BizLegal-AIStart Free
regulatory

FCA & Bank of England Tokenisation Vision for UK Wholesale Markets

FCA tokenisation wholesale markets DLT: what the joint regulatory vision means for firms, how to prepare, and the compliance steps you can't skip.

BizLegal-AI Intelligence DeskgbFCA

FCA & Bank of England Tokenisation Vision for UK Wholesale Markets

The Bank of England's November 2023 Discussion Paper DP23/4 and the FCA's parallel work under the Digital Securities Sandbox (DSS), which opened for applications in January 2025, have set a concrete regulatory trajectory for tokenised wholesale markets in the UK. Firms that treat this as a distant horizon are already behind. The DSS's first cohort decisions are live, and the FCA's 2025/26 Business Plan explicitly names tokenisation as a priority supervisory theme.

TL;DR

  • The Digital Securities Sandbox lets firms issue, trade, and settle tokenised securities under modified UK law, with the FCA and Bank of England as joint regulators.
  • BoE Discussion Paper DP23/4 signals that wholesale central bank money settlement for tokenised transactions is under active design, not just theoretical consideration.
  • Firms must map their existing permissions to DSS eligibility criteria before applying; a standard Part 4A permission does not automatically transfer.
  • Legal uncertainty around DLT-based finality and collateral enforceability remains the single biggest operational risk for wholesale participants.
  • The window to shape the permanent regime is now: the DSS runs until at least 2028, and sandbox learnings will directly inform primary legislation.

What This Regulation Actually Requires

The Digital Securities Sandbox: Core Mechanics

The DSS was established under the Financial Services and Markets Act 2023, specifically the provisions in Part 11 that allow HM Treasury to modify or disapply existing legislation for sandbox participants. The sandbox covers three activity types: notary functions (recording issuance on DLT), settlement system operator functions, and trading venue functions. A firm can apply for one, two, or all three.

Critically, the DSS operates under a dual-regulator model. The FCA supervises trading venues and certain notary/settlement activities. The Bank of England supervises recognised clearing houses and settlement systems that fall under its existing jurisdiction. Firms need to identify which regulator leads on their specific activity before drafting an application.

The sandbox has two entry gates. Gate 1 is a lighter-touch sandbox testing environment where firms can test with real assets but under enhanced supervisory oversight and activity limits. Gate 2 is a more mature operating environment with higher thresholds, available once a firm has demonstrated Gate 1 compliance. The FCA has confirmed that Gate 2 firms can operate at commercially meaningful scale.

BoE DP23/4: Wholesale Settlement Architecture

The Bank of England's Discussion Paper set out three potential models for settling tokenised transactions in central bank money. Model 1 uses existing RTGS infrastructure with a synchronisation mechanism. Model 2 creates a new "synchronisation operator" that coordinates between RTGS and DLT systems. Model 3 is a full wholesale CBDC or "wCBDC" that sits natively on a DLT platform.

The BoE has not committed to a single model. What it has committed to is ensuring that tokenised wholesale transactions can achieve settlement finality in central bank money, which is the bedrock of systemic risk management. Firms building tokenised repo, bond issuance, or collateral mobility solutions need to architect their systems to be compatible with at least Models 1 and 2, since Model 3 remains the longest-dated option.

Existing Regulatory Perimeter: What Still Applies

Participation in the DSS does not create a regulatory holiday. The sandbox modifies specific pieces of legislation, primarily the Companies Act 2006 (share register requirements), the Uncertificated Securities Regulations 2001, and certain provisions of FSMA 2000. Everything else remains in force.

That means MiFID-derived conduct obligations (now onshored as UK MiFIR/MiFID), market abuse rules under MAR, and AML/CTF requirements under the Money Laundering Regulations 2017 all apply in full. A tokenised bond is still a bond. A tokenised equity is still an equity. The instrument's legal character does not change because it sits on a blockchain.

The Broader UK Tokenisation Framework

Beyond the DSS, the FCA's Consultation Paper CP24/20 on admissions and disclosures for digital securities, published in late 2024, proposed a tailored disclosure regime for DLT-based instruments admitted to trading. The proposal recognises that some traditional prospectus requirements are ill-suited to programmable securities but does not propose wholesale exemptions. Firms issuing tokenised instruments on a DSS trading venue will need to comply with the adapted disclosure rules once finalised.

