Non-Fungible Tokens – Structuring Options and Legal Frameworks


For the first time, crypto assets and services will prospectively be subject to an EU-wide regulatory regime under the MiCA Regulation (= Markets in Crypto Assets). According to the recent outcome of negotiations between the European Parliament, the Council and the Commission, however, non-fungible tokens (“NFT”) are to remain excluded from the scope of the draft regulation unless they fall into one of the categories of crypto assets covered by the draft regulation. Within 18 months, the European Commission is to be tasked with examining the need to regulate the NFT market and, if necessary, to draft a corresponding regulatory framework.

As there will therefore be no EU-wide harmonised regulatory regime for NFTs in the foreseeable future, a look at the current framework for NFT trading is worthwhile. Due to the wide range of options for generating and trading in NFTs, the appearance of NFTs is multiform.

What Is an NFT?

To start with, an NFT is a singular, non-reproducible digital unit that refers to a specific asset (in most cases digital but possibly also another kind of asset, e.g. a physical object). Unlike other types of tokens – digital units representing the functions and properties assigned to them when they are created (referred to as token “minting”) – NFTs are unique and not interchangeable. This distinguishes them from other crypto assets, especially digital currencies such as Bitcoin or Ether.

Tokens are stored and traded via blockchains (chains of data blocks stored on a decentralised ledger together with transaction information). In any event, this specific form of distributed ledger technology (“DLT”) is currently so firmly established for trades in tokens that the use of a blockchain is generally expected. In theory, however, other types of (DLT-based) infrastructure could also be used. The German Electronic Securities Act (Gesetz über elektronische Wertpapiere, “eWpG”), for example, uses the open term “recording system”, thus expressly not limiting the technologies that may be used (cf. sect. 4 para. 11 eWpG).

In current practice, many NFTs are based on the Ethereum blockchain as it allows for the definition, creation, and transfer of individual types of tokens, and allows the convenient use of Ether as a transaction currency. Via its identification number, each NFT can be uniquely identified and referenced specifically. An NFT can therefore be understood, in non-technical terms, as a kind of digital exhibit: the allocation of the NFT to its “owner” is recorded digitally and is protected against forgery by the decentralised nature of the DLT database.

In principle, NFTs can refer to many different types of assets. Common use cases are digital artworks, digital (sports) trading cards, or other digital assets (e.g. music files, videos). NFTs are also used in virtual realities (“metaverses”), for example to document rights to virtual properties within that metaverse. It is also possible, although less common in practice, to link them to physical objects.

Even if the asset is digital (such as a file), in order to save storage space the asset is usually not stored on the blockchain together with the NFT. Instead, the NFT contains a link pointing to the asset (“token URL”). The token URL therefore benefits from the security standard guaranteed by the blockchain but the asset itself does not, as it is usually stored at an external location (see below).

The Minting of an NFT

The tokenisation of digital assets, i.e. the minting of NFTs, is frequently accomplished via established NFT trading platforms. On these platforms, the creator of an NFT can provide a file (and, if necessary, upload it to the platform server), and store a token with a link to this file on the respective blockchain used by the platform. This NFT is assigned to the creator’s “account”, i.e. the creator’s digital address which is assigned to the creator individually as a blockchain participant. Initially, the NFT can therefore only be sold or transferred by the creator themselves. NFTs are typically sold and transferred via a blockchain transaction. Thus, the process does not differ significantly from transactions in other crypto assets.

On many platforms, an associated smart contract can be defined when minting an NFT. A smart contract is a set of computer instructions which define the parameters for the tokens to be generated, and their subsequent tradability and transferability. In a smart contract, for example, the creator can completely exclude the onward transfer of the NFT or define a proportional revenue share in their favour (“royalty”). Each time the NFT is sold, this royalty would then be automatically transferred and credited to the creator in the designated cryptocurrency. A smart contract can also define the scarcity of NFTs: a freely determinable number of NFT units can be created and each of them is individually trackable via its relevant identification number. After its creation, the smart contract is also stored on the blockchain and thereby becomes unalterable. Any transfer of the generated NFTs is then automatically subject to the rules defined in the smart contract.

Protection of the Asset

If the asset is not stored decentrally together with the NFT but only the token URL referring to the asset (as is usually the case when storing on blockchains), the acquirer of the NFT is not protected against a loss of access to the asset, for example as a result of an exchange of the file linked via the token URL, or a loss of data. The NFT creator could reduce the risk of unauthorised third-party access by storing the asset on a server they operate themselves. A creator could also add metadata to the relevant NFT, e.g. by giving it a name or describing its properties. This way, at least a description of the object linked via the token URL can be stored in the NFT.

