The Crypto Custody Debate: Custody vs. Self-Custody

Organizations investing large sums of money often have different, stricter custody requirements than an individual investor investing their own money in DeFi and web3. For this reason, organizations need to evaluate their custody options carefully.

by Simran JagdevJune 29, 2023
MMI Custody blog

The role of reliable custody solutions in the adoption of web3 amongst institutional investors cannot be stressed enough. Organizations investing large sums of money often have different, stricter custody requirements than an individual investor investing their own money in decentralized finance (DeFi) and web3. For this reason, organizations need to evaluate their custody options carefully.

In addition, different funds, trading desks, and other organizations have different operational and regulatory needs, and therefore require different custodian models.

There are two ways that organizations can access custody solutions:

  • Third-party custodians
  • Custody technology providers

In this post, we will dive deep into these custody solutions, and explore how organizations can access all kinds of custody options with MetaMask Institutional (MMI).

Understanding Crypto Custody

Before we look at the role of custody in web3, let’s understand custody in the context of traditional finance (TradFi). In TradFi, custodians, such as banks, keep assets safe from loss, theft, and unauthorized use; they facilitate settlement and clearing of transactions; comply with necessary regulations; and maintain a record of transactions and report them to investors.

Similarly, custody in the institutional crypto world refers to the mechanisms in place to ensure the safety and security of an institution’s crypto assets. A third-party, also called a custodian, manages the institutional customer’s private keys, along with creating processes to approve and sign transactions. Custodians deploy various key management solutions including hardware security modules, multi-party computation, and multi-signature (multi-sig) to provide privacy, data integrity, identification and authentication.

They also interact directly with broker/dealers and exchanges to facilitate transactions for fund managers. They are paramount to safely acquiring and holding crypto assets.

A financial institution that wishes to engage with web3 needs a custodian to ensure that it is compliant with regulatory requirements.

MMI partners with 12 custodians, providing a choice of unparalleled institutional key management solutions to customers. In addition, MetaMask serves over 30M monthly active users and is connected to almost every web3 dapp. We thus offer unrivaled access to web3. We pair this ecosystem access with crucial features that organizations need to engage in the space– making MMI the best way for organizations to transact on-chain with institution-required security and operational efficiency.

Now let’s look at some pros and cons for organizations using a custodian to access web3.

Pros of Crypto Custody

Security and Risk Mitigation

Storing crypto carries the risk of losing one’s private keys and in turn, losing access to all digital assets. For this reason, organizations trust custodians to safely store their private keys so that they don’t bear the risks of self-storage.

Custodians also often provide insurance against third-party hacks, theft of private keys, and other such risky scenarios. This provides an additional layer of safety to institutional investors. Most times it is also a regulatory requirement for organizations to use a custodian when interacting with web3.

Expertise and Enhanced Support Services

Apart from securing a customer’s digital assets, custodians provide knowledge on other services that organizations can tap into to expand their web3 understanding. For example, custodians can offer brokerage services to organizations.

Custodians also have extensive knowledge of asset custody that can help organizations navigate complex custody requirements and industry best practices.

Regulatory Compliance

Licensed custodians offer regulatory compliance to institutional investors. They are regularly audited and are required to comply with know-your-customer/ anti-money laundering (KYC/ AML) procedures, and other compliance measures based on their jurisdiction. They are allowed to hold digital assets on behalf of a customer, much like a bank. An example of a licensed custodian is BitGo, which is also an MMI partner.

Cons of Crypto Custody

High Costs

Engaging a custodian means paying a fee, along with account maintenance and asset storage costs. These fees can be expensive, and may eventually not justify the returns on investment, especially for smaller institutional investors or those with limited resources.

Limited Control over Assets

By allowing a custodian to control their digital assets and transactions, organizations can relinquish some decision-making authority. Many times, custodians have to set governance standards and approval policies for the custodian in order to comply with regulations. The custodian holds an investor’s assets, therefore, the investor may not be able to respond to lucrative market situations quickly enough to take advantage of them.

Since a custodian holds the investor’s private keys, they become a single point of failure. Any disruptions or failures on the part of the custodian can negatively impact the organization's investments and assets.

