Cryptocurrencies have two faces that present two different sets of custodial issues. One face of these digital assets is that they are weightless strings of binary code that can be flashed around the globe instantaneously. They are accessed through a network of servers with heavy encryption at every step the main custodial tactic.

The other face is physical. Cryptocurrency investors have become highly aware of the fact that “hot” storage of digital assets (storage in an online encrypted file) is more risky than “cold” storage in an offline “wallet” because the online storage methods have proven vulnerable to hacks of different kinds (phishing, social engineering, etc.). The custodial risks of offline cold storage have a lot in common with the physical risks of other small but highly valuable items, but they include some digital risks as well.

A growing number of firms ranging from startups (like Bitgo) to financial giants (like Fidelity) have devised or are in the process of devising cold storage services—a kind of vault for digital assets—for the growing number of investors who want better protection for their crypto assets. A cold storage vault provider has to assess the risks of digital assets in offline storage and devise methods to mitigate them. Note that these risks exist in a largely unregulated system where normal fiat currency controls do not exist.

Here are seven risks providers need to assess and address:

1. Is the safe or vault the right kind for the level of risk, for the value of the asset?

The physical security of the vault must be strong enough to match the value of the asset. Since literally billions of dollars in value can reside on a tiny device, physical resistance to penetration is not a trivial matter.

2. Are digital threats adequately controlled through electronic and physical means?

Digital assets are vulnerable to magnetic or radio radiation, by malicious intent or by accident. Storage areas should be shielded, including all access routes on the premises. No devices capable of memory or carrying magnetic fields can be allowed in the vicinity of the asset.

3. Is physical access to the vault properly controlled?

Almost every armored car robbery begins with the thieves evaluating the access route. To generalize, cold storage providers have to do the same kind of assessment and control the risks. CCTV coverage of access areas is essential, and recordings should be kept 30 to 45 days. Guard presence is required, with escorts for people asking to access the vault.

4. Do procedures sufficiently check the identity of individuals seeking access?

The absence of a legal system of Know Your Customer controls means that storage providers have to develop other means for identifying the people who seek access. This includes every person involved in the chain of custody, such as drivers, guards, and managers. The level of control established by the entities in the chain of custody will vary, and could introduce risks during hand-offs.

5. Are dual control procedures in place at each step in the access process?

Every hand-off and every episode of access to the asset should be under dual control, with appropriate segregation of duties.

6. Are logs maintained to document access and hand-offs of assets, either in or out?

In addition to the CCTV record, every event in the vault that includes access to an asset should be logged according to an established procedure. Personnel on the ground should make the entries and sign off on them.These records should maintain an audit trail including the nature and value (if known!) of the digital asset.

7. Is every member of the staff researched for security and trained in all procedures for control?

Training and understanding of the mission of the vault, as well as job-specific duties, must be verified for every vault employee. Again, outside individuals in the chain of custody may present unknown risks, so efforts should be made to determine the level of control they are under.

Many of these risks are familiar to vault service providers in the cash management industry. For some risks, the addition of digital cold storage is a matter of extension of policies that already exist. However, the addition of the digital issues, especially since cryptocurrencies do not have an external source of control like a fiat currency has, raise the level of risk and the related need to mitigate risk for cryptocurrency.

Download and read Lowers & Associates new white paper, Custodial Crypto: Transportation and Storage, to get a broader understanding about how crypto affects custody.

Custody of cryptocurrency in transit or in storage poses some specific risks that differ somewhat from the usual high-value small sized items, like jewelry. Cash in Transit (CIT) service providers will have to adjust security routines to take these differences into account.

By definition, providing transportation or storage of crypto means that it is in “cold” storage, meaning that it is offline — there is an air gap between the crypto and the Internet or some other digital network. Given that cryptocurrencies are always stored in digital files means that access to them is controlled via strongly encrypted “private keys” using 128-bit encryption generated by a “wallet” (a storage file).

Some risks carriers and vaults must take into account for secure custody of crypto include:

1. Items in custody come in small, somewhat fragile packages.

Even if the digital asset is worth millions of dollars, it can reside on a device the size of a thumb drive. The private key may be written on a piece of paper. Obviously, either of these would be easy to slip into a pocket, and neither weighs more than a few ounces. Packaging and handling have to take into account how easily these items can be damaged, as well as maintain an absolute lack of description of the contents to the casual observer.

2. The device is vulnerable.

The digital asset that the CIT or vault provider is responsible for will reside on some kind of electronic device that is capable of memory, and has a way to input the private key. The binary code that describes the asset contains its value, as well as the identity of its private key. Both of these are critical to access the value, and if either is lost, the value is permanently gone—it will be impossible to recover. Devices like this may be vulnerable to electronic or magnetic disruption, either by accident or intention, so CIT services have to be sure the files are not exposed to damaging fields.

3. The identity of the asset owner may be unknown.

Digital currencies were created in the first place to do away with the need for the regulations and controls imposed on fiat currencies like the US dollar. One standard control on ordinary currencies is the Know Your Customer(KYC) requirement. For crypto, where anonymity is a design feature, not a flaw, the custodian has the potentially large liability for criminal or terrorist activity if it does not know something about the identity of the asset owner(s). This information will have to come through procedures, not regulation requirements.

