I do some custom token work, some of it is based off existing illustrations, and lately more popular Pathfinder characters have been asked for. These characters are very recognizable, even from the top down style I use.
However I see it as along the lines of the Fan Art side of things. Sure I make a tiny bit for making the art. The art however is unique and for private use. I don't sell the token commercially. So yes I'm using an iconic figure from a popular game, but I'm not making a killing or trying to compete against PF in any way. If they were to offer the same service I would stop immediately.

So as others have stated I would make sure that:
A. the guy buying the commission cannot use it commercially or even distribute it (except within a small group, and not on a website to be freely downloaded)
B. the company does not make a similar product that he could obtain through proper means.

Get him to agree to the 2 above and you would have covered your butt to some degree.
I am not a lawyer.