How Custodians Are Adapting to Tokenized Assets

Tokenized asset custody is reshaping institutional finance — the market reached $708 billion in 2025 as custodians adopt MPC, HSMs, and new regulatory frameworks.

Introduction

Tokenized asset custody is the institutional practice of safeguarding blockchain-based tokens — digital representations of ownership over financial or real-world assets — on behalf of clients. Traditional custodians hold ownership as entries in centralized databases, but tokenized assets are controlled by cryptographic private keys recorded on-chain. The entity holding the private key effectively controls the asset, which means custodians must now operate as active key infrastructure managers rather than passive record-keepers.

The global digital asset custody market reached $708.09 billion in 2025 and is projected to grow to $834.29 billion in 2026 at a compound annual growth rate (CAGR) of 17.8%. This growth is driven by institutional demand across multiple tokenized asset classes — US Treasuries, bonds, equities, real estate, and deposits — each requiring different security architectures and compliance frameworks. Custodians face a structural shift on three fronts simultaneously: private key security, regulatory compliance, and interoperability with legacy financial systems.

This article explains how institutional custodians are adapting their infrastructure and governance to meet that challenge. It covers the security models custodians use to protect private keys, the regulatory frameworks shaping qualified custodian status in the US and EU, the asset classes now held in institutional custody, and the operational challenges that remain.

What Is Tokenized Asset Custody and Why Does It Differ From Traditional Custody?

Ownership Records: Database Entries vs. Cryptographic Keys

In traditional custody, a custodian — an institution that safeguards assets on behalf of clients — holds ownership as entries in centralized databases or paper records. Multiple intermediaries maintain duplicate records, and reconciliation between parties takes time. Transferring an asset requires authorization across several counterparties before settlement completes.

Tokenized asset custody works differently. Ownership of a tokenized asset is recorded directly on a blockchain — a distributed, immutable ledger — and controlled by a cryptographic private key. The entity that holds the private key effectively controls the asset. No central authority can restore access if that key is lost.

Smart Contracts and On-Chain Programmability

A smart contract is a self-executing program on a blockchain that automatically carries out predefined actions when coded conditions are met. Smart contracts encode the rules of ownership: how many tokens exist, who can hold them, and how transfers execute. They also automate compliance functions — transfer restrictions, investor eligibility checks, and corporate actions — without requiring manual intermediary involvement.

This programmability creates a structural shift in what custodians must do. Traditional custodians are passive record-keepers that act on client instruction through established intermediary chains. Digital asset custodians must actively manage key infrastructure, monitor on-chain activity, and reconcile blockchain state with off-chain records — a fundamentally different operational role.

From Record-Keeping to Key Infrastructure Management

The shift from database records to on-chain ownership changes both the risk model and the operational requirements for custodians. In traditional finance, legal and regulatory mechanisms can reverse erroneous transactions. On a blockchain, confirmed transactions are irreversible — errors in key management or smart contract execution have permanent consequences.

Custodians therefore carry a new category of responsibility: securing private keys with the same rigor previously applied to physical asset vaults. Institutional digital asset custodians hold keys in segregated, secure environments and act on client instruction, reducing the operational risk that comes with self-custody.

What Security Models Do Digital Asset Custodians Use to Protect Tokenized Holdings?

Three Dominant Architectures for Key Protection

Institutional custodians use three core security architectures to protect private keys. The first is cold storage with a Hardware Security Module (HSM) — a tamper-resistant physical device that generates, stores, and signs cryptographic operations without ever exposing the private key. HSMs operate fully air-gapped from internet-connected systems, meeting FIPS 140-2 Level 3 or higher certification standards. Private keys processed inside an HSM never leave the device itself.

The second architecture is Multi-Party Computation (MPC) — a cryptographic method that splits a private key into multiple encrypted shares distributed across separate parties. No single party ever holds a complete key, eliminating the single point of failure common in earlier custody models. A typical institutional configuration uses a 2-of-3 threshold: any two of three designated key-share holders must participate to authorize a transaction.

The third architecture is multi-signature (multisig) custody, which requires multiple independent private keys — each held by a different authorized party or system — to co-sign a transaction before it executes. BitGo pioneered institutional Bitcoin multisig custody in 2013, and multisig remains widely used for Bitcoin holdings where MPC is less natively supported. Leading custodians increasingly combine all three approaches into layered security stacks.

Security Model Comparison

Table 1: Digital Asset Custody Security Models

Data current as of April 2026.

