The U.S. SEC Teaches You How to Custody Crypto Assets Step by Step

marsbitPublished on 2025-12-16Last updated on 2025-12-16

Abstract

The U.S. SEC published an investor bulletin on December 12 to educate retail investors on crypto asset custody. The bulletin explains that crypto custody refers to how and where crypto assets are stored, typically through a crypto wallet that holds private and public keys rather than the assets themselves. Wallets are categorized as either "hot" (internet-connected, convenient but more vulnerable) or "cold" (offline, more secure but less convenient). Investors must also choose between self-custody (full control and responsibility over private keys) and third-party custody (using a service like an exchange, which manages keys but introduces counterparty risk). The SEC provides key questions for both options. For self-custody, these include assessing technical ability, desired control level, wallet type, and costs. For third-party custody, investors are urged to research the provider's background, regulatory status, insurance policies, security measures, asset storage methods, use of client assets (e.g., rehypothecation), privacy practices, and fee structure. General protection tips include never sharing private keys or seed phrases, safeguarding privacy, being wary of phishing scams, and using strong passwords with multi-factor authentication.

Note: On December 12, the U.S. SEC officially published an article to educate retail investors on the basics of crypto asset custody, helping them decide the best way to hold crypto assets.

Compiled by Golden Finance:

The U.S. SEC's Office of Investor Education and Advocacy issued this Investor Bulletin to help retail investors understand the ways to hold crypto assets. This bulletin outlines the types of crypto asset custody and provides some tips and questions to help you decide the best way to hold your crypto assets.

I. What is Crypto Asset Custody?

Crypto asset "custody" refers to how and where you store and access your crypto assets. You typically access crypto assets through a device or computer program called a crypto wallet. Crypto wallets themselves do not store crypto assets; instead, they store the "private keys" or passwords to your crypto assets.

Crypto Assets. Crypto assets are assets that are generated, issued, and/or transferred using a blockchain or similar distributed ledger technology network, including assets referred to as "tokens," "digital assets," "virtual currency," and "cryptocurrency." Investors should understand that the characteristics and design of crypto assets, as well as the distributed ledger or blockchain technology used for issuance and/or transfer, can vary significantly. In other words, different crypto assets may present different benefits or risks.

When you create a crypto wallet, the following two keys or passwords are generated:

  1. Private Key. A private key is a randomly generated alphanumeric password used to authorize transactions of crypto assets. A private key is like the password to your crypto wallet. Once created, a private key cannot be changed or replaced. If you lose your private key, you will permanently lose access to the crypto assets in that wallet.

  2. Public Key. A public key is another code used to verify transactions and allow others to send crypto assets to your crypto wallet. A public key cannot access the private key in the wallet and cannot be used to authorize transactions. A public key is like the email address for your crypto wallet.

These keys together prove your ownership of the crypto assets and grant you the right to send, receive, or use the crypto assets.

II. Hot Wallets vs. Cold Wallets

There are many types of cryptocurrency wallets, and retail investors hold them in various ways. Cryptocurrency wallets are mainly divided into two major categories: "hot wallets" and "cold wallets." A hot wallet is a cryptocurrency wallet connected to the internet, which can be a desktop application, mobile application, or web application. Hot wallets provide convenient access to crypto assets for transactions but also expose your crypto assets to cyber threats.

A cold wallet usually refers to a physical device not connected to the internet, such as a USB drive, external hard drive, or even a piece of paper. For crypto asset transactions, cold wallets are generally less convenient than hot wallets. However, because cold wallets are not connected to the internet, they are generally more resistant to cyber threats than hot wallets. Nevertheless, the physical device of a cold wallet can still be lost, damaged, or stolen, leading to the permanent loss of your crypto assets.

Protect your seed phrase! Many crypto wallets generate a "seed phrase," also known as a mnemonic recovery phrase, backup seed phrase, or mnemonic phrase. A seed phrase is a string of random words that can help you recover your wallet if you lose your crypto wallet or private key, or if the wallet's hardware or software is damaged. Keep your seed phrase in a safe place and never share it with anyone.

