‘Spring Cleaning’ Part 3: ASIFMA Best Practices

Taking cues from the Hong Kong-based Asia Securities Industry Association (ASIFMA).

by Edmund Yong

Some time last year in 2018, the Asia Securities Industry & Financial Markets Association or ASIFMA published an influential report on the Best Practices for Digital Asset Exchanges. It brought together the enviable heft of thought leaders from Big Four accounting houses like PwC and EY, and white-shoe law firms like Latham & Watkins and King & Wood Mallesons, to name a few. You can download the report here.[1]

ASIFMA describes itself as “an independent, regional trade association with over 100 member firms comprising a diverse range of leading financial institutions from both the buy and sell side including banks, asset managers, law firms and market infrastructure service providers.” It is a GFMA member (Global Financial Markets Association) with alliance counterparts AFME in London and Brussels, and SIFMA in New York and Washington, DC.[2]

Of particular interest to our topical series is how digital asset exchange (DAX) operators offer their services globally in different jurisdictions which do not have an “internationally harmonized view of token characterization, meaning that a token which is not classified as a ‘security’ in one jurisdiction might be classified as a ‘security’ in another jurisdiction.”

This poses a challenge for compliance:

  • How should DAXes be expected to comply and deal with the challenges presented by the patchwork of different regulatory approaches around the world?
  • How can DAXes set different market permissions for users based on where they reside or come from, and customize authorization levels for users not just with respect to where they trade but also what they trade?

The most widely adopted practice, according to the report, is to enable an “on-off switch” for the website. So while the DAX website is accessible globally, certain jurisdictions and categories of users that have been profiled during the KYC process are intentionally ‘switched off’ or blocked based on the DAX’s terms of use. It is important to note that marketing activities should not be carried out in ‘switched off’ jurisdictions. For example, a DAX should not merely “switch off” users from China but also stop marketing to persons in China given the regulatory prohibitions in that country.

The same “on-off switch” can be applied to specific digital assets. For example, a digital asset that is not classified as a ‘security’ in Switzerland but is so in Hong Kong can be availed for trading by Swiss persons but ‘switched off’ for Hong Kong persons. This approach allows the flexibility to ‘switch off’ an entire jurisdiction, where required by applicable laws and regulations.

The report suggests further measures such as:[3]

  • Including a generic catch-all clause in the terms and conditions stating that DAX services will not be provided to persons where the use of such services would be contrary to applicable laws and regulations.
  • Implement systems and controls so that such persons cannot actually trade the ‘switched off’ digital assets, including geoblocking and IP address checks. Note: As mentioned in our previous article many DAXes do not limit Virtual Private Networks (VPN) access which would get around this.[4]
  • to avoid inadvertently triggering any marketing restrictions, the DAX website and marketing materials should list the jurisdictions which are not ‘switched off’ (i.e. are ‘switched on’), and notify users about tokens which are ‘switched off’ in the relevant jurisdictions;

Since the regulatory climate is not settled and more changes are coming soon, DAXes need to stay alert and “carry on thorough jurisdictional analysis and have effective customer screening and robust controls”.

A few best practices are recommended:[5]

  • Monitor regulatory developments in jurisdictions where the DAX has activities in. If there is a potentially adverse change, it should assess whether to ‘switch off’ the jurisdiction as a whole or merely certain tokens from being traded in the jurisdiction. It can also seek an updated legal opinion to clarify its options;
  • Require token issuers to disclose to the DAX, among other things, (i) any material issues with the project status, financial condition, or management team; and (ii) any material changes to the information submitted in the original listing application by the issuer, pursuant to the continuing obligations requirement under the listing rules;
  • Prohibit users in affected jurisdictions from ‘buying’ the relevant tokens but (subject to the point below) permitting them to sell such tokens; and
  • Engage with local regulators to resolve how affected token holders can exit their positions (e.g. whether it is permissible for them to make a final trade within a prescribed timeframe). Otherwise, such token holders may have to hold on to tokens which they cannot dispose of, which may therefore be valueless.

Token classification is not always a clear-cut case. Many tokens are considered to be utility (with the backing of legal opinions) until charged otherwise; some have been escalated for judicial decision due to legal ambiguity[6]; or regulators themselves have admitted that tokens can evolve from being a security to a utility over time[7].

Furthermore, token classification is only one of the contention points. Regulators also have different attitudes towards other DAX services like provision of leverage and derivative products. The “on-off switch” works if the users are properly KYC-ed but many DAXes are still struggling to implement real-name identification fully. The practical challenges for compliance will persist.


The view expressed in this article is intended to provide a general guide to the subject matter and does not constitute professional advice. You are advised to seek proper advice for your specific situation.


[1] https://www.asifma.org/research/asifma-best-practices-for-digital-exchanges/

[2] www.asifma.org/about/

[3] ASIFMA, ibid p. 17.

[4] https://celebrusadvisory.com/lessons-from-new-york-oag/

[5] ASIFMA, ibid p. 18.

[6] Two cases in point: Blovkvest where courts overturned SEC ruling in Nov 2017 and a new challenge against SEC from Kik Interactive at time of writing. See https://www.jdsupra.com/legalnews/not-so-fast-court-rules-against-sec-70885/ and https://www.wsj.com/articles/are-ico-tokens-securities-startup-wants-a-judge-to-decide-11548604800

[7] Statements by SEC officials including chairman Jay Clayton quoted in https://www.coindesk.com/sec-chief-not-icos-bad and division chief William Hinman to Congress in https://www.forbes.com/sites/astanley/2018/04/28/sec-official-offers-new-hope-for-utility-tokens-in-congressional-testimony/#7cf70856fcf9

Leave a comment

nineteen + eighteen =

This site uses Akismet to reduce spam. Learn how your comment data is processed.