In response to growing interest and demand from the banking sector regarding the sale of tokenized assets and the provision of virtual asset custody services, the Hong Kong Monetary Authority (HKMA) released two key guidance documents on February 20. These documents establish clear regulatory expectations to support continued innovation while ensuring appropriate consumer and investor protection.
Understanding Tokenized Asset Sales
The HKMA’s guidance on the sale of tokenized products applies to real-world assets tokenized using distributed ledger technology (DLT). This includes structured products not regulated under the Securities and Futures Ordinance, such as tokenized deposits, structured deposits, and spot precious metals.
The framework emphasizes three core aspects:
1. Comprehensive Due Diligence
Banks must conduct thorough due diligence on the tokenized product, its issuer, and service providers involved in the tokenization arrangement. Key review areas include:
- Technology audit arrangements, especially smart contract audits
- Private key management mechanisms
- Theft prevention measures
- Robustness of the DLT network
- Legal and regulatory status of the tokenized product
2. Transparent Risk Disclosure
Firms must provide clients with sufficient product information and risk disclosure. This includes clear communication of key terms, features, and risks associated with tokenized products to enable informed decision-making.
3. Robust Risk Management Systems
Banks should implement effective risk management frameworks covering:
- Risk management policies and procedures
- Internal controls
- Complaint handling mechanisms
- Compliance and internal audit functions
- Business continuity planning
Additionally, if banks also provide custody services for these tokenized products, they must adhere to the HKMA’s standards for virtual asset custody.
Virtual Asset Custody Standards
The HKMA’s separate guidance on virtual asset custody services covers digital assets including virtual assets, tokenized securities (such as cryptocurrency spot ETFs), and other tokenized assets. The framework addresses governance, risk management, and client asset protection.
Core Custody Principles
Client Asset Segregation
Banks must hold client virtual assets separately from their own assets. This ensures that in the event of insolvency or resolution proceedings, client assets remain protected from creditor claims.
Restrictions on Asset Use
Custodians are prohibited from transferring client virtual assets or using them in any manner for lending, staking, or re-staking activities unless justified by exceptional circumstances.
Cold Storage Requirements
The guidance mandates that 98% of client virtual assets must be stored in offline storage, commonly known as "cold wallet" storage. This significantly reduces exposure to online security threats.
Insurance and Compensation Arrangements
Banks must maintain appropriate insurance or compensation arrangements to cover potential losses of client virtual assets, providing an additional layer of protection for investors.
Implementation and Industry Impact
These guidelines represent Hong Kong's continued commitment to establishing itself as a regulated virtual asset hub. By providing clear regulatory expectations, the HKMA aims to:
- Encourage responsible innovation in digital assets
- Enhance consumer confidence in tokenized products
- Establish international standards for asset tokenization and custody
- Create a sustainable framework for digital asset development
Financial institutions looking to explore these emerging opportunities should carefully review the full guidance documents and ensure their compliance frameworks address all specified requirements.
👉 Explore custody security frameworks
Frequently Asked Questions
What are tokenized assets?
Tokenized assets are real-world assets represented digitally on a blockchain or distributed ledger. They can include financial instruments, commodities, or other valuables that benefit from the transparency and efficiency of blockchain technology.
How do cold wallets enhance security?
Cold wallets store private keys offline, making them inaccessible to online hackers. This significantly reduces the risk of unauthorized access compared to hot wallets connected to the internet.
What constitutes adequate risk disclosure?
Adequate disclosure includes clear explanations of the technology risks, market volatility, regulatory uncertainties, and specific features of the tokenized product that may affect its value or functionality.
Why is asset segregation important?
Asset segregation ensures that client assets remain separate from the institution's assets. This protects clients in case of institutional insolvency and prevents the misuse of client funds.
How do these guidelines affect existing services?
Banks and financial institutions already offering these services must review their current practices against the new standards and implement any necessary changes to achieve full compliance.
What types of insurance are acceptable?
Acceptable insurance includes policies that specifically cover virtual asset losses through theft, hacking, or operational failures. The coverage should be substantial enough to protect against potential significant losses.
Disclaimer: This article provides market information for educational purposes only. All content and viewpoints are for reference and do not constitute investment advice. Investors should make independent decisions and understand that authors assume no responsibility for direct or indirect losses resulting from investment activities.