Sharia Compliance for Tokenized Securities: CMA Standards for Islamic Digital Assets

Sharia compliance for tokenized securities in Saudi Arabia follows the CMA’s Sharia Compliance Guidelines for Digital Assets, published in October 2024. Six CMA-approved Sharia boards are authorized to certify tokenized securities, and 85% of the SAR 2.1 billion in outstanding Saudi tokenized securities carry active Sharia certification. The guidelines establish the world’s most detailed regulatory framework for Islamic digital asset securities, reflecting Saudi Arabia’s position as the largest Islamic finance market globally with approximately $800 billion in Sharia-compliant assets.

Sharia Board Requirements

All tokenized securities offered in Saudi Arabia must either:

1. Obtain Sharia certification from a CMA-approved Sharia board before issuance, or
2. Be explicitly marketed as “non-Sharia certified” with prominent disclosure in all offering documents

Issuers choosing option 2 face significant market limitations — Saudi institutional investors, including government pension funds and sovereign wealth vehicles, are generally restricted to Sharia-compliant instruments under their own investment mandates.

CMA-Approved Sharia Boards

The six approved boards include:

• Three boards affiliated with major Saudi banks
• One independent Sharia advisory firm with international presence
• One board affiliated with the Saudi Blockchain Lab’s Islamic finance research unit
• One GCC-based board with cross-border Saudi-UAE coverage

Each approved board must have a minimum of three qualified Sharia scholars, at least one of whom holds a doctoral degree in Islamic jurisprudence from a recognized institution. Board members cannot serve on more than four CMA-approved boards simultaneously to prevent conflicts of interest and ensure adequate attention to each engagement.

Smart Contract Sharia Review

The Sharia review of smart contracts examines:

Contractual Compliance: Smart contract logic must accurately implement the terms of the underlying Islamic contract (murabaha, musharaka, ijara, wakala, etc.). Automated execution of contract terms must comply with the relevant Sharia principles for each contract type.

Prohibited Elements: Smart contracts must not contain:

• Interest (riba) calculation or distribution functions
• Speculative (gharar) elements beyond the level permitted under the applicable contract type
• Automated engagement with prohibited industries (alcohol, gambling, conventional insurance, pork products)
• Short-selling mechanics or uncovered derivative functions

Zakat Integration: Smart contracts for tokenized sukuk and equity tokens should include zakat calculation capabilities or clearly designate an external zakat calculation mechanism.

Purification Provisions: If the underlying asset generates any incidental non-compliant income, the smart contract should include an automated purification mechanism directing the non-compliant portion to a CMA-approved charitable fund.

Review Process

The smart contract Sharia review follows three phases:

1. Design Review (2-4 weeks): Review of the smart contract specification document before coding begins, identifying potential Sharia issues in the proposed logic
2. Code Review (3-6 weeks): Examination of the actual smart contract code by the Sharia board’s technical advisor (a blockchain developer with Sharia training), verifying that the implementation matches the approved design
3. Testing Review (2-3 weeks): Verification of Sharia compliance under test scenarios, including edge cases that could trigger non-compliant behavior

Total Sharia review costs range from SAR 150,000 to SAR 500,000 depending on smart contract complexity. The review must be refreshed following any smart contract upgrade.

Ongoing Sharia Compliance Monitoring

Sharia certification is not a one-time event. The CMA requires:

Quarterly Sharia Audits: The approved Sharia board must conduct quarterly reviews of the tokenized security’s compliance, examining:

• Transaction-level compliance with the certified contract structure
• Ongoing asset composition for fund-type tokenized securities
• Any changes in the underlying business activities that could affect compliance
• Smart contract behavior logs for any anomalous or potentially non-compliant automated actions

Annual Sharia Audit Report: A comprehensive annual report filed with the CMA, covering:

• Overall Sharia compliance assessment
• Any compliance exceptions identified and remediated during the year
• Recommendations for Sharia compliance improvements
• Purification amounts processed and charities benefiting

Material Event Reviews: Immediate Sharia review following any material event that could affect compliance, including smart contract upgrades, changes in underlying asset composition, or corporate events affecting the issuer.

