I have been leading COREDO since 2016 and see every day how quickly the digital assets market is changing. Over the years the COREDO team has carried out dozens of projects for company registration and licensing in the EU, the United Kingdom, Singapore, Cyprus, Estonia, the Czech Republic, Slovakia and Dubai. Clients come with a variety of tasks: from creating an SPV for the tokenization of artworks to building institutional custodial infrastructure for NFTs. In this article I have compiled practical experience and strategic ideas: how to use NFTs as a financial instrument, how to manage risks, comply with MiCA, MiFID II, FATF and GDPR, and how to structure IFRS reporting so that the auditor has no questions left.
When NFTs are in a corporate portfolio
NFTs are no longer just about collectible art. In corporate practice they are an investment asset, an element of brand strategy and a tool for managing intellectual capital. In COREDO projects, NFTs are used for access to closed services, monetization of IP via NFT royalties, issuance of corporate privileges and loyalty programs, and also as collateral in financing deals.
From an investment-logic perspective, NFTs and securities in the EU are different things. Security token vs non-fungible token: this is above all a difference in legal nature: a security token, as a rule, falls under MiFID II and national securities regimes, whereas an NFT is a unique digital token that may be an investment asset depending on its economic function, but does not automatically become a security. Classifying an NFT as an investment asset requires analysis of utility, rights, returns, market-making and liquidity availability.
Brands gain a new channel for audience engagement and licensing economics from NFTs. Our experience at COREDO has shown that strategic use of NFTs for brands pays off when the links between token ownership and utility are formalized in smart contracts, and IP-licensing and exclusivity issues are secured in clear agreements. Then an NFT logically becomes part of the corporate portfolio alongside tokenized lease rights, service vouchers and shares in an SPV.
NFT: a security under MiFID II?
The question «are NFTs securities?» does not have a universal «yes/no». The EU legal framework assesses the economic substance of the instrument. If an NFT grants a right to a share of profits, a stream of royalties,
asset management by a third party or other signs of an investment contract, a dialogue with MiFID II and prospectus requirements (prospectus requirements) begins, including possible exemptions for a limited circle of investors, small issuances or private placements.
We often use frameworks for assessing the legal nature of a token, where we apply the criteria of an investment contract (Howey test and analogies) specifically as an analytical lens: capital contribution, expectation of profit, efforts of a third party. In the EU this test is not law, but it helps structure arguments for regulators and platform compliance. COREDO’s practice confirms: when an NFT provides passive income or a promise of portfolio management, regulators may qualify such a token as a financial instrument, which brings MiFID II implications for brokers and platforms.
Tokenized securities vs NFTs: the key dividing line. If a token directly embodies a claim against an issuer, an equity share or a debt obligation, it becomes a security token subject to the full body of rules, up to prospectus requirements, provider licensing and reporting. If an NFT records access, a unique digital object or certifies a right of use without an investment component, we remain in a different regulatory zone.
Regulation of NFTs in the EU and secondary markets
Regulation of NFTs in the EU (MiCA) is built around crypto-asset issuers and service providers (CASP). The basic logic of MiCA: unique NFTs that do not belong to a large series and are not fractionalized are generally outside the direct scope, but the nuances are important.
Fractionalized NFTs (fractional tokens) and serial issuances with economically interchangeable properties may fall within the scope of MiCA, and in extreme cases: within MiFID II. The solution developed at COREDO: early token qualification and a compliance roadmap before launching smart contracts.
ESMA’s recommendations on digital assets complement MiCA with details on the delineation of services and investor protection. Regulation of NFT secondary markets requires transparency of fees, prevention of manipulation and manageability of listings. Monitoring for manipulation in the NFT market and combating wash trading become part of platforms’ internal controls, especially if they perform the functions of a broker or market operator.
How to issue NFTs in accordance with MiCA? We implement the following blocks: a white paper disclosing risks, a conflicts of interest policy, marketing rules, storage and custody rules, complaint procedures, incident management.
If necessary, we launch the project through regulatory sandboxes for crypto startups in the EU to agree in advance on the approach to token functions and circulation mechanics. Interaction with regulators and supervisory authorities is critical here: it reduces the risk of the instrument being reclassified after launch.
