Tokenised Islamic finance products: Shariah compliance meets digital innovation

Tokenisation is opening new frontiers for Islamic finance, enabling greater transparency and efficiency while upholding Shariah principles. With clear regulatory frameworks emerging in the GCC, digital innovation can now deliver practical, Shariah-compliant solutions for today's markets.

Key Points

• Policy clarity in the GCC: Bahrain's Central Bank has introduced a stablecoin issuance and offering module that requires full reserves, robust controls and independent Shariah oversight for Islamic-labelled products.  In the United Arab Emirates (UAE), the new Central Bank of the UAE law recognises currency in digital form as legal tender and operates alongside the UAE Higher Shariah Authority framework.  Across the region, regulatory sandboxes are providing a controlled bridge from pilots to licensing.
• Product fit: Shariah-compliant digital products should be structured to align with core Shariah principles.  For tokenised sukuk, established structures such as ijara, wakala, mudarabah and musharakah can be adapted to token form, with trading guided by classical limits on trading debt and by the Accounting and Auditing OrgSanization for Islamic Financial Institution's emphasis on genuine asset linkage.
• Near-term use cases: Financial institutions can deploy deposit tokens that interface with central bank digital currency rails for payments and treasury, issue tokenised investment-grade sukuk or short-tenor Islamic certificates that may meet high-quality liquid asset needs where eligibility criteria are satisfied and use tokenised real-asset registries and on-chain collateral to streamline issuance, settlement and post-trade controls.

Tokenisation, the representation of ownership interests and contractual rights as digital tokens recorded on distributed ledgers, is increasingly intersecting with Islamic finance.  The opportunity is practical: broader market access, faster settlement, improved transparency and auditability, and the potential to hard-wire compliance into product lifecycles.  The challenge is equally clear.  Structures must continue to satisfy foundational Shariah requirements prohibiting interest, excessive uncertainty and speculation, even as issuance, custody and secondary trading migrate to digital rails.  Across the Gulf Cooperation Council (GCC) region, policymakers and market participants are moving beyond pilots to first-generation frameworks and transactions.  Bahrain has adopted a stablecoin issuance and offering framework that embeds Shariah governance for Islamic-labelled products, while in the United Arab Emirates (UAE) the new CBUAE law (Federal Decree-Law No. (6) of 2025) provides a statutory pathway for "currency in digital form" as legal tender issued by the UAE Central Bank.  This sits alongside the binding Higher Shariah Authority framework that adopts the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) standards for licensed Islamic institutions.  These measures signal a maturing regulatory environment for tokenised Islamic products.

For the purposes of this article, tokenised Islamic finance products refer to digital instruments structured to comply with the principles of Shariah and recorded on either permissionless public chains or permissioned networks operated by regulated institutions.  They include security tokens, such as tokenised sukuk or equity interests; asset-backed tokens that evidence ownership in identifiable real assets or usufructs; and payment or utility tokens, including fiat-referenced stablecoins and bank deposit tokens used for settlement.  Our primary focus is the GCC, in particular the UAE, Saudi Arabia and Bahrain.  The analysis draws on standards and guidance issued by AAOIFI and the Islamic Financial Services Board.  Where relevant, we refer to Federal Decree-Law No (6) of 2025 as "the new CBUAE law".

Digital Islamic products: Structures and trends

(I) Stablecoins and digital money

Stablecoins sit at the intersection of tokenisation and payments, and they are emerging as the natural test bed for Shariah-aligned digital money.  Conceptually, three models dominate: fiat-backed tokens referencing a national currency and supported by cash or cash-equivalents; commodity-backed tokens, typically over precious metals; and "yield-bearing" variants in which an issuer shares investment returns from the reserve assets.  Each raises distinct Shariah questions.  Fiat-backed instruments function as a digital representation of money and, provided they are fully reserved, redeemable at par and non-interest bearing, can operate within Islamic parameters.  Commodity-backed tokens (including those referencing precious metals such as gold and silver) may be permissible where the underlying metal is specifically allocated and identifiable, with spot settlement and evidence of possession, in line with the rules for ribawi items (spot exchange, delivery and possession).  Yield-bearing designs require particular care: any distribution to token holders must derive from permissible profit-generating activities rather than interest on reserves, with clear segregation and disclosure.

Bahrain has moved first in the region with a comprehensive stablecoin issuance and offering regulatory framework (the Central Bank of Bahrain's "Stablecoin Issuance and Offering" Module).  The framework requires full, high-quality reserve backing assets, independent custody, audited attestations and redemption at par.  Where an issuer markets a product as Shariah-compliant, an independent Shariah adviser and alignment with recognised standards such as Accounting and Auditing Organization for Islamic Financial Institution (AAOIFI) is expected.  The framework also distinguishes, in substance, between conventional and Islamic models by constraining how "yield" may arise for Islamic variants.  Together these features create a credible path for fiat-referenced tokens usable in Islamic payments and treasury without breaching core prohibitions.

