A Path to Secondary Trading of Your Security Token

By: Rika Khurdayan, Gleb Zaslavsky and Max Dilendorf
May 25, 2019

Special thanks to OpenFinance Network and Securitize for their insights and comments on this article.

Secondary trading of private digital securities is gradually taking off as the holding periods after the early security token offerings (“STOs”) are expiring and several regulated security token trading platforms (the U.S. licensed “alternative trading systems” or “ATS”), such as OpenFinance Network, are now operating.

Blockchain projects issuing digital securities (aka “security tokens”) are looking forward to the longed-for regulated secondary trading opportunities. Also, conventional businesses are embracing the financing alternatives of digitizing their equity and listing their own security tokens on ATSs accessible by investors 24/7 worldwide.

However, very few among both categories of the issuers understand the process and what it takes to get a digital security to secondary trading. On the one hand, most traditional businesses looking at STOs are not fully familiar with the blockchain technology and the DLT infrastructure surrounding digital securities. On the other hand, some blockchain projects skilled in the technology wrongly assume that the listing process for digital securities is similar to listing a token issued through ICO on an unregulated “utility token exchange.”

Security token issuers often fail to acknowledge that compliant secondary trading requires a careful consideration at all stages of an STO project, even before the life of a digital security begins. Otherwise, complications will inevitably arise, which may prevent listing and trading on ATSs.

Companies launching STOs in a compliant fashion under one of the available exemptions from registration (for example, commencing an STO under Regulation D and properly and timely filing a Form D), mistakenly think that this will automatically qualify the tokens for listing on ATS. In practice, this is far from the truth.

This article discusses some checkpoints on the path to secondary trading for blockchain-enabled digital securities, which are often underestimated by issuers.

1. Business Plan

The importance of having a sufficient business plan is often diminished. Issuing your security token without a viable need, business idea or purpose will significantly decrease the chances of listing and later trading such token.

While some of the exemptions from registration with SEC, like Regulation D, do not require the issuer to prepare a detailed business plan or even an offering memorandum – the issuers are still obligated to provide their potential investors with all material information necessary to make an investment decision.

Moreover, regulated ATS platforms may require the presence of a comprehensive business plan before approving the listing of a digital security as part of their onboarding and listing requirements.

A business plan may be amended during the STO process but preparing a comprehensive business plan in advance of the STO is the first step on your path to secondary trading.

2. Legal Structure and Formalities

Before a security token is issued, both the issuer and the token should be structured in a legally compliant way for the token to achieve liquidity in the future, which includes the following legal aspects:

The Securities Act and Regulations

From the legal perspective, security token is nothing more than a traditional security which is issued in a digital form and recorded on a blockchain. Arguably, a greater liquidity of digital securities may be accompanied by a greater potential for fraud.

Digital securities issued by both good faith and opportunistic issuers are easier accessible by unsophisticated investors and may be transferred in the future with a click of a button. Like every security, a digital security will have to comply with the current legal requirements and restrictions imposed to ensure full disclosure and prevent issuers from misleading investors both at the time of primary issuance and secondary trading.

For example, a security token issuer should be eligible to offer and sell the security, should disclose all the material terms of such security to the investors and, possibly, restrict its transferability. To achieve secondary trading, this should be done in a legally compliant way – usually pursuant to Regulation D, Regulation S, Regulation A+ and/or Regulation CF under the Securities Act of 1933 (the “Securities Act”), which provide exemptions from the securities registration with the SEC. So-called “blue sky” state laws may or may not be preempted, depending on a particular exemption used by the issuer, and should also be taken into consideration.

If issuers are not relying on one of the aforementioned exemptions, they will not be able to trade their token, unless they undergo the arduous SEC registration, which no security token project has done so far. Violators are likely to be subject to the SEC investigations and enforcement action, which may lead to civil and criminal liability.

From the listing perspective, a reputable ATS will always review the issuer’s legal documents for compliance with the securities laws, as part of the platform’s due diligence process, before listing a security token.

Other Laws Affecting Secondary Trading

The Securities Act is not the only law that may restrict security token issuer’s activities, including secondary trading. Applicable laws to be considered at the structuring stage of an STO include the Securities Exchange Act Of 1934 (the “Exchange Act”), the Investment Company Act of 1940 (the “ICA”) and the Investment Advisers Act of 1940.

You should also always keep in mind the laws of other jurisdictions where the security tokens will be offered or later traded.

