Multiple market cycles in the crypto market have shown that even very large and established crypto custodians and exchanges may disappear very quickly, affecting thousands if not millions of clients. Reckless and fraudulent behavior can trigger a loss of confidence in a market player, exposing the potentially insufficient backing of client deposits (liabilities) with the underlying crypto assets.

Custody at Bitcoin Suisse

Bitcoin Suisse has the broadest custody offering in Switzerland and Europe, pioneering brokerage since 2013 and crypto-native services with the bespoke Vault solution for professional and institutional clients since 2017.

The "Crypto Account" as a base custody offering is included in every Bitcoin Suisse account and covers all supported coins and tokens. It is directly connected to our Trading offering, as well as our Staking services for proof of stake (PoS) blockchains. Assets in the Crypto Account are mostly separated per client (“Separated Custody”). Assets held in Separated Custody may only be transferred to Collective Custody with the implicit or explicit consent of the client or in the context of an instruction from the client, such as executing a trade or facilitating a withdrawal. Assets deposited into a Crypto Account may also be held in Collective Custody. While in Collective Custody, all crypto assets that would be considered public deposits under Swiss banking laws are protected by a default guarantee from a Swiss bank.

The "Vault Account" is an additional service provided by Bitcoin Suisse, leveraging Bitcoin Suisse’s expertise of its technology division comprising software, infrastructure and security specialists focusing on blockchain technology. This institutional-grade custody solution targets institutional and professional clients who expect even higher security and safety guarantees, including but not limited to:

• Assets are held on client-specific blockchain addresses.
• ISAE 3402 type 2 audited, confirming the security of systems and processes.
• Customizable access controls and approval policies for every use case.
• Only clients can initiate and approve transactions, preventing insider fraud.

Staking and on-chain governance options are available on the Vault Account as custom offerings.

The Early Days of custody at Bitcoin Suisse

The beginnings of Bitcoin Suisse as a broker and custodian are rooted in 2013, before any other institutional-grade custody solutions became available. Our first-mover solution already held up to the highest standards to be trusted by the world’s first bank offering of Bitcoin (BTC) and Ethereum (ETH) to private clients in 2017.

Early developments leading to the Vault

The previous bull-run phase starting in 2016 led to the development of a bespoke Vault solution for Bitcoin Suisse clients, the first fully audited and institutional grade Hardware Security Module (HSM)-based custody solution in Europe. As ISAE 3402-auditor, PwC was involved in the project from the beginning in 2017, as well as the technical auditors Zuehlke for source code assessments and Grant Thornton for penetration tests. The Vault platform went live in the first quarter of 2018 and has never been hacked since.

Security in the Vault

The Bitcoin Suisse Vault is built to withstand attacks from inside and outside, and both physical and cybersecurity attacks, including insider threats, armed attacks, hacking or electromagnetic pulse (EMP) shocks. The key principles to achieve this high level of security are:

• Don’t trust, verify. Everything is audited by independent third-party auditors that are leaders in their field.
• Don’t trust others to handle your private keys, period. Private keys are always stored in secure hardware and never visible in clear text.
• Don’t trust a single person. Access to critical functions is strictly compartmentalized (segregation of duties), and information about critical systems and processes is only available to few people (need to know principle).
• Don’t trust only a single site or machine. Private keys and critical Vault functions are spread across multiple high security locations using a heterogeneous solution stack.
• All systems are built by Bitcoin Suisse and located within Switzerland.

While we are not able to share the details of our architecture for confidentiality and security reasons, clients of our Vault service are entitled to be provided with the PwC ISAE 3402 type 2 audit report, equivalent to a SOC 2 report, which gives more details on selected security measures and controls.

Cold, warm, and hot storage

Bitcoin Suisse’s token offering and related services, such as Staking and DeFi Lending, represent the broadest institutional-grade product portfolio in Switzerland and Europe. While most crypto assets are stored in the in-house developed Vault technology solution, Bitcoin Suisse is using a multi-custody approach for storing all client assets in cold storage.

As is typical for the crypto industry, we structure our storage in "cold", "warm", and "hot storage" deployment patterns.

• Bitcoin Suisse Vault is our main cold storage solution, and additional bespoke solutions are engineered as custom solutions for specific client requests. More about the cold storage usage for asset separation follows below.
• Warm storage custody enables faster transactions and more flexible connections to third parties, such as exchanges and OTC partners.
• Hot wallets are used for client withdrawals.

The total amount of crypto assets in warm custody and hot wallets is subject to strict controls, never exceeding defined thresholds in line with the company’s prudent risk management.

Crypto asset separation

Client assets are generally stored on separated addresses in cold storage. Separated Custody provides the best safety for our clients in case of bankruptcy of Bitcoin Suisse, as the assets are already separated and could therefore be handed over to the client in kind in the event of bankruptcy (see also below).

Clients with a Bitcoin Suisse Vault Account have permanently assigned blockchain addresses and are in control of moving their assets to secure cold storage in their Vault Account or to the Crypto Account for trading or other services.

Proof of reserves

Proof of Reserves is provided for Bitcoin Suisse clients with a Vault Account. Our Vault solution supports proof of ownership with message signing out of the box for BTC, ETH and other tokens. This so-called proof-of-keys protocol, where ownership of the private keys can be established without requiring an on-chain transaction, fully preserves on-chain privacy.

Bank guarantee

Some crypto assets may be held in Collective Custody. For operational or technical reasons, Bitcoin Suisse may in the context of an instruction from the client temporarily transfer all or part of the client's Crypto Assets from Separated to Collective Custody. Furthermore, Bitcoin Suisse may hold Crypto Assets in Collective Custody resulting from the execution of an order or any other instruction from the client that leads to a receipt of Crypto Assets for the client, irrespective of whether the Crypto Assets disposed of or held for the client were originally held in Separated or Collective Custody. In such a case, crypto assets that would be considered public deposits under Swiss banking laws are protected by a default guarantee from a Swiss bank.

Bankruptcy protection

Bitcoin Suisse offers the highest possible protection for client assets in the event of a bankruptcy. However, it is important that clients understand what happens with their assets in case of a bankruptcy of their custodian.

Crypto assets in a Vault Account are fully separated on-chain and could therefore be handed over to the client in kind in the event of bankruptcy based on art. 242a para. 2 let. a of the Swiss Act on Debt Enforcement and Bankruptcy (DEBA).

The treatment of assets in a Crypto Account in case of a bankruptcy of Bitcoin Suisse depends on how the assets are held. Clients may download the Guarantee Statement in their Bitcoin Suisse Online account, or request it from their Relationship Manager, to see how their assets are stored:

• Assets held in Separated Custody could also be handed over to the client in kind based on art. 242a para. 2 let. a DEBA. In the event of bankruptcy, the liquidator will coordinate the handover of such assets.
• Assets held in Collective Custody are fully protected by a default guarantee from a Swiss bank, as required by Swiss banking laws. In the event of bankruptcy, clients can use the Payment Request form available in their Bitcoin Suisse Online account to file their claim for payment in Swiss Franc in the amount of the assets covered by the bank guarantee.

---

1 Certain clients and assets are exempted according to art. 5 para. 2 and 3 of the Swiss Banking Ordinance and thus are not entitled to coverage by the bank guarantee. However, this does not affect their crypto assets held in Separated Custody.