Checklist for digital asset self-custody

Self-custody is a growing trend in the world of digital assets management. Here are five essential requirements that any self-custody solution should provide for treasury teams.

1. No single point of failure

Bringing custody in-house means removing the counterparty risks associated with exchanges or custodians.

It protects against losing funds through an incident like the Mt Gox hack or the collapse of FTX, but it also means an increased responsibility for operational security.

One way to do this is to make sure that account access is securely distributed across the organization.

With Bitcoin, for example, this could mean using a secure multi-signature wallet system. Under such a system, a set of private keys are created, and a pre-determined number of these keys are required to sign transactions.

alt A multi-sig wallet showing a "2-of-3" signing arrangement.

A Bitcoin wallet with a "2-of-3" signing arrangement.

That way, even if a minority of keys are lost, stolen, or otherwise compromised, the assets remain secure.

Background reading: What is a multisig wallet?

2. UTXO management

In the case of Bitcoin and other similar blockchain systems, UTXOs are the essential building blocks of the network – the discrete units that each individual transaction consists of.

Being able to trace, store and spend Bitcoin down to the level of individual UTXOs brings benefits ranging from enhanced security to fee optimization and tax efficiency. Find out more in our article on UTXO management.

The beauty of self-custody is that organizations needn’t fear losing track of UTXOs because of a third-party comingling different client funds in an omnibus account.

But further to this, any digital asset management platform used for Bitcoin should be set up to allow an organization to track, freeze or spend individual UTXOs according to their business requirements.

3. Operational controls

Having established a system that prevents a single point of failure, the governance of said system needs to be customized to the specific needs of the organization and its existing business rules.

Payroll is one example. If employees are to receive payment in digital assets, whether that is a bonus system or part of a monthly salary, such payments will likely need to be set up by the payroll or human resources team and authorizing by at least one other team or executive member.

Finance teams may also wish to determine how many approvals a transaction needs based on its value, as in the example shown below.

alt An example of requiring a specific number of approvals for transactions over a particular amount

Organizations can create business rules requiring that transactions above a set threshold must have X number of authorizations.

4. No vendor lock-in

Building a complete self-custody digital asset management system in-house would be a massive undertaking. For this reason, it is common for institutions to partner with an infrastructure provider.

Acquiring a software license or integrating an API is a more convenient and scalable solution than building something from scratch, but it’s important that any such arrangement is reversible.

Since self-custody offers organizations complete control and sovereignty over their digital assets, it would be paradoxical to be locked in to using proprietary software.

Finance and technical teams should check there is a mechanism such as an account recovery tool that lets them switch to do a different vendor without requiring the involvement of the current vendor to do so.

That way, their data and assets are protected in the event of any unforeseen circumstances.

5. Systems compatibility

To be of maximum benefit to an organization, digital assets should not exist in a silo.

The infrastructure needed to manage them should be compatible with existing treasury management systems (TMS) and enterprise resource planners (ERPs).

Fully integrating digital assets in this way means enterprises can reap their benefits as an operational asset as well as on the balance sheet.

A digital asset operations platform such as Fortris, which generates journal reports compatible with GAAP and IFRS accounting standards, removes the need for laborious manual processes when it comes to business functions such as conciliation and reporting.

Additional integrations

Finally, to truly reap the benefits of a self-custody model, organizations may wish to cut out intermediaries when it comes to the flow of digital assets into and out of their business.

There are many third-party payment services providers (PSPs) that allow companies to take crypto payments, but if organizations wish to “be their own bank”, one of the foundational principles of Bitcoin, then the most frictionless way to do so is via their own PSP.

Fortris handles digital asset treasury operations for enterprise business.

Want to learn more? Book a demo today.

Table of contents