Fidelity Digital Assets to Custody Bitcoin in Kingdom Trust Retirement Accounts Crypto custodian Kingdom Trust is offering customers bitcoin cold storage from Fidelity Digital Assets. Custody is generally understood to be about holding something of yours, on your behalf. C is for consent “Multisig” options protect your bitcoin to the extent that more than one private key. Nov 11, · The custodial agreement filed with the SEC for the Grayscale Bitcoin Trust states the following, “Trust Company (Coinbase Custody) is a fiduciary under § .
Bitcoin custody agreementCrypto Custody | Gemini
The presence of centralized intermediaries in a largely decentralized ecosystem makes exchanges obvious targets for hacking. Which brings us back to a core tenant of federal securities laws: to protect client assets against inadvertent loss or theft by third-party intermediaries. An investment adviser is a person or firm receiving compensation for advising others about security investments.
Third, the adviser must have a reasonable belief that the custodian is periodically sending account statements directly to the client containing information about the funds and securities in custody. Finally, the investment adviser must agree to an annual surprise audit by an independent public accountant. Registered investment companies e. Instead, fund directors negotiate custody agreements with banks to determine the appropriate operating and compliance procedures and limitations on liability.
Broker-dealers intermediate between buyers, sellers, and stock exchanges to facilitate the flow of securities. The rule has two dimensions. The Custody Rule is triggered because the adviser now holds directly or indirectly client assets that are securities. This is the answer to the regulatory question for registered investment advisers. The Custody Rule applies.
The question for the adviser then becomes, is my custodian capable of servicing crypto assets? Broadly speaking, it is unclear what it means to have custody of a crypto asset in a way that both satisfies regulatory scrutiny and delivers on the safeguarding function. In other words, the checks that regulators place on advisers and funds in the spirit of protecting investors e. The problem is unique to crypto because it is the only asset class to rely on public key cryptography to denote ownership and effect trades.
Should the custodian build its own proprietary wallet service? How will the custodian balance hot storage and cold storage? Given these challenges, what level of liability is the custodian willing to accept in the custody agreement? Current custody methods and centralized securities holdings are designed to protect against adviser theft, misappropriation, or inadvertent loss of assets. But it is unclear whether a custodian of crypto assets will be able to mitigate against adviser fraud given the practical difficultly of truly securing bearer instruments like private keys.
The exact nuances of securing crypto assets, while related to custody, are not necessarily within the regulatory purview of the SEC. The Commission deferred to banks and financial industry SROs to implement acceptable standards for vaults back when stocks were in physical paper form, and again for CSDs and intermediated trading more recently.
Thus, despite the implications new custody procedures may have on market integrity, the SEC has historically taken a hands-off approach in determining adequate safeguarding solutions. But physically securing assets is only part of the equation. There is an inherent tension between the physical safekeeping and independent auditing requirements as applied to crypto assets. Surprise audits are a reasonable mechanism for regulating firms in this space. But is the same principle true for banks holding crypto assets?
If main objective for crypto custody is limiting access to private keys because whoever has the private key controls the asset , is it counterproductive to expose private keys to accountants for auditing purposes when those keys were moved to cold storage specifically for the purpose of limiting misappropriation risk in the first place?
Perhaps most importantly, how will the independent auditors very ownership of the crypto assets? This task may require technical expertise beyond that of traditional accounting firms. And even for an auditor with proficiency in blockchain technology, it may not be possible to determine that the private key held by the custodian actually represents an ownership interest in the crypto asset. Clearance and settlement will also be an issue.
Recall, the intermediary holding system works, in large part, because securities are housed in a central depository with a limited number of market participants authorized to access the IT infrastructure that communicates with the depository. How should the financial industry approach the integration of assets capable of universal distribution into a system that relies on a single central database? But, for example, if crypto assets are held in cold storage, daily settlement is probably not an option.