Sharia Compliance for Specific Token Types

Tokenized Sukuk

Sukuk tokenization must comply with AAOIFI Sharia Standards, particularly Standard 17 (Investment Sukuk). The CMA has issued supplementary guidance covering:

• The permissibility of fractional sukuk ownership through tokenization (confirmed permissible by all six approved boards)
• Secondary market trading of tokenized sukuk (permitted for equity-type sukuk, restricted for debt-type sukuk per AAOIFI Standard 21)
• Smart contract implementation of periodic distribution payments (must reflect actual profit/loss, not predetermined returns)

Tokenized Equities

Equity token Sharia compliance follows the established Saudi stock screening methodology:

• Revenue screen: Maximum 5% of revenue from non-compliant activities
• Debt screen: Interest-bearing debt must not exceed 33% of market capitalization
• Interest income screen: Interest income must not exceed 5% of total income
• Accounts receivable screen: Accounts receivable must not exceed 49% of total assets

These screens must be applied at the point of tokenization and re-assessed quarterly for ongoing compliance.

Tokenized Commodities

Commodity tokens must comply with Sharia rules on bay al-salam (forward sale) or bay al-istisna (manufacturing contract) as applicable. Physical delivery or constructive possession must be possible — purely synthetic commodity exposure through tokenization is not Sharia-compliant under current CMA-approved board interpretations.

Market Impact

The integration of Sharia compliance into tokenized securities regulation has several market effects:

Demand Effect: Access to the global Islamic asset management industry’s $4.5 trillion asset pool. Saudi Sharia-compliant tokenized securities are eligible for inclusion in Islamic indices and Sharia-compliant fund portfolios worldwide.

Cost Effect: Additional compliance costs of SAR 300,000-800,000 annually per tokenized security (Sharia board fees, quarterly audits, purification administration). These costs are partially offset by access to a broader investor base.

Competition Effect: Saudi Arabia’s integrated Sharia-tokenization framework creates a regulatory moat versus non-Islamic jurisdictions. Competing on Sharia credentials is particularly relevant against Bahrain and Malaysia, both of which have announced similar frameworks but with later implementation timelines.

Innovation Effect: The requirement for smart contract Sharia review has catalyzed innovation in Islamic fintech, with several ecosystem participants developing automated Sharia screening tools for tokenized assets.

The CMA’s Sharia compliance framework positions Saudi Arabia to capture the intersection of two global growth markets — tokenization and Islamic finance — with a regulatory architecture that makes compliance mandatory rather than optional.

Cross-Border Sharia Recognition

The CMA’s bilateral cooperation agreement with Malaysia’s Securities Commission includes specific provisions for mutual recognition of Sharia certifications. A tokenized sukuk certified by a CMA-approved Sharia board in Saudi Arabia is automatically recognized as Sharia-compliant for Malaysian regulatory purposes, and vice versa. This mutual recognition eliminates the need for duplicate Sharia review — a significant cost and time saving for cross-border tokenized sukuk distribution.

The CMA is developing similar mutual recognition provisions with Bahrain and the UAE, though differences in Sharia scholarly interpretations (Saudi Arabia follows Hanbali fiqh, while Bahrain and Malaysia include Shafii and Hanafi perspectives) require careful alignment work. The GCC Securities Regulators Forum’s Digital Assets Working Group has established a Sharia Standards Sub-Committee to develop harmonized GCC Sharia standards for tokenized securities.

Technology-Enabled Sharia Innovation

The integration of Sharia compliance with smart contract technology is driving innovation in Islamic finance:

Automated Purification: Smart contract-based purification eliminates the manual quarterly purification process that conventional Sharia-compliant funds require. The automated system identifies non-compliant income in real-time, segregates it, and directs it to CMA-registered charities. Token holders receive only purified income, removing the investor burden of self-purification.

Real-Time Screening: Equity token smart contracts can integrate with Sharia screening databases to continuously monitor the underlying company’s compliance ratios (debt, revenue, receivables). If a company breaches a Sharia screen threshold, the smart contract can automatically notify holders and restrict further purchases until compliance is restored.

Transparent Compliance Records: All Sharia compliance actions — certifications, quarterly audits, purification amounts, board opinions — are recorded on the blockchain, creating an immutable compliance history. This transparency exceeds what any conventional Islamic finance product provides and enables independent verification by investors, researchers, and regulators.

Dispute Resolution: Smart contract-based dispute resolution mechanisms for Sharia compliance disagreements are under development. If a token holder challenges a Sharia determination, the dispute can be escalated through a transparent on-chain process to an independent Sharia arbitration panel, with the ruling executed automatically through the smart contract.

