Charles Schwab announcing spot crypto trading details on April 16, 2026 is not a footnote. One of the world’s largest brokerages, managing over $9 trillion in client assets, has confirmed it is entering the digital asset space directly. Weeks earlier, State Street published a major report on building institutional custody at scale. What was fringe in 2020 is now a core offering for the largest financial institutions on the planet.
The wave of institutional adoption has made digital asset custody one of the most consequential infrastructure challenges in finance. Getting it right requires more than secure key storage. It requires a full stack: regulated legal structures, security architecture, insurance, on-chain pricing, node infrastructure, validator operations. This guide covers all of it, including the infrastructure layer that every custodian depends on but almost nobody writes about.
What Is Digital Asset Custody?
Digital asset custody is the safekeeping and administration of cryptographic private keys that control ownership of digital assets on a blockchain. Whoever holds the private key controls the asset. There are no chargebacks, no customer service escalations, no reversal mechanisms. If the key is lost or stolen, the asset is gone.
The fundamental principle is simple: ownership of a digital asset is proof of control over the private key associated with the corresponding blockchain address. This is why “not your keys, not your coins” became a guiding principle in the early crypto era. It is also why institutional custody is architecturally different from traditional asset custody. A traditional custodian holds a security in a brokerage account. A digital asset custodian holds the cryptographic credential that gives a client the right to move an asset.
Custody arrangements fall into three broad categories:
- Self-custody: The asset holder generates and stores their own private keys, using hardware wallets or software wallets. Full control, full responsibility.
- Qualified custody: A regulated third party holds the keys on behalf of the client. OCC-chartered banks and NYDFS-licensed trust companies fall into this category in the United States.
- Institutional custody: Bank-grade custody with segregated accounts, full insurance, compliance reporting, integration into existing portfolio management systems.
Within those categories, custodians use a range of storage architectures:
- Hot wallets: Keys stored in internet-connected systems. Fast transaction signing, higher exposure to network-based attacks.
- Cold storage: Keys stored entirely offline, typically on air-gapped hardware security modules (HSMs). Slower transaction workflow, dramatically reduced attack surface.
- Multi-party computation (MPC): Key material is split mathematically across multiple parties or devices, so no single location ever holds a complete key. Widely adopted by institutional custody providers as a way to eliminate single points of failure without the operational friction of traditional cold storage.
How Digital Asset Custody Works
Understanding the operational process behind custody helps institutions evaluate providers and identify the infrastructure dependencies that matter most.
Key generation is the starting point. Cryptographically secure random number generation produces private keys. The security of the entire custody arrangement is only as good as the entropy used during generation. Institutional custodians use HSMs certified to FIPS 140-2 Level 3 or higher for this step. Keys are never exposed in plaintext.
Key storage follows generation. In cold storage models, keys are written to offline hardware and never connected to a network. In MPC models, key shares are distributed across independent nodes or parties, requiring a threshold of shares to reconstruct a signing key for any transaction. The geographic distribution of key shares is a standard feature of institutional MPC implementations.
Transaction signing workflow is where the process becomes operationally complex. A withdrawal request flows through a policy engine that checks spend limits, whitelisted addresses, counterparty screening, approval chains before triggering a signing ceremony. For cold storage, this may involve physical hardware retrieval. For MPC, signing happens computationally across distributed nodes without ever reconstructing the full key in a single location.
Segregation is a regulatory and operational requirement for qualified custodians. Client assets must be held separately from proprietary assets and from other clients’ assets. This segregation must be verifiable, both for regulatory reporting and for proof-of-reserves audits.
Insurance and auditability complete the picture. Institutional custodians carry crime insurance, cyber insurance, in some cases specie coverage (covering physical storage of cold keys). Third-party audits, proof-of-reserve attestations, SOC 2 reports: these are the standard mechanisms for establishing trust with institutional clients.
Types of Digital Asset Custody Solutions
The market has developed several distinct custody models, each serving different institutional needs.
Self-Custody
Hardware wallets and air-gapped signing devices provide self-custody for individuals and some smaller institutions. The holder is directly responsible for backup, recovery, operational security. For institutional treasuries or any situation where assets must be accessible to multiple authorized parties, self-custody introduces significant operational and fiduciary risks.
Exchange Custody
Centralized exchanges hold client assets by default in most account structures. The client does not control the keys. This model exposes clients to exchange counterparty risk. The exchange’s insolvency, hack, or operational failure directly puts client assets at risk. Regulated institutions with fiduciary obligations to clients generally cannot use exchange custody for client assets.
