[ D I G I TA L A S S E T S ] into a hot wallet before being used. Any change will be sent to the hot wallet, not the cold storage. Any file transfer between online and offline machines will defeat the purpose of air-gapped cold storage, so reconciliation adds another process. Dominic Longman, chief product officer at Trustology, a London-based company that focuses on crypto custody services, likens cold storage to exchanging stock certificates in the 1960s, meaning that you have to wait anywhere from hours to a couple days to access your assets. “Cold storage is an old school approach to a technical problem,” he says. “People choose it out of misunderstanding the risk vectors or because it is easier to price for insurance purposes.” Some investors might prefer to use both hot wallets and cold storage, depending on the need for immediate withdrawal. In that case, an institutional investor looking for institutional-grade custody would keep the majority of the assets in cold storage and only a small amount in hot wallets, for use and trading. Multi-level approach to security When it comes to digital assets, security is front and centre. Digital assets are uniquely challenging from a technolo- gy perspective and you need a layered approach where the layers all work together. The most critical layers are technology, security, and operational security. The three must work together. After that, an institutional owner might want additional layers of custodial ex- pertise and services. Regardless of storage type, cyber hygiene is critical. Generally speaking, most cryptocurrency losses are due to carelessness rather than hacking or fraud. The same goes for institutions. Clients of third-party custodians should ask many questions, including how the network is configured and how the systems are pro- tected. If a device is infected by malware, the keys can be lost. Defending physical threats With keys to digital assets stored offline in vaults, the focus is on defending against physical threats such as theft and weath- er. Here, you need to think about the do- main of where the keys are stored. “What does it take to get into those locations and are there several levels of physical 12 Securities@Sibos January 2019 security protecting those locations?” asks Fidelity’s Jessop. Operational When it comes to operational security, people and processes are key. Jessop points out these key considerations for your custodian: “What are your policies and procedures? Who can access cold storage? How do you ensure division of labour and enforce information barri- ers between people involved in the key management workflow? Capon adds that “key-man risk” is important: “No one per- son should have a complete view of how things work or be able to obtain a key.” You want as many speedbumps in the process as possible. This includes a lot of checking before assets are transferred, from various levels of authorisation and multi-signature requirements to time blocks. Capon explains: “For the highest security, you don’t want instant access. You want it to take fifteen minutes to withdraw your key, and you want a hu- man in the middle of the process.” As for time locks, “the owner of the assets can choose to have the process take two days rather than fifteen minutes.” Trustology takes a different approach. “Customers should focus more on tech- transaction when in a certain location). The difference is the removal of people, which again is about security versus convenience. Regardless of the speedbumps involved, make sure there is an audited control process. Knowledgeable custodian Whether the third-party custodian is a newcomer or an established custodian of traditional assets, it is clear that you want people who know what they are doing. There is no definition for “qualified cus- todian” when it comes to digital assets. The custodian does not need to be a bro- ker-dealer, but most agree that it should act like one. Satisfying US government standards for holding assets is considered by most to be validation of an institution- al-grade custodian. Capon suggests that investors also look at the background and experience of the people at the company as well as the insti- tutions they work with. Jessop adds that investors should also look at whether the custodian is well capitalised and has in- surance to cover assets under its control. Custodians traditionally provide a mul- titude of services, but, providing services for digital assets is different. As Longman “Custodians should take people out of the process to minimise operational risk. People collude, make mistakes and slow down the process.” DOMINIC LONGMAN, TRUSTOLOGY nology and how it has been implement- ed rather than people,” says Longman. “Custodians should take people out of the process to minimise operational risk. People collude, make mistakes and slow down the process.” He adds that, “Cus- todians for existing asset classes have looked to remove human / operational risk for years, and this is similar. It is likely even more important with current digital assets as there is no recourse.” Technology speedbumps are similar to people roadblocks in that they include multi-signature requirements (more than one key is required to access the digi- tal assets), time locks (you dictate how long the transaction should take), and geo-location fencing (you can only sign a points out, “Nobody is providing full custodial services at this point. They are doing safe-guarding and safe-keeping. Custodial services for cryptocurrency will come later.” Over time, he adds, custodi- ans and others will develop ancillary ser- vices like trading and lending to broaden the value proposition to investors. The needs of institutional holders of digital assets are quickly evolving, and the growing field of third-party custodians is trying to adapt their offerings as well as develop new services for future uses of digital assets. It is critical for holders to conduct thorough due diligence of custodians to ensure that the appropriate procedures are in place. The stakes are high as the losses are unrecoverable.