Token classification determines everything from fundraising strategy to exchange listings and regulatory obligations. This guide covers the security token vs. utility token distinction, the Howey Test, and classification frameworks across the US, EU, Singapore, and Switzerland.
Token classification determines everything from fundraising strategy to exchange listings and regulatory obligations. This guide covers the security token vs. utility token distinction, the Howey Test, and classification frameworks across the US, EU, Singapore, and Switzerland.
Token classification is the single most consequential legal determination a Web3 project makes, because it dictates which regulations apply to your token sale, ongoing trading, holder rights, and service provider obligations across every jurisdiction where the token is available. In the simplest terms, tokens are classified into three primary categories: security tokens that represent investment contracts and fall under securities law, utility tokens that provide access to a product or service and face lighter regulation, and payment tokens (or exchange tokens) that function as a medium of exchange and are subject to money transmission and payment services rules. However, the reality is far more nuanced — the same token can be classified differently across jurisdictions, a utility token can become a security if marketed incorrectly, and hybrid tokens that exhibit characteristics of multiple categories create ongoing compliance challenges.
As of 2026, approximately 68% of token projects have undergone formal classification analysis before launch, up from just 23% in 2021, according to data from Chainalysis. This guide provides the frameworks, tests, and practical decision trees you need to classify your token correctly and structure your fundraising approach accordingly.
A security token represents an investment in an external enterprise, giving holders rights to profits, dividends, revenue shares, governance over treasury assets, or ownership stakes. Security tokens are subject to the full weight of securities regulation, including:
Examples of security tokens:
The security token market reached approximately $15 billion in total value locked across platforms like Securitize, Polymath, and tZERO by the end of 2025, according to Security Token Advisors.
A utility token provides access to a specific product, service, or functionality within a blockchain ecosystem. When properly structured and distributed, utility tokens face lighter regulatory requirements because they are not considered investment contracts.
Key characteristics of a genuine utility token:
Examples of utility tokens:
Important caveat: A token labeled "utility" does not automatically escape securities classification. Regulators look at substance over form — how the token is sold, marketed, and what reasonable purchasers expect matters more than what the issuer calls it.
Payment tokens are designed to function as a medium of exchange, store of value, or unit of account. They do not provide access to a specific platform and do not represent investment contracts.
Regulatory treatment varies significantly:
Examples:
The Howey Test is the foundational framework for determining whether a token is a security under US federal law. Derived from the 1946 Supreme Court case SEC v. W.J. Howey Co., it establishes that an instrument is an "investment contract" (and therefore a security) if it involves:
The fourth prong — "efforts of others" — is where most token classification battles are fought. The more a project is decentralized and community-driven, the stronger the argument that token value is not derived from a single team's efforts.
In April 2019, the SEC's Strategic Hub for Innovation and Financial Technology published a framework expanding on the Howey Test for digital assets. Key factors include:
Factors suggesting a security:
Factors suggesting NOT a security:
In June 2018, then-SEC Director William Hinman suggested that a token could initially be offered as a security but later cease to be one if the network becomes "sufficiently decentralized." This concept — while not formal SEC policy — has been influential:
"If the network on which the token or coin is to function is sufficiently decentralized — where purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts — the assets may not represent an investment contract."
This has led to the concept of progressive decentralization, where projects:
However, the SEC has not formally endorsed this pathway, and projects relying on it should do so with qualified legal counsel.
The EU takes a fundamentally different approach through MiCA regulation. Rather than applying a single test like Howey, MiCA creates distinct regulatory categories:
Critical distinction: MiCA only applies to tokens that are NOT financial instruments under MiFID II. If a token qualifies as a transferable security, structured deposit, or unit in a collective investment scheme, EU securities regulation applies instead of MiCA.
The MiFID II classification test looks at whether the token:
Switzerland's FINMA ICO Guidelines (updated 2019) provide one of the clearest token classification frameworks globally:
Switzerland's framework is notable for its explicit recognition of hybrid tokens and its relatively clear safe harbor for genuine utility tokens. This has made Switzerland a popular incorporation jurisdiction for token projects, particularly through the canton of Zug (Crypto Valley).
