FINMA Circular For ICO's and Token Transfer Law- What does it mean?

On Friday February16th, FINMA produced guidelines intended to give clarity on some of the major issues around ICO’s and token transfer.

We welcome the approach that FINMA has taken in publishing some of the first ICO guideline globally. This shows great initiative and engagement with the fast-growing Swiss community of blockchain companies!

One of the first points that FINMA emphasizes is the importance of defining and documenting clearly the terms and conditions for an ICO. In particular, all tokens classified as “securities” — especially those that look like “equities” or “bonds” — will have to adhere to SESTA standards of reporting. This applies to anyone issuing such a token in return for a cryptocurrency or fiat of some sort. This should hopefully already be clear to most market participants — but if it’s not, hopefully it is now!

Another interesting observation was FINMA hinted that it is currently mostly concerned with ICO’s taking place in the future. FINMA no doubt must be swamped with requests from ICO’s, so dealing with what they have on the table now is probably a first priority:

“ICO’s which have already taken place will only be assessed in the context of investigations into potentially unlicensed activities. The same applies to submissions made to FINMA solely for information.”

Finally, FINMA established four main categories of tokens. The next part of this blog attempts to summarize these categories and classifications to the best of our understanding after which we will then look at the potential implications and question that still remain. It should be emphasized that there remain uncertainties and ambiguities, as far as we can tell, and we hope they will be clarified in the coming weeks and months. However, as a first step the guidance is useful in that it does nevertheless provide more clarity than had hitherto existed. The four categories and classifications appear to be as follows:

1) PAYMENT TOKENS (cryptocurrencies) — intended to be used now (or in future) as a means of payment for acquiring goods or services as a means of money or value transfer. Bitcoin and Ether are listed examples here.

Classification: FINMA clearly took the view that they do not see payment tokens as security tokens. This is consistent with how FINMA has treated Bitcoin and Ether in the past. FINMA also mentioned that whilst this was the current assessment, new case law or legislation could revise their view on this at a later date.

2) UTILITY TOKENS — intended to provide access digitally to an application or service by means of a blockchain infrastructure.

Classification: Utility tokens will not be treated as securities if their sole purpose is to confer digital access rights to an application or service and if the utility token can actually be used in this way at the point of issue.

In these cases, the underlying function to grant the access rights and a connection to capital markets (a typical feature of securities) is missing.

IMPORTANT: If a utility token additionally has an investment purpose at the point of issue, FINMA will treat such tokens as securities.

3) ASSET TOKENS — represent a tokenized asset in the traditional sense (ie. a security) such as a debt or equity claim on the issuer. Asset tokens promise for example a share in future company earning, capital flows etc. Asset tokens which are backed by any physical assets also fall into this category.

Classification: Such tokens are Securities within the meaning of Art.2 let b FMIA.

4) PRE FINANCING or PRE SALE TOKENS: Promise to receive some kind of tokens or right to acquire tokens at a future date.

Classification: Such tokens are also Securities, and presumably therefore also fall within the meaning of Art.2 let b FMIA although this is not specified explicitly.

These classifications are not mutually exclusive and could result as classification into a hybrid token.

Whilst the classifications are fairly clear, there is some degree of confusion which remains. We will touch on that towards the end of this blog. But first, let’s look at the legal implications.


Well, if FINMA defines your token within the “securities” category in Switzerland — the token and its issuer will then fall under securities regulation — in particular they refer to SESTA :

Taking a look at SESTA, the main purpose of this appears to be giving transparency and equality to investors:

It seems to me that this would mainly apply when accepting cryptocurrencies (or fiat money) in exchange for tokens being issued, ie, in the form of ICO’s going forward. However, these rules were defined for securities that look like securities and bonds.

Until now, the book-entry of self-issued uncertificated securities (presumably payment, utility and asset tokens as we understand these to be un-certified in a sense) is essentially unregulated. The same applies to the public offering of securities to third parties. We were not sure if and how this was relevant to ICO participants.

FINMA also made a statement which appeared to be mostly applicable to crypto exchanges (presumably, unless companies are issuing derivatives in their own or other tokens).

