Institutional Custody Framework for Digital Assets and Cryptocurrencies

With the growth of digital assets, many tier-1 banks and financial institutions are actively looking for options for participating in the digital asset custody space, yet only a few have been successful. This paper looks at the differences between digital asset custody and the traditional asset, typical models for digital asset custody solutions, and how financial institutions can successfully tap into the digital asset custody space.

From the Satoshi’s original Bitcoin white paper, the digital assets have come a long journey to now almost half a trillion dollars market. With 1000+ digital assets trading across hundreds of digital trading platforms, the secure storage of digital assets has become more crucial than ever before. With the effort of preventing digital hacks, such as Mt.Gox, Bithumb, where hundreds of millions of digital assets being stolen, several custody solutions for digital assets have become available for both retail and institutional investors.

Traditional Vs. Digital Assets Custody

Just as with stocks, bonds or other traditional assets, investors are looking to keep their digital asset from loss through custodians. However, unlike the safekeeping of traditional assets, the custody of digital asset focuses primarily on securing the private keys of the owners’ digital asset, as the private keys represent the ownership of the digital assets. Also, some key features of digital assets, such as 24/7 operations, and fractional ownership, will pose additional challenges for custodians to keep digital asset secure. For example, if forking happens for the digital asset possessed by a custodian, several questions arise. How should the custodian handle the forked digital asset? When to deliver the forked asset to customers? What are the corresponding disclosure policies?

Figure 1: Traditional versus Digital Custody

Institutional Digital Custody

The primary way for individuals for safekeeping digital asset is self-custody, in which asset owners are storing the private keys in offline hardware or paper wallet. Although it is cost-efficient and usually highly secured, institutional investors rarely utilize self-custody due to the regulations, legal obligations and operational complexity when it comes to a large number of asset owners. Institutional grade digital custody requires robust systems, technology, operational controls to meet regulators requirements as well as secure digital assets of their customers. To meet different needs of the institutional digital asset owners, two major types of digital asset custody solutions have emerged to the market.

1. Dedicated Digital Custodian

By law, institutional investors are required to employ a regulated custodian for most of the traditional assets separately. Although there is no similar regulation in place for digital assets, some traditional custodian like Fidelity Digital Asset and State Street partnership with Gemini, both offer dedicated custodians services that to meet the potential needs of the institutional investors. Due to the offline storage of digital assets, dedicated custodians are much less likely to attract hackers who usually target at attacking trading venues, such as exchanges. Also, the counter-party risk is reduced with a dedicated model significantly since custodians’ performance isn’t dependent on any exchanges. On the other hand, because they are entirely separate entities from trading venues, the custody fees are usually the highest among all the custody solution options.

2. Exchange-based Custodians

Some digital asset exchanges offer investors a custody solution too, and it remains to be the most common way for retail investors to store their digital assets. To reduce the risk of digital asset loss due to cyber attacks, digital exchanges safekeeping the private keys using “Cold Storage” or a mix between “Hot Storage” and “Cold Storage”. Typically, digital exchanges offer investors two distinct configurations.

a) Commingled configuration

Under this configuration, all digital assets within the exchange system are commingled in the same cold storage. As no individual address is created for each customer, the trade settlement process is much faster and cheaper. However, users are facing the risk of losing all their assets once the commingled account is hacked.

Figure 2: Commingled configuration of digital custody

b) Segregated configuration

Exchanges also offer the segregated configuration where the users’ digital assets are stored in segregated cold wallets. Under this configuration, even though the trade settlement can be costly depending on the settlement frequency, the risk of losing all the assets becomes much lower.

Figure 3: Segregated configuration of digital custody

To further enhance the security of the private keys, digital asset custodians utilize multi-layer security architecture with a combination of the “multi-signature,” “bio-metric access control” and “hardware security module (HSM).” The multi-layer security mechanism ensures private keys are never connected to the internet and are kept air-gapped inside safes in locked cages.

Framework for regulated institutional digital custody

There are two aspects of establishing regulated institutional grade digital custody — i) Regulation consideration; ii) Technology and operations

Under the U.S Investment Advisor Act of 1940, any investment adviser with over $150 Million in AUM shall take actions to safeguard client asset. This implies a growing demand for license digital asset custodians from various types of investment advisers, such as hedge funds and broker-dealers. Many tier-1 banks and financial institutions are actively looking for options for participating in the digital asset custody space to fulfill the growing demand, yet only a few have been successful. Majority of the institutional players remain to be skeptical.

