Tokenized real-world asset issuances are securities offerings. That statement is not controversial among practitioners who have done the legal work, but the operational implications are frequently underestimated by issuers approaching on-chain rails for the first time. Accredited investor verification is not a disclosure form — it is a condition precedent to a valid exempt offering. Getting it wrong exposes the issuer to rescission liability and SEC enforcement under Section 5 of the Securities Act of 1933.
The Regulatory Framework: Reg D and Its Two 506 Pathways
Rule 506 of Regulation D, codified at 17 CFR 230.506, provides two distinct exemption pathways under Section 4(a)(2) of the Securities Act. Understanding the operational differences between 506(b) and 506(c) is the first decision an issuer must make when designing a tokenized offering.
Under Rule 506(b), an issuer may sell to an unlimited number of accredited investors and up to 35 sophisticated non-accredited investors, but general solicitation and general advertising are prohibited. The verification burden for accredited investors is lighter — the issuer may rely on investor self-certification through a questionnaire or subscription agreement representation. The practical constraint is distribution. You cannot post about a 506(b) offering on a public website, send a mass email, or use any public announcement. The offering must be conducted through pre-existing substantive relationships.
Under Rule 506(c), general solicitation and advertising are expressly permitted — which is why most tokenized RWA offerings visible on any public platform are structured as 506(c). The trade-off is a materially higher verification burden. Under 17 CFR 230.506(c)(2)(ii), the issuer must take "reasonable steps to verify" each purchaser's accredited investor status. The SEC's 2013 adopting release (Release No. 33-9415) identified a non-exclusive list of acceptable verification methods: reviewing tax returns, W-2 forms, bank or brokerage account statements, or obtaining written confirmation from a licensed attorney, CPA, investment adviser, or broker-dealer.
Self-certification alone does not satisfy the 506(c) verification standard. This is not a technicality — it is the substantive difference between the two pathways. Issuers who structure a 506(c) offering but rely on checkbox self-attestation have not achieved the exemption.
Who Qualifies as an Accredited Investor
The accredited investor definition under 17 CFR 230.501(a) has been expanded twice since its 1982 original. As of the SEC's 2020 amendments (Release No. 33-10824), the definition includes: natural persons with net worth exceeding $1 million (excluding primary residence) or income exceeding $200,000 ($300,000 jointly) in each of the two most recent years with reasonable expectation of the same; entities with total assets exceeding $5 million; "knowledgeable employees" of a covered fund; persons holding certain professional certifications including the Series 7, 65, or 82 licenses; and certain other categories including family offices and SEC-registered investment advisers.
For RWA issuances targeting institutional capital, the relevant thresholds are often the entity-level tests, not the individual income and net worth tests. But institutional accreditation is not automatic. An entity that is not an SEC-registered investment adviser, broker-dealer, or insurance company must independently meet the $5M total assets threshold. A family office targeting a private credit allocation must verify it meets the definition under 17 CFR 230.501(a)(12) — including that it was not formed for the specific purpose of acquiring the securities being offered.
Qualified purchaser status under Section 2(a)(51) of the Investment Company Act of 1940 — requiring $5M in investments for natural persons or $25M for certain entities — is a higher threshold and is relevant for offerings that require exemption from Investment Company Act registration. This is a distinct analysis from accredited investor verification and should not be conflated.
On-Chain Verification Mechanics
In a tokenized RWA offering, the accredited investor verification process must produce a result that the smart contract can rely on at the time of token purchase and at the time of any secondary transfer. That requirement creates a practical challenge: the verification is an off-chain legal determination, but the enforcement mechanism is on-chain.
The prevailing technical architecture uses credential attestation. After completing the verification workflow — submitting income documentation, receiving confirmation from a licensed verifier, or passing through an integrated third-party KYC/AML provider — the investor's wallet address is credentialed with an on-chain attestation that encodes their eligibility status and expiration. Standards like Polygon ID and the emerging ERC-3643 identity framework provide privacy-preserving approaches where the attestation proves status (accredited, non-US person under Reg S, etc.) without exposing the underlying documentation on-chain.
The smart contract's transfer function checks the recipient's credential before executing. A transfer to a wallet without a valid accredited investor attestation is rejected at the protocol layer — not by a human compliance reviewer, but by the transfer restriction logic. This is the architectural advantage of compliance-native token design: the restriction enforces continuously, not only at initial subscription.
We're not saying on-chain credential attestation replaces the legal verification process or eliminates issuer liability for the adequacy of that process. We're saying it creates an auditable, programmatic enforcement layer that substantially reduces the operational risk of inadvertent transfers to ineligible investors — a risk that is real in traditional paper-based private placement workflows.
Reg S: The Offshore Dimension
Many RWA issuances incorporate a Reg S tranche alongside the Reg D domestic offering, allowing participation by non-US persons located outside the United States. Regulation S, codified at 17 CFR 230.901 through 905, provides a safe harbor from Section 5 registration for offers and sales that occur outside the US to non-US persons, provided neither the issuer, a distributor, their respective affiliates, nor any persons acting on their behalf engages in directed selling efforts in the US.
The compliance conditions under Reg S vary by category. Category 1 applies to foreign private issuers with no substantial US market interest and requires only that the offer be made offshore. Category 3, which applies to equity securities of US domestic issuers and certain debt securities, imposes a 40-day distribution compliance period during which US persons are prohibited from purchasing, and requires offering materials to bear restrictive legends. For tokenized instruments, the Category 3 distribution compliance period must be embedded in the token's transfer mechanics as a time-locked restriction against transfer to US persons or US addresses — not managed through a manual hold log.
A combined Reg D / Reg S structure is common for tokenized private credit targeting a global institutional LP base. The mechanics require the issuance contract to maintain separate eligibility pools: domestic accredited investors under 506(b) or 506(c), and offshore non-US persons under Reg S, with the appropriate restrictions enforced per investor category.
What Issuers Routinely Underestimate
Two compliance requirements consistently catch first-time tokenized issuers off-guard. First, Form D must be filed with the SEC within 15 days of the first sale in a Reg D offering. The Form D (17 CFR 239.500) requires disclosure of the issuer, type of offering, and certain offering terms. Late filing is a technical violation that can affect future exempt offering eligibility in some states. Second, state blue sky laws apply in parallel with federal exemptions. A Reg D federal exemption does not preempt state securities registration requirements — each state where investors reside may require a notice filing, an exemption claim, or, in some cases, a merit review. For a tokenized offering with investors across multiple jurisdictions, coordinating the state notice filing calendar is non-trivial.
The operational load of managing investor verification, ongoing eligibility monitoring, and secondary transfer compliance across a distributed investor base is precisely what compliance-integrated issuance infrastructure addresses. The legal determinations remain the responsibility of qualified securities counsel. The workflow automation, credential management, and transfer restriction enforcement are infrastructure problems — and infrastructure problems have infrastructure solutions.
