Self-custody vs third-party custody: the institutional tradeoff

Self-custody means holding your own keys. Third-party custody means a regulated institution holds them on your behalf. The choice between them shapes everything downstream: what insurance covers your position, who's liable if keys are lost, whether your auditor signs off on the holding, and whether a pension fund can ever own the asset at all.

For an individual crypto holder, self-custody is the philosophical default. "Not your keys, not your coins" is the founding line of the industry. For a fund manager with a fiduciary duty to thousands of beneficiaries, it's almost never an option.

Both arrangements have legitimate uses. They sit at opposite ends of a control-versus-acceptance tradeoff that almost every institutional crypto holder has to resolve before they hold anything.

How each one actually works

Self-custody puts the entire key-management stack on the holder. A hardware wallet like Ledger or Trezor stores the private key in a tamper-resistant chip. A multisig setup, popularized by Gnosis Safe and used by most crypto-native treasuries, spreads signing power across multiple devices and requires a quorum (often 2 of 3, sometimes 4 of 7) to move funds, so a single compromised key can't drain the wallet. A treasury team can also run its own MPC infrastructure. The holder controls every layer and bears every operational risk. If a key is lost, the funds are gone. If phishing succeeds, recovery is rare.

Third-party custody outsources that entire stack to a qualified custodian. Firms like BitGo, Anchorage, Fidelity Digital Assets, Coinbase Custody, and Komainu hold keys in hardware security modules, split them across geographies, run a policy engine that vetoes suspicious transactions, and carry insurance that pays out if the worst happens. The client signs off on movements through a permissioned interface. The custodian is contractually and legally on the hook for the asset.

The mechanics differ. The principle is similar: somebody has to control the keys, and that somebody bears the operational and legal risk.

Why the tradeoff matters

Plenty of individuals and crypto-native firms run self-custody well. Regulated capital is a different game. A pension fund's investment policy almost certainly requires custody at a qualified institution. A bank treasury can't hold an asset its auditor won't accept. An insurance carrier holding crypto as part of its general account needs bankruptcy-remoteness, audited segregation, and named insured coverage, none of which self-custody arrangements can deliver at the standard a Big 4 auditor will sign off on.

The collapses of FTX, Celsius, and BlockFi taught an adjacent lesson. They were failures of unqualified third-party custody, where firms treated client funds as their own working capital. The assets that survived those collapses were the ones held at qualified custodians, with proper segregation and insurance. The lesson cut both ways. Safe custody comes in more than one form, and "we hold it for you" means nothing without a regulatory framework behind it.

For most institutions, the choice resolves cleanly. The control benefit of self-custody isn't worth giving up the regulatory acceptance, insurance, and segregation that qualified custody provides. For most retail holders, the choice resolves the other way.

Where this shows up in institutional crypto-backed lending

When you pledge crypto as collateral against a stablecoin loan, the question of who holds the underlying asset doesn't disappear just because the loan happens on-chain. Custody still matters. Most institutional lending designs leave the pledged crypto exactly where it already is: at the holder's qualified custodian, in the holder's name. What goes on-chain is a tokenized representation of the pledge, not the underlying coins. For how that works without breaking custody segregation, see Tokenized MPC pledges: bringing off-chain-custodied collateral on-chain.