I have been leading COREDO since 2016 and see every day how quickly the digital assets market is changing. Over the years the COREDO team has carried out dozens of projects for company registration and licensing in the EU, the United Kingdom, Singapore, Cyprus, Estonia, the Czech Republic, Slovakia and Dubai. Clients come with a variety of tasks: from creating an SPV for the tokenization of artworks to building institutional custodial infrastructure for NFTs. In this article I have compiled practical experience and strategic ideas: how to use NFTs as a financial instrument, how to manage risks, comply with MiCA, MiFID II, FATF and GDPR, and how to structure IFRS reporting so that the auditor has no questions left.
When NFTs are in a corporate portfolio
From an investment-logic perspective, NFTs and securities in the EU are different things. Security token vs non-fungible token: this is above all a difference in legal nature: a security token, as a rule, falls under MiFID II and national securities regimes, whereas an NFT is a unique digital token that may be an investment asset depending on its economic function, but does not automatically become a security. Classifying an NFT as an investment asset requires analysis of utility, rights, returns, market-making and liquidity availability.
Brands gain a new channel for audience engagement and licensing economics from NFTs. Our experience at COREDO has shown that strategic use of NFTs for brands pays off when the links between token ownership and utility are formalized in smart contracts, and IP-licensing and exclusivity issues are secured in clear agreements. Then an NFT logically becomes part of the corporate portfolio alongside tokenized lease rights, service vouchers and shares in an SPV.
NFT: a security under MiFID II?
We often use frameworks for assessing the legal nature of a token, where we apply the criteria of an investment contract (Howey test and analogies) specifically as an analytical lens: capital contribution, expectation of profit, efforts of a third party. In the EU this test is not law, but it helps structure arguments for regulators and platform compliance. COREDO’s practice confirms: when an NFT provides passive income or a promise of portfolio management, regulators may qualify such a token as a financial instrument, which brings MiFID II implications for brokers and platforms.
Tokenized securities vs NFTs: the key dividing line. If a token directly embodies a claim against an issuer, an equity share or a debt obligation, it becomes a security token subject to the full body of rules, up to prospectus requirements, provider licensing and reporting. If an NFT records access, a unique digital object or certifies a right of use without an investment component, we remain in a different regulatory zone.
Regulation of NFTs in the EU and secondary markets
Fractionalized NFTs (fractional tokens) and serial issuances with economically interchangeable properties may fall within the scope of MiCA, and in extreme cases: within MiFID II. The solution developed at COREDO: early token qualification and a compliance roadmap before launching smart contracts.
ESMA’s recommendations on digital assets complement MiCA with details on the delineation of services and investor protection. Regulation of NFT secondary markets requires transparency of fees, prevention of manipulation and manageability of listings. Monitoring for manipulation in the NFT market and combating wash trading become part of platforms’ internal controls, especially if they perform the functions of a broker or market operator.
If necessary, we launch the project through regulatory sandboxes for crypto startups in the EU to agree in advance on the approach to token functions and circulation mechanics. Interaction with regulators and supervisory authorities is critical here: it reduces the risk of the instrument being reclassified after launch.
AML/KYC: how to build compliance for NFTs
The COREDO team implemented risk‑scoring of buyers and sellers for marketplaces, sanctions filters and on‑chain analytics to detect links with “tainted” addresses.
Money laundering risks through NFTs are typical: rapid resales with inflated prices, wash trading, transactions through mixers, a high rate of order cancellations.
GDPR when processing NFT clients’ data requires minimization, justified retention periods and transparent information for the data subject.
Cross-border NFT sales and currency regulations add another layer. Our lawyers at COREDO set up cross-border compliance for buyers from Asia and the EU, aligning KYC procedures, withholding taxes and interaction with payment systems and PSPs. Banking oversight is also important: interaction with the banking system and banking supervision requires source of funds policies, invoicing standards and clear contractual documentation between the platform, the issuer and the buyer.
