Original Title: Holding the future: Custody principles for a tokenized world
Original Authors: Scott Walker, Kate Dellolio, David Sverdlov, a16z
Translated by: Luffy, Foresight News
Registered Investment Advisors (RIAs) investing in crypto assets face the dilemma of unclear regulations and limited asset custody options. Moreover, crypto assets come with ownership and transfer risks different from the assets RIAs have previously been responsible for. The internal teams of RIAs (operations, compliance, legal departments, etc.) have been working hard to find third-party custodians willing and meeting expectations, but despite their efforts, they struggle to find qualified custodians, resulting in RIAs having to hold these assets themselves. As a result, crypto asset custody currently faces unique legal and operational risks.
What the crypto industry needs is a principled approach to help professional investors solve this key issue of protecting clients' crypto assets. In response to the recent information request from the U.S. Securities and Exchange Commission (SEC), we have developed principles that, if implemented, would extend the custody rule objectives of the Investment Advisers Act to new crypto asset categories.
How Crypto Asset Custody Differs
For traditional assets, possession means no one else has control. However, this is not the case with crypto assets, where multiple entities might have access to the private keys associated with a set of crypto assets.
Crypto assets also often come with various intrinsic economic and governance rights crucial to the asset. Traditional debt or securities can earn "passive" returns (such as dividends or interest), where holders do not need to transfer assets or take any further action after acquiring the asset. In contrast, crypto asset holders may need to take action to unlock specific yields or governance rights associated with the asset. Depending on the third-party custodian's capabilities, RIAs might need to temporarily move these assets out of custody to unlock these rights. For example, certain crypto assets can earn yields through staking or yield farming, or have voting rights on protocol or network upgrade proposals. These differences from traditional assets bring new challenges to crypto asset custody.
To help track when self-custody is appropriate, we have created this flowchart.
Principles
The principles we propose here aim to demystify custody for RIAs while preserving their responsibility to protect client assets. The market for qualified custodians (such as banks or broker-dealers) focused on crypto assets is extremely small; therefore, our primary focus is on whether the custody entity is capable of providing the substantive protective measures we believe are necessary for crypto asset custody, rather than just the legal status of the entity as a qualified custodian under the Investment Advisers Act.
We suggest that when substantive protective measure third-party custody solutions are unavailable or do not support economic and governance rights, RIAs capable of meeting substantive protection requirements can use self-custody as an avenue.
Our goal is not to expand the scope of custody rules beyond securities. These principles apply to crypto assets that are securities and establish standards for meeting RIAs' fiduciary responsibilities for other asset types. RIAs should seek to hold non-securities crypto assets under similar conditions and document custody practices for all assets, including reasons for significant differences in custody practices across different asset types.
(Translation continues in the same manner for the rest of the text)Key Usage: Wallets should require authentication; in other words, they should verify the user's identity and only authorized parties should be able to access the wallet. Wallets should use mature open-source encryption libraries. Another best practice is to avoid using a single key for multiple purposes. For example, separate keys should be maintained for encryption and signing. Following the "least privilege" principle, in the event of a security breach, access to any assets, information, or operations should be limited to only those absolutely necessary for system operation.
Principle 3: Crypto Asset Custody Rules Should Allow Registered Investment Advisors to Exercise Economic or Governance Rights Related to Custodied Crypto Assets
Unless otherwise instructed by the client, RIAs should be able to exercise economic or governance rights related to custodied crypto assets. During the previous SEC administration, due to the uncertainty of token classification, many RIAs adopted a conservative strategy of entrusting all crypto assets to qualified custodians. As previously mentioned, the market of available custodians is limited, often resulting in only one qualified custodian willing to support a particular asset.
In these situations, RIAs may request to exercise economic or governance rights, but crypto asset custodians might choose not to provide these rights for various reasons. Conversely, RIAs feel they have no authority to choose another third-party custodian or self-custody to exercise these rights. These economic and governance rights include staking, yield farming, or voting.
Based on this principle, we argue that RIAs should choose third-party crypto asset custodians that comply with relevant safeguards, enabling RIAs to exercise economic or governance rights related to custodied crypto assets. If a third party cannot simultaneously meet both requirements, RIAs' temporary self-custody of assets to exercise economic or governance rights should not be considered as leaving custody.
All third-party custodians should make their best efforts to provide RIAs the ability to exercise these rights while the assets are still under their custody, and should take commercially reasonable actions to exercise any rights associated with on-chain assets when authorized by RIAs.
Before transferring assets out of custody to exercise rights related to a specific crypto asset, RIAs or custodians must first determine in writing whether the rights can be exercised without transferring out of custody.
Principle 4: Crypto Asset Custody Rules Should Have Flexibility to Achieve Best Execution
RIAs have a best execution obligation when trading assets. To this end, RIAs may transfer assets to a crypto trading platform to ensure the best execution, regardless of the asset or custodian's status, provided that RIAs have taken necessary steps to ensure the trading venue's security, or RIAs have transferred crypto assets to an entity regulated by crypto market structure legislation after its final determination.
As long as RIAs determine that transferring crypto assets to a trading venue for best execution is prudent, such transfer should not be considered as leaving custody. This requires RIAs to reasonably determine that the venue is suitable for achieving best execution. If the trade cannot be properly executed at that venue, the assets should be immediately returned to the crypto asset custodian.
Principle 5: Self-Custody Should Be Allowed for RIAs in Specific Situations
While third-party custody should remain the primary option for crypto assets, self-custody by RIAs should be allowed in the following situations:
RIAs determine they cannot find a third-party custodian that meets their required safeguards;
RIAs' own custody arrangements are at least as effective as the protection measures available from third-party custodians;
Self-custody is necessary to exercise any economic or governance rights related to crypto assets.
When RIAs decide to self-custody crypto assets for these reasons, RIAs must annually confirm that the circumstances justifying self-custody have not changed, disclose the self-custody situation to clients, and subject such crypto assets to the audit requirements of the Custody Rule.
The crypto asset custody approach based on these principles ensures that RIAs can adapt to the unique characteristics of crypto assets while fulfilling their fiduciary responsibilities. By focusing on substantive protections rather than rigid classifications, these principles provide a pragmatic path forward for protecting client assets and unlocking asset functionality. As the regulatory environment evolves, clear standards based on these safeguards will enable RIAs to manage crypto assets responsibly.
