From Custody to Capital Markets: Turning On-Chain Infrastructure into Growth and Closing Remarks

Custody is the foundation, but the real opportunity for TradFi lies in what comes next. This session explores how banks and custodians can move beyond safekeeping to build an entire suite of services on top of custody infrastructure—staking, tokenization of real-world assets, on-chain lending, and even digital capital markets. Discover how to monetize custody, drive client engagement, and future-proof your institution's role in the evolving financial ecosystem.

Transcription: 
Transcripts are generated using a combination of speech recognition software and human transcribers, and may contain errors. Please check the corresponding audio for the authoritative record. 

Zack Seward (00:14):
Hey everybody. Hi there and welcome to this American Banker Virtual Event. I am Zack Seward. I'm going to be your moderator today. I'm also the editor-in-chief of usecase.xyz, a print magazine about what crypto enables. I'm joined by a super solid panel. We hope you learn something. Let's dive in. I'm going to do brief intros and then we're going to ask people to unpack a little bit more about themselves. First of all, we have Scott Lucas from JPMorgan Chase, Jason Allegrante from Fireblocks, Josh Klayman from Linklaters, and Brian Foster from Coinbase. For the purposes of this conversation, we'll trust that you know the basics of custody. Maybe you've learned something about the environment in the earlier sessions today. We're really going to dive into what custody enables, because the cool thing about digital asset custody is it's not just this inert thing.

(01:01):
You don't just stick your assets on a hard drive and bury it in a vault somewhere. It's all about being able to let institutional customers do stuff. Leading custody providers, some of whom are represented on this panel today, know that very well. So let's dive in on those quick intros. We're going to start with the folks representing custodians and then we'll go to our other two panelists. Jason, if you could introduce yourself followed by Brian and we'll go from there.

Jason Allegrante (01:29):
Hi, thanks for the introduction, Zack. My name is Jason Allegrante. I'm the chief legal and compliance officer at Fireblocks. I've been with Fireblocks for about five years. I do have a traditional financial services background; I've worked at the Federal Reserve and I've practiced law at Davis Polk & Wardwell. Just a brief word about Fireblocks: we develop and license a proprietary software platform. Our customers plug that software platform into their middle and back offices, and they're able then to self-custody or, if they're more ambitious, to build a digital asset customer-facing business.

Brian Foster (02:05):
Hi, Zack. Thanks for having me. My name's Brian Foster. I've been at Coinbase a bit more than six years now. I look after a handful of the client businesses here, including a few that directly interface with our custodial business. One of those businesses is what we call "crypto as a service," which is our infrastructure business about partnering with financial institutions. We power just under 300 of those today at scale, including some of the largest banks, brokerages, fintechs, exchanges, and payment service providers in the world, providing them with tools like custody, trading, staking, data, stablecoin access, and more. I also look after our ETF practice where we safeguard north of a hundred billion in assets on our custodial platform on behalf of some of the largest ETF issuers in the world. Lastly, I look after the government practice here, where we support the government through our custodian safeguarding assets for the US federal government, and we work with 140-plus agencies around the world.

(03:05):
Before Coinbase, I spent most of my career in venture capital investing in crypto and cybersecurity. Right before Coinbase, I was an early employee at a crypto security company that built early MPC technology, which is some of those underpinning capabilities that lead to what we call custody today in crypto.

Zack Seward (03:24):
Awesome. Thank you for that context. Josh, introduce yourself.

Josh Klayman (03:27):
Hi, my name is Josh Klayman. I'm at Linklaters, which is a global law firm. My role is US head of FinTech and head of blockchain and digital assets, and I'm one of our global tech sector co-heads. I've been representing companies in the digital asset space for over a decade. Before that, I did leveraged finance and securities for about another decade. This space is a great love of mine.

Zack Seward (03:50):
Cool. And last but certainly not least, Scott.

Scott Lucas (03:52):
Good day everyone. My name is Scott Lucas. I'm at JPMorgan and I sit in a markets business within a commercial and investment bank. I lead the digital asset work that we sit within that part of the business, which is really the trading stripe. For the context of this conversation, I'm representing what we're hearing from our buy-side clients on this topic.

Zack Seward (04:15):

All right. Awesome. This is a lovely level set. Jason, I'm going to start with you. You alluded to some of this in your intro, but I wanted to unpack what the most common use cases are that Fireblocks' customers are engaging with when they enlist you guys as a custodian. What are we talking about when we're talking about custody in the institutional context?

Jason Allegrante (04:37):
I will describe the most popular product or use case, but it's helpful to see how that initial use case morphs into others. By far, the most popular use case is what we call treasury management. That's basically using the platform to administer holdings of digital assets, very frequently the holdings of the customer's own digital assets. To give you an example of what that looks like: we had a lot of traction when Fireblocks first started with the crypto-native segment, specifically hedge funds that have a strategy of deploying capital into crypto assets. The assets would sit for a portion of the day or overnight in the Fireblocks wallet. The asset manager could then deploy the asset over to one or more exchanges, execute their trading strategy during the day, and then at night they could repatriate those assets back to the Fireblocks platform.

