The future is here. The ideas of tomorrow are happening today. Practical applications for Digital Ledger Technology (“DLT” or blockchain) are not merely notional exercises by anti-establishment, disenfranchised free thinkers. No, the revolution is now. The movement is happening, and investors, corporations large and small, and industry are jumping on board every day. Whether a mom-and-pop dry cleaner or a professional sports league, all are looking for their place in this new decentralized financial (“DeFi”) world. However, with any movement, with any unconventionality, comes questions.  The two most common perhaps—How can I use this to make money; and, What are my risks? 

The law is not yet mature in this area. However, we know regulatory agencies are paying attention to this space and, based on their actions thus far, we know how to mitigate risk so individuals and businesses can operate within defined parameters and with less fear of the unknown. To that end, this alert seeks to provide an overview of the different types of cryptocurrency tokens (security token, utility token, and non-fungible token), common regulatory considerations associated therewith, and implementation strategies to maximize transactional security without triggering unnecessary regulatory scrutiny.


A cryptocurrency “token” is a custom, digital asset—a string of characters that may provide the holder the rights to an underlying asset issued on top of a blockchain. A blockchain is a decentralized, distributed ledger consisting of blocks (records) used to track transactions. Tokenization, simply, is the process of converting the rights (ownership, leasehold, license, etc.) to an asset (anything of value) into digital form on a blockchain.[1]  On blockchain (“on-chain”) transactions rely on “smart contracts” which are a series of conditional (if-then) statements written in code to form the basis of a self-executing contract.[2]

Broadly, tokens fall into two categories: fungible and non-fungible. While fungible tokens can be used like currency to facilitate exchanges of value on a particular blockchain, non-fungible tokens represent an emerging class of unique, digital assets that are also tracked and traded on-chain.

A. Fungible Tokens

A fungible token—for example, Bitcoin—relates to a unit of value that can be traded or freely exchanged, and is effectively indistinguishable from other tokens in the same ecosystem. A Bitcoin is a Bitcoin, and one Bitcoin is not more valuable or rare than any other Bitcoin. Fungible tokens often work similarly to fiat currency—for example U.S. Dollars. Like one $20 bill has the same value as any other $20 bill, a fungible token, regardless of when it was mined (minted), who previously owned it, or for what value the token was previously exchanged, has the same value as its fungible counterparts.  Just as a shopkeeper does not distinguish one $20 bill from another before accepting it in exchange for goods, a fungible token provides the same value to transacting parties as any other like fungible token. Accordingly, fungible tokens provide the basis of all on-chain payment systems. Fungible tokens likewise are divided into two primary forms: (1) security tokens, similar to money—classified by regulators as a security, and (2) utility tokens, similar to a gaming arcade token—issued for functionality with a specific purpose.

1. Security Tokens

Security tokens represent tradeable financial assets that are deemed to be “securities” under applicable law and are therefore regulated. Just as a share of stock in a public company comes with the expectation of profit, so too does a security token.  As discussed in greater detail below, it is not uncommon in this space for tokens distributed through Initial Coin Offerings (“ICO”), originally purposed as utility tokens, to become security tokens depending on the issuance’s underlying facts.  While there is certainly value to security tokens, securities come with a host of regulations. In lieu of facing such regulations, issuers often opt to avoid introducing security tokens onto an ecosystem.

2. Utility Tokens

Utility tokens are the other type of fungible tokens. A utility token is a blockchain-based asset that a holder can exchange for something else of value, typically a good or service offered by the token issuer. Borrowing from the example above, utility tokens work similarly to game tokens at an arcade. A player exchanges currency (either fiat or digital) for tokens to play games or ride rides within the arcade. Even though the game tokens may only have value within a particular arcade, the tokens themselves are fungible—in that one is the same as another—and the player uses the tokens for a specific purpose, limited to the ecosystem of the arcade.

