On the future of securities settlement

BIS Quarterly Review  |  March 2020  | 
01 March 2020
PDF version
(225kb)
 |  17 pages
Jenny Hancock and Amber Wadsworth explain how converting financial assets into digital tokens could transform the clearing and settlement of securities trades.

Innovative technologies, such as distributed ledgers, allow securities to be issued or represented in a new form known as digital tokens. Such "tokenisation" of securities will alter post-trade clearing and settlement, and could improve efficiency in some dimensions. But the fundamental trade-offs involving credit risk and liquidity remain in a tokenised world. To succeed, tokens will need to interoperate with account-based systems, at least in the interim.1

JEL classification: G1, G15, G23.

"Tokenisation" is a new buzz word in finance. Incumbent financial institutions as well as new entrants are investing heavily in projects seeking to transform securities into digital tokens - digital representations of value that are not recorded in accounts. A key motivation is to lower the estimated USD 17-24 billion spent annually on trade processing (Broadridge (2015)). Tokenisation could also transform how the underlying risks are managed.

The clearing and settlement landscape could change rapidly in response to tokenisation. Today, securities such as equities and bonds are maintained in electronic book-entry accounts at centralised securities depositories. In the future, they could "live" on distributed ledgers held across a network of traders where each has a synchronised copy.

This article describes the extent to which tokens and distributed ledgers might alter clearing and settlement processes. It first reviews the main features of traditional account-based clearing and settlement arrangements. It then introduces the concept of tokenised securities and explains the potential implications. Finally, it introduces a taxonomy to illustrate how securities settlement might change with tokenisation.

Securities settlement

Securities are tradable financial assets issued to raise funds from investors. Historically, securities were issued as paper certificates and the bearer was presumed to be the owner (bearer securities). However, moving paper certificates around is costly and risky. Therefore, central securities depositories (CSDs) were set up to immobilise paper certificates and eliminate the need to settle trades by physical transfers. Later, technological advancements enabled securities to be dematerialised - that is, to exist only in electronic book-entry form in an account at the CSD (Box A).

Key takeaways

  • Tokenisation of securities - the conversion of financial assets into digital tokens - could transform the clearing and settlement of securities trades.
  • Tokenisation might reduce costs and complexity, but does not eliminate risks associated with one party failing to settle transactions.
  • The success of token-based systems will depend on how well they interact with traditional account-based systems.

Statistical data: data behind all graphs

Today, most securities are book entries, with the details of who owns them typically maintained, at least in part, at a CSD. Some countries have a direct holding system, which means that each beneficial owner has an individual account with the CSD. More common, however, is an indirect holding system, where intermediaries (eg custodians, brokers) hold securities on behalf of their clients with the CSDs (Benos et al (2019)). The latter setup minimises the amount of information the CSD has to manage and update but makes ownership of information more fragmented and difficult to reconcile. In both setups, securities change hands via "book entry" across accounts of either a CSD or an intermediary.

Settlement cycle

In financial markets, trading - the buying and selling of financial assets - takes place either on centralised exchanges or in decentralised over-the-counter (OTC) markets. For exchange-traded markets, transactions are routed via a central intermediary that is responsible for matching buyers and sellers. In contrast, OTC markets have multiple intermediaries (eg dealers) that compete to match buyers and sellers.

The settlement cycle is the period between execution of a trade and final settlement. Currently, most securities are settled under a rolling cycle where trades are executed on day T and settled at a later date (typically one to three days later). There are two processes that occur during this cycle: clearing and settlement. Each of these is explained below.

Once a trade has been executed, the details are transmitted to relevant third parties to reconcile and confirm what is to be settled. Moreover, trade obligations may also be offset or netted. This process is known as clearing. Depending on the market structure, clearing can involve a central counterparty (CCP) to protect counterparties from replacement cost risk (ie the risk of a trade failing to settle and having to be replaced at an unfavourable price).2

Box A

Central securities depositories and securities settlement systems

Morten Bech, Jenny Hancock and Amber Wadsworthicon

A central securities depository (CSD) and a securities settlement system (SSS) are two types of financial market infrastructure that are critical to the settlement of securities. A CSD provides securities accounts, central safekeeping services and asset services, which may include the administration of corporate actions and redemptions, and plays an important role in helping to ensure the integrity of securities issues (that is, to ensure that securities are not accidentally or fraudulently created or destroyed or their details changed). An SSS is an entity that enables ownership of securities to be transferred and settled by book entry according to a set of predetermined multilateral rules. In many instances, a CSD also serves as an SSS.icon

