The last two years have witnessed a crypto boom. Against the growing demand for crypto assets, an increasing number of institutional and individual investors now hold cryptocurrencies. According to a report by Bernstein, the market value of cryptocurrencies has exceeded $2 trillion. As the number of crypto holders continues to grow, the role of crypto assets is becoming more critical. However, compared with the conventional financial sector, the crypto market is still in its infancy. For instance, there is plenty of room for improvement in terms of infrastructure, and among them, crypto asset custody is one of the most crucial.
The emergence of cryptocurrency as an asset class has drawn attention to the importance of its security and credibility. Moreover, the need for more regulation and operation standards in the crypto market is also growing. Right now, the regulatory oversight of both centralized and decentralized exchanges is getting more stringent. The storage and management of digital assets also remain a concern. As hedge funds, high-net-worth individual investors, and financial institutions expand their crypto holdings, their demand for custodial infrastructures have been growing. At the moment, there are 150 active crypto hedge funds with more than $1 billion AUM, of which 52% are managed by independent custodians.
Crypto asset custody is the latest product of fund custody in the conventional financial sector, so what is fund custody?
Fund custody refers to the flow of funds in third-party custodians instead of platforms, which eliminates the investment risk of platform misappropriation. Generally speaking, the need for custody services among institutional investors stems from risk reduction and compliance requirements. Figure 1 briefly illustrates the relationship between individual investors, fund companies, and custodians in the conventional financial sector. Individual investors first invest in a fund, and then the fund deposits the amount in a third-party custodian (brokers, trusts, etc.), which allows the custody and transaction of the fund to be separate and independent and eliminates a wide range of risks, such as non-transparent internal trades and the misappropriation of funds.
Compared with assets like cash, securities, or physical valuables, the custody of crypto assets requires a new type of infrastructure that drastically differs from conventional custody. For instance, special considerations are needed for the storage security of cryptocurrencies. The chief strategy officer of Onchain Custodian believes that “third-party crypto asset custody has become part of the crypto community. Like conventional finance, cryptocurrency will also have to adapt to regulatory oversight, and it will also need third-party custodians to ensure fund security.” In the context of increasing token holders and market value, the demand for crypto asset custody is on the rise. The target users of crypto asset custody mainly include:
1) Individuals
The only key of on-chain crypto assets is the private key. The possession of a private key represents ownership of the assets in the relevant account. However, as most individuals are not professional custodians, the private key is susceptible to frequent loss, disclosure, and hacking. For holders of large crypto assets, working with professional custodians is far more secure.
2) Companies and institutions
For institutional clients, before entrusting anyone with the private key, scrutinous risk control measures are required to oversee the transfer of crypto assets. Working with a professional custodian ensures the secure internal storage and access of assets.
3) Exchanges
During the past few years, a large number of exchanges have been hacked, including many well-established ones. Exchanges are there to provide a credible platform for secure transactions involving huge amounts of crypto assets. Once they are hacked, both exchanges and users will suffer significant losses. Therefore, the collaboration with a reliable third-party custodian not only addresses the trust issue but also alleviates the risk of hacking.
The three solutions of crypto asset custody
To respond to different demands, crypto asset custody offers several solutions. For example, for retail investors who want full control over their crypto assets, a preferred choice is autonomous storage of crypto assets using hardware wallets or through complex settings for the storage, printing, copy, and backup of the private key.
Some high-net-worth individual investors holding large crypto assets want a certain degree of institutional protection while reserving the control of their assets. Yet, they do not want a third party to manage all of their assets. These investors often choose partial custody.
For institutions such as asset management companies, hedge funds, and family funds, the most secure type of custody is to work with third-party custodians for the holding and management of all assets. There are two common third-party custodial solutions: the hot wallet and the cold wallet. The fundamental difference between the two lies in whether the storage system is online or whether it supports remote access. Hot wallet is the storage of the signature and key in an online system or a hardware device with online access. On the other hand, the cold wallet or cold storage refers to an offline wallet for storing crypto assets. Cold wallets feature storage on an offline platform, which protects the wallet from losses incurred by hacking, unauthorized access, or other vulnerabilities.