The uses for utility tokens are limited only by the issuer’s imagination. Most frequently, however, utility tokens are used on particular platforms—such as on a website or in a mobile game—to purchase or obtain something of value on those platforms. For instance, a videogame developer may issue utility tokens to raise money to fund the creation of a game, and then allow the token holders to redeem the tokens for in-game purchases upon its launch. Outside of the game, however, the tokens have no value.  Importantly, utility tokens are not offered as “investment opportunities.” Rather, utility tokens offer current or future access to a company’s products or services, not an expectation of future profit.

B. Non-fungible Tokens

Non-fungible tokens (“NFTs”), on the other hand, relate to unique digital assets rather than a standard measure of value.  Therefore, the holder of one NFT cannot necessarily obtain equal value by exchanging a token for another NFT within the same ecosystem. If something can be digitized, perhaps even if not, it can operate as an NFT. Indeed, NFTs have been used to transform collectibles—for example, a digital work of art—into one-of-a-kind, verifiable assets that can be traced, authenticated, and sold/traded on-chain. NFTs are particularly well-suited to prove ownership, identify the uniqueness of assets, and identify counterfeits from originals. This is because each asset’s identifiable information is immutable on-chain. NFTs not only differ in functionality from fungible tokens, but also fall under an entirely different coding protocol and structure compared to those of fungible tokens.[3]

Recently, NFTs garnered the art world’s attention when an NFT created by the digital artist Beeple sold for $69 million. With the creation of the NBA’s Top Shots (which allows users to purchase a token of a particular NBA highlight clip), the sports world demonstrated its desire to get in on the NFT action. Although the digital asset that an NFT relates to may be infinitely replicable—anyone can run a Google image search for Beeple’s artwork or watch NBA highlights on YouTube—the token itself is limited by a predetermined quantity and quality the issuer assigns, which, as with any other asset, creates scarcity and drives demand. Indeed, an NFT’s value stems from collector culture, the desire for patronage (i.e., supporting a particular artist, player, or team), and proof of ownership. Think owning a signed 1986 Fleer Michael Jordan rookie card, versus having a picture of the same.

Where NFTs and other on-chain assets differ from other assets is in their immutability, and therefore their transparency.  Anyone can view a painting in a museum, but who’s to say that painting is an original? What if the curator was wrong?  What if the provenance is forged? With DLT and NFTs, the expectation is that those worries disappear. With NFTs, authenticity is built into the code. The code is transparent, verifiable, and immutable. The blockchain creates a certificate of authenticity for each token so the originating source is identifiable. 


A. Utility Tokens

Tokens are issued through various forms of token offerings, most commonly through ICOs, where purchasers acquire tokens in exchange for payment. If an ICO offers a security token—distinct from a utility token—the offering is subject to regulation by the U.S. Securities and Exchange Commission (“SEC”) under federal securities laws.[5]  According to the SEC’s 2019 guidance framework, the Howey test governs whether a token is a security (or “investment contract”) thereby triggering registration and subsequent reporting requirements.[6]  It is worth noting that a token may be characterized as a security even if the issuer intended otherwise.

In SEC v. W.J. Howey Co., 328 U.S. 293 (1946) (“Howey”), the Supreme Court determined that “an ‘investment contract’ exists when there is [1] the investment of money [2] in a common enterprise [3] with a reasonable expectation of profits [4] to be derived from the efforts of others.”[7] The test is conjunctive. An item must satisfy each of the Howey test’s four elements to qualify as an “investment contract” and therefore invite SEC scrutiny.[8] The materials used to promote the sale of the digital assets, and the manner in which they are offered, sold, or resold are particularly relevant to whether the token is a security.[9]  To be sure, the Howey test applies to any contract, scheme, or transaction, regardless of whether it has the characteristics of typical securities.[10]

SEC leadership remarked in 2018 that “where the digital asset is sold only to be used to purchase a good or service available through the network on which it was created,” it is unlikely to qualify as a security.[11]  So by structuring an ICO and its tokens not as an investment designed to generate profit for the investor, but rather as a new method of payment accepted on the issuer’s platform—like arcade tokens—an issuer may be able to avoid regulatory requirements applicable to securities.[12] While the SEC lists a litany of considerations in its 2019 guidance, issuers hoping to avoid security classification should ensure that tokens do not give “the holder rights to share in the enterprise’s income or profits, or to realize gain from capital appreciation of the digital asset.”[13] Additionally, issuers should maintain “apparent correlation between the purchase/offering price of the digital asset and the market price of the particular goods or services that can be acquired in exchange for the digital asset.”[14]

