This blog summarises the potential benefits and pitfalls of security tokens and is part of our wider blog on crypto assets. For an audio introduction to this topic, please listen to episode 1 of our Tech in Two Minutes podcast.
What are security tokens?
Security tokens are a digital representation of ownership rights in real world assets (such as property or shares) and have captured the curiosity of entrepreneurs, startups and investors.
Key concepts of security tokens
The creation and exchange of security tokens is underpinned by blockchain technology and smart contracts i.e. software algorithms which programme a token’s functionality and features. The creation of security tokens takes place by a process known as “tokenisation” whereby an asset is fractionalised into digital units that are issued onto a blockchain, such as Ethereum. The data of each online transaction is tracked and stored in blocks linked to each other chronologically on a chain verified by autonomous third parties called ‘miners’. This string of independently verified transactions forms the blockchain. The phrase ‘STO’ or ‘Security Token Offering’ is used to describe the issue of security tokens to individuals, which is recorded on the blockchain.
Potential benefits of security tokens
Opening investment opportunities to the wider public
The emergence of security tokens could significantly increase the successful use of online crowdfunding to raise capital. Issuers of tokens can potentially reach a global audience of interested retail (consumer) investors, rather than being restricted to the more traditional offline sources of funding from sophisticated investors, such as angels and venture capitalists, as well as debt financing from banks. In addition, buying a security token gives the investor a share in the ownership of an asset which in many cases would be too expensive to buy entirely, for example property.
Unlocking liquidity
Tokenising typically illiquid assets unlocks liquidity in them, given the ability to easily buy and sell tokens at any time via the use of blockchain technology. In the real estate sector, an initial investor in a property development project would typically have his funds locked-up until the construction is completed and the properties sold to willing buyers, thereby generating a return on investment. Tokenisation of a development project allows interests in the project to be easily bought and sold at any time, thereby giving investors liquidity they previously wouldn’t have enjoyed.
Cost, speed and transparency
Payments such as rental income from a property are distributed to token holders using blockchain. This means there are no banking intermediaries to charge processing fees and the visibility inherent in the peer-to-peer system of verification means that the history of all past transactions can be seen by investors. Certain aspects of the exchange process are automated by smart contract technology which means payments can be made more quickly.
Pitfalls of security tokens
Regulatory compliance
According to recent guidance from the Financial Conduct Authority (the “FCA”), in the UK tokenised shares and debt instruments are treated as a form of ‘specified investment’ (given the specific investment rights granted to holders) and are therefore potentially regulated in accordance with the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001. Businesses proposing to issue tokenised shares and debt instruments need to ascertain whether they fall within the FCA perimeter and, if so, ensure that they comply with all relevant rules and requirements. By way of example, offering tokenised shares to the general public is likely to result in the need for the issuer to produce an FCA-approved prospectus setting out important details relating to the issuer and the tokens so that potential investors can understand the risk profile of the investment. Many startups will, of course, struggle to meet the time and cost demands which are necessary to overcome regulatory hurdles of this nature.
Administrative complexities
Assets which are tokenised may be subject to administrative obligations which do not fall away as a result of tokenisation. By way of example, tokenising shares will still require issuers to draft bespoke articles of association governing the rights and obligations to which shareholders are subject, as well as the tokenisation process and those articles will still need to be filed at Companies House. In addition, despite the record on the blockchain, the issuer will still need to regularly file its yearly confirmation statement at Companies House setting out the register of shareholders at that point in time.
Diluted responsibilities
If tokenisation is successful, an asset will have multiple owners and a healthy secondary market will mean the identity of such owners will be changing on a regular basis. This, of course, creates the risk that responsibility for any necessary governance of the asset could be overlooked by the crowd. This is particularly important for tangible assets, such as real estate, given that important matters such as maintenance and rent collection need to be managed, irrespective of the tokens consistently changing hands. As a result, certain tokenised assets are likely to be owned by companies incorporated solely for the purpose of holding them (‘SPVs’) so that their boards are responsible for management of the asset. Shares in the SPV could then be tokenised or tokens could be issued by the SPV which provide recipients with rights to income or capital arising from exploitation of the asset. However, each of these structures could result in the need for the issuer to comply with regulatory requirements such as those referred to above.
The culmination of emergent technology, a reputation for volatility and a lack of confidence in crypto assets mean that security tokens are not a typical part of the business model in most UK companies. That said, interest from entrepreneurs and investors keen to explore unprecedented opportunities to unlock value in otherwise illiquid assets presently remains intact. Momentum is also likely to gather as more startups tokenise their assets to raise capital.
If you are looking to generate business capital by tokenisation or if you are interested in investing in crypto assets, please do get in touch with our Corporate and Commercial team.

Corporate and Commercial Law Team
Latest blogs and news
Three Cautionary Tales for UK Tech Companies
In tech, the law often arrives after something has gone wrong. Here are three cautionary tales* and the lessons every founder, CTO and in-house counsel should take away.
Top five takeaways from the Data (Use and Access) Act 2025
The Data (Use and Access) Act 2025 (the “DUAA”), which received Royal Assent on 19 June 2025, introduces targeted reforms to the UK data protection legal framework — particularly the UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (“PECR”).
A game changer for data processors? The ICO issues a significant fine against a processor
The recent cyberattacks on major UK retailers have put cybersecurity back in the spotlight. But a more significant development for data protection practitioners has been flying under the radar: the Information Commissioner’s Office (ICO) has issued a notable fine directly against a data processor for breaching UK GDPR security obligations - an important shift in enforcement focus.
