Two products, two markets, one asset manager
Philip Filhol Senior Business Development Manager at 21X
In my previous piece, “Which Ledger Are You Actually Tokenizing?”, I mapped the four layers of the securities custody stack and argued that each layer produces a structurally different token, serving a different participant set, and requiring different secondary market infrastructure. The conclusion was that tokenization is not one thing: it is four different problems with four different answers, and the infrastructure for each layer is not interchangeable.
This piece goes one level deeper. If an asset manager accepts that argument, that different ledger layers serve different participants, the next question is what to do about it. The answer is that reaching the full spectrum of on-chain investors requires being active on more than one ledger. A single tokenization strategy, however well executed, will by design leave one of those participant segments unreached. This piece explains why, and what the two path approach actually looks like in practice.
Tokenization is no longer a question of whether. The question every serious asset manager is now asking is how, and the answer is not singular. There are two structurally different paths to putting fund exposure on-chain, they solve different problems, they serve different investors, and they require different infrastructure. Choosing between them is the wrong instinct. Understanding why you will eventually need both is the right one.
Path 1: Native tokenization of the fund share
Native tokenization means exactly what it sounds like: the fund share itself becomes a token. The transfer agent’s register, the definitive legal record of who owns what, moves on-chain. The token is not a representation of a fund share or a claim against an SPV. It is the fund share, recorded on a distributed ledger instead of a proprietary database.
The operational case for this is real. Settlement times compress from T+2 or T+3 to near-instantaneous. The register is transparent and auditable in real time. Corporate actions, including distributions, redemptions, and NAV updates, can be automated through smart contract logic rather than manual reconciliation between the fund administrator, TA, and custodian. Fractionalisation becomes trivial. Investor portals can show live positions without waiting for end-of-day reconciliation runs.
The new product process is where this gets harder than the pitch suggests. To natively tokenize a fund share, the fund’s transfer agent must either operate blockchain infrastructure directly, integrate with a specialist tokenization provider or replace their existing recordkeeping system with a DLT-native alternative. For those regulated financial institutions, this is a genuine infrastructure project with multi-year timelines, new vendor relationships, and regulatory clearance requirements in each jurisdiction where the fund is domiciled. The fund’s custodian must also be capable of interacting with the tokenized register, which adds another integration dependency. All of it takes longer and costs more than a slide deck suggests.
The secondary market for natively tokenized fund shares follows logically from the instrument type. These tokens carry KYC and transfer restrictions because they are fund shares, and the regulatory obligations that attach to the underlying instrument attach to the token too. They are not freely transferable to any wallet. They trade on regulated platforms: alternative trading systems in the US, multilateral trading facilities operating under the EU DLT Pilot Regime in Europe, or permissioned secondary markets operated by the tokenization provider. For an institutional investor already operating within the fund’s existing legal framework, this is entirely appropriate. They are not looking for permissionless access. They are looking for better operations, faster settlement, and access to secondary liquidity within a regulated environment.
The limitations of native tokenization
The regulatory obligations that make natively tokenized fund shares suitable for institutional investors are also, structurally, what limits their reach.
A tokenized UCITS fund share is still a UCITS fund share. Distributing it to retail investors across Europe requires the same Key Information Document, the same host country notification process, the same distribution agreements with local intermediaries that distributing a conventional UCITS share does. Tokenization changes the record-keeping; it does not change the regulatory passport. An asset manager who tokenizes their Luxembourg UCITS and imagines that the token can now flow freely to investors in Singapore, Brazil, or the UAE has misunderstood what tokenization does and does not change about cross-border securities distribution.
The DeFi composability problem is more fundamental still, and it is worth understanding precisely rather than dismissing with a phrase.
To understand what is actually being excluded, it helps to be concrete. The permissionless DeFi ecosystem is not a collection of experimental protocols. It is a functioning financial system with hundreds of billions in total value locked and continuous 24/7 operation.