AML/KYC: how to build compliance for NFTs
FATF guidance on virtual assets and service providers sets a risk‑based approach. AML KYC for NFT platforms includes customer identification, a procedure for proof of source of funds (SoF), transaction monitoring and pattern identification, application of the travel rule and data transfer requirements when funds move between providers.
The COREDO team implemented risk‑scoring of buyers and sellers for marketplaces, sanctions filters and on‑chain analytics to detect links with “tainted” addresses.
Money laundering risks through NFTs are typical: rapid resales with inflated prices, wash trading, transactions through mixers, a high rate of order cancellations.
Compliance procedures for NFT projects should include escalation rules, trading blocks on suspicion, SAR/STR reports and documentation of decisions.
GDPR when processing NFT clients’ data requires minimization, justified retention periods and transparent information for the data subject.
Cross-border NFT sales and currency regulations add another layer. Our lawyers at COREDO set up cross-border compliance for buyers from Asia and the EU, aligning KYC procedures, withholding taxes and interaction with payment systems and PSPs. Banking oversight is also important: interaction with the banking system and banking supervision requires source of funds policies, invoicing standards and clear contractual documentation between the platform, the issuer and the buyer.
Royalties and licensing
The legal status of copyrights when selling NFTs is not an automatic transfer of IP. Usually either
Licensing of digital content takes place when selling an NFT, or the transfer of a limited set of usage rights.
Separation of rights: ownership vs right of use must be explicitly recorded in the terms of sale and/or in an on-chain link to the license. In COREDO projects we arrange IP licensing and NFT exclusivity through separate agreements, taking into account moral rights and assignment in EU jurisdictions.
NFT royalties and intellectual property rights — an area where business often loses value due to uncertainty. It is important to determine how royalties on secondary sales are collected and distributed, who administers them, what restrictions are imposed on resale and where the boundaries of content use lie.
NFT marketplaces and platform liability require clear rules in offers: transparency of fees, refund conditions, secondary NFT sales and fee regulation — all of this becomes a subject of attention for regulators and antitrust authorities if practices appear to restrict competition.
How to prove provenance and authenticity of an NFT? Proofs of origin, on-chain provenance, storing NFT metadata on IPFS and Arweave, the resilience of links to digital files and a correct URI — these are the technical foundation of legal protection.
We insist on two-sided duplication of metadata, versioning and recording of hashes in the smart contract to prevent tampering. When IP is wrapped into an SPV and licensed via an NFT, the contractual framework links the rights holder, the custodian and the token holder.
Tokenization of art and real assets
Tokenization of works of art and the tokenization of real property and lease rights require careful legal structuring.
SPV legal structures for tokenized art are a proven scheme: the assets are held by a rights‑holding company, and NFTs sell access to benefits, viewing rights, priority participation in exhibitions, or fractional rights through fractionalized NFT. Fractional ownership legal structures carry particular risks for investors: when ownership is fractionalized, characteristics of a security can sometimes emerge, which may trigger MiFID II.
SPVs and legal wrappers for art tokens are useful for managing taxes, rights, insurance and custody.
Buyback agreements and options on NFTs help regulate investor exit, protect against liquidity shortfalls and address collection buyout scenarios.
investment funds NFTs in the EU can be structured in the form of AIFs with corresponding regulation of the management company, custodian, valuer and auditor – the COREDO team has structured such funds taking ESMA and local supervision into account.
The distinctions between ICO/STO/ITO and the comparison with NFT issuance are needed to understand regulator expectations: STOs are securities; ICOs/ITOs can fall under MiCA; NFT issuance more often does not require a prospectus, but does require disclosure and compliance if investment characteristics are present. COREDO’s experience confirms that early consultation with the regulator reduces costs and speeds up market entry.
Taxes and accounting for NFTs under IFRS
The tax consequences of NFT sales in Europe depend on what is being sold: digital content, access to a service, or usage rights.
Tax accounting: VAT and transactional taxes on NFTs are often treated as the supply of digital services subject to VAT at the place of consumption, and in B2B chains reverse charge mechanisms may apply.
Royalty income may be subject to withholding tax in certain jurisdictions: this is taken into account when structuring SPVs and licensing agreements.
