Skip To Content
Menu

Industry Insights

What does secure treasury management look like for crypto?

5 min. read

For a wide variety of businesses – from up-and-coming web3 projects to traditional financial institutions – it’s highly important to develop a secure strategy for crypto treasury management. We’ve seen what happens when secure treasury management isn’t in place in our industry; a simple human error recently resulted in a transfer of $36 million in treasury assets immutably lost for one crypto team.

It’s clear that no matter what you’re doing with crypto, you need a secure, policy-driven, efficient, and yield-optimized strategy to ensure your team and users can get the most out of your product.

From what we’ve seen in 4 years of helping teams secure and streamline their digital assets holdings, these are the top pillars of a secure treasury management strategy for crypto:

Strong operational security

Operational security is the foundation for secure crypto treasury management. When your treasury is the lifeblood of your business – e.g., if it represents equity for shareholders, or rewards for gaming achievements – you need to be sure it’s not going to be lost or stolen at any point.

Secure treasury management requires robust governance controls, as you want to be able to set policies that mitigate the threat of internal and external attackers. Your organization should be able to rely on customized, highly specified policies and approvals for every transaction; in crypto, transactions are irreversible and final, so guaranteeing the safety and accuracy of credentials and authentication is critical. 

It’s also important to add a layer of operational security for your organization’s private keys, which serve as the gateway to accessing the digital assets. The secure distribution of private key shares across multiple devices can prevent certain risks associated with centralized key management. If you’re using the right cryptographic tools – such as MPC – you can utilize a quorum of configurable approvers to prevent a rogue insider from transferring funds to a personal wallet.

Move at the speed of the market

As crypto markets are constantly evolving, it’s important to have the flexibility to change your company’s crypto treasury management strategy based on market events and shifting customer demand.

As your organization may not be planning to move treasury funds often, you might secure the majority of funds in cold storage. But, if you are using a 3rd party provider for cold storage this can often result in an inability to access funds due to limited operating hours, withdrawal times or security policies. It is important to understand the operational considerations of each storage type and custody model.

Is your crypto operations team is setup for success? Download the Crypto Operations Checklist

Your strategy may expand to include yield generation using DeFi protocols, or begin using stablecoins for incoming and outgoing payments. If you’re using the right storage and transfer solution, it won’t be difficult to earn yield using your treasury holdings. 

In addition, evolving regulations, territory-based laws, or new company risk policies could require rebalancing assets across accounts or storage types. So, it’s critical that your provider can provide the flexibility to future proof your treasury management.

A crypto self-custody solution (including access to hot, warm, and cold setups) allows for easier, more reliable access to funds than sub-custodians can generally provide. Executing quickly isn’t possible if it takes a significant amount of time to move crypto in and out of a sub-custodian’s storage mechanism – and in light of volatile market conditions, waiting times could be days or weeks. 

Safe and efficient transfers

Sending and receiving crypto transactions requires inputting a long sequence of letters and numbers. Due to this, it’s become common practice to send a test transfer containing a small amount of assets to confirm the address, but this adds cost and time – and isn’t foolproof.

Crypto transfers are a common point of attack. Here are three of the top attack vectors:

  • Browser attack – malicious browser extension
  • Host computer attack – malware when sending from hardware wallet
  • Wallet interface – malware changes address when pasted

To ensure the highest security, the signing device should operate in a trusted execution environment where the private keys are not revealed even if the host device is compromised. Outside of malicious intent, it’s also easy to simply input the wrong deposit address by accident. All transactions on the blockchain are also transparent, so it’s best to rotate deposit addresses every transfer to preserve anonymity.

It is essential to find a solution that can automate the functions around transfers and deposits to protect funds when in transit and retain privacy. This ensures that your organization’s crypto is always going to the right place when you have to move it – while retaining a high level of efficiency and anonymity.

Fireblocks crypto treasury management services

Fireblocks provides powerful treasury management services to all kinds of financial institutions. With Fireblocks’ self-custody wallet technology and secure transfer network, organizations take control of their digital assets throughout the entire lifecycle. If you’re interested in learning more about how Fireblocks can help your team improve treasury management, reach out to Fireblocks Advisory Services.

About Us

Fireblocks is an easy-to-use platform to create new blockchain based products, and manage day-to-day digital asset operations. Exchanges, banks, PSPs, lending desks, custodians, trading desks, and hedge funds can securely scale their digital asset operations through the Fireblocks Network and MPC-based Wallet Infrastructure. Fireblocks serves thousands of organizations in the financial, payments, and web3 space, has secured the transfer of over $6 trillion in digital assets and has a unique insurance policy that covers assets in storage & transit. Find out why CISOs and Ops Teams love Fireblocks at www.Fireblocks.com.

Ready for a deeper dive?

Get a Fireblocks Platform Demo

Find out how Fireblocks helps your digital asset business to grow fast and stay secure.

g2 & 4.5/5 stars