Q&A: Mark Wetjen of DTCC on tokenisation of assets and how they should be regulated

By Tsering Namgyal

DTCC is the premier post-trade market infrastructure for the global financial services industry. Last month, the industry-owned body published a comprehensive white paper on crypto assets. Mark Wetjen, Head of Global Public Policy for DTCC, talks to Blockchain Asset Review on the hot topic of security tokens and how they should be regulated.

Q: How should security token platforms should be regulated? What is an example of an existing regulation that applies to security platforms?

A: Broadly speaking, existing regulations applicable to the post-trade processing of traditional securities should be applicable to tokenised securities. If a security token platform performs the same or equivalent function as an existing market infrastructure, the legal and other requirements applicable to that function should be the same.

However, given that security token platforms can be designed in varying ways (ex. utilizing permissionless or permissioned blockchain networks), existing regulations might not always neatly apply. In these cases, regulators might consider taking a functional approach and determine applicable legal and other requirements based on the functions a platform performs, and the risks it potentially poses.

Q: The challenges of custody and cybersecurity risks: How should parties to a trade be held accountable in case such risks materialise?
A: Security token platforms can be configured in a variety of ways – for example, a platform might involve a network where the issuance, trading, custody, and asset-servicing of the security tokens all take place. Alternatively, a configuration might include a separate system for the issuance, custody and asset servicing of security tokens.

Regardless of the configuration, platforms should ensure that cybersecurity and custody risk are adequately addressed to safeguard participants and the industry as a whole. This includes robust accounting practices, safekeeping procedures and internal controls that protect assets for which the platform is responsible.

As outlined in the paper, the PFMIs and cyber resilience guidance provided by CPMI-IOSCO offer paths by which to help identify the types of post-trade responsibilities that might be applicable to security token platforms. For example, platforms should be expected to identify sources of operational risk and mitigate the impact via policies, procedures, and controls and by using systems designed to ensure a high degree of security and reliability. Security token platforms should also consider business continuity plans that aim for quick recovery of operations and fulfilment of obligations. Transparency to platform users regarding the foregoing also is critical and must be ensured.

Q: Would the challenges of establishing settlement finality be a major impediment from the mainstream adoption of STOs (Security Token Offerings)?
A: Settlement finality is a critical concept and certainly presents a key consideration for security token platforms. For platforms utilizing a permissionless blockchain network – given it may likely use a consensus mechanism to determine the state of the distributed ledger – it is unclear when settlement can be considered operationally final due to the time it takes to reach consensus and confirm a transaction.

At a single point in time, the requisite number of nodes may not agree or an adequate number of blocks may not have confirmed a transaction. As a result, ensuring final operational settlement is challenging due to the difficulty of determining the point at which the transaction becomes final.

As suggested in the paper, depending on the specific blockchain, policymakers could provide guidance on the minimum number of blocks needed to confirm a transaction before a settlement is considered final.

Q: How can DTCC help the Security Token Offering industry?
A: For more than 40 years, DTCC has responsibly leveraged technology to drive innovation and mitigate risk and reduce cost for our clients. We continue to build on that legacy by advancing the use of innovative technology to enhance post-trade processing, while ensuring key policy objectives of risk mitigation, market safety, certainty, reliability and efficiency are maintained.

Q: Are Security Tokens – or by extension DLT – a hype or do you really see a sustainable future for this? Which sectors (real estate, for instance) would be the early movers in the STOs due to factors specific (such as lack of liquidity) to the industry that would benefit from tokenization?
A: Some of the new technological tools being considered today, including DLT, will impact the industry in different ways and impact how the global marketplace evolves over time. The industry needs to ensure that innovative technology is applied within an appropriate regulatory framework, according to standards and governance structures and encompassed by stringent cybersecurity measures.

Q: Most security token platforms say they would revolutionize the entire capital markets process. In other words, the investment banks, clearing houses, stock exchanges would all be rolled in one. What are your thoughts on this? Is this too good to be true?
A: It’s difficult to predict how the ecosystem will look many years from now. Oftentimes in the financial services sector, especially when involving institutional participants, revolutionary structural changes are harder to come by because of the policy framework that governs the sector, which usually does not change dramatically but rather tends to be additive.

The service of providing custody of assets is a good example. New technology might allow for multiple services or processes to take place on one platform, but the policy governing custody services is designed to prevent exclusive control of someone else’s assets, at least in some circumstances. Therefore, in financial services, these new tools will have more of an evolutionary effect, rather than a revolutionary one. But we at DTCC focus on which of these tools would help us deliver a resilient service, increase efficiencies for our customers, and maximise our ability to manage risk. If a new technology helps us deliver on these dimensions, DTCC will carefully consider it.

Leave a Reply