How financial institutions can navigate the future of digital asset custody

by Kelly Browning, Content Strategy, Ripple

Share this post

Traditional finance is at a crossroads with the new digital frontier, and the rapidly evolving landscape of digital assets demands innovative custodial solutions. For banks, payment service providers, financial institutions and others that are either considering or already piloting digital asset projects, it’s imperative to understand the importance of an underlying custody infrastructure.

The Custodial Landscape: Challenges and Opportunities

Custody plays a foundational role in the digital asset ecosystem, enabling a proactive and collaborative environment for the likes of HSBC and DZ Bank to engage in the tokenization space. Partnerships and initiatives like these are indicative of the growing appetite among traditional banks to adapt to the emerging reality of digital assets, demonstrating a keen awareness of the evolving financial landscape and the need to integrate innovative custodial solutions.

Custody in the realm of digital assets is inherently a technological and cybersecurity challenge, as these assets are backed by cryptography. This requires not just infrastructure and security measures but also integration into existing processes and governance structures.

  • Security at the Forefront: The discussion delved into the technological and cybersecurity intricacies of digital asset custody. Cryptography plays a critical role in asset security. There are integration challenges with traditional banking infrastructures, and offline cold storage is indispensable in mitigating cyber and reputational risks.
  • Self-Custody Complexities: The complexity of self-custody for banks—which involves managing keys, governance, compliance, and potentially insuring assets—suggests that self-custody may not be suitable for all financial institutions.
  • Key Management Approaches: There are different approaches to key management, including centralized key storage with low attack surfaces and decentralized access using technologies like multi-party computation. A combination of these methods could very well enhance security.

The Regulatory Puzzle

Global custody regulations are fragmented and inconsistent. However, a trend towards more regulated and segregated custody models is emerging, emphasizing the necessity for legal entity separation and client segregation. The progressive regulatory requirements for key material in various parts of the world, such as the UAE, Brazil, Hong Kong and Africa further highlight this trend and provide a promising outlook for digital asset and custody regulations across the globe.

  • Key Material and On-Premise Requirements
    In certain jurisdictions like the UAE, Thailand and Turkey, a notable requirement is the mandate for key material associated with digital assets to be stored locally, on-premise. This need to have the critical data used to secure and access digital assets physically present within the country’s borders aligns with a broader global trend towards data sovereignty and heightened security protocols in the financial sector.
  • Flexible Implementation and Hybrid Models
    There is flexibility in implementing these regulations, which could mean greater potential for hybrid models in digital asset custody. This approach might involve scenarios where a portion of the private keys – crucial for accessing the digital assets – are managed by external vendors, while still adhering to the local regulatory framework. Such models indicate a growing recognition of the need to balance regulatory compliance with practical operational efficiencies in the realm of digital custody.
  • Implications for Global Custody Practices
    These specific regulatory requirements in the UAE, Thailand, and Turkey provide valuable insight into the evolving global landscape of digital asset custody. As different countries establish their frameworks, entities operating in the digital asset space must navigate a complex tapestry of local and international regulations. This scenario calls for adaptable and secure custody solutions that can comply with diverse regulatory demands while ensuring the safe management of digital assets.
  • Looking Towards the Future
    While the United States has been slow on the uptake as it relates to digital asset regulations, the Securities and Exchange Commission (SEC) might eventually adopt similar regulatory frameworks, indicating a possible trend towards more stringent and localised control over digital asset key material. Such developments could significantly impact how digital asset custody is structured globally, emphasising the need for robust, compliant, and flexible custody solutions.

Interoperability and the Future of Tokenisation

Connecting to multiple private permissioned blockchains is a challenge to say the least, which begets the need for interoperability to normalise access and adoption for institutional investors. Custody plays a crucial role in enabling value-added services and the tokenisation of financial and real-world assets (RWAs).

Custodians and Communication: The Ecosystem Approach

Custodians must communicate effectively to maintain regulatory exemptions in digital asset transfers. There is inherent complexity in managing assets across multiple chains, so an ecosystem-based approach is necessary to the success of global digital asset custodians.

The future of digital asset custody will be shaped by a blend of technological innovation, regulatory clarity, and industry collaboration. As digital assets continue to carve their niche in the financial world, these insights provide valuable guidance on navigating this complex and dynamic landscape.

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?