[ D I G I TA L
A S S E T S ]
into a hot wallet before being used. Any
change will be sent to the hot wallet, not
the cold storage. Any file transfer between
online and offline machines will defeat
the purpose of air-gapped cold storage, so
reconciliation adds another process.
Dominic Longman, chief product officer
at Trustology, a London-based company
that focuses on crypto custody services,
likens cold storage to exchanging stock
certificates in the 1960s, meaning that
you have to wait anywhere from hours
to a couple days to access your assets.
“Cold storage is an old school approach
to a technical problem,” he says. “People
choose it out of misunderstanding the risk
vectors or because it is easier to price for
insurance purposes.”
Some investors might prefer to use both
hot wallets and cold storage, depending
on the need for immediate withdrawal. In
that case, an institutional investor looking
for institutional-grade custody would
keep the majority of the assets in cold
storage and only a small amount in hot
wallets, for use and trading.
Multi-level approach to security
When it comes to digital assets, security
is front and centre. Digital assets are
uniquely challenging from a technolo-
gy perspective and you need a layered
approach where the layers all work
together. The most critical layers are
technology, security, and operational
security. The three must work together.
After that, an institutional owner might
want additional layers of custodial ex-
pertise and services.
Regardless of storage type, cyber
hygiene is critical. Generally speaking,
most cryptocurrency losses are due to
carelessness rather than hacking or fraud.
The same goes for institutions. Clients of
third-party custodians should ask many
questions, including how the network is
configured and how the systems are pro-
tected. If a device is infected by malware,
the keys can be lost.
Defending physical threats
With keys to digital assets stored offline
in vaults, the focus is on defending against
physical threats such as theft and weath-
er. Here, you need to think about the do-
main of where the keys are stored. “What
does it take to get into those locations
and are there several levels of physical
12
Securities@Sibos
January 2019
security protecting those locations?” asks
Fidelity’s Jessop.
Operational
When it comes to operational security,
people and processes are key. Jessop
points out these key considerations for
your custodian: “What are your policies
and procedures? Who can access cold
storage? How do you ensure division of
labour and enforce information barri-
ers between people involved in the key
management workflow? Capon adds that
“key-man risk” is important: “No one per-
son should have a complete view of how
things work or be able to obtain a key.”
You want as many speedbumps in the
process as possible. This includes a lot of
checking before assets are transferred,
from various levels of authorisation and
multi-signature requirements to time
blocks. Capon explains: “For the highest
security, you don’t want instant access.
You want it to take fifteen minutes to
withdraw your key, and you want a hu-
man in the middle of the process.” As for
time locks, “the owner of the assets can
choose to have the process take two days
rather than fifteen minutes.”
Trustology takes a different approach.
“Customers should focus more on tech-
transaction when in a certain location).
The difference is the removal of people,
which again is about security versus
convenience.
Regardless of the speedbumps involved,
make sure there is an audited control
process.
Knowledgeable custodian
Whether the third-party custodian is a
newcomer or an established custodian of
traditional assets, it is clear that you want
people who know what they are doing.
There is no definition for “qualified cus-
todian” when it comes to digital assets.
The custodian does not need to be a bro-
ker-dealer, but most agree that it should
act like one. Satisfying US government
standards for holding assets is considered
by most to be validation of an institution-
al-grade custodian.
Capon suggests that investors also look
at the background and experience of the
people at the company as well as the insti-
tutions they work with. Jessop adds that
investors should also look at whether the
custodian is well capitalised and has in-
surance to cover assets under its control.
Custodians traditionally provide a mul-
titude of services, but, providing services
for digital assets is different. As Longman
“Custodians should take people out of the process to
minimise operational risk. People collude, make mistakes
and slow down the process.”
DOMINIC LONGMAN, TRUSTOLOGY
nology and how it has been implement-
ed rather than people,” says Longman.
“Custodians should take people out of
the process to minimise operational risk.
People collude, make mistakes and slow
down the process.” He adds that, “Cus-
todians for existing asset classes have
looked to remove human / operational
risk for years, and this is similar. It is
likely even more important with current
digital assets as there is no recourse.”
Technology speedbumps are similar to
people roadblocks in that they include
multi-signature requirements (more than
one key is required to access the digi-
tal assets), time locks (you dictate how
long the transaction should take), and
geo-location fencing (you can only sign a
points out, “Nobody is providing full
custodial services at this point. They are
doing safe-guarding and safe-keeping.
Custodial services for cryptocurrency will
come later.” Over time, he adds, custodi-
ans and others will develop ancillary ser-
vices like trading and lending to broaden
the value proposition to investors.
The needs of institutional holders of
digital assets are quickly evolving, and the
growing field of third-party custodians
is trying to adapt their offerings as well
as develop new services for future uses
of digital assets. It is critical for holders
to conduct thorough due diligence of
custodians to ensure that the appropriate
procedures are in place. The stakes are
high as the losses are unrecoverable.