When the SEC publishes a bulletin telling investors how to think about crypto custody, you expect the usual hand-wringing from the industry. Instead, BitGo CEO Mike Belshe used it as a chance to claim that BitGo crypto custody is the only setup that actually does everything the SEC just described—and then some. In a market still haunted by FTX-style custodial disasters, that is not a small flex. For institutions trying to navigate regulation without giving up control, this kind of hybrid approach sits right at the intersection of risk management and regulatory theater.
The timing is convenient. BitGo has just secured approval to operate as a federally chartered bank for digital assets, giving it the legal scaffolding to pitch itself as the grown-up in a room full of offshore exchanges and barely-audited platforms. If you’ve ever dug into how tokenomics can quietly break a project, you already know that who holds the keys matters as much as who prints the tokens. BitGo’s model leans into that reality: split custody, hard segregation, no rehypothecation, and a structure designed so that one operational failure doesn’t nuke the entire stack.
Under the hood, the idea is simple enough: lock most assets away in regulated cold storage and keep a smaller slice available in self-custody for day-to-day operations. The execution, however, depends on real audits, real insurance, and real legal accountability—things many Web3 players still treat as optional. As we unpack BitGo’s claims, keep in mind the wider context: regulators are tightening the screws, institutions still want exposure, and the industry is being quietly forced to answer a basic question—who can you trust to hold the money?
How BitGo’s Hybrid Custody Model Tries to Outrun SEC Scrutiny
The SEC’s investor bulletin on crypto custody does something rare in crypto regulation: it draws a clean, simple line. On one side, you have self-custody, where you own your private keys and live with the consequences. On the other side, you have third-party custody, where a regulated entity holds assets on your behalf. Most platforms nudge users aggressively toward the second option, while loudly insisting it’s just as safe as the first. Recent history suggests otherwise.
BitGo is trying to have it both ways, but in a more structured form. Instead of forcing institutions to choose between total self-custody or total reliance on a custodian, BitGo’s hybrid model splits the difference. Roughly 90% of client assets sit in BitGo Trust’s cold storage under a fully regulated, audited framework, while about 10% stay in self-custody hot wallets controlled by the client. This isn’t some marketing split; it’s a deliberate risk profile: maximum safety for the bulk, operational liquidity at the surface.
This design directly addresses one of the SEC’s quiet but consistent obsessions: eliminating single points of failure. Traditional exchanges tend to bundle trading, custody, lending, and sometimes market making into one opaque mess. When that entity collapses or turns out to be creatively interpreting the words “customer funds,” everything goes down together. BitGo is effectively betting that regulators are moving toward a world where custody is separated, independently audited, and provably solvent—an evolution you can see echoed in broader DeFi and institutional finance trends.
Self-Custody vs. Qualified Custody: Why Either/Or Isn’t Working
Self-custody is philosophically pure and operationally messy. It’s great until someone mismanages keys, falls for a phishing attack, or discovers that the person in charge of wallets has gone suspiciously quiet. On the flip side, relying purely on a custodian means your entire exposure is tied to that custodian’s competence, honesty, and legal structure. After a string of bankruptcies where users discovered their “custodied” assets were just part of the bankruptcy estate, the market has become very skeptical of any solution that asks for blind trust.
The SEC bulletin reflects this tension. It doesn’t tell investors to avoid crypto outright; it tells them to ask hard questions about how custody is structured, who is legally responsible, and what happens if the custodian fails. That framing is a problem for exchanges that blur the line between platform and custodian, but it is an opportunity for models explicitly built around qualified custody. Institutions that want to survive the next regulatory cycle will have to show they understand the difference between a wallet app and a regulated fiduciary.
BitGo is clearly positioning its crypto custody stack as the answer to that distinction. By combining self-custody tools with a qualified, regulated trust setup, it gives institutions a way to satisfy risk committees and regulators without abandoning operational control. If you’ve looked at how to research crypto projects with real due diligence, you’ll recognize the themes here: segregation of assets, auditability, and legal accountability are no longer “nice to have.” They’re minimum requirements for any institution that doesn’t want to end up explaining themselves in bankruptcy court.
