Asset custodians storing investments like equities and gold are well-established in traditional finance, so it’s no surprise that a similar vertical has emerged in the crypto industry. 

However, rather than protecting assets, which exist on a public blockchain, crypto custodians guard private keys, the unique string of alphanumeric characters that provide access to the funds in a wallet. 

When storing assets, holders of crypto assets can choose to keep them on an exchange, opt for self-custody, or get professional crypto custody services. This blog post explores the differences between these options and their particular advantages, to help you find the one which meets your needs.  

Who provides crypto custody services? 

Many crypto exchanges provide wallets where users can store the tokens they purchase. Some exchanges have built their own custody solutions, while others outsource it to third parties. However, recent events have continued to demonstrate that storing assets on exchanges is likely the least secure option available. 

As shown in the case of Binance, which lost $570m worth of assets during a hack, exchanges are exposed to unique cybersecurity threats. Moreover, the unexpected fall of the FTX exchange brought to light the worst-case scenario for customer asset misuse. These examples show that exchanges do not have the correct organizational setup to ensure the security of customer funds and can even go as far as misappropriating the assets they are entrusted with.

As the industry has evolved and demand has increased, a new breed of digital asset custodian has emerged, offering custody services to crypto holders. Finoa is such a digital or crypto-asset custodian, servicing customers with top-of-class technology and crypto custody solutions that are both secure and legally compliant. 

Beyond the exigent security requirements that Finoa must fulfill as a regulated entity, the company is set up in such a way that client assets are considered Special Assets that are held off-balance sheet. Even in the unlikely event of insolvency, Finoa customers would still be able to withdraw their assets.

Custody providers
Source: 2018 Global Market Simulation by Finoa

Mainstream banks also offer crypto custodial services. For instance, in July 2020, the Office of the Comptroller of the Currency, the US financial regulator tasked with ensuring a safe and sound banking system, started allowing nationally chartered banks to become crypto custodians. 

What are non-custodial wallets?  

As an alternative to custody services, non-custodial or self-custody wallets put you as the user in complete control of your funds as you take full responsibility for storing your private keys. 

Types of non-custodial wallets 

As the name suggests, browser wallets are accessed directly from a web browser. Users download and install an extension, although some browsers come with built-in wallets. 

One of their most appealing features is they simplify the process of interacting with decentralized apps and exchanges as they connect at the click of a button. Browser wallets are known as ‘hot’ storage as the data they hold is accessible online. 

Software wallets are downloaded and installed on a desktop or mobile device. The mobile version is particularly popular among those who use crypto as a medium of exchange as it makes sending and receiving tokens easy, for example by scanning a QR code. Software wallets are another form of hot storage.  

Hardware wallets are one of the most secure ways to self-custody crypto, but they’re also the most inconvenient as they lack the accessibility of hot or warm storage. They typically take the form of USB devices and to transact, these devices need to plug into a laptop or desktop or connect via Bluetooth. Hardware wallets are referred to as ‘cold’ storage as they store user data offline.  

Pros and cons of self-custody

By cutting out the need for a third party, non-custodial wallets eliminate counterparty risk which arises if an exchange is hacked or goes bankrupt. But you could still lose your holdings if you misplace your password or your wallet isn’t backed up properly. In fact, crypto data firm Chainalysis estimates that around 20% of all bitcoin is stranded in wallets that users no longer have access to. While a ‘recovery’ or ‘seed’ phrase – a cluster of random words generated when setting up a wallet – provides a backup that can be used to regain access, like a private key, this must be securely stored.

The role of a crypto asset custodian 

When using a crypto custody service, clients entrust their private keys and the security of their holdings to a third party. As opposed to the setup employed by most exchanges, assets held with Finoa are never kept in 'umbrella accounts,' mixed between clients or with company funds. Every new account is a fully segregated wallet and always corresponds to a new set of private keys. As a result, the assets under custody are protected from the counterparty risk that could otherwise arise from using an omnibus ledger.

Custody services are suitable for crypto holders who prioritize peace of mind. If you forget your password, you can create a new one relatively easily, rather than lose access to your funds. Custody services are also popular among clients with large crypto holdings who value the extra layers of security and may need multi-signature wallets if several decision-makers manage the funds.  

Third-party custodians key indicators scoring

Most custody service providers employ a combination of hot and cold storage, although Finoa has developed a proprietary ‘warm’ storage solution that unites the flexibility of hot storage with the security of cold storage.

Thanks to Finoa's native on-chain custody and staking experience, every client has full transparency on what happens to their assets, including any type of transaction, such as deposits, withdrawals, or staking actions. The blockchain effectively acts as a 'Proof-of-Reserve' that certifies the authenticity of client holdings and historical transactions and can be consulted at any time.

Evaluating professional crypto custody service providers

When choosing a crypto custody provider, it’s important to check that the company is regulated by its local financial authority and licensed to act as a custodian (Finoa is supervised by Germany’s BaFin - Bundesanstalt für Finanzdienstleistungsaufsicht). Regulated entities must subject clients to the same compliance requirements as mainstream financial institutions, such as Know-Your-Customer (KYC) and anti-money laundering checks, to ensure their funds come from a legitimate source.  

Alternative options for crypto custody

In addition, working with regulated custodians limits the risk for investors, since companies like Finoa regularly undergo external audits to evaluate the reliability of internal organizational structures and ensure that areas such as risk controlling, IT security, and financial accounting are compliant with the highest operational standards. 

Fees are another consideration. Crypto custody fees vary, but they generally fall into three categories:

  • A set-up fee to open a crypto custodial account 
  • An annual fee based on the value of the assets in custody (typically under 1%)
  • A withdrawal fee levied when removing funds from an account, either a flat rate or a percentage of the amount withdrawn 

One final note on crypto custody services – they aren’t available to everyone. Some providers only accept institutional clients, while others enforce a minimum position size. To learn more about how Finoa’s regulated custody solution can protect your crypto assets, get in touch