ARTICLE
14 May 2025

Smart Contracts, Shifting Standards: Understanding The SEC's New Disclosure Expectations For Tokens

TLP Advisors

Contributor

TLP Advisors logo
At TLP Advisors, we are a dynamic and forward-thinking consulting, strategy, and law firm specialising in providing cutting-edge solutions to our diverse clientele. With our roots deeply embedded in the financial services, gaming, Web3, and emerging tech sectors, we offer unparalleled knowledge and provide tailored support to these rapidly evolving industries' unique challenges and opportunities. TLP Advisors has consistently been the firm of choice for L1 chains, funds, DeFi protocols, gaming companies, fintech and payment companies, foundations, and investors. We have built a reputation for excellence through our frequent collaborations with regulators, funds, and technology incubators.
Explore Firm Details
The SEC's April 2025 Guidance signals a shift from ambiguity to structure, requiring digital asset issuers to treat token-related disclosures with the same rigour as traditional securities offerings.
Worldwide Technology
Soham Jethani,Pankhuri Malhotra,Abhay Raj
+1 Authors
 Your Author LinkedIn Connections

Please note: TLP Advisors is not a regulated firm or service provider within the territory of the United States of America. As such, the below should be read for informational purposes only. Please speak to a registered attorney/lawyer barred in the United States of America before making any business decision.

1. KEY TAKEAWAYS

  • The SEC's April 2025 Guidance signals a shift from ambiguity to structure, requiring digital asset issuers to treat token-related disclosures with the same rigour as traditional securities offerings.
  • Smart contract code is no longer just technical infrastructure — when it defines investor rights, it must be filed, explained, and updated as a core legal artefact.
  • Governance is under the spotlight: issuers must disclose who holds control, how changes are made, and whether decentralised claims match reality.
  • For real-world asset tokens, vague language is no longer enough — legal enforceability, custody arrangements, and redemption mechanisms must be clearly documented.

2. INTRODUCTION

On 10 April 2025, the U.S. Securities and Exchange Commission's Division of Corporation Finance (“SEC”) issued a statement outlining its views on the application of federal securities disclosure obligations to digital asset offerings (the “Guidance“).1 While the statement is not legally binding and does not reflect a formal rulemaking by the SEC, it nevertheless represents a significant step in defining how crypto-asset issuers should approach registration and ongoing disclosure under the Securities Act of 1933 and the Securities Exchange Act of 1934.

This Guidance reflects a clear regulatory shift: digital asset projects can no longer rely on regulatory uncertainty to avoid compliance. Where a digital asset constitutes a security, issuers are expected to meet the same material disclosure standards as traditional securities offerings—adapted to the technical and operational characteristics of decentralised systems.

3. A REGULATORY SHIFT TOWARDS STRUCTURED DISCLOSURE

The Guidance signals a shift in how digital asset offerings are expected to comply with federal securities laws. Rather than attempting to categorise every token in the abstract, the focus is now on how a digital asset is structured, marketed, and offered to the public.

This approach does not alter the legal standard, but it reframes how issuers should engage with it. The emphasis is on providing meaningful disclosures about the technology, governance, and economic rights attached to a token—particularly where such rights are encoded in smart contracts or involve investor reliance. By translating long-standing disclosure principles into the context of tokenised ecosystems, the SEC is encouraging greater regulatory clarity without expanding the definition of a security.

4. SMART CONTRACT CODE AS LEGAL DISCLOSURE

The Guidance makes clear that where smart contract code defines token holder rights—such as staking rewards, redemption mechanisms, or governance functions—it must be treated as part of the legal terms of the offering.

Under Regulation S-K,2 such code must now be considered a material exhibit if it forms part of the conditions under which investors acquire, hold, or redeem a digital asset. This reflects the SEC's view that code-based mechanisms are not just a technical detail, but a core part of the legal and economic structure of a token offering..

Issuers are now expected to:

  • Submit relevant portions of smart contract code as exhibits in registration filings;
  • Provide plain-language explanations of what the code does, especially where it impacts economic rights;
  • Disclose audit outcomes, vulnerabilities, and any recent or planned changes to core contract logic;
  • Treat protocol upgrades that affect investor terms as material events requiring updated disclosures.

Practical Impact: This approach imposes new compliance responsibilities across both legal and technical teams. Legal counsel must be equipped to interpret and assess code-driven mechanics, while technical teams must ensure that code updates are properly tracked and disclosed. In effect, the SEC is collapsing the boundary between legal documents and deployed code—requiring the same degree of precision, transparency, and accountability from both.

5. ADMIN KEYS AND GOVERNANCE STRUCTURES: DISCLOSING ACTUAL CONTROL

Building on the emphasis on code-based disclosures, the Guidance also addresses another critical layer of token architecture—control. Specifically, it requires issuers to disclose who has the authority to modify or influence the operation of deployed smart contracts, including the use of administrative keys.

Commercially, in many decentralised finance systems, control is often retained—either explicitly or implicitly—by a small group of developers, foundations, or multisignature wallets. These actors may possess the ability to pause contracts, upgrade logic, mint tokens, or modify governance settings. Despite being marketed as decentralised, such systems can exhibit significant centralised control.

To address this, issuers must provide detailed disclosures regarding:

  • The identity of those holding administrative privileges and the scope of their powers;
  • The mechanisms through which those powers are exercised (e.g., via multisig, decentralised autonomous organisation votes, or automated time-locks);
  • The existence of emergency controls, override rights, or backdoor mechanisms;
  • The governance procedures applicable to protocol changes, including proposal initiation, quorum criteria, voting thresholds, and execution mechanisms.

Practical Impact: This requirement appears to reflect a regulatory intent to move beyond superficial claims of decentralisation by encouraging more transparent disclosure of actual control structures. From an investor protection standpoint, understanding who holds the ability to modify protocol rules—and under what conditions—can be relevant to assessing operational risk, accountability, and the overall governance robustness of a project. For projects and operators, however, these disclosures may raise commercial sensitivities—especially when internal control structures are still evolving or where maintaining strategic flexibility is crucial for protocol development.

6. LEGAL FRAMEWORK FOR RWA TOKENS

Digital assets that claim to represent real-world assets (“RWAs”) such as commodities, real estate, or financial instruments are now subject to heightened disclosure expectations. According to the Guidance, it is not sufficient for issuers to describe a token as “backed by” or “linked to” an underlying asset. Instead, they are expected to outline the legal architecture that substantiates such representations.

  • To address this, issuers must provide detailed disclosures regarding:
  • Who holds or controls the underlying asset and the nature of the legal title or custodial arrangement;
  • How token holders may redeem, access, or enforce rights in relation to the asset;
  • The existence and terms of any custody agreements, insurance coverage, or relevant legal safeguards;
  • Any limitations on redemption, asset freezes, or counterparty risks, including the insolvency of custodians or intermediaries.

Practical Impact: While the SEC's position seeks to ensure alignment between on-chain representations and off-chain legal rights, such requirements may present practical challenges for tokenisation platforms—particularly where cross-border custody, asset segregation, or investor entitlements remain complex or unsettled. For market participants, this may necessitate the use of formal legal wrappers, third-party assurances, or enforceable documentation to support claims around asset backing, particularly when offering products to or within the U.S. market.

7. COMPARATIVE OVERVIEW OF SEC AND VARA DISCLOSURE APPROACHES

While the Guidance represents a notable regulatory milestone in the United States, its implications must be considered in light of how other jurisdictions are approaching digital asset oversight—particularly in the United Arab Emirates.

Dubai's Virtual Assets Regulatory Authority (“VARA“) has adopted a distinct, risk-based licensing model that differs markedly from the United States enforcement-led approach. Rather than retrofitting traditional securities frameworks to cover digital assets, VARA incorporates key oversight elements—such as governance disclosures, code-based risk reviews, and asset linkage assessments—into its pre-authorisation process. These are addressed through technology audits, whitepaper requirements, and activity-specific licensing conditions under its Virtual Asset Regulatory Framework.

1623462a.jpg

8. CONCLUSION

The Guidance is a shift from regulatory silence to structured expectations. It begins to address long-standing disclosure gaps around smart contracts, governance control, and real-world asset tokenisation. But while the direction is constructive, the framework remains constrained—rooted in securities law mechanics that often sit uneasily with decentralised architecture.

In contrast, VARA's licensing-first approach integrates technology, legal enforceability, and operational risk into a cohesive framework from the outset. It does not retrofit old tools to new systems—it builds new rules around how digital assets actually work.

Footnotes

1. ‘SEC.Gov | Offerings and Registrations of Securities in the Crypto Asset Markets' .

2. ‘SEC.Gov | Regulation S-K' .

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Soham Jethani
Soham Jethani
Photo of Pankhuri Malhotra
Pankhuri Malhotra
Person photo placeholder
Harshil Agarwal
Photo of Abhay Raj
Abhay Raj
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More