Navigating the Next Wave of Crypto Institutionalization: A Due Diligence Primer

As FTX showed, operators in digital asset markets need to improve corporate governance standards. Here are the key components as the industry readies for another possible bull run.

AccessTimeIconNov 15, 2023 at 4:45 p.m. UTC
Updated Mar 9, 2024 at 1:59 a.m. UTC

Leading financial services institutions in the US are keenly awaiting the SEC's decision on their Bitcoin ETF applications, with critical deadlines from January to May 2024. The anticipated approval of these ETFs, already influencing Bitcoin’s price with a 26% surge in the last three months, marks a pivotal moment in market evolution.

Source: Coindesk - Nov 13, 2023
Source: Coindesk - Nov 13, 2023

The crypto sector is drawing attention due to factors like the upcoming Bitcoin halving (which is due to fall in April 2024), its status as an uncorrelated asset class, the “digital gold” narrative and prevailing macroeconomic conditions.

Bull runs in crypto markets have historically attracted significant interest from institutional investors and financial service providers that work with Virtual Asset Service Providers (VASPs) to offer trading, custody, and structured products, enabling an expansion beyond bitcoin into areas like tokenization, stablecoins, staking and private equity.

You’re reading Crypto Long & Short, our weekly newsletter featuring insights, news and analysis for the professional investor. Sign up here to get it in your inbox every Wednesday.

The entry or re-emergence of institutions in this space highlights the need for robust due diligence. A lack of understanding about the unique risks associated with digital assets and their management became evident following the collapse of FTX and findings from the recent trial.

A comprehensive due diligence framework that captures the unique risks in digital asset space is essential in guiding institutions through this complex landscape. It should include:

  1. Governance & Operational Resilience: This involves risk management frameworks and control functions to address board effectiveness, roles, responsibilities, and leadership accountability. Operational resilience covers business continuity, disaster recovery, third-party oversight, and segregation of duties. It also includes understanding the governance and decentralization of Layer 1 and Layer 2 blockchains, where applicable.
  2. Regulatory Compliance: VASPs should implement robust processes for evolving regulations, encompassing KYC/AML controls and crypto intelligence tools, trust structures, client asset segregation, data protection, conflict of interest and ethics.
  3. Digital Asset Operations: Prioritizing the secure custody of digital assets is crucial. Technology controls should cover key lifecycle management, stablecoin management, staking activities, account management, transaction handling, change management, and an understanding of tokenomics and blockchain technology. Contrary to popular belief, reviewing a SOC report may not be sufficient to address the risks in these business operations.
  4. Financial Analysis & Reporting: VASPs should focus on financial metrics beyond traditional assessments, including on-chain reviews for insights into management and transactions, initial distributions, key personnel holdings, and related party transactions. Understanding reserve asset management, customer liabilities, balance sheets, and digital asset encumbrances is vital. Additionally, evaluating accounting treatments and counterparty risks provides a comprehensive view of financial health and exposure. While proof of reserve is gaining momentum, there are currently no standards from professional accounting bodies to ensure its sufficiency.
  5. Financial Risk Management: Strategies for liquidity risk management, funding strategy assessment, digital asset liquidity and quality, and supporting systems are necessary. VASPs should also have mitigants for financial risk metrics, stress testing for liquidity events, capital management processes, and frameworks for credit, interest rate, and currency exchange risk. The presence of an internal audit department is a positive indicator.

Each category in this framework demands thorough exploration to uphold higher standards in managing risks effectively, fostering a more matured and secure crypto industry.

As the crypto market continues to evolve and intersect with traditional financial systems, the importance of these due diligence practices cannot be overstated. They are not just compliance checkboxes but vital tools to safeguard the integrity of the financial market and protect investor interests.

It's imperative for institutions to move beyond mere participation in the crypto space to becoming informed, responsible actors. This responsible approach is crucial for ensuring that the crypto market's potential is fully realized, paving the way for its sustainable growth and integration into the broader financial landscape.

All views are personal.

Edited by Ben Schiller.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Kunal Bhasin

Kunal Bhasin is a Partner and Co-Leader for KPMG Canada’s Crypto-assets and Blockchain practice.