Crypto custody: risks and controls from an auditor’s perspective

Cryptocurrencies provide opportunities but also involve risk. The risks, particularly those associated with generating and managing keys, must be addressed by the owner or designated crypto custodian through appropriately designed controls and be duly acknowledged by the auditor.

1. Introduction

No central control authority exists in decentralised blockchain technology systems. This means each user needs to understand their respective role, the associated tasks and responsibilities, and the risks alongside. A private key is the main element through which a user executes transactions and controls their cryptocurrency and therefore their digital assets. As such ‘key management is key’. If the user loses their private key, they will not be able to regain access to their private key at a central authority or request a new one. It is only possible to restore a private key if a suitable backup solution is in place.

Crypto custody solutions providers are service companies that offer secure storage solutions for cryptocurrencies. These services are developed for both institutional and private clients. Their main objective is to ensure the availability, confidentiality and integrity (‘protection goals’) of private keys and the information needed to restore them (backups) so that customers can access their cryptocurrencies.

2. Crypto custody risks

Private keys allow users to access their digital assets and protect against unauthorised access or transactions. If a private key is compromised – e.g. through fraud or theft – third parties may be able to control the digital assets. It is therefore very important to create and store private keys and their backups in a secure manner.

Some of the biggest risks for the users are their private keys and their backups are being compromised and confidentiality, availability or integrity is therefore lost:

  • Confidentiality: risk that unauthorised persons can and will access private keys and backups. Anyone gaining unauthorised access can execute transactions and access the digital assets.
  • Availability: risk that private keys and their backups will no longer be available or at least not in a timely manner. If the private keys and their backups are no longer available, it may be impossible to access the digital assets.
  • Integrity: risk that private keys or their backups will be changed and rendered no longer readable. If the integrity of the private keys and their backups is compromised, it may prove impossible to access the digital assets.

These major risks themselves give rise to other risks in the main phases of a private key’s life cycle:

  • Key ceremony: Several risks exist during the key ceremony (when private keys are generated). For example, private keys may be viewed and copied during the generation process or while they are being transported to where they and their backups are ultimately kept. These attacks may be by persons directly involved or by persons not directly involved in the process who may, for example, gain access to selected technical components, e.g. a printer memory.
  • Key management: In managing private keys and their backups, there is an inherent risk that they may be lost, stolen or rendered no longer readable. There is also a risk of fraud if a clear division of responsibilities for the storage of private keys and backups is lacking or if the persons entrusted with controls and security fail to follow the necessary security protocols. The private keys and their backups, which should be stored in different locations, must always be protected against physical interference or damage.
  • Transactions: When initiating and approving transactions for digital assets, financial risks may arise if the control system is inadequately designed or if duties are insufficiently segregated. In the traditional world of banking, financial assets can be refunded in the event of error or fraud – but not in the crypto world.

If cryptocurrency controls fail, it can also pose significant risks from a financial statement’s perspective:

  • Custodian: If the custodian loses control of their cryptocurrencies, they must be derecognised as assets and the loss booked to the income statement. As the custodian usually bears custody risk, they will still retain a liability towards the customer in such cases. The custodian usually earns a small percentage on the asset value of the cryptocurrencies in custody. In such set-ups it is typically the case that the custodian’s holdings of the cryptocurrency stored may dwarf its equity capital. If a partial loss of cryptocurrencies occurs and there is insufficient insurance against the risk of loss, a custodian can find themselves insolvent. If the custodian cannot be restructured, another consequence is that the customers would have to write down some or all of their cryptocurrencies.
  • Companies with cryptocurrencies on their balance sheet: if the company loses control over its cryptocurrencies, they must be derecognised as an asset and the loss booked to the income statement.
  • Banks and asset managers with off-balance-sheet cryptocurrencies: If a bank or asset manager reports off-balance-sheet cryptocurrencies and they lose control of these cryptocurrencies, the customer liability will still have to be reported on the balance sheet in the case where the bank or asset manager bears the custody risk itself. For this reason and due to the increased risks associated with off-balance-sheet cryptocurrencies, an auditor must perform the same audit procedures as for cryptocurrencies that are on the balance sheet.

Crypto custody can have a material impact on the company and the audit. If control over digital assets is lost, it might lead to a write-down of assets and/or the booking of additional liabilities on the balance sheet. This can quickly lead to insolvency and the need for restructuring, depending on the amount of crypto assets lost and the strength of the company’s capital base.

3. Types of crypto custody solutions

Protecting private keys and backups is critical. In particular, private keys and their backup must be kept separate and protected from internal and external attacks. This is where professional crypto custody solutions come into play. They are used to reduce the above-mentioned risks regarding confidentiality, availability and integrity of the private keys and their backups over the entire life cycle.

Companies need to decide which crypto custody solution to choose. Two aspects must be considered:

1. Should a company seek an internal or external crypto custody solution?

This question is important both from a strategic and commercial angle. If the company opts for an internal solution, it will need to build up the necessary knowledge and experience. On the other hand, if the company chooses to go down the external provider path it can delegate the task of custody to the provider, but it still bears the associated responsibilities – especially for the internal control system. For this purpose, professional crypto custody providers establish control reports to standards ISAE 3000 or ISAE 3402 SOC 1 or 2. These can be used to assess and monitor the outsourced processes, risks and controls.