The Monetary Authority of Singapore (MAS) classifies tokens under the Payment Services Act 2019 and the Securities and Futures Act:
MAS has been pragmatic in its approach, providing project-specific guidance through its regulatory sandbox and direct consultations.
Use this step-by-step process to guide your token classification analysis:
If the token represents equity, debt, derivatives, or units in a fund, it is almost certainly a security/financial instrument globally. Full securities regulation applies. Consult legal partners specialized in securities law.
If yes, it is likely a payment token. Key regulatory concerns: money transmission licensing, AML/KYC, and (in the EU) potential EMT classification under MiCA.
If the token grants access to a product, service, or platform that is currently functional:
The distribution method matters enormously:
Marketing is where many projects go wrong. Even a legitimately structured utility token can be reclassified as a security based on how it is promoted:
Safe marketing language:
Dangerous marketing language:
The Simple Agreement for Future Tokens (SAFT) was designed to allow projects to raise funds legally by selling investment contracts (securities) to accredited investors, with tokens delivered once the network is functional and the tokens qualify as utility tokens.
SAFT structure:
Criticism and current status:
For projects using SAFT structures, working with experienced legal counsel is essential. The fundraising structure directly impacts how your rounds are priced and structured.
Governance tokens present one of the most challenging classification problems. Tokens that grant voting rights over a protocol's parameters, treasury, or upgrade path can exhibit characteristics of both utility tokens (they have a function: governance) and security tokens (holders may expect financial returns from treasury management).
Arguments for governance tokens being securities:
Arguments against:
Practical guidance:
Non-fungible tokens generally fall outside traditional token classification frameworks because they represent unique items rather than fungible financial instruments. However, certain NFT structures raise classification concerns:
The SEC has signaled interest in fractionalized NFTs and NFT projects marketed as investments. The landmark Impact Theory settlement (August 2023) established that NFTs promoted as investments can be classified as securities.
Token classification should be determined before tokenomics are finalized, not after. The classification drives your entire go-to-market strategy, fundraising structure, exchange listing approach, and market making arrangements.
Find legal partners specializing in token classification through The Signal's partner directory.
Create a formal legal memo documenting your token's classification analysis under each relevant jurisdiction. This memo should:
Structure your tokenomics to support your desired classification:
Your incorporation jurisdiction should align with your token classification strategy. Projects seeking clear utility token treatment often incorporate in Switzerland or Singapore, while those accepting security token classification may prefer the US (for access to capital markets) or EU (for MiCA certainty).
Token classification is evolving rapidly. Subscribe to regulatory updates through The Signal's intelligence hub and maintain ongoing relationships with legal counsel.
A security token represents an investment contract where holders expect profits from others' efforts, while a utility token provides access to a product or service. The classification determines regulatory obligations: security tokens face strict securities laws including registration and disclosure requirements, while utility tokens face lighter regulation. The key test in the US is whether the Howey Test criteria are met.
The Howey Test determines if a token is a security by evaluating four criteria: investment of money, in a common enterprise, with expectation of profits, derived from others' efforts. Regulators examine how tokens are sold and marketed, not just their technical function. Marketing tokens as investments or emphasizing price appreciation increases the likelihood of security classification.
Yes, and vice versa. A token initially sold as a security (via SAFT or Reg D offering) may later be argued to be a utility token once the network is fully decentralized. Conversely, a utility token can be reclassified as a security if it is marketed as an investment or if the network becomes overly centralized. The SEC has suggested that sufficient decentralization may cause a token to no longer meet the Howey Test.
Governance tokens occupy a legal gray area. They have genuine utility (voting on protocol decisions) but often carry expectations of financial returns. Tokens with revenue-sharing mechanisms, treasury governance, or buyback programs face higher security classification risk. Projects should minimize investment-like features and ensure governance is genuinely decentralized.
In the US, stablecoins are generally treated as money transmission instruments subject to state and federal money transmission laws. Under EU MiCA, single-currency stablecoins are E-Money Tokens requiring e-money institution authorization, while multi-asset stablecoins are Asset-Referenced Tokens. In Switzerland, they are payment tokens subject to AML regulation.