Royalties and licensing
Separation of rights: ownership vs right of use must be explicitly recorded in the terms of sale and/or in an on-chain link to the license. In COREDO projects we arrange IP licensing and NFT exclusivity through separate agreements, taking into account moral rights and assignment in EU jurisdictions.
NFT marketplaces and platform liability require clear rules in offers: transparency of fees, refund conditions, secondary NFT sales and fee regulation — all of this becomes a subject of attention for regulators and antitrust authorities if practices appear to restrict competition.
We insist on two-sided duplication of metadata, versioning and recording of hashes in the smart contract to prevent tampering. When IP is wrapped into an SPV and licensed via an NFT, the contractual framework links the rights holder, the custodian and the token holder.
Tokenization of art and real assets
SPV legal structures for tokenized art are a proven scheme: the assets are held by a rights‑holding company, and NFTs sell access to benefits, viewing rights, priority participation in exhibitions, or fractional rights through fractionalized NFT. Fractional ownership legal structures carry particular risks for investors: when ownership is fractionalized, characteristics of a security can sometimes emerge, which may trigger MiFID II.
SPVs and legal wrappers for art tokens are useful for managing taxes, rights, insurance and custody.
investment funds NFTs in the EU can be structured in the form of AIFs with corresponding regulation of the management company, custodian, valuer and auditor – the COREDO team has structured such funds taking ESMA and local supervision into account.
The distinctions between ICO/STO/ITO and the comparison with NFT issuance are needed to understand regulator expectations: STOs are securities; ICOs/ITOs can fall under MiCA; NFT issuance more often does not require a prospectus, but does require disclosure and compliance if investment characteristics are present. COREDO’s experience confirms that early consultation with the regulator reduces costs and speeds up market entry.
Taxes and accounting for NFTs under IFRS
The tax consequences of NFT sales in Europe depend on what is being sold: digital content, access to a service, or usage rights.
Royalty income may be subject to withholding tax in certain jurisdictions: this is taken into account when structuring SPVs and licensing agreements.
Accounting for NFTs on a company’s balance sheet (IFRS) is closer to accounting for crypto assets: they are more often intangible assets under IAS 38, except when held for trading as inventories under IAS 2.
Reporting and disclosure about NFT assets include accounting policies, valuation methodologies, liquidity and concentration risks.
Valuing NFTs for investors is built on three pillars.
The COREDO team sometimes supplements the valuation with option models for rare cases involving buyback rights.
Smart contracts: standards and insurance
Smart contracts (ERC-721, ERC-1155) and security are a central part of legal protection: bugs in code can wipe out rights, reduce royalties to zero, or open the door to an exploit.
Smart contract audits for legal protection should combine static analysis, formal verification, and testing of business scenarios: edge cases for listing, token burns, upgrades, royalties, and pauses. Blockchain code audits and formal verification reduce the risk of smart contract vulnerabilities and exploits, while digital asset insurance and loss coverage close out tail risks. Within companies we insist on corporate access control for wallets, role separation, and multi-factor policies.
Institutional custodial infrastructure for NFTs requires custodian solutions for institutional NFTs, SLAs, key recovery procedures, and controls over corporate transactions. Custody APIs and interaction standards enable integrating NFTs with ERP and accounting systems, automating transfers and tags for accounting. The COREDO team helped clients build cold‑hot‑warm storage architectures and asset movement policies aligned with auditors.
Markets and liquidity: risk control
NFT liquidity risk and exit strategies: this is the main area for the CFO. Exit strategies: listings on exchanges, OTC processes with KYC, buyback agreements and NFT options, as well as framework agreements with marketplaces for prioritized listing. Stress-testing the liquidity of an NFT portfolio models a drop in floor price, widening spreads, departure of market‑makers and regulatory shocks.
counterparty assessment and marketplaces by reputation reduces the risk of failures in settlements and delistings. The commercial model: fees, royalties, listing fees must be transparent and compatible with antitrust and competition-related risks of marketplaces — especially regarding exclusivity and restrictions on parallel sales.
