MiCA Custody Requirements for CASPs: Segregation, Cold Storage, and Compliance

The collapse of FTX in November 2022 — destroying approximately $8 billion in client funds that had been commingled with exchange proprietary assets and lent to affiliated entities — demonstrated in stark terms what happens when crypto custody operates without regulatory discipline. MiCA’s custody framework, codified in Articles 70 through 76, is the EU legislative response. It imposes substantive safeguarding obligations that any CASP holding client crypto-assets must operationalize.

Scope of MiCA’s Custody Obligations

MiCA’s custody requirements apply to any CASP providing the service of “custody and administration of crypto-assets on behalf of clients.” This service is defined in Article 3(1)(17) as the safekeeping or controlling, on behalf of clients, of crypto-assets or the means of access to such crypto-assets where applicable — including private keys.

The custody obligations do not apply uniformly to all CASPs. A CASP providing only crypto-asset advice or reception and transmission of orders does not hold client assets and is not subject to the safeguarding requirements of Articles 70-76. A CASP providing custody services — whether as a standalone service or as an ancillary component of exchange or portfolio management services — is subject to these requirements in full.

The key distinction is whether the CASP has access to client private keys. If a CASP controls the private keys to wallets holding client crypto-assets, it is providing custody services regardless of how that arrangement is commercially described.

Core Safeguarding Requirements (Articles 70-71)

Asset Segregation

CASPs providing custody services must, at all times, segregate client crypto-assets from their own assets. This obligation has two dimensions:

On-chain segregation: Client crypto-assets must be held in wallets that are clearly distinguished from wallets holding the CASP’s own proprietary crypto-assets. The use of omnibus wallets — where multiple clients’ assets are pooled together — is permitted, but the pooled wallet must be clearly identified as a client asset pool, separate from any CASP proprietary wallet.

Balance segregation: The CASP must maintain internal records that identify each client’s entitlement within any omnibus wallet or pool with precision. A client’s claim is to a defined quantity of a specific crypto-asset, not merely a proportional interest in a pool.

The segregation requirement prohibits CASPs from using client assets to back their own operations, fund their own trading activities, or satisfy their own creditors. This prohibition is absolute — client consent does not override it for custody service providers (unlike MiFID II’s provisions on stock lending).

Prohibition on Rehypothecation

MiCA Article 72 prohibits CASPs from using client crypto-assets on their own account or on the account of another client without prior express consent, and even then, only subject to conditions that protect client interests. In practice, the conditions established by ESMA’s RTS render rehypothecation of client crypto-assets by CASPs essentially impermissible in standard custody arrangements.

This is a significant departure from traditional securities finance practice and from the pre-MiCA crypto industry norm, where exchange platforms routinely lent client assets to generate yield.

Reconciliation Obligations (Article 73)

CASPs providing custody services must maintain and implement procedures to ensure the safeguarding of client crypto-assets, including:

Daily reconciliation: The CASP must perform a daily reconciliation between its internal records of client crypto-asset balances and the on-chain positions held in custody wallets. Discrepancies must be identified and resolved promptly.

On-chain verification: For assets held on public blockchains, reconciliation must verify actual on-chain balances against internal ledger records. This is a more direct and verifiable obligation than comparable requirements in traditional securities custody.

Notification of discrepancies: Material discrepancies between internal records and actual holdings must be notified to the relevant NCA and, where relevant, to affected clients.

ESMA’s RTS on safeguarding client assets (published December 2024) specifies the technical parameters for reconciliation procedures, including the required frequency, the data elements to be captured, and the escalation procedures for unresolved discrepancies.

Cold Storage and Operational Security (Article 74)

MiCA does not mandate a specific ratio of cold-to-hot wallet storage, but it requires CASPs to implement policies and procedures for safeguarding private keys that reflect the risk profile of their operations. In practice, ESMA’s technical standards and NCA supervisory expectations establish an implicit requirement for significant cold storage.

Key operational requirements include:

Private key management: CASPs must establish and implement procedures for the secure generation, storage, backup, and destruction of private keys. These procedures must be documented and periodically tested.

Multi-signature requirements: While MiCA does not mandate multi-signature arrangements, ESMA’s guidance strongly implies that single-key custody of material client assets is inconsistent with the prudential safeguarding requirements.

Geographic distribution: Key material should be distributed across physically separate locations to prevent single-point-of-failure scenarios.

Insider threat controls: Procedures must prevent unauthorized access by CASP personnel, including technical controls (access segregation, hardware security modules) and procedural controls (dual-person authorization for key operations).

Business continuity: CASPs must maintain key recovery procedures and business continuity plans that ensure client assets remain accessible even in the event of the CASP’s insolvency or operational failure.

Client Asset Protection in Insolvency

MiCA Article 75 establishes that client crypto-assets held by a CASP do not form part of the CASP’s estate in insolvency. This is a property law protection — clients have a direct property right to their segregated assets, not merely an unsecured creditor claim against the CASP.

This protection is operative only where the CASP has actually maintained effective segregation. If a CASP has commingled client assets with proprietary assets in violation of Article 70-71, the insolvency protection is lost, and clients become unsecured creditors — as FTX clients discovered to their detriment.

Sub-Custody Arrangements

MiCA permits CASPs to delegate custody functions to third-party sub-custodians, subject to conditions:

• The CASP remains responsible to the client for the acts and omissions of the sub-custodian as if they were its own
• The sub-custodian must be authorized to provide custody services (either as a CASP, a credit institution, or another regulated entity)
• The sub-custody arrangement must be documented in a written agreement
• The CASP must carry out due diligence on sub-custodians and monitor their performance on an ongoing basis

Third-country sub-custodians are permitted only where the third-country jurisdiction provides prudential safeguarding requirements equivalent to those under MiCA. The CASP bears the burden of establishing equivalence.

Exhibit: MiCA Custody Compliance Checklist

For the broader custody regulation landscape across jurisdictions, see digital asset custody regulation globally. For the full MiCA compliance framework, see the MiCA overview.

Regulatory reference: EUR-Lex — Regulation (EU) 2023/1114, Articles 70-76 | ESMA MiCA technical standards