Tokenization Regulation: The Real-World Asset (RWA) Legal Framework

Tokenization regulation is the body of financial and securities law that decides how a real-world asset behaves once it is represented as a token on a distributed ledger. There is no single "tokenization law." Instead, the rules that apply depend entirely on what the token represents, and the most important question a founder must answer is whether the token is a regulated security.

By Magnus Müller · Reviewed by Magnus Müller · Last updated: 2026-06-14

What "tokenization regulation" actually governs

Tokenization regulation governs the legal treatment of a token that stands for an off-chain asset such as real estate, a bond, a fund unit or a share. The defining rule is simple: the law looks through the token to the underlying. If the underlying is a security, securities law applies to the token, and the blockchain wrapper changes nothing about that classification (MiCA Art. 2(4) summary).

For founders, this means the first task is not choosing a chain or a token standard. It is mapping the asset to a legal category, because that mapping decides which prospectus, licensing and market-infrastructure rules then attach. A real-world asset (RWA) token that carries ownership, profit or income rights will, in most jurisdictions, sit firmly inside the existing securities rulebook.

This page covers RWA financial instruments specifically. Payment tokens, e-money tokens and stablecoins sit on the opposite side of the line: in the EU they fall under MiCA rather than the securities regime. We use them here only as a contrast, and route stablecoin and crypto-asset questions to the EU's MiCA regime.

Tokenization is technology-neutral

The spine of every regime examined below is the principle that tokenization is technology-neutral. Issuing a share, bond or fund interest as a token does not strip it of its legal nature. Regulators in the EU, the US, Switzerland and Singapore all treat the distributed-ledger form as a packaging choice, not a reclassification event (Reg (EU) 2023/1114 (MiCA); MAS Project Guardian materials). If the underlying is a capital-markets product, the token is a capital-markets product.

What counts as a real-world asset (RWA)

In a tokenization context, a real-world asset is any off-chain value that a token represents on-chain. The common asset classes are real estate, bonds and debt, funds and collective investment vehicles, equity and shares, and commodities or collectibles. Each class maps to a different combination of securities and market-infrastructure rules, which we set out in detail in the by-asset-class section further down this page.

When is a tokenized asset a security?

In most RWA structures the answer is yes. Both the EU and the US run a substance test that ignores the blockchain form and asks what economic rights the holder actually receives. Where the token carries ownership, profit or income rights, it is presumptively a security, and the heavier rulebook follows.

EU: the MiFID II "transferable securities" test

Under MiFID II (Directive 2014/65/EU), Art. 4(1)(44), "transferable securities" are classes of securities that are negotiable on the capital market, except instruments of payment. The category expressly includes shares and equivalents, bonds and other forms of securitised debt, and derivatives (MiFID II Art. 4(1)(44), ESMA rulebook).

ESMA applies a three-part working test to decide whether a crypto-asset is a transferable security and therefore sits outside MiCA. The token must (1) belong to a class of securities, (2) be negotiable on the capital market, and (3) not be an instrument of payment (ESMA Guidelines on qualification of crypto-assets as financial instruments). Tokenizing a share or bond does not remove any of these features, so the financial-instrument status survives.

US: the Howey test

The US has no bespoke tokenization statute. Classification runs through the investment-contract test from *SEC v. W.J. Howey Co.*, 328 U.S. 293 (1946). A transaction is a security where there is (1) an investment of money, (2) in a common enterprise, (3) with a reasonable expectation of profits, (4) derived from the efforts of others (SEC Framework for Investment Contract Analysis of Digital Assets).

The SEC's "Framework for 'Investment Contract' Analysis of Digital Assets," published on 3 April 2019 by its FinHub team, notes that in a typical digital-asset offering the first two prongs are usually met, so the analysis turns on the third prong, the expectation of profit from the efforts of others, against which the framework lists more than 30 factors. The framework is guidance, not a rule. Most RWA tokens, including real-estate fractions and profit-bearing claims, readily satisfy Howey and are securities.

