Opinion by Kevin Loaec, CEO of Wizardsardine
For years, institutional asset managers followed a straightforward playbook: pick a large regulated custodian, hand off responsibility, and assume scale, compliance and insurance mean safety. That approach makes sense in traditional finance, where transactions can be reversed, central banks provide backstops and regulators step in. Bitcoin upends those assumptions.
Bitcoin is not an account-based asset. It is a bearer instrument governed by cryptographic keys. Every onchain transfer is final; no bank, regulator or vendor can reverse, freeze or restore funds once a transaction occurs. Yet many institutions treat Bitcoin like any other asset and pay custodians for the comfort of perceived protections. That creates a subtle but dangerous contradiction: paying for safety while accepting concentrated counterparty risk that Bitcoin was explicitly designed to remove.
Outsourcing control concentrates risk. Custodial models rely on delegation: pooled holdings, shared or abstracted keys and offchain governance enforced by contracts and corporate processes. That externalizes responsibility and makes insurance look like the safety net. But on Bitcoin, delegation is brittle. If keys are lost, stolen or abused, nothing external can undo the damage. Insurance, where it exists, is often limited, conditional and slow to respond.
Centralized custody becomes a honeypot for failure—through hacks, insider mistakes, legal actions or operational breakdowns. When a single custodian holds many clients’ assets, a single systemic failure exposes numerous parties and makes recovery complex, uneven and protracted. Past collapses demonstrate that centralizing custody tends to amplify rather than mitigate risk.
The real problem is organizational, not just technical. Institutions rely on accounts, permissions and workflows because those tools work when intermediaries actually control assets. In Bitcoin, governance that lives offchain is at best advisory. If you don’t hold the keys, you don’t hold the asset. Structures where a single person or opaque process can move funds are fundamentally indefensible and draw appropriate regulatory scrutiny.
Bitcoin’s advantage is that governance can be baked into the asset itself. Spending rules, multisignature thresholds, time delays and recovery mechanisms can be encoded in wallets and enforced by the protocol. Control becomes structural and deterministic—applied by the network rather than a vendor’s back office or support team. That alters custody from a promise to a property-level guarantee.
Policy-driven custody changes the risk calculus. Modern Bitcoin scripts and wallet technologies let institutions require multiple approvers, enforce configurable delays, define clear recovery paths for lost keys, and separate everyday operations from emergency controls. These constraints are enforced onchain every time funds move, reducing dependence on a custodian’s behavior under stress. Instead of treating insurance as the primary remedy, institutions can design systems to materially lower the odds of catastrophic loss.
The insurance narrative deserves healthy skepticism. Custodial insurance is often promoted as a silver bullet, but policies come with caps, exclusions and long claims processes. Large custodians insure pooled liabilities, and coverage rarely scales directly with individual holdings. In broad systemic events, insurance may only cover a portion of losses and will not necessarily restore clients to whole. Conversely, individually controlled, policy-driven wallets are easier to underwrite: controls are visible, failure cases are bounded and risk is compartmentalized. Insurance is most effective as a complement to robust controls, not a replacement for them.
Vendor dependence also creates operational sovereignty issues. Custodial outages, policy changes or regulatory interventions can render funds inaccessible at crucial moments. Exiting a custodian relationship is often slow, expensive and legally complex, especially across borders. We have seen withdrawal freezes and access limits when timing mattered most.
Open-source, onchain custody systems change that dynamic. If the software provider stops operating, the institution still controls the keys and the rules live onchain. Interfaces and service providers can change without losing access to the asset. This isn’t an indictment of service providers; it’s an argument for removing them from the critical path of control.
Bitcoin uniquely lets institutions hold high-value assets with transparent, enforceable rules that don’t depend on any single counterparty. Yet many organizations cling to familiar assurances—login screens, big brand names, insurance policies—that feel comfortable but are misleading. That comfort has real costs.
Institutions should stop paying for the illusion of traditional safety while accepting concentrated counterparty risk. Bitcoin enables governance, recoverability and control to be engineered into how assets are held. The technology and practices exist; the remaining barrier is the willingness to abandon custody models designed for a different financial system.