The State of Security Token Regulations in Asia

The State of Security Token Regulations in Asia was originally published in R3 Publication on Medium by Antony Lewis and Xiang Ying Cheng, where people are continuing the conversation by highlighting and responding to this story.

Since the crypto and ICO craze in 2017, many countries in Asia have taken steps to clarify their regulations surrounding cryptocurrencies and security tokens. In this article, we focus on the three countries in Asia that have the clearest regulations in place regarding digital assets, though there is still more work to be done.

Security Token Regulations in Thailand

Within Asia, Thailand has by far the most well-defined legislations in place to govern security token offerings (otherwise known as STO’s) and exchanges. In May 2018[1], the Thai government has published its Digital Asset Decree (the “Decree”) that establishes the necessary requirements for a business to offer or provide operations for digital assets. The Decree covers both cryptocurrencies as well as digital tokens and is overseen by the Securities and Exchange Commission of Thailand (“SEC Thailand”). The Decree clearly segments between primary issuance activities (ie fundraising), applicable to token offerors and issuers, and secondary market activities (ie trading), applicable to token exchange and trade-related intermediaries.

With the Decree enacted, Thailand has also established 3 types of licenses:

(i) Digital Asset Exchange License;

(ii) Digital Asset Broker License; and

(iii) Digital Asset Dealer License.

These licenses[2] lay out the specific activities that businesses can participate in. The Exchange license is applicable to a centre or network established for the purposes of trading or exchanging of digital assets. The Broker license is applicable to any person who provides services as a broker or an agent with respect to the trading or exchange of digital assets including digital tokens. The Dealer license is applicable to any person who provides services with respect to the trading or exchange of digital assets for its own account outside the digital asset exchange.

Separately, the Decree has restricted token issuances to be done only through approved ICO portals. Thailand has also specifically set out a list of approved cryptocurrencies[3] that may be accepted as investment capital for ICOs, and to be paired with other assets on digital asset exchanges: BTC, ETH, XRP, XLM.

Presently[4], Thailand’s Ministry of Finance, under the recommendation of SEC Thailand, has approved 5 Digital Asset Exchanges, 3 Digital Asset Brokers, 1 Digital Asset Dealer, and 3 ICO portals.

There is more work to be done: Thailand hasn’t established clear guidelines regarding custody requirements for digital asset and cryptocurrency businesses. Today it is unclear as to whether existing standards applicable to securities should be applicable to digital assets, or if new guidelines and regulations will be established in future.

Security Token Regulations in Singapore

Closer to home in Singapore, in November 2018, the Monetary Authority of Singapore (“MAS”) issued a set of guidelines entitled “A Guide to Digital Token Offerings”[5]. This clarifies what type of digital assets fall under the Securities and Futures Act (“SFA”). If the digital tokens constitute capital markets products as defined in the SFA (ie securities, derivatives contracts etc), they are regulated under the SFA. In these cases, the existing relevant licenses apply, based on the activities performed by the businesses: whether as a token issuer, exchange platform, advisor or otherwise.

For example, a security token issuance platform must operate under a Capital Markets Services (“CMS”) license[6] for the purpose of dealing in capital markets products (which includes securities). A digital asset exchange that facilitates trading in security tokens must operate under a license as either (i) an approved exchange, or (ii) a recognized market operator.

Unlike Thailand, the SFA in Singapore only applies to digital assets that fall under the definition of capital markets products. Other digital tokens may be classified as payment tokens (eg Bitcoin, Ether, etc), and fall under the Payment Services Act (“PSA”)[7], which is estimated to take effect in late 2019 and has a separate set of licenses[8].

With both the SFA and PSA active, we can expect that digital asset companies will have a clearer set of regulations to comply with, in line with securities and payment regulations. However, just like Thailand, custody requirements are still unclear at the moment. Given that the existing CMS license covers custodial services for securities, we expect that digital asset custodians will need to operate under a CMS license.

Singapore’s government and related entities have further shown commitment and enthusiasm for developing the industry. In particular, in November 2018[9], MAS granted a recognized market operator (RMO) license to 1exchange, Singapore’s first private securities exchange that facilitates digital token trading. Singapore’s flagship exchange SGX is an investor in 1exchange.

The MAS is currently working with fintech businesses in a regulatory sandbox environment to figure out the missing pieces, and we expect to see updates within the next six months. It is clear that the Singapore government is supportive of the growth of the digital assets industry, including digital tokens, and it continues to build the ecosystem.

Security Token Regulations in Hong Kong

Serving as one of Asia’s key financial hubs, Hong Kong is also establishing its regulations for the crypto scene, digital tokens and security tokens. In September 2017, the Hong Kong Securities and Futures Commission (“SFC Hong Kong”) released a statement on ICOs, then later in November 2018, it published a statement[10] and a circular[11] on the regulatory framework for virtual asset portfolio managers, fund distributors, and trading platform operators. The SFC Hong Kong uses the terminology of “virtual asset”, which it defines as a digital representation of value, which is also known as “cryptocurrency”, “crypto-asset” or “digital token”[12].

The new publications provide more regulatory clarity with respect to investment and management of funds investing in digital assets such as digital tokens.

In March 2019, the SFC Hong Kong released a Statement on Security Token Offerings[13], reminding operators that where Security Tokens are securities, unless an applicable exemption applies, any person who markets and distributes Security Tokens (whether in Hong Kong or targeting Hong Kong investors) is required to be licensed or registered for Type 1 regulated activity (Dealing in securities) under the Securities & Futures Ordinance (SFO).

However, Hong Kong is still conceptualizing how it should regulate digital asset exchange platforms. Through its November 2018 publications, SFC called for exchange operators to come forward and join its regulatory sandbox in order to determine the type of license to be granted to exchange operators. Exchange operators may need to be regulated by the SFC and require SFO Type 1 (Dealing in securities) and Type 7 (Provision of automated trading services) licenses.

Per current regulations, custodial activities are not regulated by the SFC but entities acting as custodians have to be set up as a Public Trust Company and apply for the Trust or Company Service Provider[14] (“TCSP”) license, issued by the Hong Kong Companies Registry. It still remains unclear as to whether there will be separate guidelines for digital asset custodians, or if today’s regulations, applicable to traditional custodians, shall be applicable to digital asset custodians as well.


Other governments in the Asia-Pacific region have also taken various steps towards defining a clearer scope of regulatory requirements for digital assets. For example, in the Philippines, the government has set up the Cagayan Economic Zone Authority[15] (“CEZA”) which oversees a special economic zone that focuses on fintech and crypto-related businesses. In tandem, in February 2019, the Securities and Exchange Commission of the Philippines (“SEC Philippines”) issued[16] draft regulations entitled Digital Asset and Token Offerings Rules[17] (“DATO Rules”) as well as proposed Rules for Digital Asset Exchanges (“DAE”). Malaysia has regulations similar to those in Singapore, and is also working on adapting these to cover digital assets.

Plenty of ambiguities exist within today’s legal frameworks, often because they were designed for a non-digital world. Yet technology marches on. Today, larger and larger organizations from finance and technology sectors are building cryptocurrency and blockchain platforms[18]. Such moves have increased the urgency for governments to understand and regulate digital assets, in order to keep up with the ever-changing realities of business.

Although it remains to be seen how STO regulations and the crypto scene will ultimately shape up globally, we expect to see more regulatory developments soon. One thing we can be certain of is that the bulk of the action and innovation will be driven from Asia.

To find out more about R3 and digital assets, head over to our digital assets page.



















[18] See JPMorgan’s JPM Coin, Facebook’s Libra etc