190409G HYU Alert – SFC Statement On STO



The Securities and Futures Commission of Hong Kong (the “SFC”) issued a Statement on Security Token Offerings on 28 March 20191 (the “Statement”) in relation to the legal and regulatory requirements applicable to parties engaging in security token offerings (“STOs”), which involve Security Tokens and are typically structured to have features of traditional securities offerings. This Statement is particularly interesting and timely as it confirms SFC’s approach towards STOs when STOs are currently attracting a great deal of interests in the market in Hong Kong and other jurisdictions in Asia.

Nature of Security Tokens. “Security Tokens”, as observed by the SFC, are normally digital representations of ownership of assets (e.g. gold or real estate) or economic rights (e.g. a share of profits or revenue) utilizing blockchain technology.2 The SFC considers that Security Tokens are likely to be “securities”3 as defined under the Securities and Futures Ordinance (the “SFO”) and as such subject to the securities laws of Hong Kong. The definition of “securitiesunder the SFO includes but not limited to shares, debentures and interests in a collective investment scheme.4

Distribution of Security Tokens being Type 1 regulated activity in HK. On the basis that Security Tokens are “securities”, any person or intermediary who markets and distributes Security Tokens in Hong Kong (or targeting Hong Kong investors) is required to be licensed or registered for Type 1 regulated activities (dealing in securities) under the SFO (the “Intermediary”) unless an applicable exemption applies.

Certain key compliance issues. Intermediaries being involved in STOs are reminded to comply with all existing legal and regulatory requirements in Hong Kong, in particular:

(i) Professional Investors only. Under the current market, Security Tokens are normally offered to professional investors only. The Statement confirms that Type 1 Intermediaries should only target clients who are professional investors as defined under the SFO5 for the offering of Security Tokens.

(ii) Suitability obligations. When the Intermediary makes recommendation or solicitation of a Security Token, it shall ensure the suitability of its recommendation or

1 Statement on Security Token Offerings – https://www.sfc.hk/web/EN/news-and-announcements/policy- statements-and-announcements/statement-on-security-token-offerings.html. 2 “Security Tokens” is also a sub-category of “virtual assets” as referred to in the Circular to Intermediaries – Distribution of Virtual Asset Funds (1 November 2018) . 3 See Section 1 of Part 1 of Schedule 1 to the SFO. 4 Ibid. 5 Ibid.




solicitation for that client6 is reasonable in all the circumstances having regard to information about the client of which the Intermediary is or should be aware through the exercise of due diligence.7 The Intermediary should (i) know their client; (ii) understand the investment products they recommend to clients (product due diligence); (iii) provide reasonably suitable recommendations by matching the risk return profile of each investment product with the personal circumstances of each client to whom it is recommended; (iv) provide all relevant material information to clients and help them make informed investment decisions; (v) employ competent staff and provide appropriate training; and (vi) document and retain the reasons for each investment recommendation made to each client. 8 This involves the Intermediary making an assessment of a client’s risk tolerance level, including understanding the financial background, investment objective and investment experience of the client. The Intermediary should assess whether the client has knowledge of investing in Security Tokens or related products prior to effecting the transaction on his behalf as part of the know-your-client procedure.9

(iii) Complex products. The SFC considers that Security Token would be regarded as “complex product”, which is defined as “an investment product whose, terms, features and risks are not reasonably likely to be understood by a retail investor because of its complex structure”.10 To determine whether an investment product is complex or not, the Intermediary would be required to consider, including but not limited to, whether a secondary market is available for the investment product at publicly available prices and whether any features or terms of the investment product might render the investment illiquid and/or difficult to value. If the Intermediary comes to the conclusion that any Security Token it intends to distribute is a “complex product”, it should adopt additional investor protection measures to better protect clients’ interests by ensuring that clients are well informed about the key nature, risks and features of such Security Token and such Security Token is suitable for them.11

(iv) Product due diligence. Intermediaries distributing Security Tokens should conduct