Key takeaways: What recent consumer law reforms mean for service providers
On 6 April 2025, the first wave of consumer protection provisions under the Digital Markets, Competition and Consumers Act 2024 (“DMCC Act”) came into force, marking the most significant overhaul of UK consumer protection law in over a decade.
Boosting cybersecurity: New Software Security Code of Practice for software vendors
In the wake of recent high-profile cyber-attacks on major retailers like Marks & Spencer and Co-op, the UK government has launched a new voluntary Code of Practice for software vendors at its flagship cyber security event, CyberUK 2025. This initiative sets a dynamic baseline for software security and resilience, aiming to help prevent such breaches in the future.
Ofcom’s new draft guidance for ‘a safer life online for women and girls’ as part of its OSA consultation process
The Office of Communications, commonly known as ‘Ofcom’ (the regulator for communication services) is calling on tech firms to make ‘the online world safer for women and girls’.
Reflections from an Exclusive Roundtable at The Ivy: Top 10 Takeaways on AI Regulation
Last week, I had the pleasure of hosting an insightful roundtable dinner at The Ivy in Covent Garden, London, bringing together thought leaders, industry experts, and business owners to discuss one of the most pressing topics of our time - AI regulation. Co-hosted by the brilliant Fred Becker, CAO of Unlikely AI, the conversation was rich with diverse perspectives, practical concerns and strategic insights.
EU Data Act: Are your SaaS contracts ready for September?
The EU Data Act is set to reshape the data landscape, and while its full impact will unfold over time, some key provisions are coming into effect this September that SaaS providers need to be aware of now. Specifically, we're talking about the rules around data switching, and how they'll likely require you to update your standard terms and existing customer agreements.
The UK-US Data Bridge: A Shift in Transatlantic Data Sharing
On 12 October 2023, the UK-US Data Bridge (the “Data Bridge”) came into force, transforming the way both nations handle the flow of information across their borders. In this blog we explore the position before and after the introduction of the Data Bridge, looking at the key implications, benefits and challenges associated with the transatlantic data-sharing initiative.
Is your online business caught by the Online Safety Act?
The Online Safety Bill recently received Royal Assent and became law in October this year (the “Act”), at which point the Office of Communications (“Ofcom”) was granted broad powers to regulate online service providers. Essential detail concerning the legislative framework within the Act will be disclosed in the course of consultation and stakeholder engagement concerning the secondary legislation, codes of practice and guidance which will underpin the Act.
SVB’s rescue is an unexpected credibility boost for the UK Science and Technology Framework
The rescue of SVB showed that the UK government not only acted decisively in relation to a critical sector for the UK economy, but in the process showed that its newest policy Framework can involve meaningful action as well as words
Software support helpdesk services – key contracting principles
In our recent blog, we explored why a Framework Agreement structure is typically the most appropriate customer contracting model for IT managed services providers (“MSPs”) and IT consultancies which offer a diverse product and service offering. Whilst our initial blog focussed on the purpose and terms of the Framework Agreement itself, that document is merely the starting point, given that a Work Order is also needed to document specific terms relating to each product or service offered by an MSP or IT consultancy. A typical service offering is a dedicated software support helpdesk, usually provided to support each of the software products offered by the MSP or IT consultancy to its customers. This blog considers a handful of the key issues to bear in mind when documenting the terms of a Work Order relating to the supply of a software support helpdesk service.
Framework Agreements: the customer contract model for technology service providers
Many businesses lack comprehensive in-house IT expertise and resources to fully implement and manage all of their IT infrastructure requirements. IT managed services providers (“MSPs”) and IT consultancies plug the gaps by typically offering a diverse range of IT services and products to lighten the burden on their customers’ in-house IT teams (or to even remove the need to have an in-house IT team).
Data: A New Direction - Unleashing the transformational power AI?
In this blog series, we will review the key proposals for reform of data protection law within the Government’s consultation paper ‘Data: A New Direction’. We will consider how far the Government will stray from the current path and signpost some potential pitfalls and practicalities for consideration along the way.
The new cookie conundrum
Potential reforms to UK data privacy laws will change the way that cookies work on websites - businesses need to prepare now.
Lifecycle of a tech startup series: Preparing to raise investment
In the last instalment we talked about the ways in which the founders of KNow Wear Limited could protect the intellectual property in their business. Since then, the business has been progressing well and our founders have been working on developing a prototype.
Lifecycle of a tech startup series: Intellectual Property
In our last instalment our founders, Sarah and Chris, considered the basics in establishing their tech startup and they incorporated a company under the registered name ‘KNow Wear Limited’.
How the tech sector can make the most of the UK’s new immigration rules
Many companies in the tech sector will be aware of the new immigration system and Skilled Worker category opening in a couple of weeks on 1 December. For those companies without a sponsor licence, they will need to apply for one in order to recruit both non-EU and EU citizens. EU citizens resident in the UK before 11pm on 31 December 2020 can apply to the EU Settlement Scheme.
Lifecycle of a tech startup series: The basics
Welcome back to the blog series covering the lifecycle of a tech startup, from a legal perspective.
Lifecycle of a tech startup series: Case study
Alex (tech), Andy (tech), Emer (investments) and I (investments) work alongside startups and founders day to day and thought it might to helpful to some of you out there to bring together our expertise on the legal issues that tend to arise and how we deal with them.
You may also be interested in:
We welcome views and opinions about the issues raised in this blog. Should you require specific advice in relation to personal circumstances, please use the form on the contact page.
Crypto asset insights:
Blog
Cryptocurrencies - tread carefully before trading
Josephine Burnett
Blog
Doing well in the crypto-currency market? Make sure you don’t die rich!
James Ward
Share insightLinkedIn X Facebook Email to a friend Print