What is secure, insured, and compliant custody all about

As the adoption of digital assets grows, so does the need for secure and robust digital asset custody. During crypto’s nascent years, structural solutions and transactional technologies were major concerns for institutional adopters in addition to regulatory uncertainties. In the webinar “Is it the Right Time to Reconsider Crypto?” held on May 28, Alexandre Kech, CEO of Onchain Custodian discussed the need for such custodial services, and how the digital asset ecosystem is maturing thanks to the increasing availability of institutional-grade infrastructure custody services and compliance solutions.

With crypto’s emergence as an asset class, it is natural for institutional participants to carefully consider the supporting infrastructure before allocating a portion of their portfolio into digital assets. Traditional financial institutions are already familiar with the concept of custody and understand its value for security and third-party auditability. They understand the segregation of duties and know that asset managers often use third-party custodians, sometimes even mandatorily. Thus, qualified digital asset custodians play a huge role in helping traditional institutions understand crypto in the language that they are familiar with, while also providing clarity on digital assets’ current regulatory status.

Alexander noted that onboarding institutions and family offices in crypto through education is essential in helping them understand that digital assets are bearer instruments enforcing “holder in due course” as the default rule; where losing the private keys or getting hacked means losing access to the crypto assets. While there were instances of stolen crypto being recovered with the help of law enforcement, the process is still very complicated. It is one of the reasons why institutional investors, high net-worth individuals, and family offices are moving the safekeeping of their digital assets to third-party custodians where assets are secure, insured, and compliant with existing laws.

Digital Asset Custody Options

Digital asset custody options include self-custody, exchange custody, or third-party custodial services. Each option has its own set of advantages as well as drawbacks. Exchange custodians, for instance, are generally honeypots for malicious hackers because the customers’ digital assets are generally commingled into one big wallet. “Data confirms most hacks in the space happen on exchanges because digital custody is not their core business,” Alexander added.

A digital custodian, on the other hand, will segregate an individual customer’s assets, safely stored with multiple layers of security. The key advantage of third-party custody is that the level of authorization required to instruct a movement in and out of wallets can be defined by the client. “The core purpose is to ensure that private keys are in an enterprise-grade environment,” Alexander said. Compliant, institutional-grade custody solutions are becoming imperative in facilitating digital asset security and ease of transactions.

For family offices and high-net-worth individuals, the issue of succession is very important. On this facet, custodians generally function as a bank in the sense that someone who has a legal right, can unlock the assets after proving they are the legitimate beneficiaries.

How third-party custodians operate

Onchain Custodian created an enterprise-grade, single window to manage crypto assets, enabling transparency, reporting, and auditability. Custodians typically secure digital assets by employing the use of multi-signature cold storage. Cold storage is the act of enforcing a physical gap between the asset and the internet so it cannot be accessed externally. A warm or hot wallet conversely has at least some connectivity to the outside world.

In the multi-signature cold storage, the owner generates and initiates the unlocking process with private key signature one, after which, it needs to be verified by a co-signer or co-authorizer who generates private key signature two, and sends an instruction to the third-party custodian. The assets get unlocked using hardware devices. This is known as the authorizing processor transaction and this operation happens sequentially. This setup is great for long-term holders who value security and account management but could be inefficient for active traders who prefer to maintain final responsibility for their assets. Since this is hardware-based, offline, and kept in a physical vault, it is a far superior method for keeping assets away from online criminals.

Digital Asset Insurance

Since cryptocurrency and digital assets are bearer instruments, any loss while in custody or during transfer presents significant risk. While there are already security measures available, using insurance as a hedge provides an additional layer of protection that attracts institutional clients. The naturally conservative insurance industry that is now covering cryptocurrency risks is further evidence of how mainstream crypto assets have been.

While insurance for digital assets is now highly sought after, the risk coverage and pricing are still evolving. Some insurance companies remain hesitant to provide coverage because of the volatile nature of the digital asset market, however, this is gradually changing due to high demand, increasing knowledge and confidence in the technical measures of digital assets security. At Onchain Custodian, individual clients and financial institutions managing the assets of their own customers via the Onchain Custodian service are provided comprehensive insurance for their assets. The entire scope of custody is substantially covered unlike many other services in the industry which lack coverage for employee misconduct.

What is a hardware security module?

A critical element of Onchain Custodian’s custody solution is the hardware security module (HSM), a technology that banks have been using for the last three decades. Onchain Custodian’s SAFE™ platform complements its custody solution with a wallet management service by the IBM Cloud™ Hyper Protect Crypto Services which takes advantage of the industry’s first and only FIPS 140–2 Level 4 certified Hardware Security Module (HSM) available in the cloud. In short, the security for key storage is such at a high level that not even IBM, the cloud infrastructure provider can access the keys. This means that it can only be accessed through security APIs utilized by the Onchain Custodian interface after an authenticated customer instruction.

Onchain Custodian provides a one-stop shop for securing assets both in cold and warm wallets. Beyond that, the company also offers access to open finance services allowing clients the option to deploy their digital assets into asset management products that can generate yield. “You can also borrow money in the form of stablecoins using Bitcoin as collateral through a network of trusted partners we have built over the years, essentially giving you access to liquidity.”

The industry reorganizing itself

At present, Onchain Custodian is de facto regulated by the Monetary Authority of Singapore (MAS) with obligations to follow all the AML/CFT requirements. As a pioneer in digital asset custodianship, Onchain Custodian is part of the Global Digital Finance that spearheaded the creation of Custody Working Group where a consortium of traditional banks such as HSBC, DBS, and Standard Chartered and challenger banks are working together to ensure the level of industry standards in terms of insurance, operational, and technological set up that is secure and compliant.

As the industry reorganizes itself, putting regulations in place can promote trust and confidence in digital assets and help in the maturity of the crypto market. Several countries are now firming up their regulatory response such as the Monetary Authority of Singapore (MAS), which is now at the forefront of providing a clear regulatory framework for digital assets within their jurisdiction.

However, understanding the full implications of digital assets in the financial market space still takes time. Because of the regulatory uncertainties and rapid developments, digital asset custodians have become empowered to leverage the technology and their own expertise to address the market. By continuing to develop industry standards which include creating an open conversation for all the industry players, custodians are paving the future of a secure, insured, and compliant digital assets industry.

Outline

00:00 — Introduction

04:22 — How the concept of institutional-grade custody provider emerged

09:45 — How succession rules apply with crypto assets

14:48 — Ways of securing assets at a custodian level

18:29 — How hardware security module (HSM) works

24:06 — Building the industry of custody

29:45 — What is fair pricing on the insurance from a custodian perspective