(05:32):
We're now really shifting focus and seeing different customers coming to us with different use cases. A lot of this is being driven by stablecoins. We're seeing a huge uptick in interest from payment service providers. This is typically a cross-border use case with stablecoins as a bridge. To give you a sense of the volume driven by this segment, we do almost 1.5 trillion in notional in crypto assets. Nearly a full half of those transactions have a stablecoin associated with them, which are impressive numbers from my perspective. The other segment where we're seeing a lot of uptick now are financial institutions. I think that's also being driven in large part by stablecoins, but there's a lot more that can be done with financial institutions. It's a matter of giving them some time and raising the familiarity level. We will see custody as a service as a natural extension of having built out that infrastructure, and then it's only a matter of time until we see headway in the real-world asset tokenization space in general.

Zack Seward (07:05):
Brian, I want to go to you with this question. I know there's a lot on your plate in terms of the various customer segments you're serving. What a government needs from their custody solution is probably very different than what a crypto hedge fund would need. If you could break down some of those primary buckets—the ETF issuer is also super interesting—what needs are you hearing on the custody side from those primary groups and how do they differ?

Brian Foster (07:33):
It's a great question. At our scale, a challenge is having to be many things to many people. In our earnings last week, we announced we passed 500 billion in assets on our platform and believe we're the largest custodian in the world in this market. We do serve a lot of distinct segments with distinct needs. The common denominator is that they all care deeply about security and compliance. Regardless of the specialized workflows for each segment, the conversation always starts and ends with, "Can I trust you and will you keep my assets safe?" We've been fortunate to prove we're good stewards and that is really our strength. If we drill into the segments, we can organize them in two broad categories. One category is clients that fall into our first-party business where we're directly acquiring clients: traditional asset managers, hedge funds, and in some cases, corporate treasuries.

(08:20):
These are firms onboarding to our platform bilaterally for their own principal or FBO trading activity. Custody is about holding their assets while they're at rest, but also about being a building block from which we support use cases for the entire transaction lifecycle—usually trading, settlement, and financing. We very deliberately built flows connected to custody that enable all of that for that client archetype. The other half of the equation is the platform business. This is about partnerships with financial institutions: large banks like PNC, brokerages like Webull, and payment service providers. In that business, we take the same foundational building block of custody and holding those things out as a platform for those firms to build on so that they can, in turn, build great product experiences for their clients. Although the foundational needs overlap, the first category is much more UI and principal-driven, whereas the second is much more developer and API-driven.

Zack Seward (10:03):
I'm going to throw this next question to Scott, but I definitely want to invite the audience to submit questions. Scott, you mentioned you're coming to this with a user perspective. I'm going to put you on the spot for some customer reviews about the current custody environment. What do you see out there that's working when you survey the landscape, and what are some of the big pain points that custodians have yet to address?

Scott Lucas (10:35):
Thanks. The offerings in the market broadly work for what they're designed to do. But when you look at the maturity curve of where crypto custody is versus custody for products that have been in the market for decades, there's a gap between the user need and product development. To Brian's point, if you're a custodian in this space, security of the asset is a baseline; you won't be in business very long if you don't prove that capability. The question then comes down to added services and pricing. As we move from a retail-heavy model to an institutional wholesale-heavy model, those pricing and cost-based methods might need to change. Charging basis points on notional prices is fine if you're sending a few thousand dollars, but not if you're sending a few hundred million dollars.

(11:34):
The commoditization of custody in the regular market today is a pretty low-cost, low-margin business. To convince institutional clients to move to a higher-cost business, the value proposition has got to be very good. That includes the services around the asset. The products in the market will continue to evolve. Look at what was available two or five years ago compared to today; ETPs weren't a thing. I'm sure we'll see further evolution leading to corporate action type events in a much more sophisticated way—tax reporting, accounting, and so on. Wider services will start to evolve based on the benchmark of the low-cost wholesale business we have now. The question is which custodians will want to compete in that space versus just the retail side. Without the development of capital markets security type custody on-chain—not just crypto and stablecoins—it won't inspire the wholesale markets to move that way.

(13:26):
There is appetite, so it's a question of who is going to provide that and how they get their model aligned with pricing and functionality. There's a lot to play for over the next two to three years.

Zack Seward (13:52):
That's interesting. I want to tease out some of the business pressures you alluded to. Josh, I want to go to you because it was mentioned that table stakes are security and compliance. Are there any gray areas in compliance that are still unresolved? Are things ironed out, or are there concerns being voiced by customers looking to engage with custodians?

Josh Klayman (14:17):
It really depends on the client. I should say nothing we say on this panel is legal, investment, or accounting advice. My clients range from the largest banks in the world to crypto-native folks. There are a lot of questions we don't have the answers for yet, but we're close. We are focused on a different area of law than we typically have been. For several years, we've looked at the federal level: Is it a commodity? Is it a security? We thought about the nature of the asset and the type of custodian who can custody it.

