[ D I G I TA L
A S S E T S ]
CUSTODY IN A
DIGITAL ASSET
WORLD
Institutional money requires institutional-level custody. Third-party custody of traditional assets
is an established and secure service offering, but these services are not readily applicable to
digital assets, says Jeanette Turner, chief regulatory officer, Compliance Solutions Strategies.
D
igital assets such as Bitcoin
or other cryptocurrencies are
fundamentally different from
traditional assets, and institu-
tional investors in digital assets
have particularly challenging needs with
respect to custody. Custody firms are
evolving, trying to determine how best
to meet the needs of such institutional
customers.
Each owner of a digital asset has a pri-
vate key—a unique number generated by
a digital asset wallet. The key enables the
key holder to transact the specific digital
asset. Third-party custody of digital assets
is not custody of the currency itself—the
currency is on the blockchain. Rather,
custody involves holding the wallets that
store the keys to the assets.
Because they are built on blockchain
technology, digital assets are by nature
highly secure and essentially hack-proof.
The problem is that the wallets are not.
Digital assets are bearer instruments—
whoever has the key is the owner of the
asset. This makes them hard to track or
10
Securities@Sibos
January 2019
recover if lost or stolen. The risk of finan-
cial loss is significant and over the past
few years millions of Bitcoin have been
lost due to hacking and fraud.
Third-party custody options are grow-
ing for digital assets, but there is a lot of
noise among the offerings. How can an
owner of digital assets evaluate whether a
custodian is institutional-grade?
Although there is no clear model for
what constitutes institutional-grade
custodianship, there are some common
features and best practices.
Hot wallet vs cold storage
Digital keys are held in wallets. The type
of wallet you should use depends on your
risk profile. A hot wallet is online and
connected in some way to the internet,
making it easy to transact the digital
assets. Cold storage (aka cold wallet)
involves generating and storing private
keys in an offline environment, away from
the internet. The key could be printed
on paper, stored on a USB, or in a special
hardware storage product. Hot wallets are
vulnerable to hacking, while cold storage
might be exposed to physical harm where
the wallet is located, such as weather or a
break-in.
For purposes of security, it is better
to hold digital assets in cold storage,
says Adam Capon, EVP, operations at
Digital Asset Custody Company, which
provides institutional custody for digital
assets with technology and services
purpose-built to protect. “You need air-
gapped cold storage, meaning that the
keys are not stored anywhere near the
internet and are not on a device that has
touched the internet,” he explains.
Tom Jessop, head of Fidelity Digital
Assets, which offers enterprise-quality
custody and trade execution services for
digital assets, makes clear that, “Given
that the assets are digital and can be eas-
ily transferred, the only way to safeguard
them is to hold your own keys.”
This level of security comes at the cost
of convenience. You eventually need to be
online to use your digital assets. If stored
in cold storage, the keys must be imported