Governance challenges for corporate cryptocurrency accounts
- Decisions and responsibilities
When an organization holds and moves crypto assets, the first major obstacle is the governance of the accounts and the crypto assets. In businesses, decisions are not just taken by one person but are often the result of a collective, hierarchical process. How can we reconcile this complex decision-making system with cryptoassets’ inherently decentralized, individual nature?
- Performance requirements: safety and flexibility
In a commercial environment, the security of funds is, on the one hand, crucial to protect the company’s financial assets against theft and fraud. On the other hand, companies need flexibility to react quickly to cashflow requirements and market opportunities to remain efficient. How can we successfully marry these two often contradictory imperatives in the specific context of cryptoassets?
- Regulatory implications
Before we discuss the technical aspects of governance, we must highlight the constantly changing regulatory environment around cryptoassets. Globally operating companies must comply with local as well as international regulations, and non-compliance can lead to heavy sanctions: a fine ranging from 750 to tens of thousands of euros, an 80% additional penalty in case of tax reassessment, and criminal charges if the amount is high and the intention of fraud is proven. These assets must be auditable internally and externally to demonstrate transparency to other institutions.
- Investment in the economy’s future
Companies that bet on the Internet’s future and its implications for the digital and physical world quickly understand that they are investing time and money to venture into blockchain technology. Training teams and finding the right service providers to know how to use cryptocurrencies and other blockchain technologies securely represent a significant commitment in time and money.
Multiple surmountable challenges
While the governance of business cryptocurrency accounts presents challenges ranging from compliance to security, it opens avenues for innovation and preparing for the digital future. Let’s explore some solutions in detail.
The complete guide to solutions
- Trusted people and frameworks
One approach to corporate cryptocurrency account governance is for companies to assign their management to trusted individuals, such as senior executives or IT security managers. Finance teams and CIOs, for example, would be responsible for creating and implementing governance policies and procedures. Holding the keys to an organization’s funds is a heavy responsibility. Digital wallet options are available to protect individual users from potential errors or cyberattacks. Key individuals can also store the private keys to access funds in a hardware or “cold wallet.”
- Managing permissions
Setting up an authorization system that allows multiple decision-makers access to company funds is crucial. The cryptoassets belong to a legal entity. This means that the way they are moved and managed must follow the company’s hierarchical and often interdependent responsibilities. A thorough review of the company’s governance and its assets in general is a prerequisite. Who needs to be able to move which funds, in what cases, how often, and under what authority? Given the specific nature of blockchain’s digital assets, is the governance system in place for traditional funds appropriate? Who technically can carry out the transactions? Of course, the chosen governance system can be modified, but it can become complicated if the organization has not prepared this step well.
- Internal and external audits
I think it’s essential to implement a regular audit process to assess the effectiveness of your existing governance systems. These internal or external audits are designed to ensure that all transactions and asset movements have been properly authorized and that security measures are up-to-date and effective. In any case, having tools and procedures in place is crucial to monitor suspicious transactions and activities.
- Using blockchain technologies
In recent years, blockchain technologies have paved the way for decentralized protocols and applications that now offer access to solutions such as multi-sig wallets. These can transcribe the organization’s agreements and processes and are programmed to require several signatures or conditions to be fulfilled before executing specific actions, such as fund transactions.
- Continuing education and training
Companies’ crypto asset managers must take training courses regularly. This helps them to remain informed of advances in blockchain technology and current security practices and regulations, including innovative contract management and infrastructure security. They should also take care to regularly update cryptoasset infrastructure and software with the latest security measures.
According to a recent study, 74% of cybersecurity incidents generally involved a human action that allowed a malicious actor to intervene. A company venturing into the new world of crypto assets must incorporate cyber-hygiene measures into its corporate culture and internal communications: prevention, phishing tests, internal newsletters detailing essential rules, etc.
- Diversifying storage methods
Another security measure is to diversify how digital assets are stored. For example, the risk can be split between physical (hardware or cold wallets) and digital (cloud, online services—hot wallets) storage solutions. For convenience, some funds can be left easily accessible for frequent transactions, while another portion can be stored more securely.
How the storage methods are diversified depends on the company’s risk management policy and, thus, often on its core business, sector, and involvement in blockchain assets.
- Storing assets with a specialist
Managing crypto assets in-house can prove too complex or risky for some companies. In such instances, individuals and institutions can rely on specialized “custody” services to securely store their digital assets. These companies, registered as Virtual Asset Service Providers (VASPs), also provide a comprehensive range of services, including investment strategy and tax assistance.
This article was generated with the support of AI and reviewed by an editor. For more information, see our T&C.