Layered Architectures in Practice

No single security model covers every threat scenario. Institutional custodians therefore combine models: cold HSM storage for deep-reserve holdings, MPC for operational transaction signing, and multisig for governance approvals requiring multiple organizational stakeholders. Cobo's institutional architecture, for example, uses MPC with flexible M-of-N threshold configurations — such as 2-of-3 or 3-of-5 — matched to each client's internal approval policies. This layered approach reduces both the risk of external compromise and insider threats simultaneously.

How Does Regulatory Compliance Shape Crypto Custody Institutions Today?

The US Framework: Qualified Custodians and OCC Charters

In the United States, the SEC Custody Rule — Rule 206(4)-2 under the Advisers Act — requires registered investment advisers (RIAs) to maintain client assets with a qualified custodian, defined as a bank, savings association, broker-dealer, futures commission merchant, or certain foreign institutions. Applying this definition to crypto assets created years of regulatory ambiguity, as it was unclear whether digital asset custodians met the "bank" definition. In September 2025, the SEC's Division of Investment Management issued a no-action letter confirming that state-chartered trust companies meeting specific conditions — including audited GAAP financials and a SOC 1 or SOC 2 Type II report — can serve as qualified custodians for crypto assets.

The OCC federal bank charter provides the clearest qualified custodian status. Anchorage Digital holds an OCC federal bank charter, making it the first federally chartered digital asset bank in the US. In December 2025, BitGo received full, unconditional OCC approval to convert BitGo Trust Company to BitGo Bank \& Trust, National Association — a conversion that establishes its standing as a qualified custodian under the Advisers Act. Conditional OCC approvals were also granted to Fidelity Digital Assets and Paxos Trust Company during the same period.

The EU Framework: MiCA Authorization for CASPs

In the European Union, the Markets in Crypto-Assets Regulation (MiCA) — the EU-wide framework governing crypto services — requires any entity providing custody and administration of crypto assets on behalf of clients to obtain authorization as a Crypto-Asset Service Provider (CASP) from its national competent authority. Custody providers must segregate client assets from firm assets, maintain minimum permanent capital of €150,000, and implement documented private key management procedures subject to independent security audits. Non-custodial wallet providers, where clients retain sole control of private keys, fall outside MiCA's scope in most cases.

MiCA also imposes AML/KYC obligations aligned with the EU's existing Anti-Money Laundering Directive. CASPs authorized in one EU member state can passport their services across all other member states without requiring additional national licenses. This passporting mechanism creates a structural advantage for early-authorized custodians seeking to serve institutional clients across the EU market.

Regulatory Compliance as a Market Differentiator

Regulatory status now functions as a competitive differentiator in institutional custody. RIAs and registered funds must perform initial and ongoing annual due diligence on any custodian — assessing private key management, cybersecurity practices, and SOC report quality — before allocating client assets. Custodians that have secured OCC charters or MiCA CASP authorizations reduce this due diligence burden for institutional clients. The SEC also rescinded Staff Accounting Bulletin 121 in January 2025, removing an accounting obstacle that had previously discouraged banks from offering crypto custody services.

Which Types of Tokenized Assets Are Custodians Now Supporting and How Do They Compare?

From Treasuries to Real Estate: The Expanding Custody Universe

Institutional custodians now support a broad and growing range of tokenized asset classes. Tokenized US Treasuries and money market funds represent the largest segment by value, reaching $7.4 billion as of 2025 — an 80% increase year-to-date. Institutional demand for these instruments is driven by their yield-bearing characteristics and suitability as on-chain collateral. Real-world asset (RWA) tokenization — the process of representing ownership of physical or financial assets as blockchain tokens — reached a total value locked of $65 billion across more than 200 institutional projects in 2025, up 800% from 2023.

Tokenized bonds and structured notes are also gaining traction. DBS Bank, Singapore's largest bank, issued its first blockchain bond — an SGD 15 million ($11 million) digital bond on DBS Digital Exchange — as early as 2021. In August 2025, DBS expanded its tokenization program by issuing Ethereum-based tokenized structured notes distributed across third-party digital investment platforms including ADDX, DigiFT, and HydraX. Each asset class requires distinct custody infrastructure: tokenized Treasuries demand robust on-chain settlement rails, while tokenized real estate requires custodians to manage fractional ownership records and complex transfer restrictions.