Uniswap processes tens of billions in monthly trading volume through anonymous liquidity pools. Any freely transferable token deposited there gains instant secondary market liquidity without a market maker agreement or venue negotiation. A natively tokenised fund share cannot enter because the pool is an anonymous smart contract with no KYC identity. The transfer restriction fires and the transaction fails.
Aave and Compound allow token holders to post yield-bearing assets as collateral and borrow against them instantly, at any hour, without a credit officer or minimum ticket size. A natively tokenised fund share cannot be deposited because the lending pools are open smart contracts. The deposit call reverts.
Curve Finance hosts the primary liquidity pools for yield-bearing assets. Instruments like USDY and OUSG, issued as freely transferable debt instruments, have built significant secondary liquidity there. A natively tokenised fund share with identical economic exposure cannot participate.
Beyond lending and trading, Pendle Finance allows users to separate the yield component of a token from its principal and trade each independently, a structure that has become particularly relevant for tokenised Treasuries. Yearn and similar yield aggregators compound returns automatically by moving capital between the highest-yielding protocols. None of these solutions can interact with a transfer-restricted token.
The gap between a freely transferable debt instrument and a natively tokenised fund share is not a gap in product quality. It is a gap in what the token is legally permitted to do.
Permissioned DeFi as the solution?
The permissioned DeFi model is the industry’s most serious attempt to combine compliance with DeFi-utility, and it deserves honest assessment rather than dismissal.
A core constraint in DeFi today is that users must transfer assets into smart contract addresses. For transfer-restricted instruments, this breaks down, as transfer agents enforce ownership controls that prevent tokens from moving into unverified or anonymous contracts.
The architectural response is straightforward. If restricted assets cannot enter anonymous liquidity pools, the pool itself must become identity-aware. Securitize has built this architecture in the most complete form currently available, including a developer sandbox launched in April 2026. Instead of a shared contract, each investor operates through a dedicated vault, a smart wallet bound to a verified identity. This vault interacts with DeFi protocols on the investor’s behalf, while preserving a direct, auditable link between wallet address and legal owner.
The constraint shifts to onboarding. Any investor seeking to use a permissioned token in DeFi must first complete KYC with the tokenization provider. This creates hard boundaries: a KYC-verified holder cannot transact with a non-verified participant, and KYC itself is operationally and economically non-trivial. Transfer agents impose heterogeneous onboarding requirements, which means a DeFi protocol aiming to enable its users to become holders of multiple permissioned assets would need bespoke integrations with each TA. The result is fragmentation, duplicated compliance processes, elevated costs, and a degraded user experience.
This also disrupts the existing distribution model. Today, funds scale through intermediaries that aggregate investors, absorb onboarding costs, and maintain the client relationship. The transfer agent typically records the platform or nominee, not the underlying end investor. A direct-to-DeFi model inverts this structure. Each individual investor would need to be onboarded and registered at the transfer agent level to enable interaction via identity-bound vaults. DeFi protocols cannot realistically assume this role without triggering custody and regulatory obligations, leaving tokenization providers and TAs to handle a volume of onboarding they are not designed to support.
In practice the permissioned DeFi perimeter is likely to remain limited to investors who onboard directly with the tokenization platform, complete KYC, and acquired the token on that platform. Only this closed user base will be able interact with the permissioned DeFi protocol.
At the same time, permissionless DeFi continues to iterate rapidly, introducing new protocols, pool architectures, and yield strategies at a constant pace. The cumulative effect is that permissioned DeFi delivers DeFi-like functionality within a perimeter that expands slowly and at significant cost. Permissionless DeFi delivers actual DeFi, continuously, at near-zero marginal cost per new protocol or investor. The gap does not narrow over time. It widens as the permissionless ecosystem accelerates.
