Digital Custody Partnerships Abound Despite the Crypto Bear Market

Thomas Murray Digital Newsletter

The cryptocurrency market appears to have found a stable (if much reduced) footing, at least for the time being. The dwindling value of bitcoin and other cryptocurrencies has led some to short-sightedly conclude that investment would dry up and that infrastructural and market developments would grind to a halt. However, the course of digital assets has far wider scope than just cryptocurrencies, which merely serve as the first real examples of blockchain applications. It is therefore of little surprise that a number of high-profile partnerships between legacy custodian banks and digital asset technology firms have recently been announced.

CACEIS, the asset servicing arm of Crédit Agricole and Santander, has partnered with Taurus, a leading Swiss-based digital asset infrastructure and technology firm. Meanwhile, Citi announced a similar partnership with METACO, an equally established Swiss-based digital asset infrastructure and technology firm, to develop a platform to enable clients to store and settle digital assets seamlessly and securely. SG FORGE, the digital asset subsidiary of Société Générale, followed suit and announced its own partnership with METACO, to expand its institutional digital asset capabilities and aid the bank in its efforts to integrate security tokens into traditional finance. These partnerships will help incumbent providers to take advantage of the new and rapidly growing digital economy by giving them tools to securely and accurately support the trading, custody, issuance, and management of digital assets, which are taking tentative first steps to extend to securities tokens.

Archax, the U.K.’s first licensed digital asset exchange, has also partnered with METACO to be able to provide a segregated bank-grade custody solution, alongside IBM. While not the first to implement this model, it is representative of a growing trend, and a sign of increasing maturation, to formally segregate digital asset execution from custody, something that is standard practice across the traditional securities industry. In a related development, ING, which has been heavily involved in blockchain development and testing for many years, has decided to spin out its digital asset custody platform Pyctor to GMEX Group, a leading digital asset market infrastructure with a focus on post-trade solutions. The deal is expected to enable GMEX to scale Pyctor alongside its other digital asset services.

Digital Asset Developments


MiCA’s next milestone: The long awaited Markets in Crypto Assets (MiCA) regulation is one step closer to being finalised, having been provisionally agreed by the European Parliament (EP) and Council (EC). MiCA, which aims to create a regulatory framework for digital assets across Europe, has been through a number of iterations since it was first proposed in 2020 as part of the EU’s Digital Finance Package. The agreement now confirms a number of broad requirements for entities that interact with digital assets, including a robust licensing framework for crypto-asset service providers (CASPs) such as custodians, hosted wallet providers, and trading venues, which will all need authorisation to operate in the EU. Issuers of digital assets will be required to produce and publish a white paper outlining all relevant information on the specific crypto asset. MiCA regulation will capture all digital assets not currently covered under existing financial service legislation, including asset-reference tokens, e-money tokens, and other crypto assets. Stablecoins, which continue to receive significant attention by regulators globally, are firmly covered under MiCA, with strict conditions set for any stablecoin operators. These include being required to register an office in the EU, maintain significant reserves, guarantee 1:1 redemption in fiat, eliminate interest-bearing mechanisms for stablecoins, and supervision by the European Banking Association. NFTs will remain out of scope, unless they fall under existing categories of digital assets. The provisional agreement is subject to final approval by the EP and EC, whereupon the formal adoption procedures would then run their course. The regime would be expected to apply 18 months thereafter. Despite the progress made on MiCA, the European Central Bank has continued to sound the alarm bells by warning eurozone countries that national-level practices must be aligned in order to better manage digital asset risks, given that it will still be many months before MiCA comes into effect. This announcement comes two weeks after Lithuania introduced its own crypto licensing regime as a stop-gap measure.
UK regulation, stablecoin concerns, and DeFi: Given the EU’s progress with MiCA and the former UK Chancellor’s desire for the country to be a ‘cryptoassets technology hub, the UK Government and the Bank of England have been vocal in the past weeks in calling for greater clarity and regulatory oversight of the digital asset industry. The Bank of England, led by its Financial Policy Committee has stepped up efforts to address the financial stability threat, particularly in light of Terra LUNA/UST’s collapse in May of this year, the fallout from which is still reverberating. In its quarterly stability report, the BoE called for an ‘enhanced’ crypto regulatory framework that would be designed to mitigate potential risks emanating from digital assets, evidenced by recent vulnerabilities including bank-like runs, company bankruptcies, liquidity mismanagement, and likely criminal behaviour. Stablecoins, in the eyes of the BoE and most Central Banks continue to be the presiding threat to overall financial stability. Subsequently, the Bank this week recommended additional regulation be established to manage the systemic threat they may soon present. The Deputy Governor of the BoE announced last Wednesday (6 July) his expectation that a regulatory system for stablecoin legislation will be introduced prior to August. This announcement came a week before the Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) announced their final guidance on stablecoin arrangements, which they confirm as now being subject to the Principles for Financial Market Infrastructures for systemically important tokens. Decentralised Finance (DeFi) and the tax treatment of events relating to the peer-to-peer economy continues to perplex governments and regulators alike. Last week, the UK Government launched a public consultation calling for members of the industry to opine on the DeFi economy, with a particular focus on the best ways to approach the taxation of cryptoasset loans, lending, and staking. The reported objective is to reduce the administrative burden and cost for taxpayers that engage in the activity. The consultation is set to close on 31 August 2022.