Asset Taxonomy and Custody Requirements

Table 2: Tokenized Asset Classes and Custody Requirements

Data current as of April 2026.

The DTCC Pilot: Tokenized Equities Enter Institutional Custody

The DTCC Tokenization Services pilot marks the most significant expansion of tokenized custody into mainstream securities. On 11 December 2025, the SEC granted a no-action letter to The Depository Trust Company (DTC), permitting DTC participants to record their security entitlements using distributed ledger technology. The pilot covers securities in the Russell 1000 Index, US Treasury securities, and ETFs tracking major indices such as the S&P 500 and Nasdaq-100. The planned launch is scheduled for the second half of 2026 and runs for a three-year relief period.

How Are Legacy Financial Institutions Integrating On-Chain and Off-Chain Custody Systems?

BNY and State Street: Building Hybrid Infrastructure

BNY — the world's largest custodian bank, with $57.8 trillion in assets under custody as of January 2026 — launched its Digital Assets platform on 8 January 2026, enabling on-chain mirrored representations of client deposit balances. The platform operates on BNY's own private, permissioned blockchain and targets collateral and margin payment use cases for institutional clients. Early participants included Intercontinental Exchange (ICE), Citadel Securities, DRW, and stablecoin issuer Circle.

Client balances on the BNY platform remain simultaneously recorded in BNY's traditional core banking systems to preserve regulatory and reporting integrity. This dual-ledger approach — maintaining both on-chain and off-chain records in parallel — is the defining characteristic of hybrid custody infrastructure. State Street launched its own Digital Asset Platform in January 2026, extending custody and administration services to tokenized funds and digital cash instruments.

What Role Do Permissioned Blockchains Play in Institutional Custody?

A permissioned blockchain is a distributed ledger where access is restricted to a defined set of vetted participants, in contrast to public blockchains where any entity can join and validate transactions. Institutional custodians prefer permissioned architectures for three reasons: participant sets are known and contractually bound, transaction data remains confidential to the network, and the ledger produces audit trails compatible with existing regulatory reporting obligations.

Permissioned blockchains also offer the governance controls that institutional operations require. Network administrators can enforce rules — such as transfer restrictions or investor eligibility checks — at the protocol level without relying on external smart contract calls. Validated permissioned blockchain frameworks have demonstrated throughput of 118 transactions per second under research conditions, sufficient for intraday collateral and margin settlement workflows. This architecture preserves on-chain programmability while meeting the auditability standards regulators expect.

What Are the Main Operational Challenges Custodians Face With Tokenized Assets?

Four Structural Challenges in Tokenized Custody

Key management is the most fundamental operational challenge in tokenized asset custody. Private key loss results in permanent, unrecoverable asset loss — there is no central authority to restore access. An estimated $2.2 billion in crypto assets were lost through key theft or mismanagement in 2024. Institutional custodians mitigate this through MPC key-share distribution, HSM cold storage, and strict quorum-based authorization policies that prevent any single employee from controlling a complete key.

Interoperability presents the second major challenge. Tokenized assets are frequently issued on different blockchains — Ethereum, Solana, or private permissioned networks — and custody systems must communicate across all of them simultaneously. Separate blockchains cannot natively exchange data or transfer assets; custodians must integrate cross-chain protocols such as Chainlink's Cross-Chain Interoperability Protocol (CCIP) to move assets and transmit settlement messages between networks. Without standardized interoperability, tokenized assets become siloed within individual chain ecosystems, limiting liquidity and increasing reconciliation workloads.

Operational Risk Matrix

Table 3: Operational Challenges in Tokenized Asset Custody

Data current as of April 2026.

How Do Custodians Handle Smart Contract Risk in Tokenized Asset Management?

Smart contracts are immutable after deployment on most public blockchains — errors in contract logic cannot be patched without deploying an entirely new contract. Institutional custodians require pre-deployment security audits by independent third-party firms such as Trail of Bits or Certik before agreeing to custody any tokenized asset. Formal verification — mathematically proving that contract code behaves exactly as specified — provides additional assurance for high-value token contracts.

Where contract upgrades are unavoidable, proxy contract patterns allow administrators to redirect calls from an unchanging proxy address to a new implementation contract, preserving the token's on-chain identity. However, proxy patterns introduce their own governance risks: the upgrade authority itself becomes a high-value attack target. Custodians therefore require that upgrade keys are protected with the same MPC or multisig controls applied to asset-holding wallets.

