appear in Part B of the Appendix.
¹⁸ For example: (a) whether off-chain or on-chain settlement is final; (b) the limitations imposed on transfers of the Tokenized Securities (if any); (c) whether a smart contract audit has been conducted before deployment of the smart contract (if any); (d) key administrative controls and business continuity planning for DLT-related events (e.g., cyberattacks, network failures, forks, loss of administrative cryptographic keys or investor’s cryptographic keys, or unauthorized transfers); and (e) the custodial arrangement (if applicable).
¹⁹ Reference to be made to (a) Chapter 6 of the Guidelines on Online Distribution and Advisory Platforms; (b) Paragraph 5.5 of the Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission; (c) A nonexhaustive list of examples of investment products considered to be “noncomplex”: https://www.sfc.hk/en/Rules-and-standards/Suitability-requirement/Non-complex-and-complex-products; and (d) a flowchart illustrating the factors for determining whether or not a VA-related product is a complex product at Appendix 3: chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://apps.sfc.hk/edistributionWeb/api/circular/openAppendix?lang=EN&refNo=23EC44&appendix=0
²⁰ Matters set out under the headings “Additional Conduct Requirements for Specific Intermediaries engaged in Tokenised Securities-related activities” and “Considerations when engaging in Tokenised Securities related activities” equally apply to Digital Securities-related activities.
²¹ Please refer footnote 19 above for relevant guidance relating to Complex Product Requirements.
²² Appendix A to the Tokenised Securities Circular
²³ Paragraph 15 of the Tokenized Securities Circular. Please also refer to our articles titled “Hong Kong Fintech Regulatory Update: From “A Leap of Faith” to “A Vote of Confidence” Part I Expanding Clientele (Retail Access)”.
²⁴ Paragraph 6.8 of the Code on Unit Trusts and Mutual Funds.
²⁵ For example, the tokenization arrangement can incorporate a burning and reissuance mechanism, with an aim to mitigating hacking risk and theft.
²⁶ Paragraphs 9 and 14 of the Tokenized Securities Circular.
²⁷ Paragraphs 19 and 20 of the Tokenized Securities Circular.
²⁸ For example, cybersecurity, system outages, the possibility of undiscovered technical flaws, evolving regulatory landscape, and potential challenges in application of existing laws.
²⁹ At a minimum, the Product Providers should confirm and demonstrate to the SFC that they comply with the requirements set out in the section heading “Specific Considerations for Product Providers when engaging in primary dealing of tokenized SFC Authorized Products” and the smart contracts are not subject to any contract vulnerabilities or security flaws with a high level of confidence.
³⁰ https://osl.com/press-release/osl-Harvestglobal-tokenisation/.