A broad coalition of central banks, international organizations, and major financial firms has released a white paper on programmable compliance for tokenized assets. The paper, called Global Layer One or GL1, looks at how compliance rules can be built directly into regulated digital-asset transactions. Contributors include Banque de France, the International Monetary Fund, Kinexys by J.P. Morgan, the Monetary Authority of Singapore, Standard Chartered, and several other institutions.
The paper was also shaped by input from Bermuda, a privacy protocol for regulated digital assets, as well as the BIS Innovation Hub, Chainlink Labs, and GLEIF. The group argues that for regulated institutions, full transparency on public blockchains is often at odds with the need for commercial confidentiality and client privacy.
Why Privacy and Compliance Matter Together
Bermuda said its contribution to the paper focuses on privacy-preserving compliance tools. These tools let issuers enforce asset-level and transaction-level policies in private digital-asset activity. One concern highlighted in the announcement is that every transaction can reveal counterparties, amounts, and asset types. But the alternative, complete opacity, leaves regulators with few options.
The announcement adds: “When action is required, the only available lever may be to freeze an entire pool, affecting compliant funds and legitimate users alongside illicit activity.” This points to a central tension in tokenized markets. Issuers need to follow rules, but they also need to protect sensitive business information. The GL1 paper tries to outline an architecture that supports both goals.
Programmable Compliance as a Framework
The GL1 paper presents Bermuda as one privacy solution for enforcing asset- and transaction-level policies. Issuers can apply compliance rules before transfers, swaps, or settlements happen, while still keeping confidentiality through privacy-preserving tech. The framework explores how tools like zero-knowledge proofs can help meet regulatory requirements without exposing sensitive data.
Jan Philipp Fritsche, co-founder of Bermuda and a former European Central Bank official, said: “Enforcement needs precision. Recent incidents have shown what happens when precision is missing: issuers can be forced into blunt measures that risk freezing an entire protocol and the compliant users inside it.” In an interview, Fritsche argued that the digital asset industry needs compliance tools that can tell the difference between high-risk activity and legitimate transactions.
What This Means for Tokenized Markets
Bermuda says its protocol uses client-side zero-knowledge proofs and runs on EVM-compatible networks without needing contract rewrites. This approach aims to let issuers apply targeted restrictions without affecting compliant participants. The broader push from central banks, the IMF, and major banks like JPMorgan suggests that programmable compliance is becoming a serious priority for the industry. The idea is not to choose between transparency and privacy, but to find a middle ground where enforcement is possible without damaging legitimate market activity.