Qualified Custodians
In the United States, a qualified custodian for digital assets is typically an OCC-chartered national bank, an NYDFS-licensed trust company, or a state-chartered bank with applicable licensing. The SEC’s custody rule requires registered investment advisers to hold client funds and securities with a qualified custodian. The application of this rule to digital assets has been the subject of regulatory guidance, SAB 121, ongoing litigation. The direction of travel is clear: institutional clients require regulated custodians.
Trust companies specifically chartered for digital asset custody have built out the compliance infrastructure: BSA/AML programs, travel rule compliance, reporting frameworks, required to serve institutional clients in this regulatory environment.
Bank Custody
Major traditional financial institutions have entered digital asset custody directly. State Street has published extensively on its custody infrastructure buildout. US Bank launched institutional crypto custody in partnership with a qualified custodian. Fidelity Digital Assets runs a full institutional custody platform. These programs give institutional clients access to custody from counterparties they already have legal and compliance relationships with, which simplifies procurement and reduces onboarding friction significantly.
MPC-Based Institutional Custody
MPC-based custody has become the dominant technical architecture for institutional providers launching in the last five years. The core advantage is eliminating single points of failure in key management without sacrificing the transaction speed that institutional workflows require. Policy engines built on top of MPC infrastructure enforce approval workflows, spending limits, compliance checks programmatically. This architecture also enables more sophisticated staking and DeFi integrations. These are increasingly important to institutional clients looking to generate yield on custodied assets.
The Infrastructure Layer Custody Depends On
This is the angle every custodian, every bank, every regulator writing about digital asset custody leaves out. Custody providers do not operate in isolation. They sit on top of a complex infrastructure stack that they either build internally, outsource, or depend on from third-party operators.
There are three core infrastructure layers that every digital asset custodian depends on.
Node Infrastructure
A custodian must be able to monitor blockchain state in real time. Incoming deposit detection, withdrawal verification, confirmation count tracking, mempool monitoring for pending transactions: all of these require running or accessing full nodes for every chain the custodian supports. When a client submits a withdrawal, the custodian’s systems need to broadcast a signed transaction to the network and monitor it to finality. That requires direct node access, not reliance on third-party APIs with their own availability risks.
Archive nodes are a related but distinct requirement. Historical balance lookups, audit trail reconstruction, NAV calculation for past periods: all require archive-level access to blockchain state. For a custody provider supporting institutional clients with reporting obligations, archive node infrastructure is not optional.
Blockchain infrastructure at the node level is typically built on high-availability configurations with automatic failover. Any custody provider evaluating infrastructure vendors should ask specifically about redundancy architecture, geographic distribution, incident response SLAs.
Matrixed.Link operates full blockchain infrastructure across Ethereum, Polygon, Arbitrum, Base. Chainlink, Lido, Enjin, Stake.link, bitsCrunch are among the protocols that depend on this infrastructure.
Oracle Infrastructure
This is the layer most often overlooked in discussions of custody. Custodians managing institutional portfolios need accurate, real-time asset pricing for:
- Net asset value (NAV) calculation for fund reporting
- Portfolio valuation for client statements
- Margin and liquidation trigger thresholds for any leveraged structures
- Compliance and reporting obligations
- Mark-to-market accounting
On-chain oracle infrastructure delivers this pricing data directly to smart contracts and custody management systems. Price feeds that are manipulated, delayed, or interrupted directly compromise the accuracy of every downstream calculation. For custody providers offering staking-as-a-service or DeFi integrations, oracle data is also the pricing mechanism for any liquidation logic.
Blockchain oracle infrastructure is Matrixed.Link’s core service. As an official Chainlink node operator, Matrixed.Link runs 500+ active price feeds on Ethereum, Polygon, Arbitrum, delivering 12M+ data points on-chain. Matrixed.Link was also the first node operator to build the first major real-world asset tokenization integration, reaching $100M+ TVL at peak, demonstrating oracle infrastructure at institutional scale.
The Chainlink oracle network is the dominant on-chain price feed infrastructure for DeFi and increasingly for institutional custody integrations. Price feeds on data.chain.link reflect the active node operators contributing to each feed. Matrixed.Link’s oracle address at polygonscan.com/address/0x5543ff441d3b0fcce59aa08eb52f15d27294af21 is publicly verifiable.