The 90/10 Split: Operational Liquidity Without Full Custodial Risk
At the core of BitGo’s crypto custody model is that 90/10 structure: the majority of assets locked in cold storage under BitGo Trust, and a smaller portion available in self-custody hot wallets. The 90% portion is where the traditional finance crowd gets comfortable—segregated accounts, regular SOC 1 Type 2 and SOC 2 Type 2 audits, insurance coverage reported at around $250 million from Lloyd’s of London syndicates, and a banking charter backing the entire structure. That allows BitGo to pitch itself in the same regulatory language that institutional allocators already speak.
The 10% slice is where crypto’s operational reality kicks in. Institutions need to move funds for trading, settlement, payments, and on-chain interactions without filing tickets every time they want to send a transaction. Self-custody hot wallets provide that flexibility, letting clients run their operations in real time while keeping the bulk of assets ring-fenced from day-to-day risk. If those hot wallet keys are compromised, the damage is capped by design; if the trust structure is ever impacted, the hot wallets remain under client control.
This compartmentalization of risk is exactly what was missing from many failed platforms, where everything from user deposits to operational float and speculative trading capital was effectively one big pool. In that sense, BitGo’s approach looks like a slow migration toward patterns that already exist in traditional markets, where settlement, custody, and trading are handled by distinct, specialized entities. For institutions watching both centralized platforms and experimental Web3 trends heading into 2026, the pitch is straightforward: keep what you need to move, bunker the rest, and prove all of it is properly segregated.
Inside BitGo’s Institutional Crypto Custody Stack
Marketing claims are cheap; custody infrastructure is not. BitGo’s argument rests on the idea that its platform isn’t just another exchange with a slightly more serious compliance deck, but an institutional-grade custody system built with regulatory expectations baked in. That is why its recent move to become a nationally chartered bank for digital assets matters. It shifts BitGo from “crypto-native service provider” to “regulated financial institution that happens to custody crypto.” For regulators and institutional allocators, that framing change is significant.
Under this structure, BitGo Bank & Trust, NA operates as a federally chartered national bank focused specifically on digital asset custody. The bank reportedly supports more than 1,400 coins and tokens, all under segregated accounts rather than omnibus wallets. Assets held there are separated from BitGo’s corporate balance sheet, which helps protect clients if the company itself ever faces insolvency. In other words, this is designed to avoid the exact kind of legal chaos investors experienced when platforms like FTX imploded and customers discovered their claims were unsecured.
Of course, a charter and an insurance policy only go so far. What makes this stack interesting is less the press release language and more the operational commitments: no lending, no rehypothecation, no commingling of client assets. For an industry that has treated customer balances as a cheap source of leverage, that’s a notable departure. It’s also a direct response to the SEC’s repeated warnings that investors should verify whether a custodian is truly holding assets 1:1, or using them as collateral in the background while calling it “yield.”
BitGo Bank & Trust: Segregation, Audits, and Insurance
BitGo Bank & Trust serves as the backbone for its third-party custody. As a nationally chartered bank, it sits under a far more intrusive regulatory microscope than the average offshore entity or “virtual asset service provider.” That oversight is not just cosmetic. It comes with routine SOC 1 Type 2 and SOC 2 Type 2 audits, which test both financial reporting controls and broader security and operational processes. For institutions that need to justify their crypto exposure to boards and regulators, that audit trail is non-negotiable.
Segregated accounts are another foundational element here. Instead of pooling user assets together in a shared wallet structure, BitGo’s qualified custody approach separates holdings by client. That may sound like a technical detail, but it becomes crucial in stressed conditions. In a bankruptcy, segregated assets are much easier to identify and return, whereas commingled pools create a legal and forensic nightmare. The industry has already had several public case studies showing how bad that can get.
Insurance is the final piece in the familiar risk stack. BitGo touts a $250 million policy underwritten by Lloyd’s of London syndicates—a number that sounds impressive until you compare it to total assets under custody, which sits orders of magnitude higher. The point of that insurance isn’t to cover catastrophic, system-wide failure, but to reduce the impact of specific, insured events like theft due to security breaches. Institutions understand this dynamic; it’s less about being made whole and more about demonstrating that risk has been evaluated, priced, and transferred where possible.
No Rehypothecation: Why 1:1 Crypto Custody Matters Now
Rehypothecation—the practice of reusing client assets, often as collateral—is normal in traditional finance and part of how liquidity is created. In crypto, it has been a loaded gun with the safety off. Several high-profile collapses were driven or amplified by platforms quietly leveraging user assets while insisting everything was “backed 1:1.” When the music stopped, users discovered that their deposits were structurally indistinguishable from unsecured loans to a very risky counterparty.