2. Should the solution be set up as a cold, warm or hot storage solution?

In practice, a distinction is made between cold, warm and hot storage:

  • With hot storage solutions, wallets are permanently online. This means that they are always connected to the blockchain and transactions can be approved and therefore carried out with little delay.
  • Cold storage solutions are offline wallets and therefore physically sealed off from other systems. They are generally considered to be the more secure solution for storing private keys. But there may be some considerable time lag before transactions are approved and executed. They are therefore mainly used for digital assets that are stored for the long term.
  • Warm storage solutions are designed to combine the advantages of both worlds.

With these storage solutions, hardware security modules (HSMs) or environments with multi-party computation (MPC) are typically used to protect private keys. Backups are usually stored in safe deposit boxes with trusted third parties.

4. Risks and measures from an auditor’s perspective

To counter the aforementioned risks, auditors should consider a number of points. They should verify that adequate controls are in place for the safekeeping of private keys and their backups, ensuring that they cover the private keys’ entire life cycle. If the evidence of adequate controls does not cover the entire life cycle, there is a risk that the private keys have already been compromised and the digital assets can be lost at any time.

It is irrelevant whether the company uses its own solution or goes for a third-party company. If the solution is in-house, the auditor is also responsible for independently assessing the risks and testing the controls. If the solution is outsourced and the service provider provides a control report, it is possible to rely on the control report. The auditor must assess this control report in detail and, if necessary, audit complementary user entity controls (controls the report recipient is responsible for).

To cover the entire life cycle of private key management with sufficient audit evidence, it is advisable to involve the auditor from the beginning. Established practice is for the auditor (or another independent third party) to attend the key ceremony in order to reduce potential risks at the very start. There must be sufficient documentation and evidence to ensure the key ceremony can be verified.

The auditor must take into account the private key with all backups in order to address overall custody of these private keys. The auditor must verify whether both the private keys and their backups are securely stored. The security requirements for backups are the same as for private keys.

The auditor must also obtain comfort about the transaction signing environment. To do so, they must verify whether and how the company has implemented a process that ensures only authorised or approved employees can initiate the sale of the cryptocurrency – at a minimum the dual-control principle must be applied. As a starting point, the company should present the auditor with rules of procedure for the execution of transactions on the blockchain.

It is also important from the auditor’s point of view to ensure through audit procedures that the company has access to its digital assets. Sign message procedures (sending a message via the blockchain) are particularly suitable for this. If the crypto custody solution does not have this option, microtransactions can be carried out (a transaction is simulated to demonstrate control over private keys).

As mentioned, in general it is important for the auditor to perform the same audit procedures on cryptocurrencies held off balance sheet of a financial company that bears the custody risk itself as for cryptocurrencies held on the balance sheet.

The auditor should carefully assess the probability of the digital assets being lost in order to evaluate any impact on the financial statements, particularly with regard to the going concern assumption. This means that, when issuing an audit opinion, they must ensure that, based on the audited effective control system, there is no de facto possibility of a loss of digital assets within the next 12 months that would jeopardise the company’s ability to continue as a going concern.

5. Conclusion

Private keys and their backups are central to accessing and controlling digital assets on the blockchain. A effective control system can reduce the risks with regard to the availability, confidentiality and integrity (‘protection goals’) of private keys and their backups. Companies should waste no time in setting up such a system as any loss of control over cryptocurrencies would expose them to significant risks. The auditor must address these risks with appropriate audit procedures. This includes requiring proof that adequate and effective controls are implemented for secure storage of private keys and their backups throughout the entire life cycle. For this purpose, the auditor should already be involved in the key ceremony where the private keys are generated. The auditor must verify that only authorised or approved employees can initiate the sale of cryptocurrencies and the company can access its digital assets. Finally, the auditor must carefully assess the probability of digital assets being lost after the report is issued and ensure that the audited control system for the coming financial year is sufficiently resilient to prevent a loss that would put the company’s future as a going concern in jeopardy.

Crypto custody assurance

Cryptocurrency custody assurance

Anyone doing business of any magnitude has to rely on other parties – which means trusting somebody else to deliver what they say they will. Cryptocurrency custody solutions are services where transparency and trust in the (virtual asset) service provider are of key importance because digital assets are easily lost forever when the corresponding private keys are not sufficiently protected.

Read more

Adrian Keller

Adrian Keller leads PwC Switzerland Blockchain & Crypto Audit since 2016. Adrian and his team are auditing and advising blockchain and crypto clients as well as clients in the blockchain financial services industry. He is in close collaboration with market participants and engaged in various initiatives and associations. Adrian is a Swiss Certified Public accountant and a lecturer for blockchain audit at the professional organisation for audit experts, EXPERTsuisse.

Ralf Hofstetter

Ralf Hofstetter heads Trust & Transparency Solution of PwC Switzerland since 2019. He has extensive experience and knowledge in bringing transparency and thus trust to clients and their stakeholders using attestations such as ISAE 3000 or ISAE 3402. Ralf and his team are pioneers in providing assurance to the subject of Crypto Custody. He has a Master Degree from the University of Zurich and is certified according to CISA, CISSP as well as ISO 27001 Lead Auditor.


Contact us

Adrian Keller

Adrian Keller

Partner and Leader Audit for Blockchain, PwC Switzerland

Tel: +41 58 792 23 09

Ralf Hofstetter

Ralf Hofstetter

Partner, Sustainability Assurance, PwC Switzerland

Tel: +41 58 792 5625

Nicolas Memmishofer

Nicolas Memmishofer

Blockchain Assurance, PwC Switzerland

Tel: +41 58 792 21 61