III. Self-Custody vs. Third-Party Custody

You also need to decide whether to self-custody your crypto assets (self-custody) or entrust them to a third party for management (third-party custody). Both self-custody and third-party custody offer hot and cold wallet options.

Self-Custody

With self-custody, you have full control over your crypto assets and are responsible for managing all the private keys of your crypto wallets. This means you have complete control over access to your crypto asset private keys, but it also means you bear full responsibility for the security of those private keys. If your crypto wallet is lost, stolen, damaged, or hacked, you may permanently lose access to your crypto assets.

Key Questions When Choosing a Self-Custody Crypto Asset Solution

  • Are you comfortable easily setting up and maintaining your crypto wallet? Setting up and maintaining a crypto wallet yourself may require some technical knowledge. Make sure you are capable of handling all the technical aspects required to set up and maintain your crypto wallet yourself.

  • Do you want full responsibility for your crypto assets? With self-custody, you have complete control over your crypto assets. You are solely responsible for safeguarding the private keys and seed phrases of your crypto assets. If these keys or seed phrases are lost or stolen, you could lose access to your crypto assets.

  • What type of crypto wallet do you want to use? As mentioned above, you can use a hot wallet or a cold wallet to store your crypto assets. Carefully consider your convenience and security needs when choosing the type of crypto wallet that best suits you.

  • How much does the crypto wallet cost? Physical devices for cold wallets usually require purchase, while hot wallets may initially be free. However, using a wallet for transactions usually incurs fees. Be sure to understand these fees before choosing a crypto wallet or conducting transactions.

Third-Party Custody

With third-party custody, you can choose a professional custodian or service provider to hold your crypto assets. Third-party custodians include cryptocurrency exchanges and specialized crypto asset custody service providers. The third-party custodian is responsible for managing and controlling access to the private keys of your crypto assets. The accounts used by the third-party custodian to hold the private keys of your crypto assets may be hot wallets, cold wallets, or a combination of both. If the third-party custodian is hacked, goes out of business, or declares bankruptcy, you may lose access to your crypto assets.

Key Questions When Choosing a Third-Party Custodian

  • Have you researched the custodian's background? Be sure to take the time to carefully research any third-party custodian. Search online for any complaints about the custodian. Find out how the custodian is regulated. Although the regulatory framework for the crypto asset industry is still in its early stages, some level of regulation already exists.

  • What types of crypto assets does the custodian allow me to hold? Each custodian allows different types of crypto assets to be held. Be sure to confirm that the custodian allows the types of crypto assets you wish to hold in your account.

  • What happens if the custodian goes out of business? Find out if the custodian provides insurance for lost or stolen crypto assets, and make sure you understand its terms and conditions.

  • How does the custodian store and protect your crypto assets? Ask the custodian how they protect your crypto assets and private keys, and who has access to them. Does the custodian store your crypto assets in its own facilities, or does it outsource storage to a third party? Does the custodian use hot wallets, cold wallets, or other methods? Which type of crypto wallet do they primarily use, and how do they determine where to store your crypto assets? Also, ask about the types of physical and cyber security protocols and procedures the custodian uses to protect your crypto assets.

  • How does the third-party custodian use your crypto assets? Some custodians may use the crypto assets you deposit as collateral for their own purposes (e.g., lending). This is sometimes called "re-hypothecation." To reduce costs, some custodians may also commingle crypto assets instead of holding them separately for clients. Find out if your custodian engages in any of these practices, and if so, whether your consent is required.

  • What privacy protections does the custodian offer? Look for custodians that protect your sensitive personal information (such as your name, address, Social Security number, and the types of crypto assets you own or have traded). Ask the custodian if they sell any customer data to third parties, and if so, whether your consent is required.

  • What account fees does the custodian charge? Ask the custodian about annual management fees (an annual fee based on the value of your crypto assets), transaction fees (the cost to use or trade crypto assets), transfer fees (the cost to move your crypto assets outside the custodian), and account opening and closing fees.