What This Means for Your Company

For banks and broker-dealers: Your existing settlement and custody infrastructure is the primary integration challenge. The DSS does not require you to rebuild your entire stack, but it does require you to demonstrate that your DLT-based systems can achieve equivalent resilience, finality, and auditability to CREST-settled transactions. The FCA has been explicit that operational resilience standards under PS21/3 apply to DSS participants.

For fintech issuers and platform operators: The DSS is your fastest route to a regulated tokenised securities business in the UK. But "fastest" is relative. Gate 1 applications require a detailed regulatory business plan, a legal analysis of which legislative modifications you're relying on, and a technology description that satisfies both FCA and BoE technical standards. Budget 6-9 months from initial engagement to Gate 1 approval.

For asset managers: Tokenised fund units and tokenised money market instruments are not currently in scope for the DSS. The FCA's Investment Management Strategy 2.0 touches on tokenised funds separately. Watch for the FCA's follow-up work on fund tokenisation, which is expected to produce a consultation in 2026.

For legal and compliance teams: The gap between DLT-based transfer and legal title transfer is your biggest exposure. Under English law, property in securities passes according to the relevant register or settlement system rules. If your DLT system is not a recognised settlement system under the DSS, on-chain transfers may not constitute legal delivery. This is not a theoretical risk; it directly affects repo close-out, collateral enforcement, and insolvency treatment.

How to Operationalise

Step 1: Conduct a DSS eligibility assessment. Map your proposed activities against the three DSS activity categories. Identify which regulator leads. Confirm whether your target instruments are in scope (currently: shares, bonds, units in collective investment schemes, money market instruments, and emissions allowances are all eligible).

Step 2: Commission a legal title analysis. Engage external counsel to produce a written opinion on how legal title to your tokenised instruments passes under English law, and what modifications the DSS provides to cure any gaps. This opinion will be required as part of your Gate 1 application.

Step 3: Map your technology stack to FCA/BoE technical expectations. The FCA's DSS Guidance (published alongside the sandbox launch) specifies requirements around system resilience, access controls, record-keeping, and auditability. Conduct a gap analysis against your current DLT architecture.

Step 4: Engage the FCA's Innovation Services early. The FCA's Innovation Pathways service offers pre-application meetings for DSS candidates. Use this. Regulators have been candid that applications which arrive without prior engagement are harder to process quickly.

Step 5: Design your settlement model for BoE compatibility. Even if you're not a settlement system operator, your platform needs to interface with central bank money settlement. Build your architecture to support the synchronisation approach described in DP23/4 Models 1 and 2.

Step 6: Establish a sandbox governance framework. DSS participants are expected to report regularly to their lead regulator, flag material changes to their technology or business model, and participate in the FCA/BoE's cross-sandbox learning exercises. Assign a named individual (likely your SMF24 Chief Operations function or equivalent) as the DSS regulatory liaison.

Step 7: Monitor the legislative pipeline. The DSS runs until at least 2028. HM Treasury has committed to using sandbox learnings to inform permanent legislation. Track the Financial Services Growth and Competitiveness Strategy publications and any HMT consultations on digital securities legislation.

Common Mistakes and How to Avoid Them

Treating the DSS as a deregulatory shortcut. It isn't. The sandbox modifies specific statutory provisions to enable DLT-based operations; it doesn't reduce conduct, prudential, or AML standards. Firms that pitch their DSS application as a way to avoid existing obligations will face pushback from supervisors.

Underestimating the legal title gap. Several early-stage tokenisation projects in the UK have discovered mid-build that their on-chain transfer mechanism doesn't constitute legal delivery under English law. Fix this in design, not in production. The DSS's modification of the Uncertificated Securities Regulations is specifically designed to address this, but only for firms operating within the sandbox perimeter.