Institutional players look at blockchain resilience: PoS vs PoW and energy consumption. Carbon footprint and offsetting NFT emissions are becoming part of ESG policy: we build in compensation mechanisms or choose energy-efficient networks. For collateralized deals, using NFTs as collateral (collateral) requires independent valuation, agreements with custodians and tripartite agreements with lenders.
COREDO: case studies and launch roadmap
- Legal qualification: framework ‘security token vs non-fungible token’, MiCA/MiFID II/ESMA assessment, ICO/STO/ITO comparison.
- corporate structure: SPV, IP agreements, licenses, royalty agreements, option and buyback.
- Technical architecture: ERC-721/1155 standard, IPFS/Arweave, URI strategy, on-chain provenance.
- Compliance: AML/KYC, SoF, travel rule, sanctions and export controls, GDPR, cross-border compliance.
- Infrastructure: custody, insurance, corporate access control to wallets, custody APIs.
- Taxes and accounting: VAT, transactional taxes, IFRS (IAS 38/IAS 2), disclosures and valuation models.
- Market and liquidity: listing rules, fees and royalties, OTC processes, stress testing and exit.
- Interaction with regulators: sandbox, notifications, responses to inquiries, internal reporting and best practices for internal control and reporting on NFTs.
Legal risks in EU practice
Legal disputes and case law on NFTs in the EU are still taking shape, but precedents are already setting the direction. Court precedents regarding the sale of NFTs (European cases) emphasize the importance of clear license terms, fair commercial practice and truthful marketing. Legal enforcement mechanisms in NFT fraud include asset freezes, platform notifications, interaction with custodians and cooperation with law enforcement.
Regulation of secondary NFT markets and marketplace liability require attention to the impact of MiFID II on brokers and platforms, especially when they begin to perform the functions of an organized trading venue.
DAOs as a tool for managing collections and funds have also become relevant in Europe. The role of DAOs in managing collections and funds requires aligning governance tokens and voting rights with off-chain corporate law. We increasingly use a hybrid: DAO voting logic on top of a legal entity (SPV or fund), where mandatory corporate actions are executed by a delegated director.
Payments and banking between on-chain and off-chain
Для корпоративных клиентов COREDO выстраивает мосты: кастоди для хранения, PSP для мерчанта и банковские счета для расчетов, чтобы снимать вопросы у финансового контроля и аудита.
При крупных продажах due diligence чек-лист перед покупкой крупного NFT включает KYC контрагента, проверку provenance, юридический статус IP, анализ маркетплейса, репутационные риски и страхование доставки цифрового актива.
ESG for NFT sustainability and reputation
Clients in the institutional segment increasingly include ESG criteria. Blockchain sustainability: PoS vs PoW and energy consumption affects network choice. Carbon footprint and offsetting of NFT emissions are configured through compensation programs, green certificates, and sustainability reporting. For public companies this becomes part of non-financial disclosure alongside liquidity and compliance risks.
This approach protects the portfolio and accelerates deal approvals at the level of boards of directors and risk committees.
Conclusions
NFTs have moved from an experimental status to a managed asset class where legal qualification, compliance and infrastructure are as important as creativity and community. My position is simple: if NFTs are treated as a financial instrument from the start, a business gains transparent processes, clear economics and access to institutional capital. COREDO’s experience in the EU, the UK, Singapore, Cyprus, Estonia, the Czech Republic, Slovakia and Dubai shows: a well-designed SPV structure, clear IP licenses, proper IFRS accounting and AML/KYC discipline turn NFT initiatives from a risky bet into a sustainable product.
If you plan to launch, start with legal qualification and architecture: choose a standard (ERC-721/1155), describe ownership and usage rights, resolve custody and insurance issues, define the tax model and disclose risks in the white paper. The COREDO team will help build a compliance roadmap, align the approach with regulators, audit smart contracts and integrate accounting. This will preserve your speed and provide the reliability on which long-term value is built.