📅 Field note from: February 2018 | Last updated: May 2026 Originally written days after FINMA published the ICO Guidelines from inside Zug; updated with eight years of regulatory follow-on observations in May 2026.
February 16, 2018 was not a day that produced a press conference or a major announcement event. FINMA published its ICO guidelines on a Friday, in German and English, six pages long. They went up on the FINMA website with the usual restrained formatting of Swiss regulatory communications.
In the Zug ecosystem at the time, the reaction was not triumph or panic. It was something closer to relief mixed with the immediate realization that a lot of lawyers would be needed in the coming weeks.
The Document That Arrived When Everyone Was Already Watching
By February 2018, FINMA had been handling ICO inquiries for over a year. The Guidance 04/2017, published in September 2017, had established that FINMA was engaged — that it would assess blockchain-related business models against existing Swiss financial market legislation on a case-by-case basis. The September guidance had been measured, almost deliberately cautious, signaling engagement without committing to a framework.
The February 2018 document was different. It named things.
FINMA’s ICO guidelines replaced the informal mode with a taxonomy. Instead of “we will assess your ICO on its merits,” the document said: your token will be classified as one of three types, and that classification determines which regulatory framework applies to you.
That shift — from case-by-case opacity to explicit classification — was the document’s most significant move, and it is easy to understate from eight years’ distance.
Three Categories, One Underlying Logic
The classification framework divided tokens into three functional types. Understanding how FINMA reasoned through each category reveals more about Swiss regulatory philosophy than the categories themselves suggest.
Payment tokens were treated as cryptocurrencies: means of payment with no further development link. They attracted anti-money laundering obligations from the moment they could be transferred, but FINMA explicitly stated they would not be treated as securities. This was a deliberate signal. At a moment when US regulators were actively exploring whether Bitcoin and Ether might constitute securities, FINMA drew a clear line: tokens functioning as currency do not attract securities law.
Utility tokens offered access to a service. FINMA’s treatment here was economically rigorous in a way that surprised some commentators: a token promising future access to a platform not yet built was not, in FINMA’s reading, a utility token. It might look like one in its documentation, but if the platform did not exist at issuance, the token was closer to an investment in the project’s development — which made it an asset token, attracting securities law.
The phrase “if the utility token can actually be used in this way at the time of its issuance” was the clause that filtered out a significant portion of the 2017 ICO cohort.
Asset tokens were unambiguously securities: tokens representing company stakes, earnings entitlements, or dividend rights. These triggered Swiss securities law requirements and corresponding disclosure obligations. The category was the clearest of the three, because the economic reality was unambiguous. If a token gives you a share of future profits, it is functionally a share.
Why FINMA Did Not Do What the SEC Was Doing
The contrast with the US Securities and Exchange Commission’s approach in the same period is instructive.
The SEC had been deploying what practitioners called the “Howey Test” — the longstanding US legal standard for whether an instrument constitutes a security — to ICOs on a broad basis. The July 2017 DAO report, and subsequent enforcement actions through 2018, signaled that the SEC intended to treat most ICOs as securities offerings by default. The burden was on the issuer to prove their token was not a security.
FINMA reversed that logic.
Rather than starting from “this is a security unless proven otherwise,” FINMA started from “this token has an economic function, and that function determines the applicable regulatory framework.” The economic-function approach treated the regulatory question as diagnostic, not presumptive.
This mattered practically. A project issuing a token for genuine access rights to a live service could, under FINMA’s framework, get a coherent answer: if your token functions as utility access and the platform works at issuance, you have an AML obligation and no securities obligation. Under the broad Howey approach, the same project faced uncertainty that could only be resolved through expensive legal opinion letters or no-action requests.
The case-by-case commitment embedded in the guidelines — FINMA was explicit that final regulatory assessments would be made on a case-by-case basis — was not a retreat from the framework. It was an acknowledgment that the taxonomy was a starting point, not a formula, and that FINMA would remain in dialogue with the industry as structures evolved.
What the Reaction in Zug Actually Looked Like
The reaction in Zug’s professional community in the days after February 16 was more differentiated than the international coverage suggested.