Importantly, the SEC recognized that price appreciation of a token “resulting solely from external market forces (such as general inflationary trends or the economy) that impact the supply and demand for an underlying asset generally is not considered ‘profit’ under the Howey test[.]”[15]  As such, issuers offering utility tokens used for goods and services, rather than as a speculative investment designed to increase in value over time, mitigate the risk of security classification.[16]

B. Non-fungible Tokens

Although the SEC has not yet commented specifically on NFTs, it is reasonable to assume the Howey test and related considerations likewise govern NFTs. Under the framework discussed above, an NFT connected to a collectible or an item intended for use—for example, tickets to an event or other experience—is unlikely to fall under the definition of a security.[17]  The blockchain serves more as a means of authenticating the underlying asset than creating a market for investors reasonably to expect to profit from its appreciation. However, if issuers offer NFTs to the public with the promise of liquidity and/or increasing the NFT’s value through the daily continued services of the issuer, such a token will likely trigger SEC scrutiny. Marketing, while not dispositive, is also critical to the analysis. Deliberate packaging of NFTs is essential. Issuers not intending to create securities must ensure they do not create an expectation of a return on a passive investment, and instead need to focus on the qualities particular to that token.

C. Additional Risk Mitigation

Issuers should also devote the time and resources necessary to develop and implement comprehensive know-your-customer (“KYC”) and anti-money laundering (“AML”) policies that govern both the initial sale of tokens and any subsequent financial transactions. As with any monetary transaction, an issuer must be careful not to conduct business with individuals or entities subject to legal restrictions such as those imposed by U.S. Department of Treasury, Office of Foreign Assets Control. Requiring customers to create an account, identify their location, provide contact information, and agree to terms and conditions clarifying their rights and responsibilities are an excellent way to alleviate risk. Likewise, clear disclosures should describe exactly what a purchaser will receive to ensure compliance with consumer protection laws. For instance, an NFT may include ownership rights over a purchased image, but not the copyright to the original image. Transparency is key. It reduces the risk of misunderstanding between issuer and customer, and is a fundamental pillar on which blockchain was built.


A. Utility Tokens

Again, utility token applications are limited only by the imagination of the issuer. Indeed, the benefits include the ability to access a new demographic and expand to an ever-increasing customer base who prefer cryptocurrency to fiat currency. Utility tokens, similar to gift cards, provide instant liquidity through their sale regardless of whether the token is redeemed immediately or on a future date. Purchasers of utility tokens benefit by locking in prices and eliminating the risks associated with volatile cryptocurrency fluctuation, and the uncertainties associated with inflation—the value of utility tokens are generally fixed at sale.

The first step in the offering process is selecting (or creating) a reliable blockchain platform on which to launch the utility token. Overwhelmingly, issuers tend to prefer the Ethereum platform for ICOs—over 80% of ICO projects use the Ethereum platform, while only 8% choose to build a custom platform, with the remainder launching on an Ethereum competitor’s platform. Ethereum is extremely popular as a platform because it is so accessible, easy to code on, and very large, thus adding an additional layer of security while staying true to its foundation of decentralization and cryptographic application. 

Preparing for a launch should involve drafting a “whitepaper” and developing a marketing campaign to capture the details of the ICO, describe the terms of sale, provide legal disclosures, and properly market the token as a utility token exchangeable for defined goods and/or services. Issuers are increasingly using dedicated ICO websites, or carveouts on existing websites, to post whitepapers and to conduct conventional advertising to generate awareness of ICOs in advance of launching.

At least at the outset, developing and launching on the Ethereum platform allows the issuer to create tokens using the code provided by Ethereum. The industry-standard ERC-20 token outlines smart contract parameters, which provide the protocol to automatically execute and document events related to the tokens with the terms of the agreement between buyer and seller directly written into lines of code. Prior to launch, issuers should audit smart contracts and conduct test transactions to ensure transactions will appear on the Ethereum blockchain as designed. Finally, launch the ICO and standby as the information necessary for accounting and recordkeeping appears on-chain.