European support for digital asset funds: UK fund managers have been actively lobbying for the approval of blockchain-traded funds, arguing that the technology would lead to a number of worthwhile benefits including a reduction in general administration, greater transparency, near instant settlement, and reduction reduced customer costs. The message, delivered through the Investment Association – the trade body that represents the UK’s asset management industry – was that the industry is ready for blockchain-based funds and that all efforts should be made to approve them. Amongst the suggestions is a proposal to create a new task force that would investigate how to accelerate DLT adoption and explore ways to give customers greater customisation over their portfolios, which could include holdings in private companies as well as cryptocurrencies. Some jurisdictions have been much more proactive in developing frameworks to support digital asset-based funds, most notably Luxembourg, which permits Alternative Investment Funds (AIFs) to invest in digital assets, although Undertakings for the Collective Investment in Transferable Securities (UCITS) funds are still not permitted to do so. Ireland’s Central Bank has just introduced positive changes and updated its approval process for AIFs looking to allocate funds to digital assets, something it has reportedly been unwilling to consider until now. Last month, Germany introduced an update to its securities law by introducing the concept of Crypto Fund Units (Verordnung über Krypto­fonds­an­teile), so the law now recognises a fund’s ability to issue units in a common fund via a crypto securities register which may be decentralised and based on Distributed Ledger Technology.
Basel Committee’s Take 2 on Crypto Reserve Rules: In 2021, the Bank for International Settlements’ Basel Committee on Banking Supervision issued a proposal – largely viewed by the industry as unviable and even punitive – to require banks to reserve capital to cover the whole value of cryptocurrency holdings. Following stiff resistance, as we reported last November, the BIS withdrew that model and went back to the drawing board. The result, a new consultation document published on 30 June on the ‘prudential treatment of cryptoasset exposures’, takes a more refined and pragmatic stance. The latest suggestion is that banks may hold up to 1% of their reserves in cryptocurrencies. Digital assets may be classified as Group 1, broadly representing certain tokenised traditional assets (Group 1a) and some stablecoins with ‘effective stabilisation mechanisms’ (Group 1b). These would be treated in a similar way to the assets backing those tokens under the principle of ‘same risk, same activity, same treatment’. All other cryptoassets would fall into Group 2, which is also further divided into two classes. Group 2a has been defined in response to banks’ concerns that the original rules did not recognise that some assets are suitable for hedging, which can now be reflected when calculating banks’ net exposures. That leaves unbacked cryptoassets, and other tokens that do not meet the rules of Group 1 assets, in Group 2b, which remains subject to the 100% capital charge. It is these Group 2 assets of both sub-classes that will now be subject to a total exposure limit of 1% of Tier 1 capital, ‘including both direct holdings (cash and derivatives) and indirect holding (i.e. those via investment funds, ETF/ETN, special purpose vehicles)’. It remains to be seen how this may be reconciled to the SEC’s recent demand that client cryptoassets under custody should appear on banks’ own balance sheets, with industry groups, members of Congress and even the SEC’s own commissioners challenging that determination.