IV. General Advice for Protecting Crypto Assets

  1. Carefully research and choose any third-party custodian.

  2. Never disclose your private keys or seed phrase.

  3. Protect the privacy of your crypto assets. Do not share the amount or types of crypto assets you own with anyone.

  4. Beware of crypto asset phishing scams.

  5. Use strong passwords and multi-factor authentication for all online crypto asset accounts.

Related Questions

QWhat are the two main types of cryptocurrency wallets mentioned by the SEC, and what is the key difference between them?

AThe two main types are hot wallets and cold wallets. The key difference is that hot wallets are connected to the internet, offering convenience but being more vulnerable to cyber threats, while cold wallets are not connected to the internet, offering greater security against online attacks but being less convenient for transactions.

QAccording to the SEC, what is the critical function of a 'private key' in a crypto wallet?

AA private key is a randomly generated alphanumeric password that authorizes transactions for crypto assets. It acts like the password to your crypto wallet. If lost, it cannot be changed or replaced, and you will permanently lose access to the assets in that wallet.

QWhat is a 'seed phrase' and why is it important to keep it secure?

AA seed phrase, also known as a mnemonic recovery phrase, is a series of random words that can be used to recover a crypto wallet if the wallet is lost, its private key is lost, or if the hardware or software is damaged. It is crucial to keep it secure and never share it with anyone, as it provides access to the wallet's assets.

QWhat are some key questions investors should ask when considering a third-party custodian for their crypto assets?

AInvestors should ask about the custodian's background and any complaints against it; what types of crypto assets it allows; what happens if the custodian fails and if it offers insurance; how it stores and protects the assets; whether it re-hypothecates (e.g., lends out) or commingles assets; what privacy protections are in place; and what account fees are charged.

QWhat are two general recommendations the SEC provides for protecting crypto assets, regardless of the custody method?

ATwo general recommendations are: 1) Never share your private keys or seed phrase with anyone. 2) Use strong passwords and multi-factor authentication for all online crypto asset accounts.

Related Reads

Crypto Confidence Surges As Italy’s Largest Bank Doubles Holdings In Q1

Italy's largest bank, Intesa Sanpaolo, significantly increased its crypto holdings in Q1, doubling their value from about $100 million to $235 million. This shift involved moving toward established assets like Bitcoin and Ethereum through ETFs while nearly exiting its position in Solana. The bank's strategy indicates a preference for blue-chip cryptocurrencies over higher-risk alternatives. This activity aligns with a broader European trend where major banks like Spain's BBVA and France's BPCE are expanding into crypto services for clients. Furthermore, a consortium of 12 European banks, including BNP Paribas and Deutsche Bank, plans to launch a MiCA-compliant, euro-backed stablecoin in late 2026.

bitcoinist36m ago

Crypto Confidence Surges As Italy’s Largest Bank Doubles Holdings In Q1

bitcoinist36m ago

Crypto Report Card: How Institutional Investors Allocated Capital In Q1 2026

In Q1 2026, institutional investors exhibited mixed strategies amid a volatile crypto market where Bitcoin fell to around $62,000 in early February. Notable moves included Abu Dhabi’s Mubadala Investment Company significantly increasing its stake in BlackRock's iShares Bitcoin Trust (IBIT), with holdings reaching about $566 million. Several traditional financial institutions, such as the Royal Bank of Canada and Barclays, also expanded crypto exposure while hedging risks with options. In contrast, Harvard University’s endowment fund continued reducing its IBIT position, cutting it by 43% and liquidating its Ether ETF holdings entirely. Other Ivy League endowments like Brown and Dartmouth held steady, though Dartmouth shifted its Ether exposure into a staking ETF and entered a new position in a Solana ETF. Overall, institutional activity suggests many viewed the market’s underperformance as a buying opportunity rather than a loss of long-term faith. The crypto market cap stood at approximately $2.57 trillion, down over 12% year-to-date in 2026.

