As already widely described by major media outlets, digital asset custody is the single most significant missing piece of infrastructure holding back further institutional money inflow in the Digital Asset markets. Due to the sophisticated and complex technological structure of Blockchain-based assets, Digital Assets are subject to numerous risks (often unknown to the professional investor) that only an institutional third-party custodian can fully protect.

The current market landscape, lacking advanced solutions and a clear regulatory framework (such as in the traditional financial system), still allows institutional investors to opt for alternative forms of custody, which are frequently flawed or sub-optimal. While some asset managers may decide to hold the private keys to their digital assets with their “main” trade exchange (e.g. Binance or BitMex) or use self-custody solutions (like hardware or paper wallets), others prefer to outsource the risk of asset-safeguarding via a dedicated digital asset custodian, re-assuring their investors that the assets are well protected. Those asset managers also anticipate compliance with expected regulatory frameworks across jurisdictions, which will likely replicate the “traditional” model, where asset managers are obliged to work with third-party, qualified custodians once they reach a certain threshold of assets under managemen. In the U.S. for example, the Dodd-Frank Act of 2010 and the Rule 206(4)-2 investment advisers act of 1940 require institutional investors to have a “qualified custodian” secure the holdings.

What is digital asset custody?

The main functionality of Digital Asset Custody solutions lies in the safeguarding of Private Keys — a cryptographic complex alphanumerics combination used to represent, transfer, and operate the holdings. Private keys represent the single point of failure in a world of Digital Assets: they are the only access to an asset, difficult to remember, and are targets for hackers or phishing attacks. Losing the Private Key to an asset is likely to result in the loss of all the respective holdings, with little or no possibility of recovery. While for retail investors a loss of their Private Keys might be already devastating, for institutional investors it is a risk at scale.

Why should institutions opt for an asset custodian?

For institutional investors a third-party custodian clearly represents the optimal solution, providing additional benefits. Firstly, assets are held in the investor’s name and for the investor’s sole benefit: the segregation of duties between the investment manager and custodian provides added controls and security to the process. Secondly, by having separate parties with separate contracts providing investment advisory and custodial services, investors can clearly benefit from independence and transparency (reports and monthly statements to be received detailing fees and costs for each service provided.

A dedicated custodian is the official record keeper responsible for detailing investments held on behalf of the investor. Dedicated custodians are best positioned to report and value holdings because of their infrastructure and internal controls.

What options for digital asset custody are currently available?

When safeguarding their Digital Assets, institutional investors can currently rely on three different options:

  1. Custodial Exchanges
  2. Self-Custody
  3. Third-Party Custodians

Custodial exchanges

Some of the most popular crypto exchanges offer custody solutions.


  • Access to liquidity: direct access to markets with an integrated exchange functionality


  • Regulatory concerns: exchanges that act as a custodian might incur a conflict of interests since ensuring an “operational and custodial independence” is crucial for governance and investors’ protection
  • Risk exposure: lack of sophisticated security measures (non-core business) led to a series of exchanges hacked over the past years damaging investors for billions of USD
  • Operational restrictions: even though investors might find convenient access to liquidity, they are limited to the respective exchange and might lose arbitrage/best-price-execution opportunities


Private Keys moved to an offline hardware or paper wallet in possession of the owner of the assets.


  • Assets’ protection: security levels of the hardware are (usually) high (if never been connected to the internet)
  • Convenience: very cost-efficient solution (usually only the cost for hardware purchase is required, with no ongoing fees associated)


  • Internal risks: In-sourcing the responsibility for safeguarding Private Keys equals buying internal-risk
  • Operational complexity: dedicated resources need to be allocated towards storing and retrieving the Private Keys instead of operating the asset, requiring in-house technological savviness and best practice governance processes

Third-party custodian

Entities specialized in storing and processing Digital Assets and their Private Keys, leveraging a combination of technological solutions, authorization mechanisms, and governance frameworks to protect the Private Keys.


  • Independence and governance: separating the execution & clearing from assets safeguarding
  • Compliance: third-party custodians usually offer audited solutions which ultimately facilitate compliance with regulation
  • Security: third-party custodians’ core business is in asset protection, security and Private Keys’ protection is their value proposition
  • Operational efficiency: no dedicated resources or advanced tech skills needed, enabling asset managers to dedicate themselves wholeheartedly to their core business
  • Agnostic: Often offer the potential for agnostic interfacing to exchanges and liquidity, allowing arbitrage/best-price-execution opportunities


  • Access to liquidity: depending on the type of solution, access to assets might take 24h+.
  • Pricing: fees for a dedicated custodian might be more expensive compared to Self-custody and Custodial Exchanges

Table of comparison of alternative options for digital asset's custody: custodial exchanges, self-custody and third-party custodian

Third-party custodians: current market state 

As previously described, third-party custodian services represent the optimal solution for institutional investors in Digital Assets. When it comes to choosing a third-party custodian, institutional investors can currently rely on three different options in the market, which significantly differ based on factors such as security, compliance, and technological solution among others.

The available options are:

  1. Hot Storage
  2. Cold Storage
  3. Warm Storage 

Cryptocurrency storage options: hot storage, warm storage and cold torage

Hot Storage

Pure hot storage solutions (frequently “on-exchanges”) enable direct asset access and liquidity but are also more susceptible to the fraudulent exposure of the Private Keys. In fact, this custody solution is directly connected to the internet (therefore Private Keys are held “online”) and is often un-audited in-transparent setups, (the reason why they tremendously increase security risks from hackers, breaches, or internal theft) making it unreasonable for institutional investors only relying on this solution.

Cold storage

Cold storage digital asset custody solutions are physically offline and disconnected from the internet. From a security perspective, cold storage might sound perceivably more secure as they are less likely to be exposed to online hackers, however, it transfers the risk to a human-managed process. Additionally, a major drawback is the lack of accessibility (often >24h asset release time out of cold storage) and liquidity, which prevents professional investors from taking advantage of market fluctuations or participating in advanced Blockchain-protocol functionalities such as staking, harnessing the full potential of tokenized-securities.

Warm storage: the industry standard for digital asset custody

A warm storage custody solution, as the name might imply, offers the accessibility of hot storage solutions while providing cold storage security standards. The infrastructure is built in an online environment, unlocking the potential behind immediate asset accessibility and advanced Blockchain-protocol functionalities. To be able to provide this combination of both worlds, sophisticated banking-grade infrastructures are necessary.

Third-party custodians key indicators scoring

Future perspectives

Over the last year, the market landscape for custody solutions evolved very fast with numerous players entering the competitive arena offering a wide variety of solutions based on different value propositions and technology stacks. What is clear is that the different options presented (hot, cold, and warm storage) will continue to co-exist, each of them answering different institutional investors’ needs. Whether hot, cold, or warm, the ecosystem will require all three forms of asset custody at the same time, with asset managers leveraging more than one custodial service at once in order to spread the risk, and more than one type of solution, depending on the investing strategy. What is crucial for the industry is that, regardless of the type of asset custody, solutions will be based on banking-grade standards, and compliant with regulations.

Institutional-grade warm custody solutions will prevail, given their ability to meet and cover a wider spectrum of institutional investors’ needs. A banking-grade infrastructure not only guarantees maximum security, but also unlocks the potential behind immediate online accessibility of digital assets — such as in-custody trading, staking, voting, and other advanced blockchain-protocol functionalities.

If you are interested in learning more about Finoa’s custody solution please get in touch with us and we will be happy to demonstrate our capabilities and our distinctiveness.