In the UAE, the new CBUAE law (Federal Decree-Law No. (6) of 2025) provides statutory recognition for "currency in digital form" issued by the UAE Central Bank, sets the operating framework for issuance and transfer, confirms legal-tender status and states that the UAE Central Bank is not obliged to refund lost or tampered digital currency.  That allocation of risk has immediate custody and operational implications: issuers, custodians and platforms will need robust key management, segregation, insurance or Takaful cover and precise user terms to protect token holders.

Taken together, Bahrain's product-level regime and the United Arab Emirates' (UAE's) sovereign-money footing provide complementary pillars for Shariah-sensitive digital cash in the Gulf Cooperation Council (GCC).

(II) Tokenised sukuk and asset-backed instruments

Market direction and use cases

Sukuk structures can be effectively adapted for tokenisation.  Their architecture centres on identifiable assets, defined cash-flow waterfalls and scheduled distributions.  Three GCC trends are now prominent.

First, fractional primary distribution to retail.  Abu Dhabi Islamic Bank's "Smart Sukuk" demonstrates how onboarding, suitability, allocation and profit distribution can be automated so that retail investors can participate with smaller amounts without relaxing gatekeeping.

Secondly, "Sukuk-as-a-Service" platforms such as INABLR in Bahrain have graduated from the Central Bank of Bahrain's regulatory sandbox and position themselves to enable fractional sukuk issuance with a configurable stack for banks and corporates, including KYC and AML, token creation, registrar and corporate-actions workflows, and regulated custody.

Thirdly, the use of tokenised real assets as collateral and reference pools.  The Dubai Land Department, working with PRYPCO and other partners, has launched a live digital property tokenisation framework that connects the land registry to virtual-asset rails, an important precursor for Sara-backed offerings where legal title, usufruct and rental flows must be evidenced with precision.

Key Shariah principles

Tokenised sukuk should align with core Shariah principles.  Sukuk must evidence ownership in assets or ventures and a proportionate share of risk and reward.  In practice this means four things.

• Riba (interest) must be excluded, so investor returns arise from rent or profit rather than interest.
• Gharar (excessive uncertainty) must be addressed through clear rights and remedies, including how cash flows are calculated, what occurs upon asset loss or destruction, and how defaults are managed.
• Maysir (speculation or gambling) must be avoided, so pay-outs should reflect real economic performance rather than pure price wagering.
• Tangibility and ownership must be genuine, with beneficial title to the asset pool transferred to an issuing special-purpose vehicle or trust for investors.

Secondary trading must also respect bay' al-dayn constraints, namely the classical limits on trading debt.  This aligns with AAOIFI guidance on trading of debt and sukuk pools predominantly comprising receivables.  Tokens that represent receivables, for example pure murabaha exposures, should be traded in accordance with the Shariah principles of debt trading, which generally require exchange against tangible assets or eligible commodities on a spot settlement basis.  Tokens that represent undivided interests in tangible assets or ventures such as Sara, musharakah or mudarabah interests, or well-constructed tangible wakala pools, may trade at market value.

Characterisation and market infrastructure

A tokenised sukuk remains a security.  The token is simply the record of ownership, not a new type of asset.  Offer and marketing restrictions, disclosure duties and the roles of registrar, paying agent and trustee continue to apply, albeit executed digitally.  Issuers should preserve the familiar special-purpose vehicle architecture and ensure the token holder's legal position mirrors that of a conventional certificate holder.  Trust and beneficial ownership should be expressed unambiguously.  Corporate actions, including profit distributions, early redemptions and dissolution proceeds, should be reflected consistently in code and in prose.  Settlement finality should be documented.

Optimal structures for tokenisation

Ijara remains one of the most practical Islamic structure for tokenisation.  It involves undivided interests in leased assets, where rental payments and, where permissible, purchase and sale undertakings can be seamlessly automated.  Linking the digital framework to asset or property registries enhances the evidencing of title and usufruct, providing greater transparency and auditability.  Wakala bi-istithmar allows for diversified investment pools supported by defined investment guidelines, eligibility criteria and automated profit allocations.  Wakala bi-istithmar, mudarabah and musharakah models enable fractional ownership and transparent profit-sharing records, though they require robust disclosure around managerial discretion and loss allocation.  Forward-financing arrangements such as salam and istisna can also be adapted to token form by encoding delivery milestones, inspection rights and price adjustments, but they are generally better suited to private placements due to their inherent risk and complexity.

(III) Liquidity tools: deposit-tokens and Central Bank Digital Currency (CBDC) integration

Islamic banks often require short-tenor, high-certainty instruments that do not rely on interest.  Tokenisation offers a way to deliver those attributes with real-time settlement and granular control.

