This article by Alan Leung has been edited and was first published on March 4, 2024, on Coinbase.
Summary
- Ensuring digital assets are safe is paramount to the long-term success of the sector.
- To achieve this, high-level scrutiny is required, along with regulation and auditing.
- Investment is also key, helping to maintain and improve technology and operations.
The growing interest in the safety of digital assets
Crypto custody is in the spotlight, and rightfully so. With the SEC’s approval of spot bitcoin ETFs, many investors, financial advisors, and institutions are exploring the space for the first time to understand how digital assets are stored and protected. This scrutiny is good and welcomed.
When ETF providers select a custodian, they conduct an extensive diligence process – maybe the most rigorous process conducted for any new asset class.
Coinbase was selected as the custodian of choice for 8 of 11 spot bitcoin ETF mandates. Winning those mandates was a rigorous, competitive process. Here, we outline the foundational principles of our digital custodian.
Principle one – maintaining a track record of securing customer assets at scale
We have a standard when it comes to our custodial platform: zero tolerance for errors. That standard has dominated our philosophy over 12 years, a track record we compiled without a risk event. Now, we safeguard $193 billion in digital assets, including $101 billion in institutional assets under custody (as of Q4 2023).
This track record is no accident. We hire top talent. Our team includes world-class and internationally recognized applied researchers.
We give them the tools and resources they need to continuously invest in technology, processes, and systems to ensure we maintain the leading institutional-grade custodial platform.
Today, we leverage advanced cryptographic key-sharding techniques to maintain a comprehensive system that combines physical security, consensus computation, and strict, audited process controls.
Our institutional clients are able to further decentralize and tailor access to their operating model by leveraging enterprise security features, such as strict permissioning, multi-user consensus, and transfer policies that ensure no single individual within their organization can act maliciously or be coerced into executing unauthorized transactions or instructions.
Principle two – rigorous regulation and auditing
Coinbase Custody Trust Company, LLC (CCTC), our US-based custodian, is a fiduciary under New York state law and a qualified custodian under the Investment Advisers Act of 1940. It is regulated by the New York Department of Financial Services (NYDFS), which also regulates New York’s chartered banks.
Our commitment to safeguarding digital assets goes further. As a public company based in the US, Coinbase is also subject to regular audits of our financials. In addition to providing an accurate picture of our business health, audits ensure we properly segregate and maintain separate accounts for our corporate and client assets.
In February 2020, CCTC became one of the first crypto custodians to complete SOC 1 Type II and SOC 2 Type II examinations, which verify that we have substantial internal processes and controls in place to safeguard client assets.
The SOC 1 Type II reports test internal controls and systems over financial reporting.
The SOC 2 Type II tests internal controls and systems related to security of the platform.
Principal three – ensuring legally segregated and insured custodial funds
CCTC is separate from other parts of Coinbase. Client funds are segregated at the account, sub-account, and on-chain wallet address level, such that clients can independently monitor wallet activities on-chain.
Legally, client funds are bankruptcy remote. This isolates custodial assets and protects them from the financial position of any Coinbase entity or any other client in the event of insolvency.
In addition, Coinbase maintains a substantial commercial crime insurance policy that covers theft of fiat currency or digital assets from Prime Trading or Vault.
Our ability to actively manage the hot and cold wallets of our trading balance based on our insurance coverage provide clients with financial protection against a range of potential security risks.
We believe our policy is the largest commercial crime policy covering hot wallets of any digital asset exchange or custodian. Over the past eight years, we have significantly increased the size of our commercial crime coverage while securing year-on-year premium decreases over the past two years, which is indicative of our insurance partners’ views of our strong processes and risk profile.
Principle four – ensuring trading is operationally efficient
Our custody solution fits seamlessly into institutional needs for trading and settlement. With integrated trading, financing, and custody, ETF providers and institutional clients can easily and quickly move funds to take advantage of Coinbase Prime’s advanced trading algorithms and execute a variety of different order types, including TWAPs to target a reference rate. They can also tap our advanced agency trading desk for customized order execution strategies or fixed price block execution with third-party counterparties, settling those trades directly on Prime.
All of this cuts down on the complexity and cost of trading, settlement, and custody, as well as the risk for ETF providers.
Outlook – continuous investment required
Crypto is always evolving, and as such, continuous investment is required to improve technology and operations, ensuring that clients’ digital assets remain safe and secure. This leaves them free to confidently take part in the crypto economy.
A version of this article appeared on Coinbase.