Corporate Structure and

At the commencement of your STO project, you should have a clear understanding that the securities and other applicable laws and regulations may affect your corporate

For example, to issue digital securities under Regulation A+, the issuer must be incorporated in the U.S. or Canada. As another example, the ICA is applicable to both U.S. and foreign issuers and may require implementation of a complex corporate governance model for an issuer to be eligible for an exemption from the ICA registration requirements (which are
separate from the Securities Act).

In addition, regardless of the final corporate structure, your corporate documents should properly authorize and reflect issuance of the securities in a digital form, as the corporate laws must allow such issuance. Each project will be required to provide the corporate/ownership structure and documents to an ATS for review before your security tokens can be listed for secondary trading.


There is a risk that a legally compliant offering of digital securities may not be economically viable for tax-related reasons. Before the corporate and offering structure is finalized, you should retain tax advisors experienced in digital securities to make sure that the projected numbers align, and the chosen model is lucrative from the tax perspective. It is also important to retain tax advisors/auditors/CPAs to support your STO because they may be contacted and questioned by ATSs before listing your security token.

Thus, legal due diligence required for the future secondary trading of your security token should be done at the very early stage of an STO project.

3. Investor Onboarding and Token Sale

Companies have embraced whitelisting and onboarding of investors as an indispensable part of a compliant STO. A lot of companies retain specialized technology providers, so-called tokenization platforms or digital security management platforms, such as Securitize, to program a security token, issue it and facilitate a security token sale, including onboarding the investors and processing their payments.

You should always examine the reputation, technical capabilities and licenses of a tokenization service provider before retaining one. Major issues, which may affect the digital security’s future listing and liquidity, to be addressed at this stage pertain to:

KYC/AML/ Accreditation Checks

While this is a fundamental compliance measure, which is offered by virtually all tokenization platforms (or specialized third-party providers), you should not leave the KYC/AML/accreditation process unsupervised in a technology provider’s hands.

First, if proper KYC/AML/accreditation verification fails, the issuer could be held directly liable for violating U.S. and international anti-money laundering or securities regulations, even if such failure is caused by a third-party provider.

Second, if a service provider is incapable of completing proper KYC/AML verification per the issuer’s requirements (including incorporation into the issuer’s website, timing, number of purchasers, geographical scope and ability to accurately process foreign-issued documents), the investors may be lost and the offering’s proceeds may diminish significantly.

Not only quality but also timing of the KYC/AML/accreditation checks is critical. The checks should be conducted before investors make any payments, even if the payments are still subject to approval and possible return.

Holding payments from a blacklisted person may expose an issuer to liability risks that could not be negated by simply returning the questionable funds to such person. Some issuers and platforms overlook this sequence and expose themselves to unnecessary liability.

Digital Wallets

After the KYC/AML/accreditation checks, the qualified investors’ identities must be tied to and associated with their respective digital wallets. Since the security token sale and distribution is conducted on blockchain, the identities of investors will be represented by the wallet addresses that will hold security tokens.

So, tokenization platforms must provide ways to associate the off-chain KYC information and on-chain identity of investors via digital wallets to be integrated into or provided by the platform.


You must make sure that the chosen tokenization platform has all the required licenses for the services provided. Otherwise, your security token issuance may be voided and the secondary trading jeopardized.

For example, some platforms offer cryptocurrency transmission, custodial, transfer agent and marketing services – all of these services may require respective U.S. federal and state licenses/registrations.

4. Token Issuance

In practice, deploying a security token takes the most time and effort. The pivotal issue is addressed at this stage, namely, ensuring that the digital security’s features and restrictions can be implemented and maintained throughout the security token’s life-cycle, including secondary trading.

While many platforms advertise their ability to issue legally compliant digital securities, you must conduct a detailed due diligence of the technical capabilities of a chosen tokenization platform for the primary issuance and future listing of a security token on a registered ATS, including:

Implementing Security Token’s Features

Before the issuance, you will need to work with a tech team to make sure that all of the digital security’s features may be implemented using the protocol offered by the tokenization platform. Otherwise, if the legally structured qualities are not maintained from day one of the lifecycle, the security tokens may become useless and not tradeable.

For example, if you anticipate providing automated distributions or voting rights to the security token holders, the respective technical capabilities of your team/tokenization platform and the utilized protocol should be verified and tested.

Maintaining Resale Restrictions and Cap Table

In addition to your designed features, all of the legally imposed requirements and limitations should be programmed into the security token and maintained throughout its lifecycle, including secondary trading.