Islamic deposit-token structures

Two main structures prevail.  First, qard and wadi` ah-based deposits, where the bank owes the depositor an equivalent sum on demand.  A token in this model evidences a callable claim on the bank's balance sheet.  Two Shariah constraints follow.  Secondary transfers should occur only at face value to avoid trading a debt at a discount or premium, and redemption at par should be operationally certain, with tight limits on fees that would erode value.  Secondly, mudarabah investment accounts, where the customer supplies capital to be invested by the bank as manager; here a token represents a pro rata interest in a managed pool rather than a debt.  Losses are borne by capital providers, profits are shared pro rata between the capital providers (investors/rab-ul maal) and the bank (manager/mudareb).  In practice, such mudarabah-based deposit tokens are redeemed or transferred at par.  In both models, programmability can enforce the Shariah perimeter through whitelisted wallets, par-only transfer rules where appropriate, and hard-wired redemption timetables.

Interfaces with CBDC and the new CBUAE law

The digital dirham pathway now has statutory footing, with currency in digital form issued by the UAE Central Bank recognised as legal tender.  For Islamic banks, that creates a sovereign settlement asset that can be composed into Shariah-compliant liquidity tools.  The new CBUAE law also empowers the Central Bank to develop Islamic liquidity management instruments, including purchasing and selling Shariah-compliant commodities and securities.  In a tokenised setting, that points to central bank supported instruments that could qualify as high quality liquid assets (HQLA), for example tokenised investment grade sukuk or short-tenor Islamic certificates that meet the applicable UAE Central Bank HQLA criteria, with clear valuation and haircut parameters.  The law's allocation of responsibility for lost or tampered digital currency highlights the need for institutional custody, segregation, multi-signature controls and, ideally, Takaful cover.  Properly documented, deposit- tokens that interface with CBDC rails can deliver immediate settlement, transparent ownership and Shariah-sound liquidity management for treasurers across the GCC.

Legal and regulatory overview

(I) Shariah Governance and Standard-Setters

A clear Shariah framework is essential for tokenised Islamic products.  In the GCC, three sources of authority are most relevant: national Shariah bodies, AAOIFI and the Islamic Financial Services Board (IFSB).  Each addresses a distinct layer of design and supervision.

National Authorities

National Shariah boards provide the binding overlay for Islamic financial activity and are increasingly engaging with digital issuance, custody and settlement.  In the UAE, the Higher Shariah Authority attached to the UAE Central Bank issues standards and resolutions that are binding on internal Shariah committees of licensed institutions, oversees those committees and may require Shariah audit.  For tokenised products, this elevates firm-level opinions to system standards and supports continuing oversight rather than one-off certifications.

AAOIFI: product substance

AAOIFI's Shariah Standards remain the primary reference for contract permissibility in tokenised form.  The current work on Standard No. 62 (sukuk) remains in draft form and under active revision.  Its direction emphasises genuine asset transfer, meaningful risk sharing and avoidance of purely debt-based pools.  If adopted as drafted, tokenised sukuk should demonstrate:

• transfer or allocation of beneficial ownership to a bankruptcy-remote issuer with clear investor recourse to identified assets or usufructs; and
• disciplined secondary trading that does not amount to trading debt for gain.

Tokenisation does not change these principles but makes evidencing them more explicit.  Properly designed, it also reduces scope for lapses by aligning legal terms, operational processes and code.

IFSB: prudential perspective

The IFSB complements product rules with guidance on operational and liquidity risk for institutions offering Islamic financial services.  As banks and asset managers adopt digital rails, supervisors will look for established controls translated to the token context, including key and access management, segregation of client assets, governance of oracles and data feeds, cyber resilience and contingency arrangements for protocol or counterparty failure.

Practical governance

For issuers and platforms, two elements are central.  First, obtain and maintain Shariah approval through a recognised process with clear escalation and periodic review.  Second, embed that approval within both the legal documentation and the technical specification so that eligibility screens, portfolio limits, distribution mechanics and remedial actions are implemented as approved.

(II) Cross-border treatment and case studies

Regulatory perimeters in the GCC are converging on broadly similar objectives while retaining distinct institutional structures.  For tokenised Islamic products, three features matter: the allocation of competence among domestic authorities, the treatment of custody and trading venues, and how Shariah governance is integrated into licensing.