bitcoinist2h ago

Crypto Report Card: How Institutional Investors Allocated Capital In Q1 2026

bitcoinist2h ago

Bitcoin Crowd Euphoria Hits Highest Level Of 2026 After CLARITY Act Progress

Bitcoin surged over 3.5% after the US Senate Banking Committee advanced the CLARITY Act, a crypto regulation bill aimed at providing clearer rules. This news drove Bitcoin crowd sentiment to its most euphoric (or "greediest") level of the year, which on-chain analytics firm Santiment notes is a long-term bullish signal due to increased investor certainty. However, Santiment cautions that such extreme optimism historically precedes short-term bearish pressure, as markets often move opposite to crowd frenzy. Separately, market analyst Ali Martinez reported Bitcoin miners sold approximately 800 BTC (around $64 million) over 96 hours, adding potential near-term selling pressure. While miner selling is not massive, spikes in their outflows have historically preceded price weakness or consolidation. Combining excessive euphoria with miner selling suggests Bitcoin may face corrective movement. At press time, Bitcoin traded at $79,136, down 2.9% in 24 hours.

bitcoinist6h ago

Bitcoin Crowd Euphoria Hits Highest Level Of 2026 After CLARITY Act Progress

bitcoinist6h ago

Will The Passage Of The CLARITY Act Be Good For XRP Price? Why $50 Could Be The Minimum

The passage of the CLARITY Act in 2026 is viewed as a potential major catalyst for XRP's price. An analysis based on the quantity theory of money (MV=PQ) models various price scenarios depending on XRP's adoption level for regulated settlement and liquidity flows. A minimal use case, handling a small portion of cross-border transactions, could establish a price floor around $50. More extensive integration, such as bridging repo cash legs and collateral, could push prices to approximately $280. With supply compression from derivatives locking tokens, a "Structural Base Case" suggests a price near $415. A "Full Integration" scenario, where XRP is used across all major settlement positions, projects a range from $700 to $1,400. The CLARITY Act has passed the House and cleared a Senate committee, with a potential Senate vote and White House target for enactment by July 4, 2025.

bitcoinist7h ago

Will The Passage Of The CLARITY Act Be Good For XRP Price? Why $50 Could Be The Minimum

bitcoinist7h ago

MY Group Completes Web4.0 First Stock Listing Layout, SEC Officially Discloses Form 8-K Announcement

MY Group has completed the listing layout for the "Web4.0 First Share," with the U.S. Securities and Exchange Commission (SEC) formally disclosing a Form 8-K report. According to the filing, the company's board has officially appointed Mr. Zhang Dingwen as Chief Executive Officer (CEO) and Executive Director, marking a significant upgrade in management and the entry into a new phase of its global capital market strategy. The disclosure of Form 8-K, used for reporting major corporate events, coincides with market information indicating the company is advancing several key capital market initiatives. These include a global brand system upgrade, corporate strategic restructuring, and a change of its stock ticker symbol. These moves are viewed by industry experts as signals of accelerated internationalization and enhanced global market presence. Concurrently, MY Group's proposed "Web4.0 Ecosystem" is garnering market attention. The company is integrating core capabilities across social traffic portals, global payment systems, public blockchain infrastructure, digital asset trading, and AI-powered financial systems. Analysts suggest that by closing this ecosystem loop, MY Group has the potential to become a next-generation platform merging Web2 user scale with Web3 asset frameworks and AI financial capabilities. With the management upgrade finalized, the global brand strategy launched, and the stock ticker change pending, MY Group is positioning itself as a focal point in the global technology capital market as a potential leading Web4.0 platform enterprise.

marsbit11h ago

MY Group Completes Web4.0 First Stock Listing Layout, SEC Officially Discloses Form 8-K Announcement

marsbit11h ago

Trading

Spot
Futures

Hot Articles

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of S (S) are presented below.

活动图片

Top Questions

Hot Categoriesright-arrow

Hot Tagsright-arrow