They state that the creation, issuance, underwriting and offering of derivative products as defined by FMIA to the public on the primary market is regulated as per Art 3 para 2& 3 Stock Exchange Ordinance SESTO.

Finally, they stated that the issuing of tokens that are “security tokens” (in particular those that look like, but not necessarily limited to equities or bonds) can result in prospectus requirements under the Swiss Code of Obligations. This is not FINMA territory but refer to FinSA Art 37 Draft FinSA(Art 37 Draft FinSA) which will soon become part of supervisory law.

Classification as deposits

If you have not made any claims with regards to issuing tokens (ie that when you issue a token you get some kind of repayment back), you should not be subject to Banking Act and deposit law.

Applicability of Collective Investment Scheme Act

If you have made no claims to hold custody of and manage assets (including tokens) on behalf of third parties (eg. as an investment fund for example), you should not fall under the Collective Investment Scheme Act.

Applicability of Anti Money Laundering Act

It was made quite clear in the guidelines that securities, payment tokens AND financial service related utility tokens are all subject to Anti-money laundering act. This is probably the single most important statement from the guidelines.

“Anyone who provides payment services or who issues or manages a means of payment is a financial intermediary subject to the AMLA (Art 2 para 3 let b AMLA)”

FINMA also stated that the issuance of payment tokens constitutes the issuing of a means of payment, subject to today’s guidelines. The definition of this had previously been a grey area.

In the case of utility tokens, there is a bit more room — anti-money laundering regulation is not applicable:

as long as the main reason for issuing the tokens is to provide access rights to a non-financial application of blockchain technology (Art 2 para 2 let a no3 AMLO).

This assessment was un-deniably disappointing and restrictive since the majority of blockchain applications are indeed for financial applications of the technology with a low likelihood of being used to launder money through the access rights. However, it remains to be seen if this will be decided on a case by case basis.

Under FINMA guidelines of Feb 16th, it was made very clear that the exchange of a cryptocurrency for fiat money or a different cryptocurrency falls under Art 2 par 3 AMLA. The same applies to the offering of services to transfer tokens if the service provider maintains the private key (custody wallet provider)

So lastly, What are the implications of falling under the AMLA?

Anti-money laundering regulation gives rise to a large range of due diligence requirements including the requirement to establish the identity of the beneficial owner and the obligation. In some cases, it will require an official affiliation to a self-regulatory organisation (SRO) to be subject directly to FINMA supervision.

Financial intermediaries are required to adhere to the AMLA and defined under Art 2 para 3 of the AMLA Act as persons who on a professional basis accept or hold on deposit assets belonging to others or who assist in the investment or transfer of such assets.

In addition to these, FINMA made it clear that the exchange of a cryptocurrency for fiat money (or another cryptocurrency) falls under Art 2 para 3 AMLA. The same also applies to the offering of services to transfer tokens, if the service provider maintains the private key (custody wallet provider).

These requirements can be fulfilled by having the funds accepted via a financial intermediary who is already subject to the AMLA in Switzerland and who exercises on behalf of the organizer the corresponding due diligence requirements.


1.By today’s guidance most ICO’s or tokens that were issued before today would be classified as “securities” because they are “pre-financed” or “pre-sold” before a technology is complete. FINMA distinguished that ICOs which issue tradable CLAIMS on future tokens via presale, would be classified as securities. The tokens themselves, when they get issued at a later point could then become Utility or Payment tokens but this was not made very clear in the statement.

2. It was a bit of a shame to see utility tokens being treated differently for financial systems than for non-financial systems with respect to the AML Act. This seems a bit restrictive, especially when one of the biggest applications in blockchain is specifically for financial applications. Is this final or perhaps to be considered on a case by case basis we wonder?

3. In section 3.3, FINMA talks about legal implications for securities and makes reference to SESTA and FMIA in the context of those implications. While this makes sense for those pure securities, in the sense of those that look like “equities” and “bonds” or give the holder some share in an “underlying asset”, it is not clear how it should be treated for “pre-financing/ pre-sale” security tokens. In other words, what are the reporting requirements (if any) on tokens which are one day intended to be “utility” or “payment” tokens, but by today’s FINMA definition are classified as “security tokens”?