6 Save for (i) institutional professional investors and (ii) corporate professional investors provided certain conditions are fulfilled. 7 See paragraph 5.2 Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission (the “Code of Conduct”). 8 See Frequently Asked Questions on Compliance with Suitability Obligations by Licensed or Registered Persons 9 On the assumption that the same principle for distributing virtual asset funds also applies here, if the clients do not possess such knowledge, Intermediaries may only proceed to effect the transaction if, by so doing, they would be acting in the best interests of the clients: see Circular to Intermediaries – Distribution of Virtual Asset Funds (1 November 2018). 10 See paragraph 5.5 of the Code of Conduct (to be effective in July 2019) and paragraph 6.1 of the Guidelines on Online Distribution and Advisory Platforms (July 2019). See also the Consultation Conclusions on Offline Requirements Applicable to Complex Products (October 2018). 11 See paragraph 6.7 of the Guidelines on Online Distribution and Advisory Platforms (July 2019) and paragraph 16 of the Consultation Conclusions on Offline Requirements Applicable to Complex Products (October 2018)




proper due diligence for the purpose of developing an in-depth understanding of the STOs and also ascertaining the risk return profile of such STOs. Examples include, but not limited to, (i) understanding how the Security Tokens work, the nature of the underlying investments, the level of risks, the relative performance and liquidity of the Security Tokens, the lock-in periods, the termination conditions, valuation and unit pricing and safe custody arrangement; (ii) understanding the background and financial soundness of the management, development team and issuer; (iii) verifying the existence of and rights attached to the assets which back the relevant Security Tokens; (iv) scrutinizing all materials relevant to STOs including published information such as the whitepaper and any relevant marketing materials; and (v) making own enquiries and obtain full explanations from the issuers of the Security Tokens about the risks inherent in the Security Tokens. Intermediaries should ensure that product due diligence is conducted on a continuous basis at appropriate intervals having regard to the nature, features and risks of the Security Tokens.

(v) Information for clients. In order to help clients make informed investment decisions,

Intermediaries should make clear and adequate disclosure of the material information relating to the STOs in an easily comprehensible manner in order to help clients making informed investment decision, including but not limited to providing clients with access to up-to-date STO offering documents and other information, providing clients with material information as soon as reasonably practicable to enable clients to appraise the position of their investments, etc.12 Intermediaries should also provide prominent and clear warning statements to clients prior to and reasonably proximate to the point of sale or advice covering, among other things, (a) continuing evolution of virtual assets and how this may be affected by global regulatory developments; (b) price volatility; (c) potential price manipulation; (d) lack of secondary markets; (e) counterparty risk when effecting transactions with issuers, private buyers/sellers or through exchanges or trading platforms; (f) risk of loss of virtual assets, especially if held in “hot wallets”13; and (g) cybersecurity and technology-related risks. 14 The Intermediaries are reminded to ensure all information given to their clients is accurate and not misleading.

Should there be any failure to comply with the legal and regulatory requirements during the distribution of STOs, the fitness and properness15 of the Intermediary may be affected and SFC disciplinary action may follow.

12 See CP2 of the Guidelines on Online Distribution and Advisory Platforms (July 2019). 13 “Hot wallet” refers to the wallet used for holding virtual assets in an online environment which provides an interface with the internet, which is more susceptible to cyber-attacks. 14 On the assumption that paragraph C4 of the Circular to Intermediaries – Distribution of Virtual Asset Funds would be followed. 15 Section 129(1) of the SFO sets out a number of factors that the SFC shall have regard to in assessing a person’s fitness and properness, which include his: (a) financial status or solvency; (b) educational or other qualifications




Notification to SFC. Intermediaries are reminded to discuss with the SFC prior to their engagement in any activities relating to STOs in compliance with the Circular to Intermediaries on compliance with Notification Requirements dated 1 June 2018, pursuant to which the SFC has confirmed its view that any service involving trading of crypto-assets would be considered as a significant change in the nature of business of the Intermediary and would be subject to the notification requirements under the Securities and Futures (Licensing and Registration) (Information) Rules (the “Information Rules”). A person who, without reasonable excuse, fails to report an event as required under the Information Rules commits an offence and is liable to a fine under section 135(7) of the SFO.

The SFC has timely issued the Statement at the initial phase of development of the global STO market, which lays the important regulatory foundation for the development of local STO industry in Hong Kong. It provides clear guidelines for the Intermediaries who wish to provide trading or advisory services for Security Tokens. Since the publication of the Statement, we have noticed a significant interest amongst the existing Type 1 Intermediaries and have received enquiries to make notification to the SFC so that they could start distributing STOs and tapping into the new and booming virtual asset market in the region.

Should you have any queries, please do not hesitate to reach out to a member of us to discuss further at hyu@lylawoffice.com or at +852 2115 9525.


Disclaimer: The information provided in this article is not intended to be, nor does it constitute, legal advice and is not a substitute for obtaining proper legal advice in respect of any specific issue.

or experience having regard to the nature of the functions to be performed; (c) ability to carry on the regulated activity competently, honestly and fairly; and (d) reputation, character, reliability and financial integrity. For further details, please refer to the Fit and Proper Guidelines (October 2013).