Tokenised settlement, the execution of financial asset transfers using digital tokens on distributed ledger infrastructure, with central bank money as the settlement asset, is moving from extended pilot phases to production deployments. The ECB's planned Delivery-versus-Payment pilot connecting trading platforms to TARGET Services in Q3 2026 is the most concrete near-term milestone in Europe. Understanding what it means in practice, and what the remaining interoperability challenges are, requires looking at the technical architecture rather than the headline announcements.

What the ECB DvP Pilot Actually Does

The ECB's tokenised settlement pilot, part of the broader wholesale CBDC exploration programme, connects participants in DLT-based financial markets to TARGET2 and T2S, the ECB's existing wholesale settlement systems. The mechanism is a "trigger solution": a smart contract on a private DLT network initiates a cash payment in central bank money through the existing TARGET infrastructure when the asset leg of a trade is confirmed on-chain. The digital asset moves on the DLT; the cash settlement happens in TARGET in real central bank money.

This is not a new DLT-based settlement system. It is a bridge between existing DLT-based trading infrastructure and existing central bank settlement infrastructure. The significance is that it allows Delivery-versus-Payment, simultaneous exchange of asset and cash with no settlement risk, between the DLT world and the central bank money world, without requiring either to adopt the other's technical standard.

The Interoperability Problem

The fundamental challenge in tokenised settlement is interoperability: how do you exchange a tokenised asset held on one DLT platform against tokenised cash held on a different DLT platform, or against traditional central bank money, with atomic settlement and no intermediate credit risk? There are three technical approaches being tested in parallel.

Trigger / Bridge Solutions

The ECB approach described above. The DLT platform and the traditional settlement system communicate via a standardised interface; the trigger fires both legs simultaneously. The advantage is that neither system needs to be redesigned. The limitation is that it depends on the reliability and latency of the bridge, and it does not work cross-border without bilateral bridge agreements.

Wholesale CBDC on DLT

Issuing actual central bank money as tokens on a DLT platform, so that the cash leg of a trade settles in the same technical environment as the asset leg. The BIS Innovation Hub's mBridge project and Project Dunbar explored this model for cross-border payments between central banks. The limitation is that it requires central banks to issue liability on DLT infrastructure, which raises custody, governance, and finality questions that not all central banks have resolved.

Synchronisation

Coordinating settlement across two separate systems, the asset DLT and the cash DLT or RTGS, through a synchronisation protocol that creates conditional finality: neither leg settles unless both can settle simultaneously. SWIFT's cross-border interoperability experiments and several CSD pilots have tested this approach. The challenge is defining who decides finality and what happens if the synchronisation protocol fails mid-settlement.

mBridge and Cross-Border Wholesale Settlement

The mBridge platform, developed by the BIS Innovation Hub with the central banks of China, UAE, Hong Kong, Thailand, and Saudi Arabia, completed its minimum viable product phase in 2024 and has moved towards production-scale testing. The UAE and China conducted live cross-border transactions using wholesale CBDC through mBridge in late 2025. For GCC-connected financial institutions, this is directly relevant: the Saudi Central Bank (SAMA) is an mBridge participant, and the CBUAE's participation creates a direct corridor between GCC central bank money and the Chinese financial system that bypasses traditional correspondent banking routes.

What This Means for Financial Market Participants

For banks and custodians with DLT-based security positions, the ECB pilot creates a route to Delivery-versus-Payment settlement in genuine central bank money, eliminating the settlement risk that currently exists when the cash leg relies on commercial bank money. The practical requirement is connectivity to the ECB's trigger interface and a legal framework for the DLT-based asset representation that the trading platforms using this infrastructure can recognise.

For payment firms and fintech businesses without existing DLT infrastructure, the near-term relevance is more limited, the Q3 2026 pilot is a wholesale capital markets instrument, not a retail payment application. The medium-term relevance is real: as tokenised commercial paper, tokenised bonds, and tokenised trade finance instruments become standard instruments, the correspondent banking and payment infrastructure that supports trade finance flows will need to interact with DLT settlement rails. Firms that understand the architecture now will be better positioned to adapt their correspondent relationships and settlement workflows as tokenisation moves from capital markets into trade finance and cross-border B2B payments.

The Regulatory Position

The EU DLT Pilot Regime, which entered into force in 2023 and applies through 2026, allows regulated market infrastructure operators to test DLT-based trading and settlement under a modified regulatory framework. It is designed to generate the empirical evidence needed to decide whether the permanent regulatory framework needs amendment. The results of pilots operating under the DLT Pilot Regime, including the data on settlement finality, operational resilience, and participant behaviour, will directly inform PSD3 technical standards and any future revision to the Settlement Finality Directive.

Legal Finality and Settlement Finality Directive Compatibility

One of the foundational legal questions in tokenised settlement is whether a transfer of a tokenised asset on a distributed ledger achieves legal finality under the Settlement Finality Directive, which governs the irrevocability of transfer orders entered into designated payment and securities settlement systems within the EU. The SFD's protection applies when a system is designated and the transfer order has been entered into the system and accepted for settlement according to the system's rules. The question for DLT-based systems is whether on-chain transfer events satisfy the SFD's entry and acceptance criteria, and whether smart contract execution constitutes a moment of finality that the law will recognise and protect against insolvency challenges.

The EU's DLT Pilot Regime, which allows market infrastructure operators to test tokenised securities settlement under a modified regulatory framework, addresses this explicitly: pilot operators can apply for an exemption from certain provisions of MiFID II and CSDR, and the regime provides for designated system status under the SFD for qualifying DLT systems. This gives participants in pilot systems the legal finality protection they need to treat on-chain transfers as irrevocable. The challenge is that this protection applies only to designated systems under the regime, not to all DLT-based settlement activity. DLT transfers that occur outside a designated system do not automatically inherit SFD protection, and the legal status of such transfers in an insolvency scenario remains uncertain in most EU jurisdictions.

For financial institutions building tokenised settlement infrastructure, legal finality is not a secondary concern. It is the precondition for using tokenised settlement in transactions where counterparty insolvency risk is material — which is most financial market transactions. Before committing to a DLT-based settlement model, firms need a legal opinion that addresses SFD compatibility in the relevant jurisdiction, and they need to structure the settlement system in a way that can qualify for the relevant legal protections.

Custody and Asset Segregation in a Tokenised Environment

Tokenised assets held in digital wallets on distributed ledgers present custody arrangements that differ structurally from securities held in central securities depository accounts or cash held in central bank settlement accounts. In a traditional custody model, the custodian holds securities in a segregated account on behalf of the client, and the client's claim against the custodian is a contractual and property law claim supported by the securities' presence in the CSD account. The client does not hold the securities directly; the custodian holds them on its behalf.

In a direct DLT custody model, the client may hold cryptographic keys that give them direct control over the token. This changes the custody relationship: the client's claim is not against a custodian who holds the asset — the client holds the asset themselves, or holds the key that controls the asset. This has implications for client asset protection rules under MiFID II, for account structures under CSDR, and for the resolution and insolvency treatment of tokenised assets if the custodian becomes insolvent.

Most institutional tokenised settlement deployments in 2025 and 2026 are using an omnibus wallet model, where the custodian holds all client assets in a single wallet and maintains internal records of each client's entitlement. This preserves the traditional custodian-client relationship and fits within existing regulatory frameworks, but it removes one of the principal advantages of DLT — direct client control over assets — and retains the custodian's omnibus account as a single point of failure. The question of which custody model is correct for which use case depends on the regulatory requirements, the counterparty relationships, and the specific asset class involved. It is a question that needs to be resolved in the design phase of any tokenised settlement system, not after deployment.