5. Section 3.6 — A crucial element of the guidelines was the FINMA introduction of a new kind of financial intermediary. As per the AML Act Art 2 para 3 of the AMLA, a financial intermediary is defined as follows:

Financial intermediaries are defined as persons who on a professional basis accept or hold on deposit assets belonging to others or who assist in the investment or transfer of such assets; they include in particular persons who:

…. b. provide services related to payment transactions, in particular by carrying out electronic transfers on behalf of other persons, or who issue or manage means of payment such as credit cards and travelers’ cheques;

However, as per the FINMA guidelines — a clear statement was made to contrast this definition:

The objective of the Anti-Money Laundering Act (AMLA) is to protect the financial system from money laundering and the financing of terrorism. Anyone who provides payment services or who issues or manages a means of payment is a financial intermediary subject to the AMLA (Art. 2 para. 3 let. b AMLA). The issuing of payment tokens constitutes the issuing of a means of payment subject to this regulation as long as the tokens can be transferred technically on a blockchain infrastructure. This may be the case at the time of the ICO or only at a later date. 7/11 In the case of utility tokens, anti-money laundering regulation is not applicable as long as the main reason for issuing the tokens is to provide access rights to a non-financial application of blockchain technology (see Art. 2 para. 2 let. a no. 3 AMLO, FINMA Circ. 11/1 “Financial intermediation under AMLA” margin no. 13 et seq.).

If understood correctly, this statement implied that anyone who invests or transfers tokens is considered a financial intermediary, whilst the legal definition suggests that anyone who invests or transfers tokens “on behalf of others” is a financial intermediary and thus subject to AML Act. This is a pretty big difference vs the official legal definition.

Consider the following example: a company has issued tokens and wants to distribute them for free in exchange for testing, competitions, increasing a network effect, etc. How should this be treated? In a world of “air-dropping” tokens to enhance important “network effects” which very much rely on the success of these technologies, is the AMLA Act really necessary when giving tokens out as a gift or with respect to a service if no cryptocurrency or fiat money is accepted in return? In our opinion the law is pretty clear it is applicable to those payment systems that “transfer on behalf of others”. However, more conservative legal firms have argued its important to create a paper trail regardless of whether you are acting on behalf of someone else or not. We would say that this is an unnecessary burden on innovation because at the point where you come to “sell” this token for a fiat currency, your paper trail is recorded anyhow by existing AMLA law — why the need to duplicate it?

Some have argued that there is a need to create a “paper trail” regardless of whether you are acting on behalf of someone else or not. We would say that this is an unnecessary burden on innovation because at the point where you come to “sell” this token for a fiat currency, your paper trail is recorded anyhow by AMLA law. Why duplicate it when you are not even accepting something in return for the token? Furthermore, we are seeing more relaxed thinking about this from Wyoming which just passed a 60–1 bill on utility tokens exempting them from the money transmittor act and France also recently took steps to begin trading unlisted securities using blockchain technology.

8. Understanding the real definition of a financial intermediary is incredibly important. We can’t stress this enough. The reason being, if all blockchain companies “are” financial intermediaries, section 3.7 of the guidelines reminds us that they are required by law either to affiliate to a self-regulatory organisation (SRO) or to be subject directly to FINMA supervision. This is a pretty big deal — having personally called a couple of SRO’s since Friday to discuss, they do not seem aware OR ready to accomodate for blockchain companies. The FINMA backlog already appears to be very large at the moment. How do we deal with this requirement? And is it even a necessary requirement?

9. Lastly, AMLA law is understandable but unnecessarily cumbersome and complex in the world of blockchain, a bleeding edge technology. If you look at the requirements under Art 2 para 3, they may benefit from modernization with technology too or risk slowing down the majority of market participants substantially in Switzerland. Perhaps a proposal on how to advance through an SRO using digital identification techniques would be useful.

Author: Mona El Isa