January 11, 2021 By Isaac Fain 3 min read

On hearing “digital asset infrastructure” most people immediately think of securing and managing cryptographic keys.

While security is certainly a core part of digital asset management, there’s more to it than that.

At Custody Digital Group, we believe that it’s time to move beyond thinking about the possibilities and focus, instead, on the practicalities. Specifically, how to make participation in the digital asset economy profitable, convenient, and compliant for real organizations.

Working with IBM, we’ve created a digital asset platform grounded in a higher-quality experience for the customer and sophisticated governance and control functions at its center. There are also no compromises on security. Together, we are opening up the world of digital assets to even the most regulated institutions.

From concept to reality

Traditional financial institutions are accustomed to the custody of financial assets — they’ve developed mature processes and controls to safeguard and administer these assets. When it comes to their digital equivalents, however, a one-to-one mapping of these processes and controls isn’t possible.

As a result, organizations plotting their entry into the digital asset economy are left asking questions:

  • How do I incorporate them into my balance sheet?
  • What does it mean if my corporate treasury is now partly based on cryptocurrencies?
  • How do I create value from investing in these tokens?

Plus, crucially, “How can I do all these things while remaining compliant with financial regulations?” These questions will only become harder to answer as digital assets diversify, expanding beyond cryptocurrencies as tokenization takes hold.

Moreover, it is essential that financial institutions put safeguards in place to protect against human error, misuse, or lack of oversight. A single mistake could result in the loss of a digital asset, with no easy way to retrieve it.

Many digital asset custody startups are focusing all their attention on cryptographic key security. We wanted to go one step further and provide a digital asset platform that address the gap in the market for comprehensive infrastructure. A platform that offers the front-, middle-, and back-office functionality that makes digital asset management a realistic prospect for mainstream enterprise, financial institutions, and crypto-native industry participants.

Teaming up with IBM

To enable the highest levels of security for Sentry, our digital asset platform, we chose to work with IBM. We opted for Confidential Computing from IBM, underpinned by IBM Cloud Hyper Protect Virtual Servers combined with Hyper Protect Crypto Services, built on FIPS 140–2 Level 4 Hardware Security Modules (HSMs) hosted on IBM LinuxONE servers. Simply put, no other hardware-based cryptography could compete with IBM.

On top of IBM LinuxONE is our proprietary zero-trust network security for microservices and a chain-agnostic security model. The geographically distributed IBM Cloud data centers help to infuse resilience into our platform. The environment offers extremely low latency, supporting sub-50 millisecond transactions for trading and non-trading use cases.

As a startup in a fringe technology sector, we weren’t prepared for the time and attention we received from the IBM team. Compared to other big vendors, their support has been unparalleled. For example, a master architect spent hours explaining the value of the IBM offering to us. Choosing IBM Cloud Hyper Protect Virtual Servers is helping us to achieve short time-to-market and end-to-end product maturity in record time.

Low-risk, high-control

Our custodial platform, Sentry, enables unprecedented control and visibility of digital assets. Using IBM Cloud Hyper Protect DBaaS for PostgreSQL, we’re providing a crypto-asset accounting solution that satisfies granular reporting requirements. For digital asset users with multi-asset exposure, this offers the enhanced level of risk management missing from existing platforms.

Via API, we deliver advanced portfolio management. Our middle-office account management system allows clients to set policies and controls on their assets. They can utilize time locks, per-asset controls, multi-tier accounts, and more to manage complex portfolio requirements and governance structures.​ The immutable audit trail and integrated policy management means that our customers aren’t just protected from external threats, but can closely track the flow of assets within their organization.

We’re now developing a new algorithm called “Confidential Key Construction” (CKC) that’s heavily reliant on the unique capabilities of the IBM platform. The algorithm will offer a superior alternative to multi-party computation (MPC), preserving non-repudiation and embedding governance and controls into all key shares so that they can be rotated or deactivated if required. This will allow us to serve the most heavily regulated markets.

Every step of the way IBM is providing the support to help us address complex risk and governance challenges, which will allow for widespread adoption of digital assets across the financial sector.

To learn more about how Custody Digital Group and IBM are working together, watch the webcast.

Was this article helpful?

More from Cloud

Enhance your data security posture with a no-code approach to application-level encryption

4 min read - Data is the lifeblood of every organization. As your organization’s data footprint expands across the clouds and between your own business lines to drive value, it is essential to secure data at all stages of the cloud adoption and throughout the data lifecycle. While there are different mechanisms available to encrypt data throughout its lifecycle (in transit, at rest and in use), application-level encryption (ALE) provides an additional layer of protection by encrypting data at its source. ALE can enhance…

Attention new clients: exciting financial incentives for VMware Cloud Foundation on IBM Cloud

4 min read - New client specials: Get up to 50% off when you commit to a 1- or 3-year term contract on new VCF-as-a-Service offerings, plus an additional value of up to USD 200K in credits through 30 June 2025 when you migrate your VMware workloads to IBM Cloud®.1 Low starting prices: On-demand VCF-as-a-Service deployments begin under USD 200 per month.2 The IBM Cloud benefit: See the potential for a 201%3 return on investment (ROI) over 3 years with reduced downtime, cost and…

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters