Good afternoon. Before I begin, I’d like to extend a warm welcome to our new Chairman, Paul Atkins, and express my enthusiasm for working alongside him and my fellow commissioners as we continue to uphold the mission of the Securities and Exchange Commission.
At the heart of federal securities laws lies the principle of custody—a concept rooted deeply in trust. In everyday life, we routinely place trust in institutions: when we board a flight, we entrust airlines with our luggage, expecting it to arrive safely at our destination. While lost luggage is frustrating, imagine if that suitcase contained a significant portion of your life savings. Suddenly, the stakes are much higher. You’d likely demand more than goodwill—you’d want assurances about security protocols, accountability, and recovery procedures.
This same logic applies to financial custody. When investors place their assets with financial institutions, they expect those assets to be safeguarded with the highest standards. History has shown us the devastating consequences when that trust is broken—whether through fraud, negligence, or systemic failure. These lessons underscore why robust custody regulations are not optional; they are essential to market integrity and investor confidence.
👉 Discover how modern platforms are redefining secure digital asset management.
Why Crypto Custody Demands Special Attention
Today, we gather to confront a critical question: Who can we trust to safeguard client assets in the crypto ecosystem? And more importantly—should the rules be different for crypto assets?
Some argue that because crypto operates on decentralized blockchains and uses cryptographic keys instead of traditional account structures, it warrants a separate custody framework. But before we consider carving out exceptions, we must ask: would such a dual regime uphold—or undermine—the gold standard of investor protection that our current rules provide?
The SEC has not historically created separate custody rules for any other asset class without compelling justification. If we are to do so for crypto, we must ensure that any alternative framework is equally rigorous, transparent, and accountable.
Unique Risks in Crypto Custody
Crypto assets introduce distinct challenges that don’t exist in traditional finance:
- Blockchain-specific risks: Protocol vulnerabilities, smart contract bugs, and irreversible transactions mean that errors or exploits can lead to permanent loss.
- Hacking and theft: Digital wallets are prime targets for cyberattacks. Unlike traditional systems, blockchain transactions cannot be reversed.
- Lack of exclusive control: Unlike bank accounts, where institutions have clear authority, crypto custodians often rely on multi-signature setups or cold storage solutions that complicate accountability.
- Insolvency risks: If a crypto custodian goes bankrupt, what protections exist for investors? In traditional markets, SIPC provides a safety net when brokerage firms fail. No equivalent exists universally for crypto.
These factors demand careful scrutiny. We cannot assume that technological innovation negates the need for regulatory oversight—especially when real people’s savings are at stake.
Investment Advisers and the Qualified Custodian Standard
Under current SEC rules, investment advisers must entrust client assets only to qualified custodians—banks, broker-dealers, or registered futures commission merchants. This high bar ensures that only entities subject to strong regulatory oversight handle client funds.
But with crypto, some propose alternatives: adviser self-custody, or expanding the definition of "qualified custodian" to include crypto-native firms. While innovation is welcome, we must weigh these ideas against real-world risks.
Key Questions for the Asset Management Sector
- Is self-custody safe for crypto? While some large institutions may have the expertise, most advisers lack the operational infrastructure to securely manage private keys, prevent insider threats, or respond to breaches.
- Can crypto custodians meet existing licensing standards? Many promising firms operate without federal banking charters or comprehensive regulatory oversight. What barriers prevent them from becoming qualified custodians—and how can those be addressed without compromising safety?
- What about state-chartered trust companies? These entities vary widely in regulation and oversight. Are their protections consistent across jurisdictions? How do we ensure uniform standards?
Furthermore, advisers have a fiduciary duty to conduct thorough due diligence. When custody shifts to a crypto-native platform, does that duty require additional verification steps? For example:
- How should independent audits verify crypto holdings when assets are stored off-exchange?
- Should custodians be required to prove reserves through on-chain transparency or third-party attestations?
- What policies must advisers adopt to monitor custodial risk in real time?
👉 Explore secure custody solutions designed for evolving digital asset needs.
Broker-Dealer Custody and the Omnibus Wallet Dilemma
Registered broker-dealers follow different custody rules—but many major crypto platforms function like brokerages without being registered. They require users to deposit assets into exchange-controlled wallets just to trade or access services like staking or lending.
A core issue here is the use of omnibus wallets, where customer funds are pooled into a single address rather than held in segregated accounts.
Risks of Omnibus Wallets
- Off-chain recordkeeping: Most transactions occur internally using private ledgers, not on the blockchain. This creates opacity—how do we verify that customer balances are accurate?
- Increased exposure to fraud and hacking: A single breach can compromise millions of users’ assets.
- Commingling of assets: If an exchange becomes insolvent, distinguishing between customer funds and company assets becomes legally complex—potentially leaving investors with little recourse.
Compare this to segregated wallets: each customer holds a unique address, enabling direct ownership verification and reducing systemic risk.
So why do platforms use omnibus models? Efficiency and cost. But convenience should never outweigh investor protection.
Should Omnibus Wallets Be Allowed at All?
We must ask:
- Is there any justification for weaker custody rules simply because transactions happen off-chain?
- Should regulated exchanges be prohibited from using omnibus wallets for crypto asset securities?
- What disclosures are necessary so investors understand they may not have the same protections as with traditional securities?
These aren’t theoretical concerns. Real cases—like the SEC’s enforcement action against Galois Capital for custody failures—show what happens when safeguards fail.
Preserving Trust in Evolving Markets
We’ve seen financial evolution before. In the 1960s and 70s, the “paperwork crisis” forced a shift from paper stock certificates to electronic records—a transition that improved efficiency and security. Today’s move toward digital assets offers similar promise.
But innovation doesn’t mean abandoning foundational principles. Investor protection must remain central—regardless of whether assets are physical, digital, or decentralized.
👉 Learn how trusted infrastructure supports compliance and security in digital finance.
Frequently Asked Questions (FAQ)
Q: What is a qualified custodian under SEC rules?
A: A qualified custodian is typically a bank, registered broker-dealer, or futures commission merchant subject to regulatory oversight. These entities must meet strict standards for safeguarding client assets.
Q: Can crypto firms become qualified custodians?
A: Potentially—but they must meet existing regulatory requirements. Some state-chartered trust companies are moving in this direction, though federal harmonization remains a challenge.
Q: What happens if a crypto custodian gets hacked?
A: Unlike traditional banks insured by FDIC or brokerages covered by SIPC, most crypto custodians offer no universal insurance. Losses may be unrecoverable unless the firm has private insurance or reserves.
Q: Why can’t investors just use self-custody wallets?
A: While self-custody gives full control, it also places full responsibility on the user. Most retail investors lack the technical knowledge to securely manage private keys or recover lost access.
Q: Are omnibus wallets illegal?
A: Not inherently—but their use raises serious custody concerns under current SEC interpretations. Platforms using them may struggle to meet fiduciary obligations unless robust safeguards and disclosures are in place.
Q: How does blockchain transparency help with custody verification?
A: On-chain data allows independent verification of holdings and transactions. Regulators and auditors can use this transparency to confirm asset reserves—provided wallets are properly structured and accessible.
The path forward requires balance: embracing innovation while preserving trust. We cannot allow custody standards to erode under pressure to accommodate new technologies. Instead, we must adapt our frameworks thoughtfully—ensuring that no matter the asset class, investors receive consistent, reliable protection.
There’s far more at stake than lost luggage. Thank you for your engagement in this vital discussion.