The BIS's Red Book statistics provide annual data on CSDs and SSSs in jurisdictions that are members of the Committee on Payments and Market Infrastructures. By value of securities held, the largest CSD/SSS is the Fedwire Securities Service for US government and agency securities (Graph A1, left-hand panel). By value of deliveries, the most active CSD/SSS is Euroclear Bank, based in Belgium (centre panel). Euroclear Bank is an international CSD that facilitates the holding of securities across borders. In terms of deliveries relative to securities held, turnover is highest at Euroclear UK & Ireland, which mainly provides services for equities and debt securities issued in the United Kingdom and Ireland (right-hand panel). The differences in value of securities held and delivery instruction are due to the fact that different CSD/SSSs settle different types of securities (ie equities or debt securities) that are used for different purposes (eg for trading or as buy and hold investments).

Securities held and delivered by selected CSDs/SSSs
Settlement in Japan

Japan is an example of how account-based settlement works. Japan has two CSDs, which also serve as SSSs. The Bank of Japan Financial Network System (BOJ-NET) settles trades in Japanese government bonds (JGBs) held in its book-entry system. BOJ-NET is also the real-time gross settlement system for Japanese yen. The second CSD/SSS is Japan Securities Depository Center (JASDEC). It is a CSD for debt and equity securities issued by the private sector. Whereas BOJ-NET transfers JGBs and cash within a single platform, settlement of securities held at JASDEC requires coordination with BOJ-NET for the transfer of cash (Graph A2). This coordination is automated by locking securities to be delivered in accounts at JASDEC until final settlement of cash has occurred at BOJ-NET, after which the deliveries are completed. If the cash transfer fails to settle by a specified time, then the lock on the securities is removed so that the seller regains control of those securities. This ensures that securities delivery occurs if and only if the corresponding cash transfer occurs.

Central securities depositories in Japan

In 2018, BOJ-NET handled about 17 million transfers, with over 4 million being related to transfers of securities. In total, the transfers were worth some JPY 55,000 trillion (Graph A3). In comparison, JASDEC processed over 120 million transfers in 2018, worth JPY 5,500 trillion. In JASDEC, about half of both the volume and value related to transactions involving the delivery of securities in return for payment.

Settlement transfers in Japan

icon The views expressed are those of the authors and do not necessarily reflect those of the Bank for International Settlements. icon For details, see CPMI and IOSCO, Principles for financial market infrastructures, April 2012.

Securities settlement is the transfer of ownership in accordance with the terms of an underlying agreement. Typically, the agreement is either to sell securities, to use securities as collateral for other obligations or to lend securities.3 The sale of securities involves two transfers (legs). One leg transfers ownership of the securities from the seller to the buyer - this is commonly known as the delivery leg. The other leg transfers the corresponding cash from the buyer to the seller - this is known as the payment leg. Depending on the legal arrangements, the use of securities as collateral can require ownership to be transferred.4 If so, there is a delivery leg, but not a corresponding payment leg. Such deliveries are commonly known as free-of-payment (FoP) transfers. Securities loans are often settled FoP, with collateral taken separately, sometimes through another system and even in another country or time zone.

When settling securities trades, principal risk is a key concern. This is the risk that one counterparty will lose the full value of a transaction - for example, the risk that a seller of securities will irrevocably deliver them, but not receive payment. One way to mitigate principal risk is to link the delivery and the payment legs so that the securities move if and only if the corresponding cash transfer occurs - this is known as delivery versus payment (DvP).

CPSS (1992) sets out three models for linking the delivery and payment legs. In DvP model 1, trades are settled individually on a gross basis. In DvP model 2, the delivery legs are settled individually on a gross basis throughout the processing cycle (typically a business day), with the net payment obligation settled at the end of the cycle. While delivery is final prior to payment, the link is achieved through the operator guaranteeing payment.5 In the third model (DvP model 3), both legs are settled on a net basis.6 In terms of where the delivery and the payment occur, both can take place on the same technical platform, or DvP can be achieved by coordinating across platforms. This is illustrated in Box A with reference to examples of account-to-account settlement in Japan.

Tokenising securities

Tokenising securities is the process of issuing new securities or representing existing securities as digital tokens.7 Both book-entry and tokenised securities are digital representations of value (such as a claim on an issuer or a specific asset). However, there are a number of distinctions, in particular regarding the verification process and degree of centralisation.