The law firms had been expecting something. MME, Lenz & Staehelin, Pestalozzi — the firms that had been handling ICO-related work through the previous year — had sufficient informal advance signals from their regulatory relationships that the guidelines were coming and would include a classification framework. The document clarified their existing advice more than it redirected it.
For projects already in mid-ICO or recently completed, the picture was more complicated. Projects that had structured their tokens carefully as utility access rights with a working product faced relatively clean outcomes: the guidelines confirmed their existing structure. Projects that had raised funds for platforms under development found themselves in the zone the guidelines had specifically flagged — and needed to re-examine whether their tokens, on a functional analysis, looked more like asset tokens than utility tokens.
The phrase that circulated in the professional community at the time was not about what the guidelines said — it was about who they helped. The answer, broadly, was: projects that were building something real. Which was, in retrospect, exactly what FINMA had intended.
The Six Pages That Became a Template
The guidelines were six pages. Most of the global commentary at the time focused on whether they were comprehensive enough. The more interesting question, from the vantage point of 2026, is what happened to the framework they established.
The three-category approach — payment, utility, asset — was adopted or referenced by regulators in other jurisdictions. The European Banking Authority’s analysis of crypto-asset regulation, which preceded MiCA, drew on similar functional distinctions. Singapore’s MAS approach to digital payment tokens reflected FINMA’s payment token logic. The UK’s FCA token classification, published in 2019, acknowledged the Swiss framework in its own analytical structure.
Switzerland had not invented token classification. But FINMA was the first major regulator to publish a comprehensive, operational framework for it. That document arrived when regulators globally were still deciding how to approach the question.
More directly, the guidelines became the first link in a chain of Swiss regulatory development that runs through 2026.
The August 2019 banking licenses granted to SEBA and Sygnum — the FINMA crypto banking licenses field note covers this — built on the regulatory architecture the 2018 guidelines had established. They demonstrated that Swiss-licensed crypto institutions would be held to the same standards as traditional banks, extending the functional analysis principle into institutional oversight.
The DLT Act, in force from February 2021, took the token classification framework and embedded it in Swiss civil law — creating specific legal instruments for DLT-based securities that corresponded to the asset token category the 2018 guidelines had identified as securities-equivalent. The DLT Act field note covers what that legislative step actually meant in practice.
FINMA’s 2026 crypto custody guidance — the FINMA Crypto Guidance 01/2026 field note covers the most recent iteration — continues to apply functional analysis to new structures in ways that trace directly to the 2018 approach.
What Regulatory Philosophy Looks Like From the Inside
The question the February 2018 guidelines answered — implicitly, through their choices — was about the character of Swiss financial market regulation.
FINMA had options in early 2018 that it did not take. It could have declared ICOs as a category to be securities offerings by default, as the SEC effectively did. It could have deferred to parliamentary process, declining to publish guidance until legislation was enacted. It could have published the categories without the case-by-case commitment, signaling that the taxonomy was fixed and inquiries unwelcome.
What FINMA actually did was publish a functional framework, commit to ongoing supervisory engagement, and decline to presume violation. The guidelines explicitly stated that FINMA aimed to “remove all unnecessary obstacles to innovative business models while ensuring transparency and legal clarity.”
From inside Zug in February 2018, after a year of ICO boom followed by a market collapse in January and the ongoing Tezos governance crisis, that statement did not read as marketing language. It read as a description of an institution that had watched a significant financial innovation arrive in its jurisdiction, had spent a year engaging with it seriously, and had concluded that a functional framework applied with supervisory judgment was more durable than either prohibition or blanket permissiveness.
Whether that judgment was correct — whether the functional approach held up through the 2019 banking licenses, the 2021 DLT Act, the 2022 FTX crisis, and the 2026 custody guidance — is the story the subsequent field notes cover. The starting point was six pages on a February Friday in 2018.
Related field notes: The ICO Boom Seen From Zug: What 2017-2018 Was Actually Like Here — the ecosystem context the guidelines were responding to. When FINMA Gave Crypto Its First Banking Licenses: A 2019 Field Report — the next step in the regulatory architecture the 2018 guidelines established. The DLT Act Explained Without a Law Degree — how the 2021 legislation built on the token classification framework.