BitGo’s commitment not to lend, rehypothecate, or commingle client funds is designed as an explicit counter to that model. It aligns with the SEC’s push to clarify the difference between “unregulated custody” and properly supervised qualified custodians, and with its warnings that investors should verify how their assets are used behind the scenes. From an institutional risk perspective, a true 1:1 custody standard drastically simplifies the counterparty analysis: you are paying for storage and security, not subsidizing an invisible leverage machine.
That doesn’t mean BitGo’s model is somehow risk-free—it just concentrates risk where it should be: operational security, legal structure, and regulatory stability. But compared to yield-bearing platforms that blur custody and lending, the proposition is cleaner. For allocators already watching how AI and crypto integration is driving more complex automated strategies, the appeal of a boring, verifiable custody layer is growing. Sophisticated automation doesn’t help much if the base layer you’re building on turns out to be insolvent.
One Dashboard, Multiple Custody Models
One subtle but important part of BitGo’s pitch is consolidation: the ability to manage self-custody wallets and third-party custody accounts through a single interface. For retail users, that sounds like a nice-to-have UX feature. For institutions, it’s an operational necessity. Treasury teams, compliance officers, and traders need a unified view of balances, risk, and movement policies across all custody types—not a patchwork of wallets, spreadsheets, and manual reconciliations.
BitGo’s dashboard aims to give clients that consolidated control plane. From a single interface, institutions can set policies for withdrawals, require approvals or co-signatures, and monitor activity across both hot and cold storage. This is where the “hybrid” label turns into something tangible. Instead of custody modes living in separate silos, they are treated as parts of a broader risk strategy that can be tuned and audited.
It’s worth noting that this kind of operational visibility is also where red flags tend to show up—or fail to show up. Platforms that resist giving clients transparent views into how and where assets are held often have a reason for that reluctance. If you have read through any list of common Web3 red flags, lack of clear reporting and opaque custody structures sits near the top. A unified, auditable dashboard doesn’t magically fix risk, but it does remove the convenient excuse of “we didn’t know where the assets were.”
Self-Custody, Multi-Sig, and the Myth of Total Control
The SEC’s bulletin treats self-custody as one of two basic options, but in institutional practice, self-custody is rarely just one wallet with one key. It tends to involve multi-signature setups, hardware devices, policy engines, and access control lists—plus the ever-present human factor. BitGo leans into this complexity with its self-custody offering, bundling multi-signature and MPC (multi-party computation) options designed to keep institutions from shooting themselves in the foot while still letting them hold the keys.
In this model, clients typically hold two keys, and BitGo holds a third for co-signing. That structure allows BitGo to enforce policies—like withdrawal limits, whitelists, or approval workflows—without having unilateral control over the assets. In other words, BitGo can help say “no” but cannot move funds without the client. It’s an attempt to balance autonomy with guardrails, recognizing that institutional self-custody isn’t just about sovereignty; it’s about governance, process, and auditability.
This is also where the crypto narrative around “not your keys, not your coins” meets reality. For institutions, “your keys” usually means a team of people, a set of vendors, and a chain of documented procedures. A pure DIY approach might work for an individual, but at scale it quickly becomes a governance nightmare. Hybrid self-custody tools like BitGo’s are essentially an admission that institutions need help managing keys without surrendering ultimate control.
2-of-3 Multi-Sig and MPC: Technical Control, Human Risk
Multi-signature wallets (2-of-3, in BitGo’s common configuration) and MPC setups are often presented as technical silver bullets for custody risk. They do solve a real problem: eliminating a single private key as a single point of catastrophic failure. Requiring two signatures out of three, or multiple MPC participants to authorize a transaction, dramatically reduces the chance that one compromised device or rogue actor can drain funds. It’s not foolproof, but it is a meaningful structural improvement over basic single-key wallets.
In BitGo’s version of this scheme, the client typically controls two keys while BitGo holds one. The client can still move funds on their own if they hold the required threshold, but BitGo’s key allows for optional co-signing and policy enforcement. This lets institutions build structured approval workflows—think multi-level sign-offs for large withdrawals—without making BitGo a bottleneck for every transaction. The design is meant to keep day-to-day operations fluid while hardening the system against insider abuse or sloppy key management.