According to Fidelity Digital Assets, “For institutions, the most pressing unanswered question is how — if they choose to hold digital assets for their customers — these assets will be secured. The answer is that full-service institutional custody solutions are needed — solutions as equally robust as those provided for traditional assets.”

From the regulatory perspective, to be a qualified custodian, financial institutions have to go through the lengthy application process to receive the charter from the regulatory bodies. In New York State, the New York Department of Financial Services (NYDFS) is the regulatory body for virtual currency-related business; whereas the Division of Banking is the regulatory body for other states, including South Dakota.

Figure 4: Participation of few large financial institutions in the digital asset custody ecosystem

From the technology and operations perspective, due to the lack of familiarity with digital assets, institutions do not understand the inherent risks associated with the assets. More often than not, institutions are not ready to develop robust technology and operation processes that can handle cyber-security as well as risks like AML/CFT and others.

To help financial institutions tap into the digital asset custody space, we suggest the “Regulated Custody Framework for Digital Assets and Cryptocurrencies” that can guide enterprises through the journey of offering digital asset custody services to their customers. It has four main components — Security, Usability, Blockchain — native services and additional considerations like Audits, Real-time AML and risk monitoring, Insurance and others.

Figure 5: Simplified view of regulated digital custody framework for digital assets and crypto-currencies

Conclusion

In the last few years, the industry has seen two significant shifts. First one related to the explosion in the number and diversity of digitized assets on the public blockchains like Ethereum. The explosion has created confidence at the marketplace that led to persisted demand of crypto-assets as investment assets to improve diversity for investors’ portfolios. Secondly, the steady growth and popularity of private securities and non-listed digital investment classes provide necessary expansion to make digital custody business case more viable for traditional players.

While traditional custodian and central clearing and end custodian watch the death role of blockchain gator from a distance, they are slowly aligning themselves to remain relevant in the new distributed (Public/Private blockchain) world around following operating models:

• Partnering with Fintechs: Traditional custodian of listed securities is partnering with digital custody provider like Gemini to offer digital custody services for crypto and other digital assets.
• Establishing a separate trust company for digital assets: Brokerage and asset management firms can establish a separate trust company to handle digital asset execution and custody services like Fidelity Digital Assets. It is not a simple undertaking by any organization.
• Building full — service offerings: Central clearing and end custodian can run a global private blockchain (or privacy-oriented network on a public blockchain) and offer comprehensive services for large institutions. The services may include: 1) Role of an auditor of smart contracts; 2) Gatekeeper by authorizing the transfer and ensuring legal compliance; 3) Offering vault services for storing digital assets, and 4) Enhance cross — border collateral fluidity of digital assets.
• Serving niche investors with digital vault services: Traditional custodians can remain relevant by offering digital custody services for investors who have lost trust in their government and central intermediaries to store their value (or wealth). These investors will use multiple digital custody providers to store their digital assets and spread the keys of their multi-sig accounts across various providers
• Expanding into private and non-listed digital assets: Stringent regulatory compliance is attached to listed securities and digital assets. However, it is much easier to manage regulatory compliance with non-listed and private securities and digital assets. The rise in the popularity of non-listed investment classes, trading platforms (i.e. Clearlist), and their tokenization (SMBs/Startup investment) make digital custody services more viable for traditional players.

We believe the business of custody will remain, but the role and the services of custodian may evolve over period of time. In near term, custodian will start offering digital custody services to tap into new revenue stream from digital assets and crypto-currencies.

About Bharat Gupta and Infosys

Bharat Gupta is Senior Principal with Infosys Consulting, a management consulting arm of Infosys. Bharat is a part of Financial Services and Insurance consulting practice and focusing on digital transformation, cloud platforms and Blockchain. Bharat formerly led senior executive positions with Reliance Group and NEC Corporation and post-graduated from the Indian Institute of Technology Delhi (IIT Delhi).

About Hao Wang and Infosys

Hao Wang is Senior Consultant in the Financial Services and Insurance practice at Infosys Consulting. Hao has consulting experiences in program management, digital transformation and blockchain for large banks and financial institutions. Hao earned bachelor’s degree and MBA degree from the New York University.