The biggest challenge for broker-dealers planning to service crypto asset trades is the requirement for physical possession or control over all client securities. But it is unclear how this would work in practice. Broker-dealers require significantly more liquidity than investment advisers and funds. Is it practical to think about custody in terms of securing individual private keys for firms that support thousands of trades each day?
When broker-dealers execute trades for their customers, are the transactions memorialized on a blockchain or recorded on an internal balance sheet? And to the extent that certain tokens also count as qualified securities under the second arm of Rule 15c, is a weekly tally for the reserve amount sufficient given the high volatility of crypto assets? The liquidity needs also raise a question related to the relationship a broker-dealer may need to have with a crypto exchange.
Since pricing varies by exchanges, how will broker-dealers determine the appropriate rate to quote their customers? As the primary mechanism for entering and exiting the crypto markets, will broker-dealers become dependent on crypto exchanges to satisfy liquidity? More likely, increasing trading volumes on crypto exchanges will lead to a push from regulators to have crypto exchanges register as national exchanges or alternative trading systems under the Exchange Act.
The previous illustrations of the likely safekeeping challenges for bank custodians also apply for broker-dealers using banks as their control location. We noted earlier that custodian banks began as experts in physical safekeeping with vaults and safes.
And although it is not brand new, the shift to immobilized decertificated securities and electronic book-entry settlement is a relatively recent endeavor. Now, bank custodians are suddenly being asked to adopt and become fluent in the nuances of crypto assets, public key cryptography, and blockchain technology. Admittedly, this is not their area of expertise. Thus, as a threshold matter, regulators should consider whether bank custodians and their partner securities intermediaries are the right people for the job.
In other words, does it make sense to task legacy financial institutions with developing the IT infrastructure necessary to make investing in digital assets possible on a grand scale? The unique characteristics of digital assets make this, in large part, a cybersecurity assignment. To be sure, financial intermediaries are highly proficient in cybersecurity—evidenced by the digital network they created to facilitate secure trading and settlement among CSDs, custodians, clearing agencies, and national exchanges.
But cybersecurity expertise and cryptography expertise are not one in the same. The existing financial market infrastructure was not designed with compatibility for cryptographically-coded assets in mind. To integrate crypto assets into the current systems would involve significant financial and human capital considerations.
The alternative would require custodians to depart from decades of established custodial practices to rely on third-party technology. A handful of custody startups are technically qualified custodians though not approved by the SEC. Notably, New York trust company fiduciary powers include acting as a custodian. Undeterred, the startups pitch institutional investors on their proprietary security technology, best-in-class policy controls, and broad wallet and token support. Many of the biggest custody startups also operate exchanges and provide wallet services.
Their marketing materials describe internal protocols designed to avoid conflicts of interest between the various lines of business. But without regulatory oversight there is no way to know the legitimacy of their services. Ultimately, every meaningful exploration into the cybersecurity challenges surrounding crypto assets begins and ends with the private key.
We consider the cybersecurity question independent from the custody considerations because the need for stronger cybersecurity controls is pervasive. If blockchain-based assets and conventional intermediaries are to coexist, the pressing question for regulators is twofold. Broadly, are regulators comfortable integrating assets with an inherent misappropriation risk into our financial systems?
Mooney Jr. Any decisions to buy or sell securities are made solely by the beneficial owner. See The Clearing House, supra note 9, at vi. See 17 C. At a high level, wallets can be divided into five categories, desktop, mobile, online, paper, and hardware wallets.
Similarly, mobile wallets operate through a mobile app on a smartphone. Online wallets are cloud-based services that may be accessed from any internet-enabled device at any location. Paper wallets generally thought to be the least secure as they consist of writing down the private key on a piece of paper and storing it somewhere the user deems safe. Finally, hardware wallets are specialized devices akin to a USB thumb-drive. These devices store private keys offline and may be connected to an internet-enabled device whenever the user needs to initiate a transaction with their tokens.
Other Definitional and Interpretative Provisions. Custodial Relationship. Standard of Care. Representations, Warranties and Covenants. Duties and Obligations of Xapo. Account Service. Prohibited Activities. Limitation of Services. Verification; Transactions. Liability of the Sponsor.