Limited Asset Choices

Custodians may only provide support for certain digital assets to institutional investors. This can be a challenging situation for investors as it can lead to lack of diversity in their web3 portfolio. It can also limit them from exploring alternative assets such as tokens linked to emerging blockchain technology and prohibit investors from gaining access to the latest on-chain market opportunities.

Rise of Self-Custody

Due to the strict regulatory requirements that institutional investors need to comply with, self-custody is often a tricky option. This is where custody tech providers come in. They help create the technology for custodial services that can be managed by the customer themselves. In this case, the private keys are managed by an organization themselves.

The implosion of FTX, one of the largest centralized exchanges in web3, and the subsequent liquidity crisis at Silicon Valley Bank (SVB) and Signature Bank have brought the idea of self-custody into much sharper focus. These instances underlined the age-old crypto adage of “not your keys, not your crypto”.

The collapse of SVB drove nearly $70K worth of Bitcoin into self-custody wallets. While this is an expected outcome of extreme market volatility, the one trend that stood out in the recent market exodus was that the charge was led by institutional money, according to a Chainalysis report.

A custody tech provider gives the nuts and bolts, i.e the security infrastructure, technology to set up own governance rules, and different custody options to organizations to build their own custody solutions. Unlike custodians, custody tech providers do not have permission to execute transactions on behalf of an institution, or have access or control over their digital assets.

Users of MMI can access self-custody options through Safe, a leading on-chain multi-sig contract wallet provider and digital asset management platform, Qredo, GK8, Fireblocks, and Parfin.

Now let’s explore the pros and cons of self-custody for institutional investors.

Pros of Self-Custody

Enhanced Control

Self-custody gives institutional investors direct control over their crypto assets, and includes managing their private keys. By directly interacting with blockchain networks, investors can reduce the risk of third-party interference and unauthorized access. This allows institutions to create their own security processes and use cold storage solutions for increased security.

Direct control over their digital assets also allows institutions to interact with their choice of decentralized applications and DeFi protocols supported by the custody tech provider, without relying on intermediaries.

Improved Privacy

Having control over their private keys and transactions with self-custody ensures that institutional investors have greater privacy and confidentiality. Since investors have direct control over their transactions, they do not need to disclose their transactions and holdings to third-parties, thereby reducing the risk of exposing sensitive information about their investments.

Access to Diverse Assets

As we read above, custodians are often unable to provide access to a wide range of digital assets in web3 due to the strict regulatory requirements they have to comply with. These assets may include various cryptocurrencies, tokens, and non-fungible tokens (NFTs). By choosing to self-custody their assets, institutional investors can take an independent call on the kinds of digital assets they want to invest in, depending on their investment objectives.

Cons of Self-Custody

Security Risks

Institutional investors have full responsibility for the security of their private keys and digital assets when they choose self-custody. Any lapses in security or mishandling of private keys can have dire consequences, including permanent loss of their digital assets. Self-custody often does not provide backup services and the complexity of setting up robust security mechanisms to ensure protection against phishing attacks and theft can be challenging for institutions new to web3.

Lack of Institutional Infrastructure

Self-custody may not be a feasible option for all institutional investors. Without the expertise of a custodian, institutions may find it challenging to meet regulatory obligations, internal governance requirements, and shareholder expectations about investment returns.

In addition, establishing the necessary security infrastructure for safely storing digital assets, creating auditing mechanisms and other compliance procedures can lead to operational complexities and may be resource intensive.

Regulatory Challenges

Self-custody for institutions in web3 is still in its nascent stage, and it operates in a regulatory landscape that is rapidly evolving. Institutional investors need to ensure that they comply with the regulatory requirements in multiple jurisdictions, especially those that deal with KYC/ AML. In such cases, choosing self-custody can increase the burden of compliance on institutions and can also lead to potential risk of non-compliance.


As we have seen above, each of the two approaches to custody of digital assets for institutional investors have their benefits and disadvantages.

While some organizations may want to take advantage of increased control over their assets with self-custody, others may want to work with a custodian that can provide them enhanced features such as staking and lending.

As such, there isn’t a one-size-fits-all approach that can work for all institutions. This is why MMI offers the widest range of top-tier custody and self-custody solutions to institutional investors. MMI is the only multi-custodial institutional web3 wallet, and its custody options aim to meet all variations of institutional-grade custody requirements.

Explore MMI

Receive our Newsletter