Contact

Blockchain

Tokenovate Response to HMT Consultation

Date: 22nd May 2025

Tokenovate Response to HMT Consultation on the Draft Financial Services and Markets Act 2000 (Regulated Activities and Miscellaneous Provisions) (Cryptoassets) Order 2025

Tokenovate welcomes the opportunity to respond to HM Treasury’s consultation on the draft Cryptoasset Statutory Instrument (the SI). As a UK-based start-up building digital financial infrastructure, Tokenovate focuses on enabling automated lifecycle and settlement processes for capital markets transactions, including via the use of tokenised representations of traditional assets. 

Our response draws upon practical experience designing and implementing settlement-token architectures that combine off-chain legal rights with on-chain logic execution.

We appreciate the government’s commitment to developing a technologically neutral regulatory framework. However, we wish to raise several points of concern specific to hybrid or “digital twin” tokenisation models i.e. implementations in which the token is not intended to be a separate item of property, but a transient register entry that references a conventional legal right.

Overview of Tokenovate Settlement Architecture

Tokenovate’s observations are informed by the practical realities of an operational, high-throughput delivery-versus-payment (DVP) platform that we have engineered in close collaboration with legal counsel, market specialists and technical engineers.

The “mint-transfer-burn” architecture described below is already implemented in code and calibrated to meet the legal requirements of title transfer, registry interaction and the post-trade controls expected by capital market participants. Its design has been shaped significantly by the legal frameworks developed by the UK Jurisdiction Taskforce, the Law Commission and the International Swaps and Derivatives Association – initiatives to which Tokenovate’s Chief Legal and Product Officer has contributed directly. Accordingly, our comments on the draft SI reflect applied technical experience and current market practice, rather than abstract theorising, and are offered to assist HM Treasury in framing provisions that operate coherently across legal, technological and operational dimensions.

Tokenovate’s platform facilitates delivery-versus-payment settlement for tokenised securities and cash in a strictly temporally limited manner:

  1. Mint: A counterparty (or its CSD member) instructs the platform to immobilise the underlying security in the relevant off-chain register. Simultaneously, the platform mints a matching on-chain output that points unambiguously to that immobilised asset.
  2. Settlement: The tokenised security and the corresponding payment leg move atomically in a single transaction set. An instruction is sent to the off-chain register, requesting that the transfer is made.
  3. Burn: Once the off-chain registrar confirms irrevocable credit to the buyer’s account, the on-chain record is irreversibly burned.

The token therefore never circulates independently of the immobilised asset; it exists solely to automate and evidence the DvP exchange. 

We believe that this “mint-transfer-burn” cycle supports both legal and operational certainty as it prevents the digital record from becoming a separate thing in action or distinct digital object that could create competing claims. Our implementation also underpins our comments below.

Definition of “Cryptoasset” and “Qualifying Cryptoasset”

We note that the SI proposes to maintain the following definition of “cryptoasset” as set out in FSMA (as amended by the Financial Services and Markets Act 2023):

“any cryptographically secured digital representation of value or contractual rights that— (a) can be transferred, stored or traded electronically, and (b) that uses technology supporting the recording or storage of data (which may include distributed ledger technology).”

We are concerned that this broad definition risks capturing implementation models where the token has no independent legal status. We strongly believe that digital twin tokens that merely evidence or reflect existing legal rights (without themselves conferring or constituting those rights) should not be treated as standalone regulated instruments.

Similarly, the proposed definition of a “qualifying cryptoasset” includes any cryptoasset that is described or marketed as “fungible” or “transferable”. 

The breadth of the proposed definitions risks bringing within scope tokens that, based on their underlying protocol characteristics,  are demonstrably non-fungible. For example, in our UTXO-based design(1), each output is uniquely identifiable and traceable. Indeed, its uniqueness is essential for auditability and legal certainty. Accordingly, the token itself lacks the interchangeability that gives rise to economic fungibility. What is fungible is the underlying cash or security recorded off-chain; the on-chain token merely evidences a momentary entitlement shift in the settlement workflow and cannot circulate independently of the asset it represents. Bringing such settlement-only tokens within the “qualifying cryptoasset” category would impose licensing and conduct obligations tailored to freely circulating bearer-style cryptoassets, adding regulatory cost without corresponding consumer-protection benefit.