The properties of a digital token depend in part on design choices and features of the underlying technology. Current payment- or securities-token projects commonly use distributed ledger technology (DLT). A distributed ledger (DL) is a record of transactions held across a network of computers (nodes) where each node has a synchronised copy. A DL usually relies on cryptography to allow nodes to securely propose, validate and record state changes (or updates) to the synchronised ledger without necessarily the need for a central authority (CPMI (2017)). Possible updates include adjustments in the "token" holdings associated with a particular cryptographic key.

Verification process

The first distinction between book-entry and tokenised securities is how transfers are authorised. For book-entry securities, transfer authorisation ultimately depends on the CSD verifying the identity of the account holder. In contrast, for digital tokens authorisation depends on "validation" of the token. The analogy with bearer securities is instructive. For physical securities, holding a valid paper certificate bestowed certain rights. Bearer bonds had coupons attached that were submitted for interest payments, and the bond certificate itself was handed in at maturity for the principal amount. In a digital world, the holder has private knowledge in the form of a cryptographic key rather than a paper certificate. The private key permits the holder to "unlock" certain rights vis-à-vis the token (Box B).

Degree of centralisation

The second key distinction is the degree of centralisation. It manifests itself primarily in terms of who can update records, initiate transactions and see transaction histories; it is not a matter of the number of copies of the data that exist. A CSD is highly centralised. There can be only one entity that updates the central ledger and sees all transaction histories. In contrast, DLT platforms for tokenised securities exhibit different degrees of decentralisation (Table 1).

Almost all examples of tokenised securities have used permissioned, private and hierarchical DLs. While such systems are not completely open, they can be less centralised than CSDs. The restrictions on who can do what mean that there are identified parties that can be held accountable for compliance with regulatory requirements relating to know-your-customer, anti-money laundering and combating the financing of terrorism, and consumer protection.

Elements of a distributed ledger

Box B

An introduction to public-private key cryptography in digital tokens

Raphael Auer, Rainer Böhme, and Amber Wadsworth

Public-private key cryptography is a mathematical method for encrypting and decrypting instructions. It uses a widely broadcasted public key as an identifier (akin to a bank account number) and a secretly held private key. Both keys are a string of numbers that are mathematically related to each other via "one-way" mathematical functions. The latter are harder to reverse than to compute, much like it is more difficult to factorise 221 than multiply 17 and 13.

The properties of this one-way function mean that the private key can be used to digitally sign an instruction without being revealed. The private key, the one-way function and the instruction are used to produce a string of output, which acts as a digital signature. Just like a handwritten signature, digital signatures are attached to an instruction and prove that the specific instruction came from a particular sender. Anyone can use the corresponding public key and the instruction to verify the digital signature.

Using public and private keys to transfer tokens: an example

Transfers of digital tokens in distributed ledgers are often authorised using such digital signatures. Consider an example where sender A would like to pay one token to receiver B. The transfer takes place in three steps.

  1. Signed instruction: Sender A uses her private key and the related one-way function to digitally sign an instruction to pay one token to B.
  2. Verification: Receiver B - or any other third party - verifies the signed instruction by pairing sender A's public key with the signature attached to the instruction.
  3. Updating the ledger: If the signed instruction is verified, the payment instruction can be added to the ledger and the digital token would then be connected to receiver B's public-private keys instead of sender A's keys. This completes the transfer, and only B can initiate the next transfer of that token. If the digital signature cannot be verified, then the instruction is not added to the ledger and the token is not transferred to receiver B. Such a situation can occur if sender A's private key did not create the initial signature or if the instruction was tampered with.

A digital signature thus enables transfers of digital tokens based on knowledge of the corresponding private key alone and without requiring personal identification. A person can have more than one private key, and public and private key pairs are not necessarily linked to natural persons. However, the ledger can record the history of public keys that have held each token.

Permissioned DLs allow only trusted third parties to be involved in the updating process. Because validators are trusted, it is possible to use less computationally intensive mechanisms to validate transactions (Pisa and Juden (2017)). In some permissioned DLs, only one entity can update the ledger; this replicates the role of the CSD.

Private DLs restrict who can initiate transactions. This is similar to an account-based system where users must apply to open an account before they can use the system (or at least open an account at an intermediary that has access). Consequently, private DLs can replicate the restrictions in current account-based systems. However, they can also be designed to open up access.