The takeaway: ownership/profit rights = presumptively a security

The two tests converge on a single working rule. A token carrying ownership, profit or income rights in a real-world asset is presumptively a security in both the EU and the US, and the prospectus, licensing and market-infrastructure obligations attach from that classification onward (MiCA exclusion summary). Treat that as the default and build the compliance plan around disproving it, not assuming it away.

The EU framework: MiCA exclusion and the DLT Pilot Regime

The EU is the densest of the regimes covered here, and it draws a hard binary. Whether a token is a financial instrument decides which entire rulebook applies. On top of that binary sits an experimental sandbox, the DLT Pilot Regime, that lets market infrastructures trade and settle tokenized instruments under temporary exemptions.

MiCA does not cover tokenized financial instruments (Art. 2(4))

MiCA (Regulation (EU) 2023/1114), Art. 2(4), states that MiCA does not apply to crypto-assets that qualify as financial instruments within the meaning of MiFID II. The exclusion also covers deposits, funds, securitisation positions, and insurance and pension products (MiCA Art. 2(4) summary).

The consequence is the EU binary. Tokenized shares, bonds, derivatives and fund units fall outside MiCA and remain under MiFID II, the Prospectus Regulation, CSDR and the Market Abuse Regulation (MAR), plus national implementing law. Utility, payment and e-money-style tokens go to MiCA. Tokenized financial instruments, the typical RWA case, do not.

What is the EU DLT Pilot Regime?

The EU DLT Pilot Regime is Regulation (EU) 2022/858. It was adopted on 30 May 2022, published in OJ L 151 on 2 June 2022, and started applying on 23 March 2023 (Reg (EU) 2022/858, EUR-Lex). It creates a sandbox that lets market infrastructures trade and settle "DLT financial instruments" with temporary, conditional exemptions from MiFID II, MiFIR and CSDR.

A DLT financial instrument is defined in Art. 2(11) as a financial instrument that is issued, recorded, transferred and stored using distributed-ledger technology (Reg (EU) 2022/858 operative text). The regime does not change the classification of the instrument; it relaxes specific market-infrastructure rules so that ledger-native trading and settlement can be tested at limited scale.

The three DLT market-infrastructure types and their caps

The regime introduces three new market-infrastructure types. A DLT multilateral trading facility (DLT MTF) is run by an investment firm or market operator under Art. 4. A DLT settlement system (DLT SS) is run by a CSD under Art. 5. A DLT trading and settlement system (DLT TSS) combines both functions in a single entity under Art. 6 (Reg (EU) 2022/858 operative text).

Eligibility thresholds under Art. 3 are size-based. Note that the EUR figures below come from a secondary fetch of the EUR-Lex text and are flagged for verbatim verification before publishing as exact, so we state them as approximate.

Permissions are granted for up to six years, and the regime is explicitly an experimentation framework rather than a permanent licensing track (Reg (EU) 2022/858 operative text).

Switzerland: ledger-based securities under the DLT Act

Switzerland built one of the cleanest private-law foundations for tokenized assets through its DLT Act, the basis for the Swiss and Crypto-Valley credibility our practice draws on. The securities-law core gives tokenized shares and bonds a transfer mechanism that works at the level of property law, with the regulatory layer sitting on top.

CO Art. 973d ledger-based securities (Registerwertrechte)

Switzerland amended ten federal acts through the DLT Act, with the core securities provisions in force from 1 February 2021 (Library of Congress, Swiss DLT amending law). The new Art. 973d et seq. of the Swiss Code of Obligations (CO) introduces "ledger-based securities" (Registerwertrechte), rights created by entry in a securities ledger that can only be exercised and transferred via that ledger (SBF Circular 2021/01 on ledger-based securities).

These differ from simple uncertificated securities under Art. 973c CO. The ledger must give the creditor, not the debtor, the power of disposal through a technical process, and it must protect integrity against unauthorized modification.

Tokenized shares and bonds the Swiss way

Shares of a Swiss stock corporation can be issued directly as ledger-based securities under Art. 973d CO, provided the articles of association supply the statutory basis (SBF Circular 2021/01). This gives tokenized equity and bonds a clean private-law transfer mechanism rather than a contractual workaround. The regulatory and licensing layer, including FINMA supervision and the FinMIA DLT trading facility license, sits on top of this private-law ledger-security concept. Where a project intends to operate a venue or seek authorization in Switzerland, work through the Swiss FINMA framework for the licensing detail.

Singapore: the SFA and MAS Project Guardian

Singapore approaches tokenization through its existing capital-markets statute, layered with a large industry pilot. The Monetary Authority of Singapore (MAS) takes the same technology-neutral stance as the EU and Switzerland: if the asset is a capital-markets product, the offering is regulated, regardless of the token form.

Securities and Futures Act applies to tokenized capital-markets products

MAS treats tokenization as technology-neutral. If the asset a token represents is a capital-markets product, the token offering is subject to the Securities and Futures Act (SFA), and MAS has adapted the SFA framework to support tokenised debt securities (MAS Project Guardian). The classification logic mirrors MiFID II and Howey: look through the wrapper, then apply the existing rulebook. Founders evaluating Singapore should review the Singapore MAS licensing requirements alongside this framework.

Project Guardian frameworks (GFIF, Guardian Funds Framework)

Project Guardian is a MAS-led, multi-jurisdiction collaboration with more than 40 financial institutions across 7 jurisdictions, testing tokenization across fixed income, asset and wealth management (funds), and FX (MAS Project Guardian). Note that these institution and jurisdiction counts are flagged for reconfirmation from the live MAS materials before publishing as fact. The initiative has produced industry frameworks including the Guardian Fixed Income Framework (GFIF) and the Guardian Funds Framework, drawing on the GFIF reference document.

The United States: securities-first, no bespoke RWA statute

The US has no dedicated RWA-tokenization statute. It is a securities-first regime in which classification under Howey drives everything that follows, from registration to the duties of intermediaries.

Classification via Howey, then registration or exemption

Once a token is a security under Howey, it triggers Securities Act 1933 registration unless an exemption applies. The common exemptions are Reg D, Reg A+ and Reg S (SEC digital-asset framework). These US-specific exemption and registration details are asserted from general securities law and are flagged for a dedicated source pass before the page makes deep US licensing claims. The practical effect is that a US RWA offering is structured the same way as any other securities offering, with the token sitting inside that framework.

Intermediary and structuring duties

Intermediaries that handle security tokens face their own registration duties as broker-dealers, alternative trading systems (ATS) or transfer agents. Tokenized funds engage the Investment Company Act, and tokenized real estate is commonly held through an SPV whose interests are themselves securities (SEC digital-asset framework). As above, these intermediary-duty specifics are stated from general law and flagged for primary sourcing before they are relied on for a US compliance plan.

How regulation differs by asset class

The framework above is abstract until it is mapped to a concrete asset. The asset class decides which combination of MiFID II, the Prospectus Regulation, CSDR, the DLT Pilot Regime, the Swiss CO and the Singapore SFA actually applies. The list below moves from the most common RWA structures to the contrast case.

Real estate

Tokenized real estate is almost always issued through an SPV or trust that holds the property, with the token representing a securities-law interest in that vehicle rather than direct legal title to the deed. Direct token-to-deed title is rare and jurisdiction-dependent. This is industry-standard practice and is flagged for a specific legal source before being relied on as a factual assertion.

Bonds and debt

Bonds and debt are squarely "securitised debt" under MiFID II Art. 4(1)(44)(b) (MiFID II Art. 4(1)(44)). Subject to the size thresholds, they are eligible for the EU DLT Pilot Regime (Reg (EU) 2022/858), and they are the primary live use-case under the MAS Guardian Fixed Income Framework (MAS Project Guardian) and Swiss ledger-based bonds (SBF Circular 2021/01).

Funds and collective investment

Tokenized fund units are financial instruments and therefore sit outside MiCA (MiCA exclusion summary). They are an explicit asset class in the DLT Pilot Regime, where collective-investment units are eligible up to roughly EUR 500 million AUM (Reg (EU) 2022/858), and they feature in the MAS Guardian Funds Framework (MAS Project Guardian).

Equity and shares

Shares are transferable securities under MiFID II (MiFID II Art. 4(1)(44)). Switzerland goes furthest in enabling direct on-chain issuance: shares of a Swiss stock corporation may be issued as ledger-based securities under Art. 973d CO (SBF Circular 2021/01), which is why tokenized equity projects so often look to the Swiss structure.

Commodities, collectibles and the stablecoin contrast

For commodities and collectibles, classification depends on structure. A bare ownership token of a single physical good may not be a security, but a fractionalized or pooled structure with a profit expectation typically is, under Howey (SEC digital-asset framework). Stablecoins and payment tokens are not RWA financial instruments at all. In the EU they fall under MiCA as e-money tokens or asset-referenced tokens, the opposite side of the Art. 2(4) line (MiCA exclusion summary). They are included here only for contrast.

Licensing and authorization triggers for an RWA tokenization project

Once the classification is settled, the operational question is which activities require authorization. The licensing burden is activity-based, not asset-based, so a single project can trigger several authorizations at once depending on what it actually does with the token. The three classic triggers are issuance, operating a trading venue, and custody. For the broader logic, see licensing by business activity.

Issuance / offering

Issuing a security token engages offering rules. In the EU that means the Prospectus Regulation, subject to the available exemptions, and the obligation flows from the classification rather than from the technology (MiCA exclusion summary). Classification therefore always comes first; the prospectus analysis is downstream of it.

Operating a trading venue

Running a secondary market for tokenized securities engages venue rules. In the EU that is a MiFID II MTF, or a DLT MTF or DLT TSS under the DLT Pilot Regime (Reg (EU) 2022/858). In Switzerland it is a FinMIA DLT trading facility (SBF Circular 2021/01). The Swiss FinMIA DLT trading facility license is referenced generically and is flagged for a FINMA or FinMIA primary source before licensing claims are made.

Custody and settlement

Holding and settling tokenized securities engages custody and settlement rules. In the EU, settlement of DLT financial instruments runs through CSDR or, in the sandbox, the DLT SS infrastructure type (Reg (EU) 2022/858). RWA token offerings also carry the usual AML and KYC requirements, which apply alongside the securities authorizations rather than instead of them.

Book a free 15-minute discovery call

Comparative regimes at a glance

The five regimes pull together into one scannable view. Each starts from the same technology-neutral premise and then adds its own mechanism, status and date. Use this as a quick orientation before the deeper jurisdiction work.

Sources for this comparison: Reg (EU) 2022/858, MiCA summary, SBF Circular 2021/01, MAS Project Guardian, and the SEC digital-asset framework.

From our practice

In our advisory work the failure mode is consistent: a project picks a chain, mints a token, and only then asks whether the offering needs a prospectus or a venue license. By that point the structure is hard to unwind. The orderly path runs the other way. We start by mapping the underlying asset to a legal category, confirm whether it is presumptively a security under MiFID II or Howey, decide the issuance vehicle (often a Swiss ledger-based structure or an SPV), and only then choose the technology. Reframing the project as a securities matter that happens to use a ledger, rather than a crypto matter that happens to touch a security, removes most of the surprises. For the latest regulatory movement that shapes these decisions, follow our crypto regulation insights, and on adjacent risk topics see our notes on DeFi compliance steps and digital-asset insurance.