Financial institutions have spent years focusing on the “custody risk” - safeguarding the keys to their digital assets. But as institutional workflows transition to automated execution across hundreds of processes, vendors and trading/liquidity venues, the “execution risk” has become a much more pressing danger - and with it, the question: “Who really controls the funds”?
Today’s crypto trading infrastructure runs through a web of Services, APIs, third-party data providers and wallet/custody providers that sit directly in the execution path of transactions. Many institutions operate under hybrid custody models where they technically hold their own keys, but rely on third-party providers to enforce policies, coordinate signing workflows and broadcast transactions to the network. This makes it easy to automate trading across venues and systems, but it also means transaction execution ultimately depends on an infrastructure the institution does not control. Institutions may hold the keys, yet the real authority to enforce policies and execute transactions often resides within third-party platforms and APIs.
This dependency has quietly shifted control away from institutions. We saw this with Bybit, which lost a staggering $1.5 billion after being hacked by the North Korean hacking group Lazarus. That hack went down because Bybit was relying on a third-party multi-sig platform to secure its funds. The hackers didn’t even touch Bybit – they got in via a third-party service they were using to bypass the exchange’s defenses and ultimately gain control of the funds. Bybit owned the keys, but that wasn’t enough.
The incident highlights the stark reality that institutions cannot properly secure the keys to their crypto when they rely on third parties to manage the execution.
The illusion of ownership
Many institutions assume that holding their own keys means they control their assets. In practice, that control is often more limited than it appears.
Outsourcing critical infrastructure is a bit like renting a house. As a renter, you’re reliant on the landlord to make repairs, you cannot make structural changes, and you’re required to follow the landlord’s rules. Similarly, institutions that rely on third-party SaaS wallet/custody providers also lack control. They have no say over the security measurements of their provider, downtime, latency or scale. Not to mention product features and asset support.
That arrangement has clear security implications. Institutions ultimately bear the financial risk, and thus allocate significant resources to infra security, yet the systems mediating transaction execution run inside environments they cannot fully audit or verify. If those systems are compromised, whether through infrastructure vulnerabilities, social engineering or credential exposure, control over transaction execution can be lost even if the private keys themselves remain secure.
There are also operational consequences. Crypto markets move at machine speed, where milliseconds affect liquidity access and pricing. When execution infrastructure sits inside third-party platforms, latency, downtime and operational dependencies become variables institutions cannot directly control.
Finally, reliance on third-party execution infrastructure also shapes how institutions evolve. When institutions rent instead of own, they lose the ability to customize, audit and adapt their operations. Infrastructure providers control the APIs, dictate what features are supported and decide the cadence of security updates. If an institution requires support for a new blockchain or needs a specific security measure implemented, its ability to do this is at the mercy of the vendors it relies on. Wallet providers and SaaS companies will only implement features their software supports, limiting what institutions can do in terms of synergy with other services and the security measures they take.
Additionally there is a price to pay in terms of performance, too. If a company is using a service that’s geographically distant, it can create unacceptable latency that degrades the user experience in an industry where every split-second counts.
These operational risks aren’t the only danger. Consider the competitive threat. The nature of the crypto industry makes it relatively simple for businesses to pivot fast, and today’s supplier might become tomorrow’s competitor. For example, a stablecoin platform could launch its own stablecoin, leveraging its own infrastructure. Because it controls the foundational plumbing, there’s nothing to stop it from sabotaging rival stablecoins or just over-promoting one over the others. It’s another compelling reason for institutions to take back control of their infrastructure.
If you can’t own it - control it
Recognizing the need for control is easy, but establishing it is an entirely different kettle of fish.
Sometimes we need SaaS, it provides undeniable advantages, enabling the rapid deployment of new products and the ability to scale at the click of a button. But this speed comes at the cost of security, control, performance and long-term competitive edge. That’s why institutions need to carefully weigh up the benefits of operational convenience and speed against the advantages of owning the underlying infrastructure. Each institution’s specific business goals will dictate where the line is drawn. In some scenarios, organizations may need to prioritize rapid delivery. But many times, they’d do well to consider the trade-off that comes with outsourcing or self-managing key infrastructure.
Institutions may struggle to own the entire physical infrastructure they depend on, but when it comes to control of the keys to their destiny, there can be no compromise.
