Past failures in digital asset markets show that custody resilience depends not only on technical controls, but also on governance, segregation and operational processes.
By Thomas Brunner, Sygnum Head of Custody & Staking
As institutional exposure to digital assets grows, how those assets are safeguarded becomes more important. Custody is no longer just a technical function – it is a core part of the infrastructure that supports digital asset markets.
How custody is structured affects how assets are protected, who controls them and how risks are managed. This becomes particularly relevant when considering the different roles digital assets can play within a portfolio.
Custody architecture and reserve assets
Digital assets can serve different roles within an investment portfolio. Some are used for active trading or liquidity management, while others may be held for longer-term strategic exposure. Assets intended for long-term holding place different demands on custody infrastructure.
In cold custody contexts, institutional due diligence tends to focus on a few structural questions:
- How is private key material isolated from network connectivity?
- How are reserve assets separated from trading infrastructure?
- What approval processes govern asset movement?
- How are responsibilities distributed and documented?
Rather than emphasising individual security tools, institutions increasingly evaluate how the custody architecture functions as a system.
Lessons from operational failures
Several well-known events illustrate the importance of custody architecture.
QuadrigaCX (2019), a Canadian cryptocurrency exchange, collapsed after the death of its co-founder and CEO, Gerald Cotten. Court filings initially said Cotten alone had the passwords to digital wallets said to hold large amounts of customer crypto. Subsequent findings by the Ontario Securities Commission showed that responsibilities were highly concentrated, with Cotten solely controlling operations, and that his claims that client assets were held in secure, offline multisignature wallets were untrue and misleading. Customer assets were also misappropriated for unauthorised trading and other purposes.
The FTX (2022) collapse highlighted a different governance failure. Regulatory findings indicated that customer assets that FTX represented as held in custody and segregated were in practice routinely transferred to and held by its affiliated trading firm, Alameda Research, and misappropriated for other purposes.
More recent incidents have also highlighted operational risk in asset-movement workflows. In May 2024, DMM Bitcoin, a Japan-based cryptocurrency exchange, lost 4,502.9 BTC. Subsequent investigations indicated that the incident likely involved a social engineering attack that manipulated a legitimate transaction request through internal processes.
Although the technical circumstances vary, these events point to a common pattern: weaknesses in custody governance, controls and operational processes.
The examples illustrate broader industry lessons around custody governance and operational controls. Institutions are increasingly evaluating how custody frameworks address these structural considerations. Within this context, Sygnum’s custody framework is designed to mitigate risks like those highlighted above through a focus on governance, asset segregation and operational controls.
Regulation and institutional oversight
Custody architecture also sits within an evolving regulatory landscape.
Authorities in several jurisdictions have begun developing rules governing how digital assets must be safeguarded. For example, Hong Kong’s Securities and Futures Commission requires virtual asset trading platform operators to keep at least 98% of client assets in cold storage.
In July 2023, the Monetary Authority of Singapore stated that Digital Payment Token service providers would be required to safeguard customer assets, later confirming requirements including daily reconciliation of customer assets.
In May 2025, the UK Financial Conduct Authority issued a consultation outlining proposed rules for safeguarding qualifying crypto assets.
Within Switzerland, digital asset custody operates within a defined regulatory framework. Sygnum, for example, operates under this framework and received a Swiss banking licence from FINMA in 2019.
At Sygnum, client assets are held off-balance sheet and ring-fenced from our own balance sheet. This means the assets remain the property of clients and are bankruptcy-remote under Swiss law.
Our custody platform is audited under the ISAE 3000 and ISAE 3402 standards. The ISAE 3000 report covers the secure generation of cryptographic keys, while the ISAE 3402 report covers the transaction-signing environment and its operational controls.
Together, these elements show how our custody framework combines regulatory oversight, independent assurance and legal separation of client assets.
Sygnum Cryo – Deep Cold Key Management Technology: A structured approach to cold custody
Within this broader custody framework, Sygnum’s cold wallets are designed for digital assets held long term. It is powered by Sygnum Cryo, our deep cold key management technology.
Sygnum Cryo follows a clear architectural principle: cold storage is designed around network and physical isolation at all times.
Private keys are generated and stored in fully air-gapped environments, separated from connected systems and trading infrastructure. Hardware-secured protection is implemented through HSM-based controls within multi-layered, access-controlled physical environments, while asset movement follows multi-person approval procedures and defined access controls.
These safeguards operate within Sygnum’s Swiss-regulated banking framework, where custody processes form part of the bank’s broader governance and risk-management structure.
The environment has also undergone external security review by Halborn, a recognised blockchain security firm, alongside regular penetration testing, providing additional validation of the cold custody architecture.
The architecture further incorporates forward-looking security considerations, allowing it to adapt as digital asset infrastructure evolves. This includes consideration of emerging requirements such as post quantum cryptography.
Custody transparency as market infrastructure
As digital asset markets mature, custody architecture is becoming an important part of the infrastructure supporting institutional participation.
Past incidents show how weaknesses in governance, controls and operational processes can undermine custody environments. Clear custody structures allow institutions to better evaluate how assets are protected and how responsibilities are managed.
For institutions allocating digital assets as long-term reserves, custody architecture becomes a structural decision that shapes protection, governance and oversight across market cycles.
Disclaimer: The information in this publication pertaining to Sygnum Bank AG (“Sygnum”) is for general information purposes only, as per date of publication, and should not be considered exhaustive. This publication does not consider the financial situation of any natural or legal person, nor does it provide any tax, legal or investment advice. This publication does not constitute any advice or recommendation, an offer or invitation by or on behalf of Sygnum to purchase or sell any assets. No elements of precontractual or contractual relationship are intended. While the information is believed to be from accurate and reliable sources, Sygnum makes no representation or warranties, expressed or implied, as to the accuracy of the information. Sygnum expressly disclaims any and all liability that may be based on such information, omissions, or errors thereof. Any statements contained in this publication attributed to a third party represent Sygnum‘s interpretation of the data, information and/or opinions provided by that third party either publicly or through a subscription service, and such use and interpretation have not been reviewed by the third party. Sygnum reserves the right to amend or replace the information, in part or entirely, at any time, and without any obligation to notify the recipient of such amendment / replacement or to provide the recipient with access to the information. Simultaneously, there is no obligation of Sygnum to inform recipients of information, if before provided information later becomes outdated, inaccurate or obsolete, unless otherwise provided by applicable law. The information provided is not intended for use by or distributed to any individual or legal entity in any jurisdiction or country where such distribution, publication or use would be contrary to the law or regulatory provisions or in which Sygnum does not hold the necessary registration, approval authorisation or license. Except as otherwise provided by Sygnum, it is not allowed to modify, copy, distribute or reproduce, display, license, or otherwise use any content for commercial purposes.
Sign up for Future Finance
Join our 40,000 strong global community to future proof your investments. Sign up now to be the first to receive our news, product launches, industry reports and educational series.