4. The carrier may not know the value of the currency they are responsible for.

Crypto carriers know Anti Money Laundering (AML) requirements, such as suspicious activity reporting, for values of any size. If custodial procedures depend in part on the value of the item, then determining that value is a critical matter. Beyond the ability of an owner to insure the item (whose risks must be known), the custodian is exposed to loss based on the value. This is a precarious situation.

5. Crypto requires unique access procedures that the custodian may need to help facilitate.

Custody of crypto means that there will always be two entities to protect: the digital file containing the currency, and a record of the private key, which may be physical. Since these two items can never be carried or stored in the same place, all of the risks described above apply to two complimentary assets that have to be brought together to access the value in the currency. This in itself creates the need for procedures to coordinate access in a way that ordinary items do not.

 In general, custody of digital currencies takes place outside the financial system framework that regulates business as usual in CIT businesses. For more information about the sources of risks of crypto and policies for addressing them, see our new white paper, Custodial Crypto: Transportation and Storage.

With the surge of cryptocurrencies, mainstream investors are looking at them as alternative vehicles for transactions and the storage of value. Despite their relative volatility, they have advantages in permitting transactions of any size on-demand, growing worldwide acceptance, anonymity of stakeholders, and independence from traditional financial institutions.

The security of the blockchain is inherent in its technology. Each step forward in time, when a new block is added to the chain with the guarantees of either the power of work (POW) or power of stake (POS), the transparency and permanence of transactions is theoretically immutable, as long as the private encryption keys are secure.

Every unit of cryptocurrency is exposed to investment risk, just like any other commodity that is traded in a market. Investors may seek hedges in the market against loss, but this kind of loss is not insurable in the ordinary sense.

So, the general answer to the question “what are we insuring?” is against the loss of value due to institutional failure or theft. But in the case of cryptocurrency, how is the value determined?

The institutional structure of cryptocurrencies is a wild west of new businesses emerging to manage the flow and storage of value. The most prominent type of business in this ecosystem is the exchange, where the market value of crypto can be traded for a traditional fiat currency. You can sell your Bitcoin for U.S. dollars, products or services, or almost any other currency.

Unfortunately, the exchanges have proven to be insecure. Billions of dollars’ worth of cryptocurrency have been stolen by hackers who break into the online system. In an odd feature of the blockchain, it has been possible to see which accounts received the stolen money, but without the encryption keys it cannot be recovered.

Shifting the risk offline.

A response to the risk of storage of value on a crypto exchange (in a “hot wallet” online) is to move the currency to a “cold wallet” that is offline. In other words, you download the value onto private keys.

Therefore, the insurable event is when either the encryption key or the currency value, or both, are stored offline. Whenever this happens, you are no longer in the purely digital world of the blockchain, and the risk of loss through theft arises.

Insurers will want to replace the fiat currency system’s security rules with procedures and processes that duplicate their functions. For instance, they will want to replace ‘Know Your Customer’ regulations with procedures that identify the owners of the currency and/or encryption keys. They will also want to see custodial procedures that safeguard the offline items with security commensurate to the value.

There is some irony in the fact that the blockchain, which was devised to do away with all the cumbersome regulations of fiat currencies, maintain anonymity, and offer a high level of confidence, is now evolving toward systemic guarantees much like fiat currencies already have.  There is a cost for having secure transactions and storage.

For much more information about cryptocurrency storage and transportation, see our new white paper, Custodial Crypto Transportation and Storage: Understanding the Risks.

Cryptocurrencies such as Bitcoin and Ethereum are emerging from the dark side of the web. These currencies have multiplied in number and increased tremendously in value despite their volatility.

However, sad experience has taught storing crypto safely in online exchanges is risky at best. In the infamous case of Mt. Gox, almost $500 million worth of bitcoin was hacked. Some of it seems to have emerged in the hands of potential thieves, but there’s still mystery surrounding the incident. Many other hacks of exchanges have occurred since Mt. Gox, leading to a scramble to find more secure ways to manage cryptocurrency.

The super-hacks have shined a spotlight on the issue of custody. As Philip Martin of Coinbase, a large cryptocurrency exchange, stated in a recent Wired Magazine interview,

“Cryptocurrencies have a threat model that’s fundamentally different from what’s come before. We’re taking the lessons from the past about physical security and blending them with well-structured cryptography.”

Crypto investors are understanding that a diversified approach to storage is wise. They are turning to cold storage (offline storage) for at least a percentage of their coin as a way of managing their risks of loss.

Many are finding that the simplest way to avoid the threat of losing digital coin to a hacker is to move it to an offline storage device, called a “cold wallet”. At the same time, the 128-bit encryption codes that permit access to the currency (especially the private key) have to be securely stored where they can be retrieved.

The moment digital files or keys are transferred to a physical medium, whether it’s a device or plain paper (which may be a legitimate way to store an encryption key), custody is the crucial issue. Many of the same risks exist for offline cryptocurrency as apply to other easily transported high-value items like gems.

The encryption keys add a layer of complexity. There are two high-value items, the currency and the key that accesses it, that must be transported and stored separately in a way that they can be rejoined when the legitimate owner wants access.

Our latest white paper plots a path to security in the storage and transportation of cryptocurrency. Carefully managing the risks involved with the activity is necessary to make cryptocurrency insurable. Get your copy of Custodial Crypto Transportation and Storage: Understanding the Risks.