Validator Infrastructure
The third infrastructure layer is validator operations. Institutional custodians are increasingly offering staking-as-a-service to clients who want yield on custodied proof-of-stake assets. Ethereum staking, Chainlink staking, chain-specific staking programs: these are now standard product lines at major custody providers.
Staking as a service requires institutional-grade validator nodes: geographically distributed, continuously monitored, with double-sign prevention controls and incident response processes. Validator downtime during active attestation periods results in penalties. Validator misbehavior results in slashing, which directly affects client assets. The infrastructure running these validators must meet the same security and reliability standards as the custody platform itself.
Matrixed.Link operates validator nodes for Enjin, IOTA, Polygon, Stake.link. Matrixed.Link holds a AAA rating from StakingRewards, the highest achievable validator rating on the platform.
What Institutional Custodians Require From Infrastructure Vendors
Institutional custodians are themselves subject to rigorous vendor due diligence requirements. Their clients, institutional investors with their own compliance obligations, require it. Regulators expect it. Any infrastructure vendor providing services to a custody platform needs to demonstrate:
- ISO/IEC 27001:2022 certification: The international standard for information security management. It covers risk assessment, access controls, incident response, business continuity, supplier relationships. It is the baseline certification for any vendor handling security-sensitive data or infrastructure.
- SOC 2 Type II: A third-party attestation of security, availability, processing integrity, confidentiality, privacy controls over a defined audit period. SOC 2 Type II is the standard for SaaS and infrastructure vendors serving financial institutions.
- 24/7 monitoring and incident response: Custody infrastructure is not a 9-to-5 operation. Market-moving events happen at any hour. Withdrawal requests from institutional clients do not wait for business hours.
- No single points of failure: Geographic redundancy, automatic failover, architecture that eliminates single points of failure at every layer of the stack.
Matrixed.Link holds this certification (effective February 3, 2026), covering its information security management systems across node operations, oracle infrastructure, validator services. SOC 2 Type II is in progress, estimated June 2026.
The Regulatory Landscape for Digital Asset Custody
The regulatory environment for digital asset custody has moved significantly since the OCC first issued guidance in 2020 permitting national banks to provide custody services for cryptocurrencies. Understanding the current framework helps institutions structure custody arrangements that survive regulatory scrutiny.
United States: The OCC’s 2020 interpretive letter established the legal basis for national bank custody of digital assets. The SEC’s custody rule (Rule 206(4)-2) plus its proposed amendments govern how registered investment advisers must custody client assets. SAB 121, which required companies custodying crypto assets to record them as liabilities on their balance sheets, was rescinded in 2025. The regulatory framework for bank custody in 2026 differs materially from the 2022 baseline.
EU: The Markets in Crypto-Assets regulation (MiCA), fully effective from December 2024, establishes a harmonized framework for digital asset custody across EU member states. Custody of crypto-assets on behalf of clients requires registration as a Crypto-Asset Service Provider (CASP). MiCA’s custody provisions include segregation requirements, safeguarding obligations, liability rules broadly comparable to the AIFMD framework for traditional alternative asset custody.
UK: The FCA’s cryptoasset registration regime applies to custody providers operating in the UK. The Financial Services and Markets Act 2023 created the legal basis for broader digital asset regulation, with detailed custody rules under development.
The direction across all major jurisdictions is toward higher standards: clearer segregation requirements, mandatory insurance, proof-of-reserve obligations, infrastructure vendor certification requirements that filter in providers like Matrixed.Link and filter out those without institutional-grade security posture.
What Institutions Should Evaluate When Selecting a Digital Asset Custodian
The market for digital asset custody has matured enough that institutions now have meaningful criteria to evaluate against. Due diligence for custody selection should cover at least the following dimensions.
Regulatory status: What license or charter does the custodian hold? OCC-chartered bank, NYDFS trust company, MiCA CASP registration, FCA registration. Unregulated custody is not an option for most institutional mandates.
Security architecture: What percentage of assets are held in cold storage? Does the custodian use MPC, HSMs, or multi-signature arrangements? Where are keys geographically distributed? What is the transaction signing workflow? What policy controls govern it?
Insurance coverage: What does the policy cover? Crime, cyber, specie? What are the coverage limits relative to the AUM the custodian holds? Is coverage from a rated insurer?