The $4.5 trillion global Islamic finance industry is at a technological inflection point, and Saudi Arabia’s integration of Sharia compliance with tokenization regulation positions the Kingdom to define how Islamic digital finance operates globally. The CMA’s framework — mandatory, comprehensive, and technology-enabled — establishes the standard that other Islamic finance jurisdictions will reference as they develop their own approaches to tokenized Islamic securities.

AAOIFI Standards Integration

The CMA’s Sharia compliance framework is anchored in the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) standards, which provide the scholarly foundation for Islamic finance globally. AAOIFI Standard 17 (Investment Sukuk) and Standard 21 (Financial Papers) are directly incorporated into the CMA’s tokenized sukuk requirements, ensuring that Saudi tokenized Islamic instruments meet the same Sharia standards as conventional Islamic securities.

The integration extends to AAOIFI’s governance standards, which require Sharia board independence, minimum scholarly qualifications, and prohibition on conflicts of interest. The CMA has adapted these governance requirements for the digital asset context, adding requirements for smart contract literacy and blockchain technology understanding that AAOIFI’s conventional standards do not address. This adaptation positions Saudi Arabia as the first jurisdiction to extend AAOIFI-level Sharia governance to tokenized securities, creating a regulatory model that AAOIFI itself has cited as a reference for future standards development.

Market Impact Assessment

The Sharia compliance framework’s market impact is measurable across several dimensions:

Issuer Behavior: The 85% Sharia certification rate among Saudi tokenized securities exceeds the conventional securities market’s 75% rate, suggesting that tokenization issuers are more likely to pursue Sharia certification. Market participants attribute this to the lower incremental cost of Sharia compliance for tokenized securities (smart contract-based compliance is more cost-efficient than manual compliance) and the broader investor access that Sharia certification provides in Saudi Arabia’s predominantly Islamic finance market.

Investor Demand: Qualified investors surveyed by the CMA in Q4 2025 indicated that Sharia certification was a “deciding factor” in 73% of tokenized securities investment decisions. This demand signal reinforces the market incentive for issuers to obtain Sharia certification, creating a virtuous cycle of supply and demand for Sharia-compliant digital assets.

International Positioning: The CMA’s Sharia-tokenization framework has generated significant interest from international Islamic finance centers. Malaysia’s Securities Commission, Bahrain’s Central Bank, and Indonesia’s OJK have all requested detailed briefings on the framework, with Malaysia and Bahrain proceeding to incorporate elements into their own emerging digital asset regulations through bilateral cooperation channels. The framework positions Saudi Arabia as the definitive standard-setter for Islamic digital securities, complementing the Kingdom’s existing leadership in conventional Islamic finance through institutions like SAMA and the Saudi Blockchain Lab.

The CMA’s Sharia compliance framework for tokenized securities represents the most detailed regulatory integration of Islamic finance principles with digital asset technology in any jurisdiction. The framework benefits from Saudi Arabia’s institutional depth in Islamic finance — the Kingdom hosts the world’s largest domestic sukuk market (SAR 530 billion outstanding), the most extensive network of Sharia advisory boards (12 CMA-recognized boards), and dedicated research programs at King Saud University and Imam University focused on Islamic finance automation. The Saudi FinTech Strategy 2025 identified Islamic fintech tokenization as a priority sector, allocating dedicated resources through the Fintech Saudi-CMA accelerator for firms building Sharia compliance technology. This institutional commitment ensures that the Sharia compliance framework is not an afterthought layered onto secular digital asset regulation but a foundational architectural element of the Saudi tokenization ecosystem. The IOSCO engagement through the CMA’s participation in international working groups ensures that Saudi Sharia compliance standards contribute to global discussions on faith-based financial regulation in digital asset markets. The CMA’s 6 approved Sharia boards collectively employ over 30 qualified scholars with expertise spanning traditional fiqh, modern Islamic finance structuring, and blockchain technology assessment — a concentration of interdisciplinary Sharia advisory talent unmatched in any other digital asset jurisdiction.

Saudi Arabia’s participation in the mBridge cross-border CBDC initiative further supports Sharia-compliant tokenized securities settlement by providing a riba-free central bank digital payment rail for international transactions.

For Sharia compliance inquiries: info@sauditokenisation.com