Technology has given financial services employees access to a much broader range of digital assets, including crypto-assets, stablecoins, NFTs, and tokenized securities. As this landscape evolves, firms need compliance frameworks that can capture these exposures, apply the right controls, and monitor risk consistently across digital assets and traditional securities.
Personal trading policies at financial services firms were built around a clear premise: employees at broker-dealers, asset managers, hedge funds, investment banks and the like have access to insider information, and their personal trading must be supervised accordingly to ensure that there is no misuse.
But for most firms, those policies—and the compliance systems that support them—are not built for an employee who holds tokenized equities, invests in stablecoin, or owns an NFT. And in financial services, where the stakes of a surveillance gap can lead to regulatory enforcement, reputational damage, and civil liability, that distinction matters more than in almost any other industry.
Although the term “crypto” is often a blanket term for these emerging investment vehicles, the reality is that there are many different types of digital assets. It’s critical that a firm’s compliance framework accounts for these different types of digital assets and captures the data required to effectively monitor them and understand the level of potential risk they pose to the firm.
At the broadest level, a digital asset is any asset that exists in digital form and carries value.
Virtual assets, as defined by the Financial Action Task Force (FATF), are digital representations of value that can be traded, transferred, and used for payment or investment. These are distinct from fiat currency representations and central bank digital currencies.
Crypto-assets are a specific subset of digital assets. The Financial Stability Board (FSB) defines them as private sector digital assets that depend primarily on cryptography and distributed ledger technology for their creation, transfer, and storage.
For financial services firms, each of the major digital asset categories carries distinct and material compliance risk:
Crypto-assets (for example, Bitcoin, Ether, and similar tokens) are already held by a significant and growing share of financial services employees. At firms with institutional crypto desks, ETF operations, or digital asset advisory practices, employee crypto holdings pose risks including misuse of MNPI and front-running.
Stablecoins can be treated as cash equivalents by employees, but their deployment in yield protocols or as collateral in leveraged positions creates exposure and conflicts of interest if undisclosed.
NFTs are no longer just collectibles. At financial services firms advising on brand partnerships, tokenized loyalty programs, or digital asset issuers, an employee holding an NFT connected to a client or counterparty poses significant conflicts of interest for all involved.
Central Bank Digital Currencies (CBDCs) are advancing rapidly across major markets. Firms with government bond desks, FX operations, or central bank relationships need to include CBDC holdings in compliance frameworks.
Tokenized Securities are traditional financial instruments—stocks, bonds, or funds—issued and transferred on a blockchain or distributed ledger. The risk exposure is identical to holding the underlying asset through a conventional brokerage account.
Each category creates different compliance monitoring requirements and potential conflicts of interest.
Developed jointly with the CFTC, SEC Interpretive Release No. 33-11412, Application of the Federal Securities Laws to Certain Types of Crypto Assets and Certain Transactions Involving Crypto Assets defines whether five categories of digital assets are securities or not. Read about it here.
Employees at financial services firms are increasingly trading through digital channels, where compliance frameworks were built to govern traditional investments. When surveillance only covers traditional channels, conflicts of interest will go undetected—and unmitigated.
A firm's personal trading policy requires pre-clearance for equities, bonds, options, and funds. It does not mention tokenized equivalents. An equity research analyst buys a tokenized share of a company in their coverage universe. Under the policy, no pre-clearance was required—and the analyst is not wrong to read it that way. The conflict of interest exists regardless.
An employee at an asset management firm holds a position in an ETF through their disclosed brokerage account. They hold the same economic exposure via tokenized fund units on a DeFi exchange. Compliance sees the brokerage leg and considers the position disclosed. They do not see the DeFi leg, because their system does not include that data. The employee's actual exposure—and their ability to act on insider information—is double what it appears.
Investment bankers advising on a client's token issuance, trading desk employees with visibility into institutional crypto flows, and fund managers aware of planned digital asset allocations all hold MNPI that maps directly to tradeable crypto-assets. Without an updated compliance framework that includes policy and access to trading wallets, there is no pre-clearance trigger, no blackout period, no identification of violation and no audit trail.
DeFi protocols operate pseudonymously. Financial services employees participating in liquidity pools, lending protocols, or governance token voting may be transacting with firm clients, counterparties, or issuers without knowing it—and without any of it surfacing in traditional surveillance systems.
Without both clear policy and a compliance system that provides visibility into digital asset trading channels, compliance teams cannot enforce pre-clearance rules, monitor exposure, or detect conflicts of interest from employee trading in digital assets.
As digital asset surveillance capabilities mature and enforcement actions multiply, firms that cannot demonstrate proactive compliance will find themselves defending a gap they had every reason to identify and then close.
MCO's Digital Asset Personal Trading solution delivers a purpose-built workflow for managing employee personal trading in digital assets and crypto. With Digital Asset Personal Trading, firms can:
MCO’s Know Your Employee Compliance Suite provides firms with a fully integrated solution to monitor, identify and remedy conflicts of interest and code of conduct issues to keep pace with a changing regulatory environment. The platform’s crypto and digital asset trading oversight capabilities fully support assets, transactions and holdings based on crypto and blockchain technology.
MCO's single compliance platform enables firms to manage employee personal trading activities across securities, crypto and digital assets in conjunction with Personal Trade Manager.
Ready to learn more? Request a demo today to see how MCO can help your firm stay ahead of crypto and digital asset compliance obligations.
This post was written by John Kearney, Head of Product for Employee Conflicts of Interest at MCO. This blog was originally published on June 7, 2022 and updated on March 24, 2026.
How the GENIUS Act and CLARITY Act Will Change Compliance Requirements
Unpacking Hong Kong’s Virtual Asset Licensing Regime in 2026
MCO's Digital Asset Personal Trading Brochure