However, all of this still hinges on human process. Multi-sig and MPC are only as good as the organizations implementing them. Keys can still be mishandled, policies can be misconfigured, and approvals can become rubber stamps under time pressure. The technology reduces technical failure modes but cannot remove organizational and cultural ones. For teams exploring advanced custody structures as part of a broader risk strategy, this is where the line between engineering problem and governance problem becomes very thin.
Policy Controls Without Surrendering Ownership
One of the more interesting aspects of BitGo’s crypto custody pitch is its focus on policy-based controls rather than raw technical control of keys. In the hybrid model, BitGo’s role in self-custody setups isn’t to own the assets, but to enforce rules about how those assets can move. That can include whitelisting addresses, limiting withdrawal sizes, enforcing time delays, and requiring multiple human approvals for sensitive actions. The platform becomes part security system, part compliance engine.
For institutions, this kind of enforced discipline is not optional. Regulators and auditors increasingly want to see not just that assets are stored securely, but that there are consistent, auditable processes governing access. A setup where one person can move millions with a single hardware wallet is a career-ending risk for anyone responsible for internal controls. Policy engines that sit between intent and execution help close that gap, even if they introduce some additional friction.
The key question, of course, is whether this can be done without effectively recreating the same custodial asymmetry the model is trying to avoid. If BitGo could arbitrarily block transactions, freeze accounts, or unilaterally change rules, then “self-custody” would be more of a branding exercise than a technical reality. The 2-of-3 and MPC designs are meant to prevent that by ensuring BitGo is a co-signer and rule enforcer, not an owner. It’s a fine line—but one that matters if the industry wants to maintain any credibility around autonomy while still satisfying increasingly prescriptive regulators.
Bridging the Gap Between DeFi Ideals and Institutional Constraints
At a high level, BitGo’s model is a compromise between DeFi’s ideology and institutional constraints. DeFi’s promise is self-custody, transparency, and trustless execution; institutions, however, live in a world of regulators, auditors, and risk committees. They cannot simply “ape into” protocols with a Ledger and a seed phrase. Hybrid crypto custody setups acknowledge that reality: they wrap self-custody capabilities in governance, policy enforcement, and reporting layers that make them palatable to traditional finance.
This middle ground is also shaping where institutional capital flows. As new cycles of crypto airdrops in 2026 and beyond try to entice large allocators with token incentives, custody is increasingly the gating factor. Many funds and corporates are technically willing to hold digital assets, but only if they can do so through structures that resemble the ones they already use for traditional securities. That means qualified custodians, clear legal frameworks, and operational setups that can survive both internal audits and external enforcement actions.
For all the rhetoric about decentralization, most institutional activity is going to flow to wherever those boxes can be checked. BitGo’s bet is that crypto custody models which translate DeFi principles into institution-ready infrastructure will capture that flow. Whether that proves true will depend less on branding and more on how well these systems hold up under stress, both market-driven and regulatory.
Answering the SEC’s Custody Checklist
The SEC’s investor bulletin on crypto custody doesn’t just define models; it hands investors a checklist of questions to ask any would-be custodian. Background verification, asset coverage, storage protocols, use of assets, privacy, and fees all make the list. It’s essentially a basic due-diligence template dressed up as investor education. For platforms that prefer vague assurances to concrete answers, this is not great news.
BitGo, for its part, has leaned into that checklist, framing its platform as a direct response to those questions. Its pitch is that institutions can walk through the SEC’s list point by point—who are you, how do you store assets, do you lend them out, how are they insured—and get clear, auditable answers. The combination of a banking charter, audit reports, insurance, and explicit no-rehypothecation policies is designed to handle the fundamentals without relying on trust-me marketing.
In practice, this kind of alignment with regulatory messaging is as much about optics as substance. But optics matter when you are trying to separate yourself from a field full of platforms with murky structures and mixed track records. As scrutiny on custody ramps up, expect more providers to reframe their offerings in terms of how well they answer the SEC’s own questions, rather than how cleverly they can avoid them.
Regulatory Alignment as Competitive Strategy
One of the quieter shifts in the post-FTX environment is the way regulatory alignment has become a competitive edge rather than a reluctant compliance expense. For years, parts of the crypto industry treated regulation as something to be worked around or arbitraged. That playbook is aging poorly. The more institutional the money, the more attractive it becomes to say “we are built exactly the way the SEC says custody should look,” rather than “we are innovating in a gray area, please don’t look too closely.”