Lessons in due diligence from Three Arrows Capital: Three Arrows Capital (3AC), a crypto hedge fund that until recently had been viewed as a mature and reliable player, collapsed recently due to betting that the price of cryptocurrencies would rebound and to high exposures to the LUNA token that ‘backed’ the TerraUSD algorithmic stablecoin, both of which failed in May. Founded in 2012 by ex-Deutsche Bank and Credit Suisse traders Su Zhu and Kyle Davies, at one point the fund was managing USD 18 billion in assets, and was worth USD 10 billion as recently as March. Its rapid fall has led to further contagion risk to a surprisingly wide range of lenders including Voyager Digital, Babel Finance,, Genesis, BlockFi, BitMEX and FTX, with Voyager also filing for Chapter 11 bankruptcy protection. These lenders relied primarily on 3AC’s founders’ reputation in setting their exposure levels to the fund. Research firm FSInsight has accused 3AC of running an old-fashioned Ponzi scheme, using new borrowings to service older loans in a repeat of the behaviour that sunk Long Term Capital Management back in 1998. This raises the spectacle that the industry – or at least, relative newcomers to it operating in the crypto sector – has failed to learn the lessons of the past. FSInsight’s report assesses that it is likely that the vast majority of 3AC’s assets were bought with borrowings, and that relatively little equity was made available as collateral for the loans. This leverage ratio turned sour due to bets on both LUNA and also the Grayscale Bitcoin Trust. To add to 3AC’s troubles, the Monetary Authority of Singapore (MAS) has accused the fund of providing false information and exceeding limits on assets under management (AUM) set by the regulator. 3AC, incorporated in the British Virgin Islands (BVI) but headquartered in Singapore, had told MAS that management of the fund had been transferred to an unrelated BVI entity in September 2021, without disclosing that Su was a shareholder of both 3AC and that entity. The AUM limit was allegedly breached between July and September 2020 and again between November 2020 and August 2021. A BVI court ordered the liquidation of the 3AC fund on 27 June. On 1 July 3AC filed for Chapter 15 bankruptcy protection in New York,  but despite that a New York court has frozen the fund’s assets in an attempt to protect them from unauthorised disposals, a possibility hinted at by the transfer of 3AC NFT holdings to a new address. Zhu and Davies have now gone missing and are allegedly failing to cooperate with court-appointed liquidator Teneo, which has been unable to obtain information regarding the fund’s wallets and their associated private keys. The lessons are clear: just as in traditional finance, reliance on reputation alone is insufficient. There are continuing needs to perform adequate due diligence, monitor overall credit exposures, and to ensure good governance practices such as the use of trustworthy, independent fund administrators and custodians who can keep records and assist stakeholders and administrators in the event that issues arise.
Challenging DLT’s Reputation for Decentralisation and Security: Research commissioned by the US’s Defense Advanced Research Projects Agency (DARPA) and conducted by Trail of Bits highlights several thought-provoking facts and possible attack vectors that could compromise blockchains. The paper’s insights add nuance to DLT concepts, such as decentralisation and immutability of transactions, that have almost become axiomatic. They have implications for the design and governance of blockchains before too much responsibility for running future financial infrastructure is placed on them. Although blockchain networks are ostensibly decentralised, centralisation (and therefore single or at least fewer points of failure/weakness) can creep in through: authoritative centrality, ‘the minimum number of entities necessary to disrupt the system’ (aka the Nakamoto coefficient); consensus centrality, the extent to which the source of consensus – such as mining power in proof-of-work blockchains – is concentrated; motivational centrality, the way in which network participants are disincentivised from acting maliciously and whether those levers are managed centrally; topological centrality, or the risk that a network could be disrupted because it relies on a specific subset of nodes; network centrality, in which nodes may be subject to similar connectivity risks due to their geographical location or ISP or cable connectivity; and software centrality, being the risk that bugs or back doors in the blockchain’s core software, or incompatibilities or differences between different clients, could break immutability or cause a fork in the chain. Taking the Bitcoin network as an example, they found that:
  • Every popular blockchain has privileged users or entities that can amend the system and potentially cause changes to past transactions
  • As few as two entities need to be compromised or act maliciously to disrupt the Bitcoin blockchain, four for Ethereum, and fewer than twelve for most proof-of-stake blockchains
  • Only a small and dense subset of the thousands of advertised Bitcoin nodes participates in mining, contributes to the health of the network, and coordinates mining activity (which, in addition to creating new bitcoins, is also responsible for validating transactions and voting on governance issues); furthermore, node operators are not penalised for any dishonesty
  • Unlike the transactions themselves, Bitcoin network traffic is unencrypted, and therefore vulnerable to man-in-the-middle observation and tampering with messages from ISPs, governments, WiFi providers or Tor network exit nodes (the latter host to traffic for about half of all Bitcoin nodes); similarly, the most common mining pool communication protocol, Stratum, is unencrypted and effectively unauthenticated
  • 60% of Bitcoin network traffic passes through just three ISPs
  • 21% of Bitcoin nodes still run an outdated version of the Bitcoin Core client software that was known to have code vulnerabilities as far back as June 2021, over a year ago