Path 2: The debt instrument as digital twin
The digital twin is a different product entirely. Typically, an SPV or securitisation vehicle, often domiciled in jurisdictions such as BVI, Cayman, Guernsey, or Luxembourg, issues a debt instrument that replicates the economic exposure of the underlying fund or equity. The investor does not buy a fund share. They buy a note whose return is contractually tied to the performance of the underlying asset. The fund itself is unchanged. The custody relationship in this model is also structurally different from native fund tokenisation. The SPV holds the underlying assets, fund shares, equities, and Treasuries, through a conventional custodian relationship. The fund’s own custodian and TA are not in the loop at all. From the fund’s perspective, the SPV is simply an investor that has subscribed to the fund in the ordinary way. The tokenisation happens one layer above the fund, at the SPV level, and the fund never needs to know it is happening.
What we now need is a regulatory framework for a DeFi-composable debt instrument.
The legal foundation for this already exists at scale, and it deserves more explanation than it typically receives in market commentary. Switzerland’s DLT Act, which came into force in February 2021, created a specific category of securities called Registerwertrechte, or uncertificated register securities. To understand what this means practically, it helps to understand what it replaces. A traditional security requires either a physical certificate or an entry in a recognised central securities depository. Both require intermediaries. The Registerwertrecht removes that requirement entirely. Under Swiss law, a debt instrument can be issued natively on a distributed ledger, with no paper certificate, no CSD entry, and no traditional registrar. The DLT record is the legal record of title. A transfer of the token on the blockchain is, in Swiss law, a transfer of the security itself. There is no separate off-chain step, no TA instruction, no settlement system to notify. The ledger speaks for itself.
For an asset manager or issuer, what this means is that a debt instrument issued as a Registerwertrecht can be structured with whatever economic and legal terms the issuer chooses to build in. Pure economic exposure, where the token tracks the NAV of the fund and the investor redeems at market value. Exchange rights, where the token carries a legal right to exchange for the underlying instrument, meaning the holder can at any point demand delivery of actual fund shares. Income pass-through, where distributions from the fund flow through to token holders automatically.
It is therefore not surprising that leading RWA issuers such as Ondo Global Markets and xStocks leverage the Swiss DLT Act to structure their tracker certificates.
The custody relationship in this model is also structurally different from native fund tokenisation. The SPV holds the underlying assets, fund shares, equities, and Treasuries, through a conventional custodian relationship. A security agent holds a first-priority security interest in those underlying assets for the benefit of token holders. The fund’s own custodian and TA are not in the loop at all. From the fund’s perspective, the SPV is simply an institutional investor that has subscribed to the fund in the ordinary way. The tokenisation happens one layer above the fund, at the SPV level, and the fund never needs to know it is happening.
Why the digital twin wins at DeFi
The structural reason the debt instrument succeeds where the permissioned fund share cannot is simple: the Registerwertrecht is, in legal and operational terms, a bearer-style instrument. Whoever holds the token holds the security. No KYC database at a transfer agent mediates the transfer. No operator authorisation is required for a protocol to accept the token. No whitelist must be updated before a new integration is possible.
This means the token can be deposited in a Uniswap pool. It can be used as collateral in Aave without any external party authorising the deposit. It can move from an existing token holder’s wallet to any DeFi protocol without counterparties needing a pre-existing relationship with the issuer’s TA. The liquidity is permissionless because the instrument is permissionless.
The secondary market for these instruments follows from their nature. For retail and DeFi-native investors, AMMs are the natural venue, operating 24/7, permissionless, and composable as collateral. For institutional investors who need best execution documentation, KYC-verified counterparties, and regulatory trade reporting, a regulated trading venue is the right infrastructure. 21X operates as exactly this venue under the EU DLT Pilot Regime: a multilateral trading facility capable of admitting tokenised debt instruments to trading, providing price discovery, and connecting institutional participants to liquidity in these instruments with the compliance framework they require. Both venues can exist simultaneously for the same instrument, serving different investor segments with different access requirements.
The closed ecosystem problem: why the wrapper is the logical first step
There is a timing argument for the debt wrapper that is rarely made explicitly but is perhaps the most practically important one for an asset manager deciding where to allocate resources first.
