If you came for the short answer, the answer is yes. Institutions in the digital asset space have been re-evaluating their reliance on mission critical IT service providers and 2025 is the year they remediate the risk.
They realised that while their past analysis solved a target problem (e.g. having some means of keeping private keys reasonably safe if we’re talking about wallet providers), they also threw the baby out with the bath water. Performing disproportionate security in one area that was not balanced or which ignored other parts of the problem which later came to light.
Coupled with that, at the macro level, there are broad swathes of new regulations, obligations, and best practices in how to deliver financial services - both traditional and in the blockchain world. What worked in the past is not suitable today in a rapidly evolving asset class. The desire to re-evaluate how to run critical IT for digital asset operations is coming from all areas of the enterprise:
Compliance. If you work in compliance you are seeing digital operational resilience strategies becoming top of mind. If you are serving the European market then the relevant literature on this is:
If you are in the UK and your VASP obtained a payments or e-money license then you’re working towards the end of March 2025 deadline here:
UK Operational Resiliency Rules
Asia and America also have their own flavours. While increased obligations on your regulated entity is nothing new, you are seeing more prescriptive regulation that needs to be passed down to your critical IT vendor relationships. You are probably having conversations with your internal partners over in the security and technology departments. Talking at length about business continuity planning, disaster recovery, how you can maintain service availability and avoid writing up a horror story incident report which gets sent straight to the top as well as the regulator.
Technology. If you are a technology leader you are already concerned about how your digital asset wallet vendor creates your private keys, where they are stored, who hosts the policies which govern the use of those keys and much more. Just as important to you is how those transaction messages get created and what assurances exist so what you end up signing is in fact the transaction that you intended to. You likely have other concerns around data sovereignty, and generally find the product is a blackbox in some of the most security critical areas. Perhaps your risk based approach led to other risk officers agreeing to limit the dollar exposure to a vendor’s product, protecting the company but perhaps negatively impacting your business teams too. You are on the hunt for alternatives but haven’t come across anything yet.
Operations. If you’re head of operations you’re acutely aware that you rely heavily on one or two critical IT service providers to support your day to day business. You also likely requested a lot of engineering work to wrestle the product into the right shape for your needs, presenting an uncomfortable level of vendor lock-in which you become aware of each year when you see the commercial terms of your contract renewal. Perhaps your company recently set up an internal or external audit function, and they are equally concerned about how dependent you are on these vendors should they not uphold their end of the bargain. You are totally dependent on these one or two tools to manage day to day operations - if the provider is offline for several hours you’re stuck, if they get acquired out of the market… again, that would be a horror show.
In light of risk materializing from centralized exchanges holding client assets getting hacked, or large systemic counterparties blowing up, there was a rush to so-called “self custody wallets”. The prevailing wisdom was that wallets with multi party computation, MPC (or threshold signature schemes) give me a key share to sign on any transaction, while the vendor has the other key share but can’t move my assets without my signature. Since the vendor is more of a security expert than the customer, the firm decides it is ok to put all of their trust into them and rely on simple paper based third party risk management to satisfy vendor management due diligence.
For those who did look at self custody wallets which could also be self hosted, it turned out to not really be an option and very few opted for this route. Either these were heavy lifts with long project lead times for deployment and integration, possibly with attached professional services contracts amounting to a very expensive alternative with a significant timeline attached. The other option was more of a low level developer tool which you can build upon, instead of a fully formed offering. This bottom-up approach resulted in more technical hurdles to overcome with little in the way of value ready out of the box for the organization. Again, the SaaS wallet products looked to be the only way to go.
Following the macro level developments, conversations referenced within various institutional walls, and traditional finance institutions moving into this space, there are internal and external stakeholders demanding that these risks be addressed. If a regulator asks: “what do you do when mission critical software X does down?” and your answer is to point to the vendor, raise a support ticket, and sit on your hands and wait… that doesn’t fly anymore. You also know that in times of market stress, or vendor side fire fighting, those service level agreements will be absolutely worthless when reality bites.
Equally, this is totally alien to traditional finance institutions moving into digital assets. In their world downtime or breaches have severe consequences. They are used to having maximum control and sovereignty over mission critical IT, it’s a non-negotiable. Everything from iron clad contracts with audit rights and ongoing obligations to be maintained on the part of the vendor, all the way to hosting critical IT in their data centre or private cloud. With this attitude comes a reset of what is acceptable and the industry learns to mature collectively with new best practices being set and new technology cycles taking over.
Today, the technical barriers that historically made SaaS solutions an attractive alternative are diminishing. You can find containerised wallet software which is easy to deploy and run yourself as part of repatriating critical IT to within your corporate borders. On-premises solutions that work in your own corporate network present a means for institutions to isolate their infrastructure, implement their own security measures, and ensure service availability while reducing exposure to systemic risks like a critical 3rd party experiencing an outage.
Here are only a handful of the technical developments and how they make self hosted wallets viable for the majority:
Taking the wallet product by Cordial Systems as an example there are several physical and virtual security benefits:
For a developer or technology leader, this shows how approachable it is to run your own digital asset wallet locally while optimizing for autonomy and control. These advancements make on-premises not only feasible but often more efficient than their SaaS counterparts. Big banks and those wanting to get deeper into the weeds can certainly go further than this. Integrating with existing systems, imposing your security standards, and ensuring operational resilience your way - rather than inheriting the model of the vendor. The important point is that there is a viable path for security conscious organizations of various sizes and maturity to run their wallets internally.
First of all, the wallet application is now hosted by you and not the vendor. You can locally create keys, store them on your servers, host your policy engine, and other security critical tasks which previously required vendor side involvement or was entirely outsourced as a responsibility they had on your behalf. Some products, like wallets offered by Cordial Systems, also contain read-only access to the source code. So you can satisfy yourself from the ground up that this software is fit for purpose, as well as run it in a way that you deem fit. Ready out of the box for most, and extendable to be configured for the strictest of setups. Some of the benefits include:
Executive and risk officers in the enterprise no longer have to accept large amounts of risk through SaaS based wallets. In fact, they cannot afford to. Regulation and cybersecurity frameworks around operational resilience do not approve of putting your fate in the hands of a select few powerful service providers. If digital assets are to be elevated to the product set of equities, fixed income, commodities and others… well, traditional financial institutions recognise that hosting their own digital asset infrastructure, in part or in full, is the only way this works for them. These new standard bearers have led to a world where mature virtual asset service providers (VASPs) are also running more security critical digital asset infrastructure in their corporate network, or are actively looking to do so in 2025. Don’t get left behind.