B. Non-fungible Tokens

Individuals and companies are just beginning to explore the possibilities of tokenizing assets. Thus far, we have seen art, videos, and the first Tweet tokenized and sold (to name a few). However, as NFTs expand in popularity, so too will the product base. And why not?  NFTs and DLT reduce the risk of counterfeit and fraud. Using an event ticket as an example, tokenization allows, and ensures, the ability to track each individual ticket sold in case an issue arises with a particular ticket—for instance, policing an anti-scalping policy, the need to ascertain who holds the valid ticket when two fans show up with identical printouts, or if a security concern arises and there is a need to quickly determine the identity and location of ticket holders.

Establishing an NFT is relatively easy.  First, decide which blockchain to use. Ethereum again dominates the market. Minting an NFT on the Ethereum blockchain requires only an Ethereum wallet that supports ERC-721—the Ethereum-based NFT token standard. Next, build a marketplace or use an existing NFT marketplace. Tokenize the assets and upload them to the marketplace. Finally, start selling NFTs on the marketplace by setting conditions of sale—including the date and time a token becomes available, whether it is available for a fixed price or in an auction format, and any other information necessary to compose a smart contract. Again, the blockchain records all transaction information thereby making accounting and recordkeeping information instantly retrievable.


The economy of tomorrow has arrived. Enterprise built on blockchain. While we have only just begun to scratch the surface on new applications for blockchain and tokenization, the possibilities are endless. Tokenization is the way of the future. Now is the time to enter this growing space and capture the benefits of innovation.

Whether launching utility tokens that holders redeem for products and/or services, or transforming unique items into NFTs, tokenization provides access to a growing market of cryptocurrency users and creates new and unique revenue streams.  Innovation beckons opportunities that will shape businesses for years to come. Welcome to the new era.


The views expressed herein are solely the views of the authors and do not represent the views of Brown Rudnick LLP, those parties represented by the authors, or those parties represented by Brown Rudnick LLP. Specific legal advice depends on the facts of each situation and may vary from situation to situation. Information contained in this article is not intended to constitute legal advice by the authors or the lawyers at Brown Rudnick LLP, and it does not establish a lawyer-client relationship.

[1] A token itself is merely a cryptographic string of numbers and letters that contains no independently meaningful data.  It relates back to potentially valuable data or another digital asset (the cryptographic code is a “stand-in” for real data).

[2] On the Ethereum blockchain, for instance, smart contracts are written in an Ethereum-based contract code called Solidity.  By relying on DLT, smart contracts are both immutable and distributed, which eliminates the need for an intermediary to verify or facilitate transactions that automatically execute upon the satisfaction of objective criteria.

[3] On the Ethereum blockchain, for instance, NFTs use a different source code than fungible tokens and follow the protocols in ERC-721, rather than ERC-20 for fungible tokens.

[4] This section is meant to provide an overview of the regulatory considerations when classifying tokens. It by no means is a complete discussion of potentially applicable securities laws and regulations.  As “security tokens” are, by default, securities and therefore subject to securities laws, this section and the sections that follow focus on the regulatory considerations of the remaining categories of tokens.

[5] SEC, Framework for “Investment Contract” Analysis of Digital Assets (Apr. 3, 2019) [hereinafter SEC Guidance], available at https://www.sec.gov/corpfin/framework-investment-contract-analysis-digital-assets.

[6] Id.

[7] Id.

[8] SEC v. W.J. Howey Co., 328 U.S. 293, 300 (1946).

[9] SEC Guidance.

[10] Id. at 298.

[11] William Hinman, Digital Asset Transactions: When Howey Met Gary (Plastic) (June 14, 2018), available at https://www.sec.gov/news/speech/speech-hinman-061418.

[12] Id.

[13] SEC Guidance.

[14] Id.

[15] Id.

[16] Id.

[17] Id. The facts and circumstances regarding any particular NFT would, of course, need to be examined against the SEC’s guidance to ensure the token does not qualify as a security.