Fees and Expenses. Intellectual Property. Excuse of Performance. Limitations of Liability. This Agreement sets forth the terms and conditions pursuant to which Xapo is to act as a custodian for bitcoins for Account Holder. For the purposes of this Agreement, a Person. A Security Procedure may involve, without limitation, the use of algorithms, codes, passwords, encryption or telephone call-backs.
Terms available at developers. Terms and Policies does not include this Agreement. Eastern Time on Monday through p. Eastern Time on Friday through a. Eastern Time on Monday. The captions herein are included for convenience of reference only and shall be ignored in the construction or interpretation hereof. All Exhibits, Appendices and Schedules annexed hereto or referred to herein are hereby incorporated in and made a part of this Agreement as if set forth in full herein.
Any capitalized terms used in any Exhibit, Appendix or Schedule but not otherwise defined therein, shall have the meaning as defined in this Agreement. Any singular term in this Agreement shall be deemed to include the plural, and any plural term the singular. References to any statute shall be deemed to refer to such statute as amended from time to time and to any rules or regulations promulgated thereunder. References from or through any date mean, unless otherwise specified, from and including or through and including, respectively.
Xapo further represents that it does not engage in any fractional reserve banking and, as such, none of the Custodial Coins will be used by Xapo in connection with any loan, hypothecation, Lien or claim of or by Xapo or otherwise transferred or pledged to any third party.
Commodity Futures Trading Commission or the U. Securities and Exchange Commission;. Department of the Treasury Financial Crimes Enforcement Network, and is duly licensed under the money transmitter regime or virtual currency business activity regime in each U. Xapo shall immediately notify Account Holder if, at any time after the date of this Agreement, any of the representations, warranties and covenants made by Xapo under this Agreement fail to be true and correct as if made at and as of such time.
Xapo shall describe in reasonable detail the representation, warranty or covenant affected, the circumstances giving rise to such failure and the steps Xapo has taken or proposes to take to rectify such failure. The duties and obligations of Xapo shall include the following:. Xapo shall use best efforts to keep in safe custody on behalf of Account Holder all Custodial Coins received by Xapo. All Custodial Coins credited to the Account shall:. Such audit report will be deemed Confidential Information of Xapo.
Such notice shall reasonably describe such change in business conduct, event, occurrence, development, or state of circumstances or facts. Xapo shall notify Account Holder and the relevant Authorized Person s of such receipt of Custodial Coins and of such credit to the Account. Such credit shall be made on the same Business Day as the transaction is finalized by the Bitcoin Network, except that transactions finalized after 5 p. Eastern Time may be processed on the next Business Day.
Xapo shall debit from the Account all bitcoins withdrawn by Authorized Persons from the Account. Such debit shall be made on the same Business Day as the transaction is finalized by the Bitcoin Network, except that transactions finalized after 5 p.
Eastern Time may be processed on the next Business Day; and, provided , however , that Account Holder will be able to withdraw bitcoins stored in the Vault within the Vault Withdrawal Timeframes. Account Holder shall:.
For the avoidance of doubt, Account Holder shall not use:. Furthermore, Xapo cannot cancel or reverse a transaction that has been submitted to the Bitcoin Network. It is expressly understood and agreed by the parties hereto that:. To this end, other than as provided herein, Parties shall prohibit distribution of Confidential Information to persons other than the Parties. Parties shall not use the Confidential Information in any manner that is detrimental to Parties, including, without limitation, to solicit or contact customers of Parties.
For the avoidance of doubt, Parties include the employees, legal counsel, consultants, and other advisors who are bound by a duty of confidentiality by contract or otherwise. For the avoidance of doubt, Parties acknowledge that this Agreement is not Confidential Information, and this Agreement may be disclosed by either party to investors or the public. For the avoidance of doubt, Account Holder may use bitcoin custody services or similar services provided by entities other than Xapo at any time without prior notification to Xapo.