Misclassification can result in SEC enforcement actions (US), unregistered securities offerings charges, investor lawsuits, exchange delistings, and criminal penalties in some jurisdictions. The SEC has brought over 100 enforcement actions related to unregistered token offerings since 2017, with penalties ranging from hundreds of thousands to billions of dollars.
Absolutely. Tokens classified as securities can only trade on regulated securities exchanges, dramatically limiting their market access. Most major crypto exchanges (Binance, Coinbase) will not list tokens with security classification risk. Proper classification analysis is often required as part of the exchange listing process.
Engage specialized crypto legal counsel to conduct a formal classification analysis. This typically costs $10,000-$50,000 depending on complexity and jurisdictions covered. Some jurisdictions (Singapore, Switzerland) offer regulatory sandbox consultations where you can discuss classification directly with regulators.
Token classification is the foundation of your entire Web3 legal strategy. Connect with specialized legal partners through our directory, explore the full partner ecosystem for comprehensive support, or schedule a consultation to discuss your token's regulatory positioning.
Get expert guidance from The Arch Consulting on blockchain strategy, tokenomics, and Web3 growth.
Learn MoreToken classification is the single most consequential legal determination a Web3 project makes, because it dictates which regulations apply to your token sale, ongoing trading, holder rights, and service provider obligations across every jurisdiction where the token is available. In the simplest terms, tokens are classified into three primary categories: security tokens that represent investment contracts and fall under securities law, utility tokens that provide access to a product or service and face lighter regulation, and payment tokens (or exchange tokens) that function as a medium of exchange and are subject to money transmission and payment services rules. However, the reality is far more nuanced — the same token can be classified differently across jurisdictions, a utility token can become a security if marketed incorrectly, and hybrid tokens that exhibit characteristics of multiple categories create ongoing compliance challenges.
As of 2026, approximately 68% of token projects have undergone formal classification analysis before launch, up from just 23% in 2021, according to data from Chainalysis. This guide provides the frameworks, tests, and practical decision trees you need to classify your token correctly and structure your fundraising approach accordingly.
A security token represents an investment in an external enterprise, giving holders rights to profits, dividends, revenue shares, governance over treasury assets, or ownership stakes. Security tokens are subject to the full weight of securities regulation, including:
Examples of security tokens:
The security token market reached approximately $15 billion in total value locked across platforms like Securitize, Polymath, and tZERO by the end of 2025, according to Security Token Advisors.
A utility token provides access to a specific product, service, or functionality within a blockchain ecosystem. When properly structured and distributed, utility tokens face lighter regulatory requirements because they are not considered investment contracts.
Key characteristics of a genuine utility token:
Examples of utility tokens:
Important caveat: A token labeled "utility" does not automatically escape securities classification. Regulators look at substance over form — how the token is sold, marketed, and what reasonable purchasers expect matters more than what the issuer calls it.
Payment tokens are designed to function as a medium of exchange, store of value, or unit of account. They do not provide access to a specific platform and do not represent investment contracts.
Regulatory treatment varies significantly:
Examples:
The Howey Test is the foundational framework for determining whether a token is a security under US federal law. Derived from the 1946 Supreme Court case SEC v. W.J. Howey Co., it establishes that an instrument is an "investment contract" (and therefore a security) if it involves:
The fourth prong — "efforts of others" — is where most token classification battles are fought. The more a project is decentralized and community-driven, the stronger the argument that token value is not derived from a single team's efforts.
In April 2019, the SEC's Strategic Hub for Innovation and Financial Technology published a framework expanding on the Howey Test for digital assets. Key factors include:
Factors suggesting a security:
Factors suggesting NOT a security:
In June 2018, then-SEC Director William Hinman suggested that a token could initially be offered as a security but later cease to be one if the network becomes "sufficiently decentralized." This concept — while not formal SEC policy — has been influential:
"If the network on which the token or coin is to function is sufficiently decentralized — where purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts — the assets may not represent an investment contract."
This has led to the concept of progressive decentralization, where projects:
However, the SEC has not formally endorsed this pathway, and projects relying on it should do so with qualified legal counsel.
The EU takes a fundamentally different approach through MiCA regulation. Rather than applying a single test like Howey, MiCA creates distinct regulatory categories:
Critical distinction: MiCA only applies to tokens that are NOT financial instruments under MiFID II. If a token qualifies as a transferable security, structured deposit, or unit in a collective investment scheme, EU securities regulation applies instead of MiCA.
