This is Part 3 of a three-part series on Wallets-as-a-Service (WaaS) for financial institutions.
In Part 1, we introduced Wallets-as-a-Service and outlined how institutions can use it to manage digital assets securely and efficiently. Part 2 covered the criteria institutions should use to evaluate WaaS platforms. In this final article, we explore how Cordial Systems addresses the shortcomings of most WaaS offerings—and how its infrastructure-first approach delivers the autonomy, auditability, and control that modern institutions demand.
The Limits of Traditional WaaS Models
Most WaaS solutions on the market today are delivered as multi-tenant, cloud-hosted platforms. While convenient for fast onboarding, these architectures come with tradeoffs:
- Opaque infrastructure: Institutions rarely gain visibility into the nuts and bolts of how key material is generated and managed.
- Third-party custody assumptions: Even when marketed as "non-custodial," key shares are often stored entirely, or partially by the provider.
- Limited assurances: If the vendor is creating and holding these keys then they do not come with iron clad assurances that the private key is unknown to them.
- Limited policy control: Most providers expose predefined workflows rather than enabling configurable, programmable governance.
- Vendor lock-in: Without portability of keys or policy engines, institutions are locked into proprietary stacks that may not scale with their needs.
This is just the start of the issues. Collectively, they create real operational risk, particularly for regulated institutions, fiduciaries, or any firm with high cybersecurity posture.
Even where WaaS offers advantages—such as faster deployment, scalability, and cost efficiency—those gains can be undercut by a lack of infrastructure sovereignty. Many institutions find that while they can spin up wallets quickly, they come with uncomfortable levels of trust in the vendor.
Cordial’s Core Principles
Cordial Systems takes a fundamentally different approach. Rather than abstracting wallet functionality into a SaaS black box, Cordial offers a self-hosted, programmable WaaS infrastructure that can be deployed entirely within the institution’s control plane.
Cordial’s architecture is designed around three foundational principles:
1. Control Through Self-Hosting
Institutions deploy Cordial’s MPC wallet infrastructure within their own environment—whether that’s a private cloud, air-gapped server, or on-prem data center. This eliminates reliance on vendor infrastructure and ensures key shares, signing flows, and audit logs remain under internal control. This is the responsibility model that makes sense for financial institutions.
This approach addresses one of the key challenges of conventional WaaS: the tradeoff between control and convenience. For use cases like high-value treasury operations or operations in jurisdictionally restricted regions, only self-hosted deployments can meet the bar for auditability and security. Relying on material outsourcing agreements with heavy vendor side dependencies is an incident report waiting to happen.
2. Zero-Trust Policy Enforcement
Every transaction must satisfy institution-defined policies before execution. Cordial enables granular, programmable governance, including:
- Multi-party approval workflows
- Jurisdictional restrictions
- Role-based authorization
- Treasury-specific rules (e.g., rate limits, daily caps)
- Custom programmatic checks
These policies are enforced cryptographically—not just at the application layer—ensuring they cannot be bypassed even in the event of a systems breach or system administrator going rogue. The policy engine itself is extensible to include upstream checks as policy rules, e.g. middle office systems, risk engine data feed, 3rd party API or blockchain data feed, which provides the richest control environment for securing your workflows.
3. Modular, Open Architecture
Cordial’s infrastructure is API-driven and componentized. While all security critical components run on the customer side (key shares, policy engine...) institutions can decide how much they want Cordial Systems to be involved in running auxiliary infrastructure such as RPC nodes. Customers can further configure their deployment to plug in their own:
- Compliance and screening tools (e.g., KYC/AML)
- Authentication systems (e.g., Identity Providers)
- Blockchain node providers or in-house RPC
This ensures long-term extensibility and avoids vendor lock-in, a risk institutions increasingly face with closed WaaS ecosystems that do not support key export, custom approval logic, or which require heavy customer side engineering to contort the product.
What Institutions Can Do with Cordial
By contrast, Cordial is built for institutions that need secure digital asset operations at scale while maintaining sovereignty over their technology infrastructure, including:
- Custodians and banks offering tokenized assets and crypto rails with audit-grade custody controls
- Exchanges and OTC desks managing thousands of wallets with custom transaction policies
- Asset managers running programmatic treasury, staking, or on-chain fund operations
- Fintechs embedding wallets into their applications while maintaining internal governance and risk workflows
Whether the goal is to build a regulated custody business, integrate crypto into traditional banking infrastructure, or operate a digital-native treasury, Cordial provides the infrastructure—and the control—to do it securely.
Cordial Treasury is Cordial’s flagship MPC wallet engine. It provides institutions with:
- Self-hosted MPC key generation and management
- Policy-based signing workflows with quorum enforcement
- Integration with ERP, middle office and compliance systems
- Support for 50 blockchains, and growing, with custom chain plugins available
- Real-time data and audit trails
- Immutable signing logs
With Cordial Treasury, institutions eliminate the achilles heel in their operational setup - material outsourcing agreements for critical IT which require unacceptable levels of trust. Cordial Treasury allows you to meet the technical, compliance, and governance standards expected in institutional finance, and is the only wallet that can also keep up with front office business teams.
Redefining What WaaS Can Be
Cordial Systems does not believe WaaS should mean relinquishing control. For institutions, especially those operating in regulated environments, control over infrastructure is not a luxury—it’s a requirement.
While typical WaaS platforms may offer embedded compliance tools or fast deployment, they rarely provide the level of control and auditability needed to operate at the institutional level. Cordial bridges that gap. By delivering Wallets-as-a-Service packed into self hosted infrastructure, not SaaS, Cordial offers a path forward: programmable custody with provable governance, auditability, and operational independence.
Custody is not just about storing keys. It’s about identifying and minimizing the trust residue between customer and critical IT vendor. Cordial makes that possible. Contact us today for a free advisory session.