In order to provide additional protection for highly valuable NFTs, a specific hash value is sometimes calculated from the file linked with the NFT. This hash value is then only valid for the linked file in its original form and would generally be stored with the NFT as a “digital fingerprint” in addition to the token URL. If one would thereby store the file in a decentralised, publicly accessible database (e.g. the Interplanetary File System) and thus protect it against tampering, it is as a consequence possible to verify whether the file actually corresponds to the NFT it was linked to at the time of its creation. Occasionally, the linked file is also handed over to the acquirer of an NFT on a physical data carrier or a physical means of reproduction (such as a digital picture frame).

An NFT does not grant its holder exclusive rights of use or access to the linked asset. If the NFT refers to a freely accessible file, the holder of the NFT is neither entitled nor technically able to prevent access or reproduction by third parties.

Legal Framework

The acquirer of an NFT does not acquire ownership of the linked asset under civil law, nor do they acquire any corresponding rights of use or other rights (cf. sect. 15 seq. and sect. 44 para. 1 German Act on Copyright and Related Rights, Urheberrechtsgesetz). They merely acquire a registration as the “owner” of the NFT within the used recording system (e.g. the blockchain). The value of the NFT is thus merely an expression of the “authenticity” certified in it, i.e. its seamless traceability to its creator via the chain of blockchain transactions.

If the acquirer is to acquire rights to the reference object, this has to be agreed separately, for example by concluding a usage or licensing agreement. It is possible to refer to corresponding contractual terms in the metadata of an NFT. However, if the contract itself is not stored decentrally together with the NFT, it does not enjoy the protection against loss or modification granted by the blockchain. All in all, with regard to the legal position acquired by the “owner” of an NFT and the further legal implications, for example from the perspective of copyright law, many questions are still unanswered (see also the Noerr article Non-fungible tokens (NFTs) and copyright law of 15 October 2021).

Depending on their specific properties, NFTs may be classified as crypto assets within the meaning of sect. 1 para. 11 sentence 1 no. 10 German Banking Act (Kreditwesengesetz, “KWG”) or, respectively, sect. 2 para. 5 no. 10 German Securities Institutions Act (Wertpapierinstitutsgesetz, “WpIG”). Classification as a crypto asset within the meaning of financial regulations may trigger authorisation obligations, e.g. as regulated NFT trading or for providing NFT custody services which could qualify as crypto custody business (Kryptoverwahrgeschäft) within the meaning of sect. 1 para. 1a sentence 2 no. 6 KWG. If applicable, there may also be a license requirement pursuant to sect. 1 para. 1a sentence 2 no. 8 KWG (crypto securities registry management, Kryptowertpapierregisterführung). However, the specific regulatory qualification depends on the circumstances of each individual case. Due to the wide leeway for the creation and specification of NFTs, there is hardly a “one-fits-all” standardised legal approach, also given the fact that the administrative practice of the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, BaFin) in this context is still evolving.

Possible indications for a license requirement may be the use of NFT to generate revenue (in particular, trading with investment expectations in the hope of increasing value) or standardisation of NFTs, e.g. in the case of creating NFTs in fixed number and under conditions which lead to the individual NFTs becoming factually interchangeable (which would ultimately mean that they are no longer NFTs in the true sense).

NFTs can also be relevant from the perspective of capital markets law: depending on their conditions and form, they may be classified as securities (see Art. 4 para. 1 no. 44 MiFID II Regulation). Also in this context the essential criteria are whether the acquirers of an NFT act in the expectation of future revenue (investment function) and whether there is sufficient standardisation (tradability). Qualification as a security may result in prospectus obligations (pursuant to Regulation (EU) 2017/1129) and publication requirements (pursuant to Regulation (EU) 596/2014).


While legal parameters and supervisory practice regarding other types of crypto tokens are gradually becoming clearer, the legal framework for the NFT market is noticeably still evolving. In view of the planned exemption of NFTs from the scope of the MiCA Regulation, an EU-wide, uniform regulatory framework for NFTs cannot be expected in the near future. Thus, legislators and regulatory administrative practice at the national level will remain authoritative for the time being. There are a variety of options for modelling NFTs. Given the proximity of NFTs to regulated business activities, companies should always carefully review the need to comply with financial services or capital markets regulations.



Financial Services Regulation
Digital Business
Banking & Finance