The MiFID II classification test looks at whether the token:
Switzerland's FINMA ICO Guidelines (updated 2019) provide one of the clearest token classification frameworks globally:
Switzerland's framework is notable for its explicit recognition of hybrid tokens and its relatively clear safe harbor for genuine utility tokens. This has made Switzerland a popular incorporation jurisdiction for token projects, particularly through the canton of Zug (Crypto Valley).
The Monetary Authority of Singapore (MAS) classifies tokens under the Payment Services Act 2019 and the Securities and Futures Act:
MAS has been pragmatic in its approach, providing project-specific guidance through its regulatory sandbox and direct consultations.
Use this step-by-step process to guide your token classification analysis:
If the token represents equity, debt, derivatives, or units in a fund, it is almost certainly a security/financial instrument globally. Full securities regulation applies. Consult legal partners specialized in securities law.
If yes, it is likely a payment token. Key regulatory concerns: money transmission licensing, AML/KYC, and (in the EU) potential EMT classification under MiCA.
If the token grants access to a product, service, or platform that is currently functional:
The distribution method matters enormously:
Marketing is where many projects go wrong. Even a legitimately structured utility token can be reclassified as a security based on how it is promoted:
Safe marketing language:
Dangerous marketing language:
The Simple Agreement for Future Tokens (SAFT) was designed to allow projects to raise funds legally by selling investment contracts (securities) to accredited investors, with tokens delivered once the network is functional and the tokens qualify as utility tokens.
SAFT structure:
Criticism and current status:
For projects using SAFT structures, working with experienced legal counsel is essential. The fundraising structure directly impacts how your rounds are priced and structured.
Governance tokens present one of the most challenging classification problems. Tokens that grant voting rights over a protocol's parameters, treasury, or upgrade path can exhibit characteristics of both utility tokens (they have a function: governance) and security tokens (holders may expect financial returns from treasury management).
Arguments for governance tokens being securities:
Arguments against:
Practical guidance:
Non-fungible tokens generally fall outside traditional token classification frameworks because they represent unique items rather than fungible financial instruments. However, certain NFT structures raise classification concerns:
The SEC has signaled interest in fractionalized NFTs and NFT projects marketed as investments. The landmark Impact Theory settlement (August 2023) established that NFTs promoted as investments can be classified as securities.
Token classification should be determined before tokenomics are finalized, not after. The classification drives your entire go-to-market strategy, fundraising structure, exchange listing approach, and market making arrangements.
Find legal partners specializing in token classification through The Signal's partner directory.
Create a formal legal memo documenting your token's classification analysis under each relevant jurisdiction. This memo should:
Structure your tokenomics to support your desired classification:
Your incorporation jurisdiction should align with your token classification strategy. Projects seeking clear utility token treatment often incorporate in Switzerland or Singapore, while those accepting security token classification may prefer the US (for access to capital markets) or EU (for MiCA certainty).
Token classification is evolving rapidly. Subscribe to regulatory updates through The Signal's intelligence hub and maintain ongoing relationships with legal counsel.
A security token represents an investment contract where holders expect profits from others' efforts, while a utility token provides access to a product or service. The classification determines regulatory obligations: security tokens face strict securities laws including registration and disclosure requirements, while utility tokens face lighter regulation. The key test in the US is whether the Howey Test criteria are met.
The Howey Test determines if a token is a security by evaluating four criteria: investment of money, in a common enterprise, with expectation of profits, derived from others' efforts. Regulators examine how tokens are sold and marketed, not just their technical function. Marketing tokens as investments or emphasizing price appreciation increases the likelihood of security classification.
Yes, and vice versa. A token initially sold as a security (via SAFT or Reg D offering) may later be argued to be a utility token once the network is fully decentralized. Conversely, a utility token can be reclassified as a security if it is marketed as an investment or if the network becomes overly centralized. The SEC has suggested that sufficient decentralization may cause a token to no longer meet the Howey Test.