Infrastructure vendor certifications: Does the custodian perform vendor due diligence on its node and oracle infrastructure providers? What certifications do those vendors hold? Independent information security certification and SOC 2 Type II are the baseline requirements.
Proof of reserves: Does the custodian publish third-party attestations of reserves? Is there on-chain verifiability? For tokenized real-world assets, what is the mechanism for verifying off-chain collateral?
Network coverage: Which blockchains and assets does the custodian support? For institutions with exposure to emerging chains, staking assets, or tokenized money market funds built on non-Ethereum chains, network coverage is a critical evaluation criterion.
Staking and yield programs: For clients seeking yield on custodied assets, what staking programs are available? What is the validator infrastructure underpinning those programs? What are the slashing-risk safeguards?
Blockchain integration: For institutions exploring blockchain for banks programs or RWA tokenization on institutional infrastructure, custody selection is directly tied to which custody providers have the oracle and node infrastructure integrations to support those use cases.
What is digital asset custody?
Digital asset custody is the safekeeping of the cryptographic private keys that control ownership of digital assets on a blockchain. A custodian holds these keys on behalf of a client, ensuring the assets can be accessed, transferred, or staked under controlled conditions. Institutional custody arrangements include regulatory oversight, insurance, segregated accounts, compliance reporting.
What is the difference between self-custody and institutional custody?
Self-custody means the asset holder generates and stores their own private keys. They have full control but full responsibility. If the key is lost or stolen, the asset cannot be recovered. Institutional custody means a qualified third party holds the keys under regulated conditions, with insurance, compliance infrastructure, operational controls. Institutional custody is required for most regulated investment mandates.
What banks offer digital asset custody?
Several major traditional financial institutions now offer digital asset custody services or have announced programs: State Street, US Bank, Fidelity Digital Assets, BNY Mellon have all made institutional custody available. As of April 2026, Charles Schwab has announced the details of its spot crypto trading program, representing one of the largest brokerage entries into the space. Access and asset coverage vary by institution and client type.
Can you lose crypto with a custodian?
Yes, though institutional custody is specifically designed to minimize this risk. A custodian can fail through a hack of its key management systems, an operational error, insolvency, or in rare cases fraud. Institutional custodians mitigate these risks through cold storage, MPC key management, insurance, regulatory oversight, regular third-party audits. The key due diligence questions for institutions are: what is the custodian’s security architecture, what insurance coverage exists, what is the regulatory framework governing the arrangement.
What infrastructure does digital asset custody depend on?
Three core infrastructure layers: node infrastructure (for transaction broadcasting, deposit monitoring, historical lookups), oracle infrastructure (for on-chain asset pricing used in NAV calculation, reporting, liquidation logic), validator infrastructure (for custodians offering staking services). Custody providers that do not build this infrastructure internally depend on third-party operators. The reliability and security certification of those operators directly affects custody platform integrity.
What certifications should a digital asset infrastructure provider have?
ISO/IEC 27001:2022 is the baseline for information security management. SOC 2 Type II is the standard third-party attestation of security and availability controls for infrastructure and SaaS vendors serving financial institutions. For infrastructure providers involved in oracle or validator operations, the rigor of these certifications directly determines whether they are viable vendors for institutional custody platforms. Matrixed.Link holds the certification and is pursuing SOC 2 Type II (estimated June 2026).
The Infrastructure Layer That Makes Custody Possible
Digital asset custody is not just about secure key storage. It is a full-stack infrastructure problem. Custodians need real-time blockchain access to detect deposits and broadcast withdrawals. They need accurate, manipulation-resistant on-chain pricing to calculate NAV and trigger compliance logic. They need institutional-grade validator infrastructure to offer staking programs to clients.
Matrixed.Link provides this infrastructure layer. As an official Chainlink node operator with independent information security certification, Matrixed.Link runs 500+ active price feeds, 12M+ on-chain data points, validator operations across Enjin, IOTA, Polygon, Stake.link. The protocols depending on this infrastructure include Chainlink, Lido, Enjin, Stake.link, bitsCrunch.
For custody providers, DeFi protocols, institutional asset managers evaluating their blockchain infrastructure stack, Matrixed.Link is the operator that institutional-grade clients have trusted since the first major RWA integration reached $100M+ TVL.
Contact Matrixed.Link to discuss infrastructure requirements for your custody or institutional blockchain program.
Schema Markup
Sources & References
Authoritative sources cited in this article and recommended for further reading:
