Editor's Choice Trending Wealthtech

Ensuring Compliance in Tokenised Securities

Security Token offerings (STOs) can take the form of any traditional financial security, be it an investment fund, equity, debt and performs that same offering, but does so using blockchain technology. Luc Falempin, CEO Tokeny describes STOs multiple benefits over traditional securities and the impact of compliance in the growth of STOs as a digitised asset.

STOs are by definition securities and are subject to the same rules and regulations that govern securities yet offering multiple benefits while over blockchain to automate existing processes, reduce operational costs, increase liquidity and enable a greater transfer speed of ownership.

STOs address a key issue that has surrounded blockchain and specifically cryptocurrency and Initial Coin Offering (ICO) projects over their inception, that being compliance. It’s no secret that up to 80 percent of ICO projects have turned out to be fraudulent or Ponzi schemes. The need for compliance and regulation to enter the crypto, or ‘alternative asset industry’, is needed now more than ever. STOs are legally required to adhere to rules and regulations in the jurisdictions in which they are issued. As each jurisdiction differs one from another, for example an accredited investor in the US is different to one in Europe, the question arises, what’s the framework to ensure compliance from a technology point of view?

To overcome these fundamental idiosyncrasies, Tokeny has created the T-REX, the token for regulated exchanges. There are three key pillars to these tokens, the identity management system, a set of validation certificates and the transfer manager. These three components essentially allow issuers to access a decentralised validator to control transfers and ensure investors meet the obligations in each jurisdiction the tokens are distributed in. Another key element to note is that the files are completely open source; that way Tokeny contributes to the ecosystem and ensures we are staying loyal to blockchain’s initial vision of, ‘one source of truth’.

Identity Management System


As mentioned previously, a security token offering is an issuance of a security, and is therefore subject to the exact same stringent governance. In particular, its distribution has to follow aspects related to KYC rules, therefore identity management is key to implement such compliance on the blockchain.

As the ownership of a security token is registered on the blockchain, we believe it is also necessary to track the token’s ownership in order to prohibit illicit transactions on the blockchain. To do this, in the T-REX, there is a link created between the wallet address and the identity to manage rights through a contract directly on the blockchain. Of course, we need to ensure the privacy of those identities to satisfy personal data related regulation, so we only store the validation certificates checked and issued by trusted parties (for example, KYC, government and legal entities).

Linking an investor’s wallet to this identity adds significant value to stakeholders in the security token market. There have been many stories of investors losing their keys and therefore their access to their wallets. By verifying that his on-chain identity fits with the off-chain identity (personal data), the issuer can burn the lost tokens and mint new tokens on the new wallet of the investor.

Set of validators

The ICO boom last year represented a clear advancement in innovation, and provided a new channel by which capital can flow more freely and from a much wider group of investors than has ever occurred before. These were performed using the ERC-20 token, tokens that are fungible, usually non-permissioned, that can be transferred easily on the Ethereum blockchain. Created by Fabian Vogelsteller, the ERC-20 includes a smart contract which defines and implements the basic characteristics of the token i.e. its name, symbol, total supply etc. However, identity checks were not required with ICOs, which has led to many scandalous offerings and a lot of people losing their money.

Enter the ERC-725 (Identity) and ERC-735 (Claim Manager) standards. These standards define a commonly accepted identity and claims management model for creating, maintaining and populating identities on the blockchain. Performing KYC and AML checks is a must for any project that intends to follow proper governance and comply with regulations. ICOs in the spirit of good practice) and even more STOs (by law) definitely need to implement strong KYC and AML procedures.

Using these standards, Tokeny has built features into our smart contracts to only allow interactions from well identified, reputable persons. The claims attached to an identity contract facilitate the emergence of a web of trust between token issuers, third party claim issuers and the party holding the identity contract itself. This revolutionises the slow and cumbersome validation checks we see today, and makes the process more efficient.

Transfer Manager

The transfer function of the smart contract essentially calls the validator to initiate checks on the identity of the receiver to ensure that his identity holds the necessary permissions, such as KYC, AML and sovereign identity checks, the identity in question is approved and the transfer of the tokens is validated and executed. If not, the transfer is rejected and an error message is displayed detailing the issue/s and the necessary steps to get the missing claims.


Related posts

Nesta Forms Coalition to Improve Job Prospects for Those Hit Hardest by COVID

Polly Jean Harrison

100k NHS Staff Have Real-Time Access to Earnings Through Allocate InstantPay

Polly Jean Harrison

IFS Pension Proposals Could ‘Impact Trust and Confidence’

Tom Bleach