Accounting for NFTs on a company’s balance sheet (IFRS) is closer to accounting for crypto assets: they are more often intangible assets under IAS 38, except when held for trading as inventories under IAS 2.
Accounting entries for acquisition and impairment of NFTs rely on fair value measurement and impairment tests; revaluation is possible when an active market exists, which is uncommon for unique NFTs.
Reporting and disclosure about NFT assets include accounting policies, valuation methodologies, liquidity and concentration risks.
Valuing NFTs for investors is built on three pillars.
First, valuation models: comparable sales (comps) for NFTs from comparable collections. Second, liquidity metrics: floor price, spread, trading volume, and the resilience of demand on the secondary market. Third, a discounted cash flow model for NFT royalty income, if the smart contract and legal agreements ensure a stable stream.
The COREDO team sometimes supplements the valuation with option models for rare cases involving buyback rights.
Smart contracts: standards and insurance
The ERC-721 and ERC-1155 standards and their differences define the ownership and transfer model. ERC‑721: unique “one-to-one” tokens; ERC‑1155: multi-asset model that allows combining unique and semi-fungible tokens.
Smart contracts (ERC-721, ERC-1155) and security are a central part of legal protection: bugs in code can wipe out rights, reduce royalties to zero, or open the door to an exploit.
Smart contract audits for legal protection should combine static analysis, formal verification, and testing of business scenarios: edge cases for listing, token burns, upgrades, royalties, and pauses. Blockchain code audits and formal verification reduce the risk of smart contract vulnerabilities and exploits, while digital asset insurance and loss coverage close out tail risks. Within companies we insist on corporate access control for wallets, role separation, and multi-factor policies.
Institutional custodial infrastructure for NFTs requires custodian solutions for institutional NFTs, SLAs, key recovery procedures, and controls over corporate transactions. Custody APIs and interaction standards enable integrating NFTs with ERP and accounting systems, automating transfers and tags for accounting. The COREDO team helped clients build cold‑hot‑warm storage architectures and asset movement policies aligned with auditors.
Markets and liquidity: risk control
NFT liquidity risk and exit strategies: this is the main area for the CFO. Exit strategies: listings on exchanges, OTC processes with KYC, buyback agreements and NFT options, as well as framework agreements with marketplaces for prioritized listing. Stress-testing the liquidity of an NFT portfolio models a drop in floor price, widening spreads, departure of market‑makers and regulatory shocks.
Controlling manipulation in the NFT market requires on-chain analytics and market activity indicators: monitoring wash trading, address clustering, analysis of holding times, price deviations from the median.
counterparty assessment and marketplaces by reputation reduces the risk of failures in settlements and delistings. The commercial model: fees, royalties, listing fees must be transparent and compatible with antitrust and competition-related risks of marketplaces — especially regarding exclusivity and restrictions on parallel sales.
Institutional players look at blockchain resilience: PoS vs PoW and energy consumption. Carbon footprint and offsetting NFT emissions are becoming part of ESG policy: we build in compensation mechanisms or choose energy-efficient networks. For collateralized deals, using NFTs as collateral (collateral) requires independent valuation, agreements with custodians and tripartite agreements with lenders.
COREDO: case studies and launch roadmap
One example is a European brand that tokenized its photo and video archive. COREDO’s practice confirmed that an SPV in the EU with a licensing model, a white paper and a transparent royalty policy passed an audit without adjustments, and integration of custody APIs with ERP enabled automated accounting under IFRS. The initial risk model included a floor-price stress test and limits on collection concentration.
Another case is a fractionalized NFT platform for rights to lease commercial premises. The COREDO team pre-assessed the MiFID II impact, agreed on prospectus requirements and exemptions, implemented AML/KYC for NFT platforms, the travel rule and SoF, and also deployed
transaction monitoring and wash-trading detection. Smart-contract audits, formal verification and digital-asset insurance mitigated operational risks, and SPVs and legal wrappers for art tokens were adapted for real estate.
Below: a concise compliance roadmap for launching an NFT product that we use in projects:
- Legal qualification: framework ‘security token vs non-fungible token’, MiCA/MiFID II/ESMA assessment, ICO/STO/ITO comparison.
