BCP, Key-person risk, and other lessons learned from the QuadrigaCX debacle
It’s been widely reported that the CEO of Quadriga CX exchange died leaving significant sums of digital assets in an unrecoverable state in cold storage. Whether this soap opera is the result of a massive failure in planning or outright fraud will be discovered in due time. Either way, this highlights the importance of best practices in digital asset custody.
Key lessons we can learn from this event:
Pick your vendors wisely
Do your due diligence on your vendors. Especially ones entrusted with custody of your digital assets. Find out what their BCP / DR plans are and how you could recover your assets in the event of a business continuity event.
For more on this see the following clip from our best practices webinar:
Minimize balances kept in exchange trading accounts
For large positions, using a 3rd party custodian with cold storage accounts is the recommended means of safeguarding your digital assets. Segregated accounts at a custodian provide reduced risk and greater transparency.
Verify your custodian follows cybersecurity best practices
In your due diligence process you should query your vendors on their cybersecurity practices, separation of duties, key-person risk mitigation, and physical security. For an in-depth discussion on crypto cybersecurity lessons learned, watch our recent webinar with Bloomberg, DCG, FriedmanCyzen, and Shapeshift.
Events like this can erode trust in the blockchain industry. It is up to responsible organizations in the cryptocurrency space to continue to make solutions that are industrial, institutional and safe. Events like this can be used to emphasize the importance of robust security, vendor due diligence, and following best practices.