Two of the principal requirements in the securities world, which all security token issuers should have learnt by this time, are maintaining the holding periods/resale restrictions and capital table. Before listing, you will have to demonstrate to ATSs that the applicable legal restrictions (or digital restrictive legends) are maintained. Restrictions on a capital table vary depending on the applicable laws and regulations.

A lot of issuers are aware of the thresholds established by the Exchange Act, under which a U.S. issuer with total assets above $10 million and more than 2,000 holders of record of a class of equity securities (or 500 holders of record who are not accredited investors) must register those equity securities with the SEC.

There are additional statutory restrictions that you may be required to implement into a security token, which issuers often overlook.

For example, to avoid registration under the ICA, private funds and SPVs not qualifying for other exemptions may have to limit their capital table to no more than 100 beneficial owners or strictly to qualified purchasers (as defined in the ICA). Also, if you are tokenizing real estate using a tax-efficient REIT structure, to qualify for the tax benefits coming with a REIT, it will need (among other things) to have at least 100 beneficial owners, of which 5 individuals cannot concentrate in their hands more than 50% of the security tokens representing digital shares in the REIT.

In addition, the method of counting record owners or beneficial owners for the purpose of the above-mentioned restrictions is not straightforward and may exclude certain individuals or, conversely, may “look through” certain entities to count their owners toward the limitation. Implementing a calculation method presents another technical complication to programming a security token for secondary trading.

As a part of your pre-issuance due diligence, you will need to make certain that all the applicable limitations are accounted for and the security token is programmable for a legally compliant issuance and secondary trading.

Minting Tokens

You will also need to confirm with your tech team or tokenization platform that the security tokens can be actually minted and delivered in accordance with the offering terms and in the order prescribed by offering documents.

ATS Compatibility

Finally, the minted tokens must be compatible with the chosen regulated ATSs to be listed and tradeable. This challenge should be addressed beforehand as different tokenization platforms and ATSs have different standards and protocols – some are still being restructured or developed. You or the employed tokenization platform will need to establish contacts with the ATS of your choice before the primary issuance to ensure that the issuer’s and platform’s configurations of digital securities match and the pre-listing procedures required by the ATS are adhered to.

For example, mechanisms must be established between the ATS and the tokenization platform, so that token issuers can get constant access to its full capital table during the token’s secondary trading. This mechanism should provide for the issuer’s instant access to identities of investors newly onboarded by the ATS and integration of the new investors into the issuer’s overall cap table initially established by the tokenization platform. For example, Securitize platform is integrated with OpenFinance Network through RFE API (Ready for Exchange), which complements the on-chain integration with the ATS via Securitize’s token protocol.

Some of the ATS platforms offer all-in-one tokenization, marketing and listing services, which may simplify your task but still require an in-depth due diligence on the possible issues outlined above.

If the offering is poorly structured or documented, the digital security’s features are unenforceable for secondary trading, or if the security tokens are incompatible with the selected ATS, blockchain projects may be tempted by a seemingly simple technical solution – recalling the flawed security tokens and replacing them with the new ones. However, this may not be possible or may be costly and complicated from the legal standpoint, as one cannot always simply recall the issued securities, albeit in the form of digital tokens.

Defects in an STO or in a digital security itself may be incurable for legal compliance purposes and may disqualify the security from being listed on a regulated trading platform.

So, getting your token to secondary market is something to consider well in advance, at each step of your STO, or risk the loss of the digital security’s value, or even liability for violation of securities and other laws.

These materials have been prepared for general informational purposes only and shall not be used as a substitute for consultation with professional advisors. Please refer to your advisors for specific advise.

Attorney Advertising.

Latest articles
UPDATE: New Name, Website and Logo

Dear Clients and Friends of the Firm,

We are writing to share some exciting news!

Beginning November 12, …

Digital Finance During WEF 2020

Earlier in January, a small picturesque village of Davos in Switzerland hosted the 50th

Tokenizing Equity: Benefits, Risks and Practical Considerations

Special thanks to Carlos Domingo from Securitize and James C. Row, CFA from Entoro Capital for their insights and …

INSIGHT: The Dual Nature of ‘Utility’ Tokens and Dual Token Structures

This article by Rika Khurdayan, Max Dilendorf and Gleb Zaslavsky was originally published by The Bureau of National …

“Offering of securities – but to whom?”

Short synopsis of the SEC v. Telegram hearing on preliminary injunction 

The long-awaited hearing on the SEC’s motion …

Contact us