Native tokenisation of a fund share does not only require the fund to change its infrastructure. It requires the entire ecosystem around the fund to change at the same time. Every broker that distributes the fund needs to be capable of holding a tokenised fund share in custody. Every trading venue where the fund’s secondary market operates needs to have integrated DLT settlement. Every counterparty in the fund’s operational flow, including the TA, the fund administrator, the custodian, and the prime broker, needs to be ready simultaneously. The value of a natively tokenised fund share is directly proportional to how many other participants in the ecosystem can interact with it.
None of that ecosystem is ready today at scale. Most broker-dealers don´t even offer wallets to hold tokenised securities. A natively tokenised fund share issued today does not enter a fully functioning capital markets ecosystem. It enters a small, issuer-controlled environment, typically the fund’s own investment platform, the tokenisation provider’s marketplace, or perhaps one or two specialist venues. In its early form, native tokenisation delivers better operations for existing investors within a closed ecosystem. It does not deliver broader distribution across capital markets, because the capital markets infrastructure required to support that distribution is itself still being built, participant by participant, venue by venue.
The debt wrapper operates on entirely different timing logic. It issues a token into an ecosystem that already exists and is already liquid. Ethereum Mainnet has been running for over a decade. AMMs hold hundreds of billions in liquidity. DeFi lending protocols already accept yield-bearing instruments as collateral. Crypto-native investors already have wallets and already know how to use them. The debt instrument does not wait for the traditional capital markets infrastructure to be rebuilt around tokenised securities. It plugs directly into the on-chain ecosystem that is operational at scale today.
The practical conclusion for an asset manager is one of sequencing, not binary choice. The debt wrapper is the logical first step because it builds a token for the ecosystem that already exists. Native tokenisation is the right long-term infrastructure investment, and its full value is only realised once brokers, custodians, and trading venues have integrated DLT infrastructure across their operations. An asset manager who issues a debt wrapper today reaches a live, liquid, global distribution channel immediately. An asset manager who builds only native tokenisation and waits for the broader ecosystem to catch up will find that in the meantime, platforms like Ondo Finance are already distributing their competitors’ products to the audience they were waiting to reach.
The new distribution channel: a TAM argument
This is perhaps the most underappreciated dimension of the debt wrapper model, and for an asset manager it may ultimately be the most commercially compelling one.
A conventional fund distributes through fund platforms, private banks, wealth managers, and institutional investor relationships built over years. Every new market requires new distribution agreements, new regulatory filings, and new intermediary relationships. The total addressable market is large but the cost of reaching it is also large, and the incremental investor still goes through a subscription document and a TA.
A debt instrument that trades on a secondary market and can be held in a DeFi wallet reaches a completely different segment. A Web3 company holding treasury assets in stablecoins and looking for yield-bearing alternatives. A DeFi protocol seeking high-quality collateral assets. A retail investor in a market where the fund cannot be distributed under existing regulatory passports. A crypto-native high-net-worth individual who will not complete a fund subscription process but will buy a token on a regulated exchange or Dex.
None of these investors are currently accessible through conventional fund distribution. None of them require the asset manager to change the fund itself. The distribution channel is entirely new and entirely additive.
Franklin Templeton: the asset manager who built both
Franklin Templeton is the clearest real-world illustration of why the answer is not one path or the other, and the most instructive detail is that their two tokenisation products have nothing to do with each other operationally.
Benji is Franklin Templeton’s natively tokenised money market fund, the Franklin OnChain US Government Money Fund, tokenised on the Stellar and Polygon blockchains with Franklin Templeton acting as its own transfer agent. The fund share is the token. It is a regulated US mutual fund, distributed to KYC’d investors, with the TA record maintained on-chain. The innovation is operational: faster settlement, transparent record-keeping, and secondary access within a permissioned, regulated perimeter. Benji operates within Franklin Templeton’s own ecosystem. To access it, an investor interacts with Franklin Templeton’s own platform, goes through their onboarding process, and trades within the infrastructure Franklin Templeton controls. The token does not flow freely to any crypto wallet. It does not appear on Uniswap. It is not held as collateral in a DeFi lending protocol. It lives inside a well-constructed, issuer-controlled, permissioned environment, exactly as a natively tokenised fund share should.