Access to view a DL can be restricted through so-called hierarchies. The current account-based CSDs restrict access, so each entity can view only transactions across its own accounts. This may be necessary in order to comply with privacy8 and bank secrecy laws, and it prevents others from trading on information about others' trading strategies. These kinds of restrictions can be replicated by making the DL hierarchical,9 so that only one more or trusted third parties have a full view of information on the ledger (Wadsworth (2018)). Nevertheless, hierarchical DLs can be used to improve transparency where it is consistent with legal obligations. For example, they could be designed to allow issuers to see through intermediaries to identify the beneficial owners of their securities.

Potential implications of tokenisation

Tokenising securities on a DLT has the potential to reduce some of the costs and complexities in clearing and settlement, but it is not without risks. Tokenisation does not change the underlying risks in the settlement cycle, but it may transform some of them and change how they are managed. It may also have implications for the role of intermediaries in securities clearing and settlement.

Reduced costs and complexity

DLT supports the wider distribution of ownership records and transaction histories. In principle, having a single ledger that is held by all parties reduces the need for reconciliation and confirmation of trade details between back offices post-trade.

Like a direct holding system, a synchronised DL minimises the need to reconcile the records held by the CSD and the various intermediaries. This could involve a combination of more direct access to initiate transactions and/or greater transparency of records. A single source of truth as to who owns what is also useful for streamlining compliance,10 shareholder voting, distributions and other corporate actions. This could lead to a reduction in the number of intermediaries and overhead costs in clearing and settlement. However, it is not desirable to do away with intermediaries. They play many important roles to smooth the flow of trades (eg by providing liquidity), in particular at times of stress (OECD (2020)).

DLT permits the automation of many actions via so-called smart contracts, ie protocols or code that self-execute when certain conditions are met. For example, recent tokenisation projects have automated the payment of interest or dividends to the holders of tokens. While automation also occurs today, what is different with DLT is the ability for individuals to write smart contracts.11 This puts control of the decision to automate in the hands of users. The use of smart contracts on a DL could also reduce the ability to strategically renege on contractual obligations such as settlement fails (Benos et al (2019)).12 However, self-executing contracts could trigger contagion and adverse feedback loops if they react automatically to an event (CPMI (2017)).

Risks

Risks rarely disappear, but new technologies may transform them and the way they are managed. In a tokenised world, post-trade processes still need to manage credit risk and liquidity. There are two types of credit risk that arise in the clearing and settlement of securities: replacement cost risk (from the point at which a trade is executed until it settles); and principal risk, during the settlement process itself.

Tokenisation could enable shorter settlement cycles that mitigate replacement cost risk. The length of the settlement cycle today reflects back office processes, legal arrangements and liquidity management rather than technology limitations (Benos et al (2019)). Nonetheless, DLs may shorten settlement cycles by streamlining reconciliation processes and reducing the number of intermediaries. A shorter cycle lowers the exposure to replacement cost risk without the need for a CCP.13 That said, market participants might not want to move to shorter settlement cycles, as this could increase liquidity requirements and give market-makers less time to source the cash or securities needed for settlement.

Tokenisation is likely to result in more trades settling via DvP model 1, as netting is in general more complex in a decentralised environment (Chapman et al (2017)). Settling trades individually generally requires more liquidity. Moreover, if each tokenised securities ledger had its own cash token, then the need to hold cash tokens on several ledgers could increase aggregate liquidity requirements. There are also questions as to whether DvP can be achieved between two tokenised systems in all circumstances (Box C).

Tokenisation could, in addition, increase legal and operational risks, at least in the short term. Currently, these risks are mitigated in well established account-based settlement systems, but could be reintroduced in the transition to tokenised assets and with the introduction of new platforms and processes. The legal basis of security tokens and settlement finality is likely to be uncertain in the short term. This may be an issue for cross-border transactions in particular, as tokens and settlement finality might be treated differently in the relevant jurisdictions.

The net effect of tokenisation on operational risk is uncertain. One of the key drivers of DLT implementation has been its potential to strengthen resilience and reliability (CPMI (2017)). This is due to the distributed nature of its design, as the ledger is held at multiple nodes. However, private, permissioned and hierarchical DLs still have some degree of centralisation, which could result in a single point of failure. The capacity and resiliency of applying DLT and smart contracts to clearing and settlement is also yet to be proven. In addition, there will be operational risks associated with the transition.

Box C

Putting the "vs" in token versus token

Atomic settlement and hash timelock contracts

Token-versus-token transfers can take place on one ledger or across two ledgers. The method to achieve DvP will differ.