Governance tokens occupy a legal gray area. They have genuine utility (voting on protocol decisions) but often carry expectations of financial returns. Tokens with revenue-sharing mechanisms, treasury governance, or buyback programs face higher security classification risk. Projects should minimize investment-like features and ensure governance is genuinely decentralized.
In the US, stablecoins are generally treated as money transmission instruments subject to state and federal money transmission laws. Under EU MiCA, single-currency stablecoins are E-Money Tokens requiring e-money institution authorization, while multi-asset stablecoins are Asset-Referenced Tokens. In Switzerland, they are payment tokens subject to AML regulation.
Misclassification can result in SEC enforcement actions (US), unregistered securities offerings charges, investor lawsuits, exchange delistings, and criminal penalties in some jurisdictions. The SEC has brought over 100 enforcement actions related to unregistered token offerings since 2017, with penalties ranging from hundreds of thousands to billions of dollars.
Absolutely. Tokens classified as securities can only trade on regulated securities exchanges, dramatically limiting their market access. Most major crypto exchanges (Binance, Coinbase) will not list tokens with security classification risk. Proper classification analysis is often required as part of the exchange listing process.
Engage specialized crypto legal counsel to conduct a formal classification analysis. This typically costs $10,000-$50,000 depending on complexity and jurisdictions covered. Some jurisdictions (Singapore, Switzerland) offer regulatory sandbox consultations where you can discuss classification directly with regulators.
Token classification is the foundation of your entire Web3 legal strategy. Connect with specialized legal partners through our directory, explore the full partner ecosystem for comprehensive support, or schedule a consultation to discuss your token's regulatory positioning.
Get expert guidance from The Arch Consulting on blockchain strategy, tokenomics, and Web3 growth.
Learn More| Howey Prong | How It Applies to Tokens | What Regulators Look At |
|---|
| Investment of money | Any value exchanged for tokens (fiat, ETH, BTC, time) | Token sale structure, price paid, consideration type |
| Common enterprise | All token holders share in project success/failure | Pool of funds, shared outcomes, horizontal commonality |
| Expectation of profits | Purchasers expect token value to appreciate | Marketing materials, social media, price discussions |
| Efforts of others | Core team drives value through development | Degree of decentralization, reliance on founding team |
| MiCA Category | Definition | Closest US Equivalent | Key Requirements |
|---|
| Asset-Referenced Token (ART) | Stable value referencing multiple assets | No direct equivalent | EBA authorization, reserves |
| E-Money Token (EMT) | Single fiat currency reference | State-regulated stablecoin | E-money license, 1:1 backing |
| Other Crypto-Asset | Everything else not a financial instrument | Utility token (if not a security) | White paper notification |
| Financial Instrument | Qualifies under MiFID II | Security | Full securities regulation |
| FINMA Category | Description | Regulatory Treatment |
|---|
| Payment Token | Accepted as means of payment or value transfer | Anti-money laundering regulation |
| Utility Token | Provides digital access to an application or service | Generally not securities (if functional at issuance) |
| Asset Token | Represents assets such as debt, equity, or claims | Securities regulation applies |
| Hybrid Token | Combines characteristics of multiple categories | Subject to all applicable regulations cumulatively |
| Distribution Method | Classification Risk | Notes |
|---|
| ICO/IDO to public | High security risk (US) | Broad marketing to speculators increases Howey risk |
| Private sale to investors | Likely security | Use Reg D/Reg S exemptions, SAFT agreements |
| Airdrop to users | Lower risk | But must be genuinely free (no purchase required) |
| Mining/staking rewards | Generally not securities | Created through protocol participation |
| Platform usage rewards | Lower risk | Earned through consumptive use |
| Employee grants | May be securities | But exemptions available under Rule 701 |
| NFT Type | Classification Risk | Rationale |
|---|
| Art/Collectible (1-of-1) | Low | Unique item, no common enterprise |
| PFP collection (10K) | Low-Medium | Large collections may look fungible |
| Fractional NFTs | High | Pooled investment in an asset |
| Revenue-sharing NFTs | High | Investment contract characteristics |