United Arab Emirates

The UAE operates parallel frameworks onshore and within the financial free zones.  Onshore, the UAE Central Bank regulates payment services, stored-value and digital money activities, with the Securities and Commodities Authority responsible for securities and certain virtual asset offerings. In Dubai outside the Dubai International Financial Centre (DIFC), the Virtual Assets Regulatory Authority licenses virtual asset service providers and regulates virtual assets across Dubai's mainland and free zones other than the DIFC.  Each free zone has its own financial regulator: the Dubai Financial Services Authority (DFSA) in the DIFC and the Financial Services Regulatory Authority (FSRA) in the Abu Dhabi Global Market (ADGM).  The new CBUAE law clarifies the onshore perimeter for digital money and payment-token services and does not apply within the financial free zones.  As a result, the regulatory path depends on the offer structure and venue.  A tokenised sukuk offered to DIFC investors would follow the DFSAs investment token and crypto-token regimes, whereas an onshore distribution to the public would typically engage Securities and Commodities Authority (SCA) rules, with CBUAE oversight where payment or settlement functionality is in scope.  Cross-perimeter projects need early co-ordination on custody, client asset segregation, marketing restrictions and post-trade reporting to avoid duplicative or inconsistent obligations.

Saudi Arabia

Saudi Arabia has adopted a measured approach.  The Capital Market Authority (CMA) supervises securities activity and operates a fintech lab through which digital securities pilots can be conducted on a controlled basis.  Public distribution of security tokens remains restricted.  On the banking side, the Saudi Central Bank (SAMA) continues to test wholesale and retail CBDC concepts and has hosted digital finance use cases within its regulatory sandbox.  For Islamic issuers, the practical route at present is private placement or sandbox participation, with internal Shariah board approvals and close dialogue with the CMA or SAMA as applicable.  As formal frameworks crystallise, expect alignment with International Organization of Securities Commissions (IOSCO)-style safeguards on disclosure, custody and market integrity, adapted for local Shariah governance.

Bahrain

Bahrain remains the regional first mover.  The Central Bank of Bahrain's (CBB) long-standing crypto-asset framework licences exchanges, brokers and custodians, and the regulatory sandbox has incubated tokenisation platforms, including Sukuk-as-a-Service offerings.  In 2025 the CBB introduced a stablecoin issuance and offering module that requires full reserve backing, par-value redemption, independent custody, audited attestations and, where marketed as Islamic, independent Shariah oversight aligned with AAOIFI.  That articulation of product-level requirements and Shariah governance provides a clear path for Islamic use cases in payments and treasury.

Sandbox impact

Sandboxes across the UAE, Saudi Arabia and Bahrain have functioned as a bridge from concept to operational launch, allowing supervisors to test controls for digital issuance, custody and secondary trading with real users.  They also provide a forum to reconcile perimeter issues where an activity spans payments, securities and custody, a common feature of tokenised structures.  Early engagement through these channels typically shortens approval timelines and reduces the risk of redesign once formal licensing is pursued.

(III) Key legal considerations

• Smart-contract enforceability:  The code should implement, not supplant, the legal bargain.  Specify governing law and forum suited to digital evidence, incorporate the technical specification by reference, and provide narrowly framed override rights for errors, failure of external data sources (oracles) and emergency pause.
• Regulatory classification:  Map issuance and secondary trading to securities rules; map payment, redemption and wallet activity to payments and virtual-asset regimes.  In the UAE, assess CBUAE permissions for payment-token or digital-money services in addition to SCA, DFSA or FSRA oversight.
• Shariah certification and supervision:  Obtain initial approval from a recognised board and embed continuing oversight: eligibility screens, portfolio limits, code-change governance, purification mechanics and clear remedies for non-compliance, including remediation or early redemption.
• Insolvency and priority:  Preserve ring-fencing.  For sukuk, use SPV structures with clear beneficial ownership or trust structures; for stablecoins or deposit-tokens, segregate reserves with enforceable beneficiary rights.  Ensure custodied assets are bankruptcy-remote and secondary trading respects limits on debt.

Conclusion and practical takeaways

Tokenisation can complement the established architecture of Islamic finance.  In capital markets, tokenised sukuk can broaden access and sharpen lifecycle controls where legal structure, disclosure and code are aligned.  In liquidity management, deposit-tokens and CBDC rails can deliver immediate settlement and transparent ownership if designed within classical constraints on debt and redemption.

Execution will determine outcomes in practice.  Issuers that secure robust Shariah approvals and maintain ongoing supervision, map the full licence perimeter at the outset, and align legal terms with the smart-contract specification will be best placed to scale. Ring-fenced structures, institutional custody with clear segregation and insurance, disciplined secondary trading and mature technology governance convert digital promise into durable practice.  The result is a transparent, efficient and Shariah-sound market architecture.

This article was first published in the December issue of Butterworths Journal of International Banking and Financial Law and reproduced with permission from LexisNexis. This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.

_{White & Case means the international legal practice comprising White & Case LLP, a New York State registered limited liability partnership, White & Case LLP, a limited liability partnership incorporated under English law and all other affiliated partnerships, companies and entities.}

_{This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.}

_{© 2025 White & Case LLP}