If security tokens and the cash tokens exist on the same ledger, then an atomic settlement smart contract can be used to coordinate clearing and settlement. There are different methods of atomic settlement, but the outcome is an instant and simultaneous transfer of two tokens. In short, atomic settlement could achieve DvP as follows:

  1. The seller of the security tokens and the buyer each submit their tokens (using digital signatures) as inputs to a single smart contract along with the transaction instructions.
  2. The smart contract is submitted for validation on the distributed ledger:

2 (a) The transaction is validated. The cash and security tokens are instantly and simultaneously delivered to their respective recipients and DvP is achieved. In certain smart contracts, this involves invalidating the old tokens (inputs) and generating new tokens (outputs) which are delivered to their new owners.

2 (b) The transaction is not validated and the tokens remain with their original owners.

If the security tokens and the cash token exist on separate ledgers, then either a centralised party could be introduced to coordinate the transfer or a hash timelock contract (HTLC) could be used. An HTLC combines a "hashlock" function and a "timelock" function to facilitate transfers across unconnected ledgers. In short, an HTLC could achieve DvP as follows:

  1. The seller generates a secret (X) and its corresponding hash (Y = f(X)). The seller uses this hash to lock the security tokens on its ledger with a specified time limit (eg four hours). The seller creates an instruction to either send the securities to the buyer using the hash (Y) or, if the time limit expires, return them to the seller.
  2. The buyer locks the cash token on its ledger with a shorter time limit (eg two hours). The buyer creates a conditional instruction to either send the cash token to the seller using the hash (Y) or return it to the buyer after two hours.
  3. The seller reveals the secret (X) to unlock and retrieve the cash token.
  4. The buyer can then use the secret (X) to unlock and retrieve the security tokens.

The timelocks ensure that if the assets are not unlocked by a certain time, they will both be returned to their owners, giving both parties certainty over the timing of settlement or its failure. The shorter time limit for the buyer prevents the seller from waiting for time to expire to retrieve the security tokens and then using the secret to also receive the cash token. Furthermore, the timelock enables traders to choose how long after the trade the settlement should occur. Current industry norms are between one and three days.

Settlement could fail at several points in an HTLC transaction. Notably, if the buyer waits too long to collect the securities after the cash has been collected by the seller, then the securities timelock could expire and leave the buyer exposed to principal risk. In this case, the seller could end up with both the securities and the cash tokens. This would be a consideration for trades that occur across different time zones where there are different hours of operation.

Sources: ECB and Bank of Japan (2018); Deloitte et al (2018).

Securities settlement with tokens

Settlement can be "tokenised" for the delivery leg, the payment leg or both. Table 2 presents a framework for thinking about the impact of securities and cash tokens on settlement. The top left-hand quadrant represents existing account-based arrangements for payments, FoP transfers and DvP transfers. Payments and FoP transfers are single-leg transactions, involving only the transfer of cash and securities, respectively. Consequently, these will occur on a single platform, which may be account- or token-based. Account-to-account (AvA) transfers can occur on a single platform or cross-platform. A single platform can also support multiple types of transfer. For example, BOJ-NET processes account-based payments, both legs of AvA transfers of JGBs, and the payment leg of trades in securities held at JASDEC (Box A).

Introducing tokens results in three new arrangements for DvP, two of which would require the linking of deliveries and payments across different types of platform. The Annex describes selected projects or proofs of concept and where they fit within this taxonomy.

Linking tokens and accounts

Securities could be settled by transferring account-based securities in exchange for cash tokens (AvT transfer) or transferring security tokens in exchange for cash in accounts (TvA transfer). Such arrangements would require coordination, including addressing technical and legal compatibility, across token- and account-based systems.

The following examples show that such AvT and TvA interoperability can already be used to settle securities.

Taxonomy of settlement arrangements
  • The World Bank and the Commonwealth Bank of Australia have issued security tokens called Bond-i. These security tokens are issued and maintained using DLT, but paid for using cash in accounts.
  • The Bank of England intends to support TvA arrangements by ensuring that the new real-time gross settlement system it is implementing can interoperate with token-based systems.
  • ID2S is a DLT-based CSD for European commercial paper that interoperates with TARGET2-Securities14 for settlement of the payment leg achieving TvA arrangements.
  • Fnality envisions that its cash token (USC) could be used to settle trades of securities that are held in CSD accounts, supporting AvT arrangements.

Tokenising both legs

Tokenising both the delivery and the payment leg represents an entirely new arrangement for achieving DvP. Such TvT arrangements can be executed within a single ledger or across two ledgers, depending on where the cash and security tokens reside.