- corporate structure: SPV, IP agreements, licenses, royalty agreements, option and buyback.
- Technical architecture: ERC-721/1155 standard, IPFS/Arweave, URI strategy, on-chain provenance.
- Compliance: AML/KYC, SoF, travel rule, sanctions and export controls, GDPR, cross-border compliance.
- Infrastructure: custody, insurance, corporate access control to wallets, custody APIs.
- Taxes and accounting: VAT, transactional taxes, IFRS (IAS 38/IAS 2), disclosures and valuation models.
- Market and liquidity: listing rules, fees and royalties, OTC processes, stress testing and exit.
- Interaction with regulators: sandbox, notifications, responses to inquiries, internal reporting and best practices for internal control and reporting on NFTs.
Legal risks in EU practice
Legal disputes and case law on NFTs in the EU are still taking shape, but precedents are already setting the direction. Court precedents regarding the sale of NFTs (European cases) emphasize the importance of clear license terms, fair commercial practice and truthful marketing. Legal enforcement mechanisms in NFT fraud include asset freezes, platform notifications, interaction with custodians and cooperation with law enforcement.
Regulation of secondary NFT markets and marketplace liability require attention to the impact of MiFID II on brokers and platforms, especially when they begin to perform the functions of an organized trading venue.
Export control and sanctions risks of transactions: another reality: when working with clients from different regions, the COREDO team builds filters and blocking processes so that transactions do not violate EU regimes and those of partner jurisdictions.
DAOs as a tool for managing collections and funds have also become relevant in Europe. The role of DAOs in managing collections and funds requires aligning governance tokens and voting rights with off-chain corporate law. We increasingly use a hybrid: DAO voting logic on top of a legal entity (SPV or fund), where mandatory corporate actions are executed by a delegated director.
Payments and banking between on-chain and off-chain
We organize interactions with payment systems and PSPs through acquiring agreements, anti-fraud rules and transparent refund mechanics. Banks expect clear KYC/KYB, SoF logic and a predictable cash flow model.
Для корпоративных клиентов COREDO выстраивает мосты: кастоди для хранения, PSP для мерчанта и банковские счета для расчетов, чтобы снимать вопросы у финансового контроля и аудита.
Cross-border flows require consideration of currency and tax rules. Cross-border compliance for buyers from Asia and the EU includes separation of places of supply for VAT, economic substance tests and agreements with local payment processors.
При крупных продажах due diligence чек-лист перед покупкой крупного NFT включает KYC контрагента, проверку provenance, юридический статус IP, анализ маркетплейса, репутационные риски и страхование доставки цифрового актива.
ESG for NFT sustainability and reputation
Clients in the institutional segment increasingly include ESG criteria. Blockchain sustainability: PoS vs PoW and energy consumption affects network choice. Carbon footprint and offsetting of NFT emissions are configured through compensation programs, green certificates, and sustainability reporting. For public companies this becomes part of non-financial disclosure alongside liquidity and compliance risks.
Assessing counterparties and marketplaces by reputation reduces legal and market risks. We use a combined model: on-chain analytics to detect anomalies and off-chain checks: licenses, beneficiaries, litigation, sanction lists.
This approach protects the portfolio and accelerates deal approvals at the level of boards of directors and risk committees.
Conclusions
NFTs have moved from an experimental status to a managed asset class where legal qualification, compliance and infrastructure are as important as creativity and community. My position is simple: if NFTs are treated as a financial instrument from the start, a business gains transparent processes, clear economics and access to institutional capital. COREDO’s experience in the EU, the UK, Singapore, Cyprus, Estonia, the Czech Republic, Slovakia and Dubai shows: a well-designed SPV structure, clear IP licenses, proper IFRS accounting and AML/KYC discipline turn NFT initiatives from a risky bet into a sustainable product.
If you plan to launch, start with legal qualification and architecture: choose a standard (ERC-721/1155), describe ownership and usage rights, resolve custody and insurance issues, define the tax model and disclose risks in the white paper. The COREDO team will help build a compliance roadmap, align the approach with regulators, audit smart contracts and integrate accounting. This will preserve your speed and provide the reliability on which long-term value is built.