Ignoring the BoE's role. Firms focused on the FCA sometimes treat the Bank of England as a secondary consideration. For any activity touching settlement finality or systemic infrastructure, the BoE's expectations are co-equal. The joint FCA/BoE oversight model is not a formality.

Building for a single settlement model. Given that the BoE has not chosen between its three wholesale settlement models, firms that hard-code their architecture to one approach risk expensive rebuilds. Design for interoperability with both RTGS synchronisation and a potential future wCBDC layer.

Neglecting cross-border legal analysis. UK tokenised securities will be held by non-UK custodians and traded by non-UK counterparties. The DSS modifies UK law; it doesn't resolve conflicts of law questions about which jurisdiction's rules govern title to a tokenised instrument held in a foreign custody chain. Get a cross-border legal opinion before going live.

FAQ

Q: Can a non-UK firm apply for the Digital Securities Sandbox?

A: The DSS is open to firms that are, or are willing to become, authorised or recognised in the UK. An overseas firm without existing UK authorisation would need to obtain the relevant Part 4A permission or recognition as part of the DSS application process. The FCA has indicated it will consider overseas applicants, but the regulatory relationship must be anchored in UK law.

Q: Does DSS participation affect a firm's existing FCA permissions?

A: DSS participation sits alongside existing permissions; it doesn't replace them. A firm with an existing investment firm permission continues to operate under that permission for non-DSS activities. The sandbox creates an additional regulatory perimeter for the specific DLT-based activities covered by the application. Firms should review their Scope of Permission carefully to ensure there's no conflict.

Q: What instruments are currently excluded from the DSS?

A: Derivatives, crypto-assets that are not securities, and tokenised fund units (as a distinct category) are not currently in scope. The FCA has signalled that scope may expand as the sandbox matures, but firms should not build business cases on anticipated scope extensions that haven't been confirmed.

Q: How does the DSS interact with the UK's existing CREST settlement infrastructure?

A: CREST, operated by Euroclear UK & International, remains the primary settlement system for UK securities. The DSS creates a parallel track for DLT-based settlement. There is no current requirement for DSS participants to integrate with CREST, but firms should consider interoperability for instruments that may need to move between DLT and traditional settlement rails.

Q: What happens to DSS participants when the sandbox closes?

A: HM Treasury has committed to providing a transition pathway. Firms operating successfully in the DSS are expected to migrate to a permanent regulatory regime that will be established through primary or secondary legislation informed by sandbox learnings. The FCA has stated it will give participants adequate notice and transition time. The exact mechanism is not yet legislated.

Sources

  • Bank of England, Discussion Paper DP23/4, The Bank of England's approach to innovation in money and payments, November 2023
  • Financial Conduct Authority and Bank of England, Digital Securities Sandbox: Guidance for Applicants, January 2025
  • HM Treasury, Financial Services and Markets Act 2023, Part 11 (Sandbox Arrangements)
  • Financial Conduct Authority, CP24/20: Admissions and Disclosures Regime for Digital Securities, 2024

Disclaimer

This article is produced by BizLegal-AI Intelligence Desk for general informational purposes only. It does not constitute legal advice and does not create a solicitor-client or adviser-client relationship. Regulatory requirements change frequently; readers should verify current rules with the FCA, Bank of England, and qualified legal counsel before taking any action. BizLegal-AI makes no representations as to the completeness or accuracy of information regarding specific enforcement actions, penalties, or case outcomes. Always obtain independent professional advice tailored to your specific circumstances and jurisdiction.

FCABank of EnglandtokenisationDLTukwholesale marketsdigital securitiesfinancial market infrastructuresandboxDLTSS
Turn this guide into a plan

Get your jurisdiction-specific compliance risk score

BizLegal-AI maps your structure against this exact regulation and tells you what's missing — before a regulator does. Free preview, no card required.

Run my free risk check →

Used by founders & counsel across 50+ jurisdictions · Not legal advice

Related

Regulatory changes, before they cost you

One email when a rule that affects crypto, fintech, or cross-border deals actually changes. No noise. Unsubscribe anytime.

Disclaimer: BizLegal-AI produces regulatory intelligence and working drafts. It is not legal, financial, or tax advice. Consult qualified counsel for specific situations.