We therefore recommend that HM Treasury consider:

  • Narrowing the “cryptoasset” definition to exclude tokens that are purely evidential in nature and do not purport to be distinct legal objects;
  • Providing clearer interpretive guidance on what “fungible” and “transferable” mean in the context of such tokens.

“Safeguarding” activity

The SI’s definition of “safeguarding” creates potential regulatory exposure for firms that do not perform traditional custody functions. In digital twin models such as ours, the platform itself does not hold or manage cryptoassets on behalf of clients in a custodial capacity. Rather, our infrastructure supports the execution of deterministic, run-time logic to facilitate delivery-versus-payment workflows. 

For example, automated orchestration agents within our platform may: (i) trigger atomic transfers between parties based on preset conditions; (ii) initiate the minting or burning of uniquely identifiable on-chain outputs that correspond to off-chain immobilised assets; and/or (iii) coordinate synchronisation with registrars or intermediaries to confirm finality of off-chain settlement before releasing control. This is all done in accordance with the underlying legal documentation (e.g. the ISDA CSA) and its functional implementation through the FINOS Common Domain Model (CDM).

In none of these cases does the platform retain discretionary control or ongoing possession of the token. The technical ability to trigger transfer via encoded logic (without meaningful key custody or asset management discretion) should not amount to “safeguarding” within the meaning of Article 9O. To include such infrastructure-layer activities risks overextending the perimeter to capture automated and time-limited functions that are materially distinct from custodial or safekeeping services. 

We therefore recommend that HM Treasury clarify that DLT infrastructure providers or workflow agents who operate shared logic layer platforms such as ours and/or automate pre-agreed token actions without acting on behalf of users in a fiduciary sense are not engaged in safeguarding for the purposes of the SI.

Temporary Settlement Exemption

Notwithstanding the above, we welcome the inclusion of a temporary settlement exemption. This reflects the realities of tokenisation systems where digital twins are minted and burned solely to facilitate off-chain settlement. However, we believe that the current drafting of Article 9R requires refinement.

In our “mint-settle-burn” model, the token is generated to represent control over a real-world asset for the purpose of settlement, and is automatically extinguished once settlement is complete. Indeed, the token has no utility outside of this narrowly defined function. We believe that it is reasonable to consider this to be a temporary settlement function.

However, the meaning of “temporary” requires clarification. In our model, the token can only be burned once off-chain settlement has been effectively confirmed. This process may require synchronisation across multiple intermediated systems. From an operational perspective, this can take time and, depending on the entities involved, may align with existing settlement cycles such as T+1 or T+2.  A more objective and operational definition of “temporary” (e.g. linked to industry settlement cycles or technical conditions) would provide considerable additional legal certainty.

Tokenovate supports the aim of creating a robust and future-proof framework for cryptoassets. However, care must be taken to ensure that innovative settlement architectures, such as digital twin tokenisation, are not inadvertently penalised or placed under disproportionate regulatory burdens due to definitional ambiguity or overbroad scoping.

We would welcome the opportunity to discuss these issues further.

Yours sincerely,

Ciarán McGonagle
Chief Legal & Product Officer
Tokenovate

(1) Footnote: In the Unspent Transaction Output model, each transaction consumes one or more existing outputs (UTXOs) and creates new outputs that can, in turn, be spent by future transactions. Each UTXO is a discrete, immutable object with a unique identifier, defined by the transaction hash and output index from which it originated. Unlike account-based models (e.g. Ethereum), where balances are stored as changing values linked to an address, the UTXO model tracks ownership through a series of individual transaction outputs, each of which is separate and unchangeable.