| NFTs with staking yields | Medium-High | Expectation of profits from efforts of others |
| Gaming utility NFTs | Low | Consumptive use within a game |
| Token Feature | United States | European Union (MiCA) | Switzerland (FINMA) | Singapore (MAS) | United Kingdom (FCA) |
|---|
| Pure utility token | Not a security if Howey not met | "Other crypto-asset" | Utility token | Not regulated | Generally unregulated |
| Equity token | Security (Securities Act) | Financial instrument (MiFID II) | Asset token | Capital markets product | Security |
| Stablecoin (USD-backed) | State money transmission + potential security | E-Money Token | Payment token | Digital payment token | E-money or stablecoin regime |
| Governance token | Gray area (case-by-case) | Depends on features | Hybrid analysis | Depends on features | Case-by-case |
| Revenue-share token | Likely security | Likely financial instrument | Asset token | Likely CMP | Likely security |
| Airdropped token | Lower risk if genuinely free | White paper may still be required | Depends on function | Generally not regulated | Depends on features |
| Howey Prong | How It Applies to Tokens | What Regulators Look At |
|---|
| Investment of money | Any value exchanged for tokens (fiat, ETH, BTC, time) | Token sale structure, price paid, consideration type |
| Common enterprise | All token holders share in project success/failure | Pool of funds, shared outcomes, horizontal commonality |
| Expectation of profits | Purchasers expect token value to appreciate | Marketing materials, social media, price discussions |
| Efforts of others | Core team drives value through development | Degree of decentralization, reliance on founding team |
| MiCA Category | Definition | Closest US Equivalent | Key Requirements |
|---|
| Asset-Referenced Token (ART) | Stable value referencing multiple assets | No direct equivalent | EBA authorization, reserves |
| E-Money Token (EMT) | Single fiat currency reference | State-regulated stablecoin | E-money license, 1:1 backing |
| Other Crypto-Asset | Everything else not a financial instrument | Utility token (if not a security) | White paper notification |
| Financial Instrument | Qualifies under MiFID II | Security | Full securities regulation |
| FINMA Category | Description | Regulatory Treatment |
|---|
| Payment Token | Accepted as means of payment or value transfer | Anti-money laundering regulation |
| Utility Token | Provides digital access to an application or service | Generally not securities (if functional at issuance) |
| Asset Token | Represents assets such as debt, equity, or claims | Securities regulation applies |
| Hybrid Token | Combines characteristics of multiple categories | Subject to all applicable regulations cumulatively |
| Distribution Method | Classification Risk | Notes |
|---|
| ICO/IDO to public | High security risk (US) | Broad marketing to speculators increases Howey risk |
| Private sale to investors | Likely security | Use Reg D/Reg S exemptions, SAFT agreements |
| Airdrop to users | Lower risk | But must be genuinely free (no purchase required) |
| Mining/staking rewards | Generally not securities | Created through protocol participation |
| Platform usage rewards | Lower risk | Earned through consumptive use |
| Employee grants | May be securities | But exemptions available under Rule 701 |
| NFT Type | Classification Risk | Rationale |
|---|
| Art/Collectible (1-of-1) | Low | Unique item, no common enterprise |
| PFP collection (10K) | Low-Medium | Large collections may look fungible |
| Fractional NFTs | High | Pooled investment in an asset |
| Revenue-sharing NFTs | High | Investment contract characteristics |
| NFTs with staking yields | Medium-High | Expectation of profits from efforts of others |
| Gaming utility NFTs | Low | Consumptive use within a game |
| Token Feature | United States | European Union (MiCA) | Switzerland (FINMA) | Singapore (MAS) | United Kingdom (FCA) |
|---|
| Pure utility token | Not a security if Howey not met | "Other crypto-asset" | Utility token | Not regulated | Generally unregulated |
| Equity token | Security (Securities Act) | Financial instrument (MiFID II) | Asset token | Capital markets product | Security |
| Stablecoin (USD-backed) | State money transmission + potential security | E-Money Token | Payment token | Digital payment token | E-money or stablecoin regime |
| Governance token | Gray area (case-by-case) | Depends on features | Hybrid analysis | Depends on features | Case-by-case |
| Revenue-share token | Likely security | Likely financial instrument | Asset token | Likely CMP | Likely security |
| Airdropped token | Lower risk if genuinely free | White paper may still be required | Depends on function | Generally not regulated | Depends on features |