How Does Tokenized Asset Custody Affect Settlement Speed and Operational Efficiency?

From T+1 to Near-Instant: The Settlement Gap Narrows

Traditional securities markets in the US moved to T+1 settlement — one business day after the trade date — in May 2024, halving the prior two-day cycle. Despite this improvement, a 24-hour gap remains between trade execution and final settlement, during which counterparty risk persists and capital is locked as margin collateral. Tokenized securities settle directly on-chain, where confirmation of a transaction simultaneously updates ownership records for all participants. This achieves T+0 — or atomic settlement, where both legs of a trade complete at the exact same instant, eliminating the window for one party to default before the other receives the asset.

Settlement speed varies by blockchain. Ethereum reaches probabilistic finality within approximately 12–15 minutes; Solana achieves finality in approximately 400 milliseconds. Faster settlement reduces the volatility component of clearinghouse margin requirements — the SEC estimated that moving from T+2 to T+1 alone cut this margin buffer by 41% in extreme market scenarios, implying further gains at T+0. Institutional appetite for T+0 remains selective, however: a 2024 survey of bond market participants found that only 16% preferred instant settlement, with 84% favouring longer cycles that preserve netting and liquidity management flexibility.

On-Chain Cash: Unlocking Intraday Liquidity

Settlement speed gains only materialise fully when cash moves as fast as the asset. The principal constraint in early tokenized securities markets was the absence of on-chain cash — institutions could transfer tokenized bonds or fund shares instantly, but payment still settled through conventional banking rails on a next-day basis. BNY's tokenized deposit platform, launched on 8 January 2026, directly addresses this gap by enabling near real-time movement of mirrored cash balances on-chain to satisfy margin calls and collateral transfers within seconds.

BNY's platform connects three digital cash rails — stablecoins, tokenized money market funds, and tokenized deposits — into a single institutional infrastructure layer. Institutions can shift tokenized balances across participants in seconds, eliminating dependence on batch processing cut-off times that constrain intraday liquidity management in traditional systems. J.P. Morgan Asset Management similarly identifies real-time collateral movement and 24/7 operations as the primary efficiency drivers that justify institutional investment in tokenized money market fund infrastructure.

Operational Cost Implications

Fewer intermediaries in the settlement chain translate directly into lower operational costs. Traditional post-trade processing involves custodians, clearing houses, central securities depositories, and transfer agents — each adding cost and reconciliation overhead. On-chain atomic settlement removes the need for bilateral reconciliation between counterparties, reducing the volume of failed settlements and associated penalty fees. Smart contracts automate margin calls, collateral valuation, and reporting processes, reducing manual operational overhead while eliminating reconciliation errors between counterparty ledgers.

Which Leading Crypto Custody Institutions Are Currently Supporting Tokenized Assets?

Five Institutions Defining the Tokenized Custody Landscape

Anchorage Digital holds the distinction of being the first federally chartered digital asset bank in the US, having received its OCC national trust charter in 2021. The bank supports tokenized securities, staking, and — since January 2026 — institutional ETH restaking through an integration with ether.fi, enabling clients to restake ETH directly within qualified custody. In early 2026, Anchorage Digital began targeting a $200–400 million funding round ahead of a speculated IPO, signalling continued institutional confidence in its compliance-first infrastructure.

BNY — with $57.8 trillion in assets under custody as of January 2026 — operates the most systemically significant tokenized custody program among traditional banks. BNY serves as primary custodian for OpenEden's TBILL fund, which held $287 million in assets under management as of January 2026. Fidelity Digital Assets — part of Fidelity Investments, which manages over $14 trillion in total assets — supports Bitcoin, Ethereum, and tokenized money market fund custody, and received conditional OCC charter approval in December 2025.

Provider Comparison Table

Table 4: Leading Crypto Custody Institutions for Tokenized Assets

Data current as of April 2026.

Regulatory Milestones Reshaping the Competitive Field

The December 2025 OCC charter approvals — granted simultaneously to BitGo, Fidelity Digital Assets, Ripple, Paxos, and First National Digital Currency Bank — represent a structural shift in the US custody landscape. Federal charters give these institutions a single, uniform supervisory regime in place of a patchwork of state-level licences, reducing compliance overhead and simplifying the qualified custodian determination for RIA clients. BitGo completed its IPO in January 2026, raising $212.8 million at a valuation exceeding $2 billion, marking the first public listing by a dedicated digital asset custodian.

FAQ

References / Sources