If both the securities and the cash reside on one ledger, then a single-ledger transfer can take place. DvP across a single ledger is achieved through a process called "atomic settlement" (Box C). Project Jasper III by the Bank of Canada (BoC) and Project Stella by the ECB and the Bank of Japan have tested TvT transfers on a single ledger.15 In the case of Project Jasper III, the security and cash tokens were issued by Canada's Securities Depository and the BoC, respectively, and transferred over a ledger. The project concludes that TvT did achieve DvP on a gross basis (DvP model 1) as well as technical efficiencies relative to current systems.

Other projects have tested whether TvT can be practically carried out if the security tokens and the cash tokens exist on two separate ledgers using hash timelock contracts (Box C). For example, Project Stella and Project Ubin III by the Monetary Authority of Singapore have tested TvT across two ledgers. In both projects, the two tokens were locked on their respective ledgers and sequentially released to their new owners (on the same ledger) using smart contracts. Project Stella concludes that cross-ledger arrangements may reintroduce principal risk.

Future market structure

Tokenisation could result in a proliferation of securities settlement systems (SSSs) - at least in the short term. Currently, securities settlement tends to be monopolistic in each jurisdiction, with little or no competition among providers (Benos et al (2019)). This is because CSDs/SSSs benefit from economies of scale, but potential conflicts of law encourage separate CSD/SSS in each jurisdiction.16 As Table 2 shows, tokenisation opens up new possibilities. Even if the industry eventually converges on one type of arrangement, there will most probably be a reduction in the network benefits during the transition as new arrangements are introduced but existing ones are maintained.

Interoperability between account- and token-based systems will be necessary for any transition from account-based to token-based systems. Tokenisation of different assets is likely to occur at varying times due to the independent management of each system, and each system will reach the end of its technology life cycle at differing times. Even within a given system, all assets may not be tokenised at the same time. Moreover, interoperability is likely to remain important in the long run, to the extent that some systems remain account-based.

Conclusion

Tokens may be the future of securities settlement, but they will not change the fundamental nature of securities transactions. In particular, there will continue to be trades where the delivery of the securities and the payment need to be linked to eliminate principal risk. While this is possible using tokens, in certain arrangements there is some risk of reintroducing principal risk. Tokenisation could also change the way that replacement cost risk is managed - for example, shortening settlement cycles as an alternative to central clearing.

Using tokens and the underlying DLT may offer a number of benefits. It could reduce the complexity in securities settlement by facilitating simpler, more direct holding systems. It can also facilitate increased automation through the use of smart contracts.

The ability of tokenised systems to interoperate with account-based systems will be key to their success. Currently, transfers are largely conducted across account-based systems. Tokenisation introduces three new types of arrangement, depending on whether the security or the cash or both are tokenised. As tokenisation is likely to occur at different times for different assets, arrangements that link deliveries and payments across different types of platform will be a necessary part of any transition.

References

Bank of England (2020): RTGS Renewal Programme, January.

Benos, E, R Garratt and P Gurrola-Pérez (2019): "The economics of distributed ledger technology for securities settlement", Ledger, vol 4, November, pp 121-56.

Broadridge (2015): Charting a path to a post-trade utility: how mutualized trade processing can reduce costs and help rebuild global bank ROE.

Chapman, J, R Garratt, S Hendry, A McCormack and W McMaron (2017): "Project Jasper: are distributed wholesale payment systems feasible yet?", Bank of Canada, Financial System Review, June.

Committee on Payment and Settlement Systems (1992): Delivery versus payment in securities settlement systems, September.

Committee on Payments and Market Infrastructures (2017): Distributed ledger technology in payment, clearing and settlement - an analytical framework, February.

--- (2019): Wholesale digital tokens, December.

Deloitte, Monetary Authority of Singapore and Singapore Exchange (2018): Delivery versus payment on distributed ledger technologies: Project Ubin, August.

Deutsche Börse Group (2019): "Commerzbank, Credit Suisse and UBS execute first live transactions on the Deutsche Börse-HQLAx securities lending platform", press release, 3 December.

European Central Bank and Bank of Japan: Securities settlement systems: delivery-versus-payment in a distributed ledger environment, March 2018.

Organisation for Economic Co-operation and Development (2020): "The tokenisation of assets and potential implications for financial markets", OECD Blockchain Policy Series, January.

Pisa, M and M Juden (2017): "Blockchain and economic development: hype vs reality", Center for Global Development Policy Paper, no 107, July.

Wadsworth, A (2018): "Decrypting the role of distributed ledger technology in payments processes", Reserve Bank of New Zealand, Bulletin, vol 81, no 5, May.

