Blockchain and Custody: Towards a complete review of custody models?

01/10/2025

Blockchain is reviving the cards of asset custody. Between self-custody wallets and custodial wallets, traditional models are being challenged. The blockchain version of administered registered shares could prove particularly suitable for financial securities and thus challenge the current hegemony of bearer securities. While asking many legal and operational questions about the ownership and liability of tokenised financial securities...

Blockchain was born with a radical ambition: To eliminate intermediaries

The Satoshi Nakamoto Manifesto (2008) introduced Bitcoin as a peer-to-peer payment system, where each user could hold and transfer their assets without going through a central institution. The custody of Bitcoin was deemed to be directly ensured by its owners, namely the entities holding the private keys of the Bitcoin wallets. The notion of a self-custody wallet (or self-hosted wallet) was at the heart of the Bitcoin model and the many cryptocurrency blockchains that followed.

Securing crypto assets: The return of a "custodial wallet"

However, it remains possible for a third party in these blockchains to open a wallet on behalf of one or more external beneficiaries. It is also the purpose of platforms such as Binance, Coinbase or Kraken to offer to host the cryptocurrencies of several clients in global portfolios in order to facilitate their management and monitoring.  Thus, the concept of "custodial wallet", i.e. a wallet with a wallet content modeled on the securities account holder (custodian), could be introduced or reintroduced. One of the main advantages of this model for the end customer is the ability to transfer the risk and responsibility for custody to the custodian.  The risk of assets not being returned in the event of a problem is deemed to be higher on fully decentralised platforms (in particular public blockchains) than on traditional platforms with a central operator. Today, fintechs andfinancial institutions offer custody services for all types of tokenised assets, including both cryptocurrencies and real assets such as bonds or equities. Giants such as BNY Mellon, State Street and Ripple are developing conservation infrastructure to meet institutional needs. However, we feel it is necessary to consider the many possible challenges raised by the adoption of this new technology in the custody of financial assets.

A challenge to the technological neutrality of regulation?

For market authorities, the existence of a custodian is clearly likely to facilitate compliance with regulations (KYC, AML). This is why the fifth version of the European Anti-Money Laundering Directive (AMLD5) published in 2018 explicitly made custodians of crypto-assets subject to AML-CFT regulations, but without however addressing any issues related to the specificities of crypto-currencies.

It was only in 2023 with the advent of the MICA regulation on crypto-assets that the European legislator sought to specify the contours and specificities of the custody of crypto-currencies, and the extent of the obligation of return of crypto-assets by the custodian. This was particularly the case where, in the absence of the custodian’s fault, it did not seem possible to systematically guarantee the return of the assets. However, not wanting to call into question the use of the term custody by AMLD5, MICA then considered that the restitution obligation inherent in the custodian’s business applied to private keys when it could not apply to the assets themselves. However, this very broad definition of custody only applies to MICA’s digital assets because the custody and administration of tokenised financial securities (security tokens) remain governed by the MiFID Directive and the national law applicable to each custodian1. It also follows that the current methods of holding financial securities (registered and bearer securities) are theoretically not called into question by the tokenisation of these securities.

A challenge to conservation methods in a blockchain?

There are therefore 3 possible methods of custody in a blockchain: the two already existing methods for financial securities (custody by the issuer and custody by an intermediary) and the self-custody initially created for cryptocurrencies, digital assets without an issuer. The question is then whether the 3 modes are possible for a given type of token. For cryptocurrencies, there can be no custody by the issuer, so only 2 modes are a priori possible (self-custody and custody by an external third party). The problem is somewhat less obvious for security tokens and more generally for all tokenised assets with an issuer. Indeed, the custody by the issuer of registered securities was until now considered to be a disintermediated holding, thus in the same way as the new self-custody allowed by the blockchain. While self-custody has clearly allowed for disintermediated ownership of digital assets without an issuer, its interest in securities with an issuer seems somewhat less obvious.  Whether it is French order 2017-1674 known as the blockchain order or the European regulation "DLT Regime Pilot" authorising certain types of security tokens, it must be noted that not all the consequences of self-custody of financial securities have been very thorough so far.

For the time being, the operational solutions offered by security token custody providers seem to rely mainly on the automation via smart contracts of processes that are supposed to be up to now the responsibility of the issuer (in particular the case of OSTs). For us, this purely technical automation avoids the fundamental problem of whether or not two separate legal methods should be offered for the disintermediated holding of security tokens.

A questioning of issuer liability?

For some custodians of which we are a part, the interest of blockchain is not in the disempowerment of the issuer of financial securities, quite the contrary! Thanks to blockchain, the issuer can combine the advantages of registered securities and bearer securities. In theory, this possibility was already deemed to exist with so-called "administered registered" securities, which were supposed to combine the transparency of registered securities with the ease of settlement of bearer securities. Unfortunately, until now, the operational implementation of the administered registered form has been based on three distinct positions that should be reconciled (between the custodian and the issuer on the one hand and the custodian and the central depositary on the other). Thanks to blockchain, it seems entirely possible to have a single source of truth for the issuer, the custodian and the CSD. A blockchain-style "administered nominative" could, in our view, call into question the current hegemony of bearer securities.

A challenge to post-trade processes?

But make no mistake: Blockchain is just a technology, and creating security tokens is not an end in itself. What is important is to understand how this technology could improve some current processes and in particular all post-trade processes that could use the decentralised ownership transfer protocol characterising blockchain. Custody and settlement/delivery are clearly the main processes involved, but whether or not a digital asset has an issuer can be a game-changer, and in particular how to deal with the disintermediation of their holdings.

Securities law, custody and disintermediation: A variable geometry equation

The concept of disintermediation may also vary from country to country. The Anglo-Saxon trustee, like the holder of the private keys of a wallet, is deemed to be the legal owner of the securities held in its books even if it is not the final beneficiary. This is not the case in Europe where the custody service does not necessarily involve a transfer of ownership. An Anglo-Saxon wallets custody service is therefore not necessarily adapted to the European context.

The long-term success of the tokenisation of financial securities will therefore depend on our ability to master all the operational and legal subtleties associated with the various securities rights.

1The Pilot Regime Regulation (EU 2022/858), the MiFID2 Directive, the CSDR. and the adaptations to French law (DDADUE 3, Decree of 31 May 2023) govern the custody of tokenised financial securities. Eligible financial instruments include shares, bonds and units in UCITS, with cap and volume limits. DLT infrastructure may request exemptions from MiFID2 and CSDR. regimes, including for intermediation, settlement rules and the use of electronic money.

Alain Rocher, Head of Knowledge Management, Societe Generale Securities Services