News Links

Bank for International Settlements to Allow Banks to Keep 1% of Reserves in Bitcoin (Finbold)
US Fed Evaluating SEC’s Position on Digital Assets Custody, Powell Says (CoinDesk)
Gensler Labels bitcoin a ‘Commodity’ as Crypto Prices Stabilize (Morningstar)
CPMI and IOSCO Publish Final Guidance on Stablecoin Arrangements
Confirming Application of Principles for Financial Market Infrastructures
Belgium Starts Consultation on Classification of Crypto as Securities and Investment Instruments (Cryptoslate)
Singapore Eyes More Regulation to Protect Retail Investors From Crypto Winter Fallout (Cryptoslate)
Russian Parliament Approves Tax Break for Issuers of Digital Assets (Reuters)
Bank of Russia Ready to Legalize Crypto Mining If Miners Sell Minted Coins Abroad (
Grayscale Files Suit Against SEC Following Rejection of GBTC Conversion Bid (The Block)
Poundtoken Launches as the First Fully Backed GBP Stablecoin Regulated in the British Isles (City A.M)
Tether To Launch GBP₮, Tether Tokens Pegged to the British Pound Sterling (
Colombia Integrates Ripple’s XRPL for Land Registry (Cryptoslate)
  Crypto Exchange Coinbase Seeks Licenses in Europe as it Looks to Ramp Up Growth Outside the U.S. (CNBC)
   Paxos Promises Monthly Disclosure of Reserve Assets Backing its Stablecoins (Finextra)
The Central African Republic Launches Crypto Initiative Post Bitcoin Adoption (Cointelegraph)
Swiss Post Office to Offer Crypto Trading and Custody Services by 2024 (Finbold)
Northern Trust Creates Digital Assets and Financial Markets Group (Finextra)
Blockchain Firm SETL Acquired by Turkish Fintech (Finextra)
Deloitte, NYDIG Partner to Help Institutions Adopt Bitcoin (Nasdaq)
Fintech Infrastructure Firm Prime Trust Raises $107m (Finextra)
Stablecoin Tether (USDT) To Undergo Full Audit From Top Firm in Bid for Transparency (Daily Hodl)
Tether Reducing Commercial Paper Holdings Down to $3.5 billion by End-July (Cryptoslate)
Delio Unveils South Korea’s First ‘Crypto Bank’ (Finextra)
Crypto Exchange Binance Launches New Platform Aimed at Institutional Investors (Decrypt)
  SIX Digital Exchange Launches SDX Web3 Services (Finextra)
ANZ Completes First A$DC Stablecoin Transaction (Finextra)
EU-regulated Firm Banking Circle Adopts USDC Stablecoin (Cointelegraph)
  Goldman Sachs Executes First Bitcoin Futures Trade in Asia (Finbold)
Binance Brings Bitcoin Trading Fees to Zero (The Paypers)
NIST Announces First Four Quantum-Resistant Cryptographic Algorithms (National Institute of Standards and Technology)
Key: Regulation             Technology            Ecosystem              Markets 

CBDC Corner

Report: Options for Access to and Interoperability of CBDCs for Cross-border Payments (Bank for International Settlements)
Ripple Introduces CBDC Competition to Encourage XRPL Innovation (U.Today)
Amsterdam to Launch its Own Digital Currency to Promote Local Economy (NL Times)
More African Central Banks Are Exploring Digital Currencies (IMFBlog)
ECCB Launches DCash in Anguilla (Eastern Caribbean Central Bank)
Bank of Russia Accelerates Schedule for Digital Ruble Project (
Iran to Roll Out Pilot Version of Crypto-Rial Digital Currency Soon (IPFNews)
Taiwan Completes Trials of its Prototype CBDC for Retail Use (Forkast)
Taiwan Central Bank Governor Considers Interest-Free CBDC Design to Prevent Fiat Deposit Flight (Cointelegraph)
South Korea Ready to Test its CBDC with Commercial Banks (AJU)
Bank of England’s Vision for the Digital Pound Differs from China’s Model (Cryptoslate)
Banque de France Steps Up Wholesale CBDC Work (Finextra)

Thomas Murray Digital

Andrew Wright | Hugo Jack | Ben Ashley

Tel. +44 (0)20 8057 7100

Whilst reasonable care has been taken in the compilation of this information, neither Thomas Murray Network Management Limited, its affiliates or information contributors shall have any liability for any errors, omissions, delays or inadequacies in the information or for any loss or damage however occasioned (whether arising directly or indirectly), to any person or company relying on this information, or any decision made, action taken or inaction by any party in reliance upon this information (except to the extent permitted by law). Copyright © Thomas Murray Network Management Limited, company no. 03313014. All rights reserved. No reproduction without prior authorisation.