The security mechanism of custodians
Most of the custodians have adopted the security mechanism of multi-signature (X of Y), which means the execution of a transaction requires two or more signatures. X refers to the number of signatures required for the transaction to take effect, whereas Y means the total number of parties related to the transaction. More specifically, X of Y means when there are Y individuals holding Y private keys: if X individuals agree to provide signatures, then the funds stored in a shared address can be used for the transaction.
Why do we need multi-signature? If a conventional single-signature mechanism is adopted, once the user loses the private key, he loses the funds in the relevant address. This places holders of large crypto assets at great risk. In such cases, using multi-signature technology can: 1) avoid the loss of the private key (the multi-signature mechanism avoids the loss of funds and spreads the risks); 2) fend off hacking (for a multi-signature address, the hacking of multiple private keys is more difficult); and 3) prevent internal theft (entrusting the private key to one person may lead to internal theft, whereas entrusting it to the majority can prevent such incidents).
Existing custodians
To date, there are 28 providers of crypto asset custody for institutional clients. Among the 28 custodians, 22 were established in 2017 or later. Of these, Coinbase Custody and BitGo are the two largest. Bitstamp, one of the largest crypto exchanges in Europe, announced that BitGo will provide custody for its crypto assets. For BitGo, the Bitstamp contract is a huge business. Coinbase Custody is the biggest crypto custodian in terms of custody volume. Its clients include the well-known crypto trust Grayscale. More than $1.6 billion funds are flowing to institutional custodians. As competition in the custody industry intensifies, some custodians have launched additional services like stake mining, governance, and large-sum OTC.
How to choose a suitable custodian
Legislative institutions and regulatory authorities might establish a full set of laws, regulations and regulatory requirements some day to ensure the security of crypto asset custody, but for the time being, when choosing a custodian, customers have to consider its security and functions.
As a customer, you can assess a custodian from the following aspects:
1) Liquidity: If the custodian quickly responds to requests for asset transfer, can it be sufficiently offline to ensure asset security? Is there a minimum amount for withdrawal?
2) Scale: Does the custodian have any sub-account tools that support multi-account operations? Does it offer whitelist functions? How are new account holders authenticated? Are there background checks, KYC, and other authentication measures?
3) Fees: Are there any minimum asset requirements for custody? How does the fee change in line with the custody scale?
4) Management authorities: Does the management of the custodian have the right to transfer funds? Can the management alter the governance process at its discretion?
5) Monitoring and updates: What mechanisms are available for website access and equipment review? How does the custodian carry out system upgrades and staff rotations? What are the control procedures for performance tests and authentication applications?
6) Compliance and audit: Is the custodian compliant with local requirements for capital reserve and bank standards? Does it comply with the relevant AML (anti-money laundering) and CFT (countering the financing of terrorism) regulations? Is it regularly audited by a third-party auditing firm?
7) Insurance: Does the custodian offer insurance for offline storage (the cold wallet) or the hot wallet, and what is the amount covered? If the coverage is limited, how will the compensation be allocated in the event of asset loss? Figure 3 lists the amount and coverage of insurance offered by some custodians.
Crypto asset as an asset class is rapidly maturing. When choosing a third-party custodian, investors should consider what the custodian can offer over the long term. Everyone in the crypto market should adapt to the fast growth of the field. Here, we listed four considerations:
1) Latency and speed: Though fast access to funds may become increasingly more important for low-latency transactions, high liquidity should not be the only requirement for a custodian. Instead, we should focus on whether the custodian could complete the full authentication and withdrawal process through an offline mechanism while ensuring fast transactions.
2) Support of new tokens: There are new tokens launched every day, and not all custodians can support them. Figure 4 illustrates the types of tokens supported by some custodians.
3) Staking for “interests”: In traditional finance like banking, customers receive interest by making asset deposits. In crypto asset custody, “interests” are offered to customers in the form of earnings through staking;
4) Regulatory oversight/compliance: Crypto asset custody is constantly evolving and iterating, and the legal and regulatory requirements for custodians are also taking shape. As such, for investors, it is vital to choose a custodian that is compliant and regularly audited by third parties.
