Suit Up · Asia's institutional desk on tokenisation

TL;DR

This playbook helps you decide what kind of regulator engagement to run for a tokenisation product, in what sequence, and what each engagement mode actually delivers. The most consequential mistake operators make is treating sandbox entry as a substitute for licensing; the second is treating regulator engagement as a one-time event rather than a ten-year relationship. The right model is four engagement modes that compound over time (pre-application informal dialogue, sandbox entry, production licensing, live-supervisory dialogue), each with a distinct deliverable and a distinct failure pattern. Pick the mode that matches the question you are actually asking the regulator. If the question is "is the conceptual fit there", do not file a sandbox application; if the question is "can I sell this to retail", do not assume sandbox graduation will get you there.

Decision frame

Two questions force the engagement mode before anything else. First, do you need a new permission, or can you ship the product under an existing licence with notification? Second, are you asking the regulator to bless a specific product, or to sit in the room while you test a design that does not yet have a settled legal characterisation?

If you can ship under an existing licence, ship and notify. A bank running a tokenised-deposit pilot inside its existing banking licence does not need a sandbox slot; the BoJ-supervised megabank Progmat work is the worked example, and JPMorgan Kinexys is the structurally identical US move. Notification, written supervisory dialogue, and ongoing reporting cover the expectation. A non-bank without a relevant licence has no equivalent; the engagement must be more formal.

If you need a new permission, the choice splits two ways. A sandbox application is the right move when the product needs a regulator-facing testing perimeter (controlled customer base, modified rulebook, lighter capital expectation in some regimes, no ability to charge or scale freely) before either side commits to a production licence. A production licensing application is the right move when the product fit is already understood and the question is whether you meet the standard. Major Payment Institution (MPI) licensing under MAS's Payment Services Act, broker-dealer registration, US trust bank chartering under the OCC trust bank charter pathway, or HKMA stablecoin licensing under the Hong Kong Stablecoins Ordinance are not sandbox programmes. They are full authorisation requests with the corresponding evidence burden.

Sandbox entry does not grant the right to sell to the public outside the perimeter. Production licensing does. Confusing the two is the most common pre-engagement strategic mistake.

The four engagement modes

Each mode does a specific thing. Treating them as interchangeable is the failure pattern.

Pre-application informal dialogue

No document is filed. The interaction is a meeting (sometimes a series), usually requested through the regulator's industry liaison or innovation function, where the operator walks the regulator through the conceptual design and listens for friction. The deliverable is internal: a clearer view of what the regulator will and will not entertain, and which design choices need re-work before any application becomes credible.

This mode is undervalued. Most operators jump to sandbox application without using the informal channel first, and file a half-baked design that the regulator gently sends back. The right cadence is one or two informal meetings to test the design, then a formal filing once the obvious friction has been removed. Singapore's MAS FinTech Office is approachable on this register; HKMA's Fintech Facilitation Office plays a comparable role for Hong Kong; FSA Japan's PIP intake conversations sit at this level before becoming formal sandbox entries; the UK's FCA Innovation Hub and Bank of England fintech accelerator together cover the equivalent.

What to bring: a one-page product description, a clear statement of which existing licences you hold or are pursuing, a draft view of the legal characterisation, and a small set of specific questions you want answered. What not to bring: a vendor pitch, a marketing deck, or a technical architecture document where the operating model is buried.

Sandbox application (formal entry into a named programme)

A sandbox is a named regulatory perimeter inside which an operator can test a defined product against a defined customer base under a modified rulebook, sometimes with relief on specific licensing requirements and almost always with reporting obligations to the host regulator. The deliverable is permission to operate inside the perimeter, plus a defined set of evaluation criteria and a path (or no path) to graduation.

Sandboxes vary materially in what they actually offer. Most operators read "sandbox" and assume "lighter regulation"; the truth is closer to "different regulation, with the regulator in the room". The four programmes worth understanding for tokenisation work in 2026 are MAS Project Guardian, HKMA Project Ensemble, the UK Digital Securities Sandbox (DSS), and FSA Japan Payment Innovation Project (PIP). The "Choosing your sandbox" section covers the comparison.

What sandbox entry does not do: it does not grant a production licence, it does not let you market to the public outside the perimeter, it does not necessarily produce a graduation pathway, and it does not pre-clear product authorisation. Several operators have learned this after extending a Guardian or Ensemble pilot for a year and discovering production launch required a separate full licensing track. Project Guardian is explicit: pilots run under participants' existing licences, MAS does not pre-clear products through the workstream, and graduation is governed by the existing regime rather than a Guardian-specific track.

Production licensing application

A formal authorisation request under the existing regime: MPI under the MAS Payment Services Act, capital markets services licensing under the SFA, OCC national trust bank charter under Interpretive Letter 1184 and the April 2026 final rule, NYDFS limited-purpose trust charter, HKMA stablecoin licence under the Stablecoins Ordinance, FSA Japan FTSP or trust-route registration under the PSA stablecoin amendments, or the equivalent. The deliverable is the licence, a defined supervisory relationship, and the right to operate the licensed activity at scale.

The evidence burden is non-trivial. Capital, governance, reserve composition (for stablecoin work), AML and sanctions screening, technology resilience, and operating model documentation all need to land. Timelines are long: HKMA's first two stablecoin issuer licences awarded on 10 April 2026 came from a queue reported at 36 applicants and were preceded by a full year of bilateral engagement; MAS MPI applications routinely run nine to eighteen months even for well-prepared filings; OCC trust bank conditional approvals have been a multi-quarter exercise.

The sequencing question is whether to enter a sandbox first to build operating evidence, or to file directly. The bank-issuer answer is usually direct production filing because the prudential framework is already built. The non-bank answer is more often sandbox-first to demonstrate operating maturity before the production filing.

Live-supervisory dialogue (post-licensing)

Once licensed, the engagement does not stop. Reserve attestation, AML reporting, capital-floor compliance, technology incident reporting, periodic on-site inspection, and ad hoc dialogue around new product features are all continuous obligations. The deliverable is a supervisory record that builds (or erodes) the regulator's confidence over time.

Operators consistently underestimate this mode. The post-licensing relationship is longer-running and higher-stakes than the licensing process itself. A clean record materially affects the speed at which a regulator approves new product variants, expanded customer scopes, or higher operating ceilings. A messy record (late attestation, unresolved AML findings, undisclosed incidents) extends every future application by months.

Choosing your sandbox

Four programmes are the practical APAC and adjacent options for tokenisation work in 2026, and they are not interchangeable. The right choice depends on what you are testing and what your home jurisdiction is.

MAS Project Guardian is the right venue when the question is institutional asset tokenisation across asset-and-wealth, fixed income, FX, or trade finance, particularly where you want to surface design patterns other regulators will pick up. The asset-and-wealth and fixed-income workstreams have produced the most operational participation; the FX workstream is where purpose-bound money (PBM) constructions have been tested. Guardian is not a sandbox in the technical sense, with no temporary licensing relief and no carve-out from existing perimeters; participants run pilots under licences they already hold. The right operator profile is an institution with the underlying licence in place that wants to participate in pattern-setting work alongside MAS and peer institutions.

HKMA Project Ensemble is the right venue when the question is wholesale CBDC, tokenised deposit, or tokenised asset settlement on a tiered ledger architecture in Hong Kong. The November 2025 EnsembleTX phase moved the programme from closed-loop sandbox to real-value transactions with named bank participants (HSBC, Standard Chartered, Bank of China (Hong Kong) on the bank side; BlackRock, Franklin Templeton on the asset-manager side). The right operator profile is a bank or asset manager with existing HK presence that wants to settle real flows on the wCBDC and tokenised-deposit infrastructure HKMA is building.

The UK Digital Securities Sandbox (DSS) is the right venue for DLT-based market infrastructure work in the UK: trading and settlement under modified rulebooks, cohort approach, staged operating limits. DSS is co-led by the FCA and the Bank of England under FSMA 2023 powers, and the cohort is progressing through staged expansion as of early 2026. The right operator profile is a market infrastructure provider (issuer platform, settlement venue, central securities depository alternative) wanting to operate DLT-native market plumbing in a UK-supervised perimeter. See the UK jurisdictional page for the broader regulatory context and the HSBC Orion + DIGIT reference architecture for the live G7 sovereign digital-bond programme that is operationally adjacent.

FSA Japan Payment Innovation Project (PIP) is the right venue when the question is tokenisation or payment innovation under FSA Japan's perimeter, including tokenised JGB collateral work. The April 2026 Nomura-Mizuho-JSCC tokenised JGB collateral trial on Canton graduated through PIP. The right operator profile is a Japan-domiciled institution working on payment or tokenisation patterns where the FSA wants visibility before any production move.

What none of these programmes do: pre-clear products for production launch, grant licences, or extend extraterritorially to operators outside the host jurisdiction. A Singapore-licensed firm cannot Guardian-graduate into Hong Kong distribution; a UK DSS participant does not gain MAS recognition; a PIP participant does not pick up FCA registration as a side-effect.

Worked example: founder building a tokenised-deposit issuance product wanting MAS recognition

A founder is building a tokenised-deposit issuance product and wants MAS recognition. The first sequencing call is whether to chase MAS at all, or whether the right move is to partner with an existing Singapore bank that already holds the banking licence. A non-bank cannot issue a deposit liability in any major jurisdiction, including Singapore. The product as described is structurally a stablecoin or a payment instrument unless the issuance counterparty is a licensed bank.

If the founder reframes to a regulated stablecoin under the MAS Single-Currency Stablecoin framework, the engagement sequence is approximately as follows. First, an informal MAS FinTech Office meeting to walk the conceptual design and confirm the SCS framework is the right perimeter (the alternative would be Major Payment Institution licensing without the SCS overlay if the design is multi-currency or otherwise out of SCS scope). The deliverable is internal alignment on which licensing track to file. This step takes one to two months, perhaps three meetings.

Second, a Project Guardian application if the founder wants to participate in the asset-and-wealth or FX workstream pattern-setting work. Guardian entry does not grant the MPI licence; it gives the founder a regulator-facing perimeter inside which to develop the product and, importantly, surface design questions to MAS in the workstream context. The Guardian application requires the founder to already hold or be actively pursuing the underlying licence, so this step runs in parallel with (not before) the production filing. The deliverable is named participation in a workstream and access to the regulator-curated design conversation.

Third, the production MPI application under the Payment Services Act with the SCS overlay. This is the core deliverable: capital adequacy, reserve composition (cash, cash equivalents, short-dated debt in the pegged currency, held with an independent custodian), redemption mechanics, AML and sanctions, governance, technology resilience, and operating model documentation all need to land. Realistic timeline is nine to eighteen months from filing to authorisation, longer if the founder is a first-time applicant. The deliverable is the MPI licence with SCS overlay.

Fourth, the live-supervisory dialogue once the licence is granted. Monthly reserve attestation, AML reporting through MAS Notice 626, periodic on-site inspection, and ad hoc dialogue around new product features begin at this point and continue indefinitely.

What the founder brings to the first informal meeting: a one-page product description, a clear view of the customer base scope (retail, qualified investor, wholesale), a draft view of the SCS framework fit, the chosen reference currency, and the planned reserve composition. What the founder leaves out: the fundraise deck, the marketing site mockup, the technical architecture diagram with the operating model buried.

Red flags

Confusing sandbox entry with licensing. Sandbox participation does not grant the right to sell to the public outside the perimeter, and it does not pre-clear product authorisation. Treating sandbox entry as a route around licensing extends the production timeline rather than shortening it.
Treating regulator engagement as a one-time event rather than an ongoing relationship. The supervisory record after licensing is a longer-running and higher-stakes engagement than the licensing process itself, and a messy record extends every future application by months.
Bringing a half-baked technical design to a regulator meeting. Regulators want to see operational thinking (how does redemption work, who holds the reserves, what is the AML posture, what is the technology incident plan) more than they want to see the architecture diagram. Pitches that lead with the architecture and bury the operating model fail predictably.
Asking the regulator to bless something they are explicitly not authorised to bless. MAS does not opine on US tax treatment; HKMA does not opine on Singapore data-residency rules; the FCA does not opine on Japanese FTSP registration. Asking a regulator to comment outside their remit wastes the meeting and signals that the operator has not done the legal work.
Using sandbox participation in marketing as if it were product authorisation. Press releases that imply Guardian participation equals MAS endorsement of the product, or that EnsembleTX participation equals HKMA blessing of the issuer, materially overstate what the sandbox actually delivers and create a supervisory problem with the host regulator the next time the operator files anything.

[Suit Up]

Pre-engaging your regulator: sandbox vs production