BitGo’s crypto custody model is a case study in this strategic pivot. The company has participated in discussions around custody rules, built state and federal trust structures, and leaned heavily into qualified custodianship. That positioning is now being used not just defensively—to survive regulation—but offensively, to capture flow from advisers and funds who are being told explicitly to use qualified custodians. When the SEC essentially describes your business model in its own bulletins, that’s good positioning.
Of course, this doesn’t make BitGo uniquely virtuous; it makes it strategically adaptive. As regulation around crypto custody tightens, the field of compliant providers will likely shrink. That concentration benefits players who moved early to align with the rules, and squeezes those who built businesses around lighter-touch jurisdictions or unregulated “custody-as-a-feature” platforms. Alignment isn’t just about avoiding enforcement; it’s about being one of the few options left when everyone else is regulated out of the institutional conversation.
From Retail Bulletins to Institutional Playbooks
Although the SEC’s custody bulletin is framed for retail investors, the underlying logic is directly relevant to institutions. The questions about background, storage, asset usage, and fees scale up neatly from a retail wallet app to an institutional custodian handling billions. If anything, the institutional version of that checklist is even more demanding: add in things like capital adequacy, disaster recovery, jurisdictional risk, and cross-border compliance.
BitGo’s response to the bulletin can be read as a signal to that audience. By publicly claiming to cover every option and question the SEC outlines, it is essentially telling institutional allocators: “You can point your risk committee at this document, and we will map cleanly to it.” For fiduciaries who are already under pressure to justify any crypto exposure, having a custodian that fits neatly into the SEC’s own framing is a non-trivial advantage.
This also hints at where the industry is heading. As custody standards harden, retail-facing guidance and institutional playbooks will start to overlap more. The same fundamental questions—who holds the keys, what happens in bankruptcy, can assets be lent out—will increasingly define what is considered acceptable across the board. Crypto custody providers that can’t give straight answers are going to find fewer willing listeners.
The New Baseline: Compliance, Control, Insurance
If you strip away the marketing prose, BitGo’s model boils down to a simple triad: compliance, control, and insurance. Compliance is about charters, audits, and segregation; control is about self-custody keys, policy engines, and operational flexibility; insurance is about partially offsetting catastrophic risk events. None of these alone is new, but packaging them into a single, auditable platform is becoming the new baseline for serious institutional custody.
This shift mirrors broader patterns in how institutions approach crypto exposure. Whether they’re participating in token launches, structured products, or even opportunistically farming legit crypto airdrops, the first gating question is increasingly: how and where will the assets be custodied? The days when a fund could shrug and say “the exchange holds it” are rapidly fading under regulatory pressure and hard lessons from insolvencies.
BitGo’s assertion that it “outsmarts” the SEC’s custody rules is more marketing than literal truth, but the direction is clear. The custody game is no longer about who can store coins the cheapest; it’s about who can sit closest to the regulatory center of gravity while still giving clients enough control to operate. That tension will define the winners and losers in the next phase of institutional crypto infrastructure.
What’s Next
BitGo’s hybrid crypto custody model doesn’t magically resolve the fundamental contradictions in this space, but it does point toward the kind of structures regulators are likely to tolerate—and institutions are likely to demand. Splitting assets between qualified cold storage and controlled self-custody, enforcing strict 1:1 standards, and wrapping everything in audits and insurance is less an innovation than a translation of traditional finance norms into a crypto-native context. It may not excite the decentralization purists, but it’s exactly the sort of architecture large allocators have been waiting for.
As scrutiny increases and more rules harden into formal requirements, models that treat custody as a regulated, specialized function will probably become the default for serious capital. That doesn’t kill the more experimental edges of Web3, but it does fence off the parts institutions are willing to touch. In that fenced-off zone, BitGo and similar players will compete not just on technology, but on how convincingly they can prove that when things go wrong, client assets stay exactly where they are supposed to be.
For anyone tracking the evolution of institutional crypto, BitGo’s positioning is a useful signal. Custody is no longer the boring back-office detail everyone ignores until something breaks; it is becoming the strategic front line in the battle over who controls, secures, and ultimately legitimizes digital assets at scale. Whether BitGo’s version of crypto custody becomes the blueprint or just one influential prototype, it’s clear that the era of vague custodial promises is ending.