Annex

Tokenising settlement: selected examples

Central banks and private institutions are experimenting with tokens to settle payments and DvP transfers. A short description of the projects or proofs of concept (PoCs) proposed is listed below.

Tokenised payments

JPM Coin is a proposal by JPMorgan Chase that aims to enable instantaneous transfer of US dollar payments between institutional clients. As such, JPM Coin is a liability of JPMorgan, and the value of each coin is USD 1. Signet and Wells Fargo Digital Cash are similar proposals by other large commercial banks.

Utility Settlement Coin (USC) is a proposal by Fnality International (a consortium of 15 large financial institutions) that aims to provide digital tokens called USC in local currencies. Fnality intends initially to set up five local USC tokens - one each in Canada, the euro area, Japan, the United Kingdom and the United States - and then has plans to extend to other jurisdictions. Each local USC would represent a par value claim on a pool of reserves held at an account at the central bank in its jurisdiction and be governed and managed by a local Fnality consortium. To make a payment, participants first submit fiat currency to the local Fnality in exchange for USC tokens at par value. Domestic USC payments would be conducted over the local Fnality-operated ledger, and cross-border payments would be conducted between other Fnality jurisdictions using cross-ledger processes.

Projects Ubin and Jasper (phases I and II) are two central bank-led PoCs completed in 2017 by the Monetary Authority of Singapore (MAS) and the Bank of Canada (BoC), respectively. They simulated real-time gross settlement (RTGS) systems on DLT platforms. The PoCs create cash tokens that represent a claim on the central bank and have par value with fiat currency. The central banks conclude that some uncertainties remain regarding whether DLT could improve efficiencies for wholesale payments but efficiencies might be found if multiple assets were settled on the same ledger.

Tokenised DvP

Tokenised DvP is supported by issuing securities and/or cash tokens on a DL (or other platform), and by designing interoperability between account-based and token-based technologies. The following section describes selected examples of central bank PoCs, real world security tokens, and platforms and projects supporting security tokenisation that are currently under way.

Central bank proofs of concept

Project Jasper (phase III) is a collaboration between Payments Canada and the BoC. It successfully tested token-versus-token (TvT) securities settlement transfers where both tokens exist on the same ledger. The equity tokens represented a claim on equity held at Canada's Depository System, and the cash tokens represented a claim on the BoC at par value. A process called atomic settlement (Box B) is used to instantly and simultaneously transfer the tokens to their new owners. This process was found to remove principal risk. Further, once transferred, cash and security tokens were exchanged for their underlying assets. In this sense, the project concludes that it achieved gross DvP settlement with central bank money (DvP1). Given the higher liquidity requirements for DvP1, the PoC also tested whether credit could be extended on the DLT to CDS members. It concludes that the single-ledger approach resulted in greater technical efficiencies than provided by Canada's current securities settlement system.

Project Stella (phase II) is a collaboration between the ECB and the Bank of Japan. The project also tested DvP using security and cash tokens over a single ledger by means of atomic settlement. It then tested DvP settlement when the tokens reside on separate and unconnected ledgers. It focused on identifying scenarios where settlement might fail in each case. It finds that settlement on a single ledger would fail if the trading details were not agreed between parties (clearing failure) or if the transaction failed to be validated on the ledger (operational failure). In each case, the tokens would remain with their owners and not be transferred. In this sense, the traders could be exposed to replacement cost risk but not principal risk. Regarding cross-ledger DvP, the project identified an additional situation where settlement could fail: it found that one leg of the transfer could be delivered but the second leg might not be delivered and participants could also be exposed to principal risk. Therefore, the project concludes that an arbitrator on the ledger would be required to resolve such disputes.

Project Ubin (phase III) is a collaboration between MAS and Singapore Exchange (SGX) and was completed in 2018. It built on the conclusions of Project Stella, and further explored the operational and governance arrangements required to settled securities trades across two interconnected ledgers. The project identified several technological and operational considerations to ensure operational resiliency of TvT transfers and suggests a framework for governing the settlement processes, including arbitration processes if settlement fails.

Real world security tokens

The World Bank and the Commonwealth Bank of Australia have issued a security token called Bond-i. This token is issued and maintained using DLT but paid for using cash in accounts.

Société Générale issued EUR 100 million in covered bonds as security tokens on the Ethereum blockchain (public, permissionless) in 2019, demonstrating that securities could be issued on a blockchain and meet legal and compliance requirements.