Separately, in March 2026, Franklin Templeton partnered with Ondo Finance to issue tokenised wrapper products for five of their ETFs through Ondo Global Markets: the Franklin Focused Growth ETF, the Franklin US Large Cap Multifactor Index ETF, the Franklin Responsibly Sourced Gold ETF, the Franklin High Yield Corporate ETF, and the Franklin Income Equity Focus ETF. These tokens are not Franklin Templeton fund shares. Franklin Templeton remains the asset manager of the underlying ETFs; Ondo provides the tokenisation infrastructure and digital distribution layer above them. The tokens are debt instruments issued through Ondo Global Markets, accessible through crypto wallets, tradeable 24/7, and available to investors across Europe, Asia-Pacific, the Middle East, and Latin America who would never interact with a traditional fund subscription process. Franklin Templeton’s own TA is not involved. The fund itself is unchanged.
The scale of what Ondo has built around this model is worth stating directly. Since launching in September 2025, Ondo Global Markets has accumulated over $700 million in total value locked, powered more than $12 billion in cumulative trading volume, and reached over 70,000 holders. When Franklin Templeton, one of the largest asset managers in the world with $1.7 trillion in AUM, chose where to launch its first tokenised ETF products, it chose this infrastructure. That is not a pilot. That is a distribution channel.
The same asset manager. Two structurally different products. Two entirely different investor segments. Neither cannibalises the other. Benji serves the existing investor base with better infrastructure inside a regulated perimeter. The Ondo wrapper serves a crypto-native global audience with no access to traditional fund distribution. Together they represent the full on-chain strategy, and neither would have worked as a substitute for the other.
Every asset manager with a fund worth tokenising should be asking the same question Franklin Templeton already answered: not which path, but when to build the second one.
Conclusion: Bridging Permissioned and Permissionless Markets
Regulators are beginning to address the structural inefficiencies of traditional fund distribution, and the direction of travel is clear. In April 2026, the FCA introduced guidance on the use of distributed ledger technology within existing rules, alongside reforms such as an optional Direct-to-Fund (D2F) model. This is a meaningful step. D2F reduces intermediation and brings investors closer to fund infrastructure, but it does not eliminate the friction inherent in identity-based onboarding and compliance workflows.
At the same time, market structure is already moving toward a dual architecture. Payward, together with Nasdaq, is building an equities transformation gateway that connects regulated infrastructure with blockchain networks via its xStocks framework. The principle is clear: keep the compliant core intact, while enabling assets to circulate in more open, composable environments. This is not a niche design choice. It is an early expression of how digital twins will function across asset classes. In practice, this most likely mean locking the native position and minting a secondary representation that is transferable, composable, and instantly integrable into new protocols, liquidity pools, and yield strategies.
The honest conclusion is this: Permissioned DeFi will continue to improve, but it will always carry coordination overhead: onboarding, whitelisting, and integration cycles. Permissionless DeFi evolves without these constraints. New protocols launch without asking permission. New liquidity pools form without a whitelist approval cycle. New yield strategies deploy without a compliance review. Digital twins like debt wrapper bridge this gap by allowing assets to access that innovation layer without forcing the underlying infrastructure to match its speed.
The implication for asset managers is straightforward. This is not a choice between permissioned and permissionless systems. It is a question of how to deploy a strategy across both efficiently. Native tokenization of the fund remains essential to better serve existing investors through improved transparency, faster settlement, and innovative features like real-time or hourly yield accrual for money market funds. In parallel, digital twin architectures extend that same asset into permissionless environments, enabling DeFi-native utility without compromising regulatory integrity. The firms that combine both layers effectively will be best positioned to capture current demand while upgrading their core product offering.
In short: Wrappers monetize today’s demand; native rails capture tomorrow’s market.
