Digital asset self-custody guide for institutions
Recent events in the digital assets sphere have seen a surge in demand for self-custody by consumer cryptocurrency holders. But what about institutional users? Let’s explore some of the challenges and benefits for large organizations.
Self-custody: an undeniable trend
The implosion of the digital asset platform FTX in late 2022 continues to send aftershocks through the crypto ecosystem.
The factors that led to the collapse of the world’s second largest crypto exchange will be debated and analyzed for years to come, but one side effect has been clear to see: the spike in demand for self-custody.
The phrase “not your keys, not your coins” has been an oft-repeated mantra in the wake of FTX.
Leaving crypto in centralized exchange wallets goes against this foundational philosophy of Bitcoin, which was designed to give users control over their funds without the need for intermediaries like banks.
Background reading: Crypto wallets: 5-minute guide
With the amount of BTC held on exchanges reaching new lows, it seems that jittery retail users are looking for alternatives to exchange custody – an assumption that appears to be backed up by the record sales of hardware wallets such as Ledger and Trezor in recent weeks.
However, it’s interesting to note that the consumer shift towards self-custody was underway well before FTX’s downfall.
One study in July 2022 suggested that the hardware wallet industry could outstrip crypto exchanges by 2027.
Challenges of self-custody for institutions
Retail users are spoilt for choice when it comes to self-custody options, though the technical setup (managing a hardware wallet and private keys) can have a steep learning curve at first.
For institutions, whose funds reportedly made up the bulk of those affected by the FTX collapse, the situation is more complex.
The typical setup of a single hardware wallet, private key and a backup/seed phrase is impractical at an institutional level.
What's more, institutions have complex requirements when it comes to areas such as governance, transparency, and auditability.
Let’s look at some of the key challenges, and how they can be resolved.
1. Governance and permissions
It is important that institutions don’t fall into the same trap that can come with entrusting custody to a third party: having a single point of failure when it comes to key management.
This can result in nightmare scenarios such as the case of a CEO’s death that led to the loss of millions of dollars in customer funds.
Equally, permissions and approvals need to be properly distributed to prevent bottlenecks in essential business operations such as bulk payments and payroll.
Solution: When it comes to self-custody, this means creating a secure system whereby transactions can only be created and authorized by pre-approved individuals or teams, in accordance with an institution’s governance policies.
Clear controls in this area are essential from an auditor’s perspective, as PWC notes.
One way of managing this involves the use of multi-signature wallets.
The diagram below shows how different payment thresholds can be established to further customize the approvals process using a platform such as Fortris.
Organizations can create business rules requiring that transactions above a set threshold must have a specific number of authorizations.
2. Hardware security
The promise of self-custody is that individuals and institutions alike can “be their own bank”.
With that comes the requirement to physically safeguard the hardware needed for key storage, backups, and account recovery mechanisms.
Solution: For financial institutions well versed in the physical elements of OpSec (operational security), building secure on-site storage is probably less of a barrier than it is for SME or retail users.
However, working with an experienced self-custody treasury logistics specialist can make the process even smoother.
3. Reporting and analytics
The beauty of a self-custody solution with Bitcoin, for example, is that it leverages the transparency of blockchain technology. Any transaction that takes place “on chain” can be located using a publicly available block explorer.
However, Bitcoin is private by design, meaning that the sender and receiver of a transaction are represented by strings of code. The raw transaction metadata of the blockchain will not fulfil an institution’s reporting requirements by itself.
Institutions are operating in a fiat world, where journal reports follow a standard format, and the correct tracking of a digital asset’s cost basis can have major implications for tax and compliance.
They could end up with two parallel sets of data that then need to be manually reconciled.
Solution: To avoid having to fill in spreadsheets manually, which would be impossible to scale and a waste of team resource, institutions should look for software solutions that seamlessly integrate digital assets into existing financial planning and reporting programs.
Further reading: Bitcoin bookkeeping best practice guide
Self-custody benefits and use cases
In addition to the operational security advantages of self-custody, such as complete ownership of digital assets and the removal of counterparty risk, there are other clear benefits for institutions.
In a self-custody model, transactions are easier to track “on-chain” because there is no risk of a third party commingling an institutions’ assets with those of other customers.
This can occur when exchanges, for example, use omnibus instead of segregated accounts.
In omnibus accounts funds are pooled together, whereas in segregated accounts client funds are held separately from those of other clients.
Wallet storage mode flexibility
Having complete control over its own digital assets means an institution is free to decide on the combination of cold, hot, and warm wallets it uses, in accordance with its operational requirements and risk management policies.
Background reading: The different kinds of crypto wallets
Speed of access
For institutions that choose not to self-custody, a qualified crypto custodian can present an attractive alternative to exchange storage. The advanced security and safeguarding processes of a custodian provide a level of reassurance, especially for non-crypto native companies.
However, the main drawback of custodians is the time and friction involved in accessing funds. The core competency of custodians is secure storage (and rightly so), but this model can be impractical for institutions that need to move funds regularly or at short notice.
As we have seen, there are numerous benefits of digital asset self-custody for institutions. But it is realistic to expect self-custody to fulfil all an organization’s needs?
The reality is that institutions may require custom solutions that feature a range of different custody options. For example:
- Highly secure self-custody cold storage wallets for treasury reserves
- Hot or warm wallets with an operational float for day-to-day business
- Exchange wallets for trading.
Assets can be moved around between these different buckets as required.
Whatever custody solution an institution opts for, it is important that it has the necessary financial tooling to manage them according to accounting best practices and for maximum operational efficiency.