Börse-HQLAx is a collaboration between Deutsche Börse Group and HQLAx. It tests DvD settlement using tokenised securities. In 2019, the PoC successfully completed a tokenised securities swap between Commerzbank, Credit Suisse and UBS using a single ledger. The securities or bonds were tokenised using digital collateral records (DCRs) to represent baskets of securities held at a custodial CSD.

Platforms and projects supporting security tokenisation

SIX Digital Exchange (SDX) is a project currently under way that creates cash tokens based on a deposits within SIX's account at the Swiss National Bank and equity tokens based on corresponding underlying equities held at SIX. The project intends to hold and transfer cash and equity tokens on a single ledger.

The Bank of England's RTGS Renewal Programme seeks to replace its ageing RTGS with one that is fit for the future with enhanced resilience and greater capabilities. The renewal consultation has been investigating how the RTGS upgrade can deliver new features and capabilities, eg wider interoperability by synchronising account-based settlement with other assets, including those recorded on external ledgers. In particular, the new RTGS could support DvP settlement with account-based cash and security tokens.

ID2S is a DLT-based CSD owned by Orange and Citi. It was launched in 2019 for European commercial paper and interoperates with TARGET2-Securities for settlement of the payment leg.

Nasdaq Linq is a DLT created by Nasdaq that provides a platform for tokenised equities to be issued and traded. It was launched in 2015 and enables an issuer to digitally represent a record of ownership on the DLT, thus circumventing the need for other intermediaries.

Fnality has also proposed that its cash tokens (USC) could be used for DvP transfers. In particular, the cash tokens could be used to settled securities transactions where the securities are held either as a token or in accounts (facilitating TvA or TvT transfers). Such transfers would require either cross-ledger processes or interoperability between Fnality's ledgers and account-based platforms. USC could also be used for PvP transfers where both legs are cash tokens or where one leg is account-based.

1 We thank Aleksander Berentsen, Claudio Borio, Stijn Claessens, Daniele Fornaro, Henry Holden, Hyun Song Shin, Takeshi Shirakami and Philip Wooldridge for helpful comments and suggestions. We are grateful to Ismail Mustafi and Róbert Szemere for excellent research assistance. The views expressed are those of the authors and do not necessarily reflect those of the Bank for International Settlements.

2 A CCP interposes itself between counterparties to a trade, becoming the buyer to every seller and the seller to every buyer. CCPs are common in exchange-traded markets, where trading is anonymous, which means that participants are unable to assess the risk of a counterparty defaulting prior to the trade being executed.

3 Sometimes securities are only needed temporarily, whether for just one day or for a few weeks. If so, it is often cheaper, quicker and/or less risky to borrow securities than to buy them outright. Securities lending involves the owner of the securities transferring them temporarily to a borrower. In return, the borrower transfers other securities or cash to the lender as collateral and pays a borrowing fee.

4 There are two main arrangements for using securities as collateral: pledge and title transfer. A pledge is an arrangement whereby the securities remain with the collateral provider but the collateral taker has a right to the securities in certain circumstances. A title transfer arrangement involves the collateral provider transferring ownership of the securities to the collateral taker, with an agreement to return them under a given set of circumstances.

5 This guarantee is typically supported by a lien on the securities held by the buyer. For further details, see CPSS (1992).

6 While the payment obligations for trades in different securities can be netted against each other, only transfers of fungible securities can be netted for delivery.

7 The tokenisation of book-entry securities is the inverse of the immobilisation of bearer securities, where the tokens are digital rather than paper certificates. Tokenisation involves immobilising the book-entry securities and trading representations of them (in the form of digital tokens).

8 However, the immutable nature of the DL makes data erasure rights (ie the "right to be forgotten") challenging.

9 Each node still has a full copy of the ledger, but some details are hidden through the use of cryptography.

10 If the public keys can be linked to personal identities, then the complete transaction chains (that might otherwise be used to hide illicit activity) can be traced.

11 However, access to a private DL can be restricted in such a way that only the central authority can initiate smart contracts.

12 Large and protracted settlement fails undermine the liquidity and smooth functioning of securities markets. As a result, market groups and policymakers try to limit them.

13 Settlement could be instantaneous if cash and security tokens are locked pre-trade.

14 TARGET2-Securities is a platform operated by the Eurosystem that facilitates DvP, where the payment leg is settled across accounts at the Eurosystem central banks.

15 The Deutsche Börse Group and HQLAx have also successfully completed a commercial exchange of two security tokens (delivery versus delivery) (Deutsche Börse Group (2019)).

16 There are two international CSDs - Euroclear and Clearstream - whose business model involves operating at the global level.