(15:08):
As TradFi enters digital asset activities, we're seeing a big focus on state law issues. For example, if a bank wants to offer custody to its customers but wants to engage a third-party custodian, how do you analyze that for purposes of insolvency? Similarly, digital natives with treasuries want to understand what their customer agreement means and the insolvency treatment. Folks looking to provide digital asset lending facilities—whether as a securities lending facility or a margin facility backed by digital assets—run into questions of the UCC (Uniform Commercial Code). That is pure state law. Whether you use Article 12, available in certain states, or Article 8, these are highly specific state regulatory questions for which there is not a lot of case law. We do have ways from a commercial perspective to address this, but it involves looking closely at the customer agreement and terms of service. What rights does a customer have in its digital assets? If you're a secured lender, what rights can you actually take security in? Some of these things were looked into pre-FTX, but this is a much more advanced and sophisticated time.

Zack Seward (17:45):
I'd be remiss if I didn't segue to Jason. From your perspective, what are the thorniest questions in custody compliance right now? Pull back the veil a little bit on what keeps you up at night.

Jason Allegrante (18:02):
At the risk of getting into the weeds myself, there are compliance issues in general, but uniquely to custody, I don't think we have a lot of clarity in drawing the line between traditional custody hosted by an entity and what Fireblocks does, which is software custody. It's a legal and technical question. There's been a huge proliferation in different methods of key management. You have tremendous innovation in key management, such as "embedded wallets," which is a service offered by Fireblocks. It allows the customer to move wallets and keys downstream to their own customers. This is a nifty way of operating a fintech or a banking platform. But now you have a primary keyholder and millions of keys floating around at the retail level. The state of the law hasn't caught up. FinCEN issued great guidance back in the 2000s, but we need that guidance to catch up because there's a fair amount of uncertainty. This is especially true for a novel solution like Fireblocks that the world hasn't seen before. We're moving into a world where things are much more complicated, and we could really benefit from clarity in this niche space.

Zack Seward (20:35):
Brian, do you want to delve into multi-party computation (MPC) and how that intersects with the compliance conversation? Do you have unique perspectives on what Josh and Jason shared?

Brian Foster (20:51):
The group made great comments. It's funny, the rate-limiting factor to growth right now isn't the core crypto wallet technology, which has been pretty advanced for a number of years. It's actually factors like the pace at which integrations can happen with firms who have enormous client distribution. Where we're seeing the frontier on compliance and thorough due diligence is when financial institutions get beyond closed-loop workflows—simple cash-in and cash-out trading—and take a step further to on-chain flows. The most basic example is enabling on-chain send and receive. That's important for stablecoin payments and in-kind transfers of crypto investment assets. That broadens the aperture for due diligence; there's a need for on-chain transaction monitoring and Travel Rule requirements. When partners touch the "bare metal" of on-chain transactions for the first time, that is the moment where there's a need for rigorous new due diligence that pushes these organizations in new ways.

Zack Seward (22:28):
That was a nice turn of phrase: "pace mismatch." I've got to throw this to Scott. Crypto moves far more quickly than a traditional financial organization might, especially regarding due diligence. Is that a major impediment to embracing these technologies?

Scott Lucas (22:55):
I think it totally is, and in a way, that's okay. It's good to have innovation dragging the market into new opportunity sets. But from a regular standpoint, if I open up a new account with a provider, I'm going to get to a point where I'm asked, "Do you accept the terms and conditions?" and I'll just click "tick" because it's just me. At JPMorgan, we never just go "tick." We read everything, our counterparts read everything, and our clients read everything. We have well-educated lawyers who understand the law and argue about specific clauses. We have to get to a place where we feel comfortable putting very large sums of money at risk on behalf of our clients. That is going to create a different speed of adoption, and it should. If I take risk on my own behalf and lose a few grand, my wife will kill me, but it's my problem.

(23:46):
If JPMorgan or an investor client does something and it goes wrong, the underlying liquidity providers are people like you and me who have put money into a 401(k) or a money fund. We're trusting that institution to get it right. I don't mind the fact it takes a bit longer. In an environment where risk is more acceptable, you can innovate in a different way. The feedback out of that process feeds into where the wholesale markets can take that at scale with evidence to say, "this is a problem on a technical or legal level." That helps define the risk appetite for wholesale markets. There are two speeds, and I think it's okay. We just wouldn't like the gap to be too wide. I think there is an increase in tempo. As institutional investors say, "this is good enough for us," that enables more confidence across the market. Appetite accelerates action, and then you start to speed up.

Zack Seward (25:52):
I want to cobble together a few things I heard and press a new question forward. Brian, you're alluding to on-chain activity where institutions benefit from blockchain efficiency or DeFi yields. Scott, you mentioned risk parameters that TradFi is rightly skeptical of. Jason, I'll throw this to you first: crypto has had a string of embarrassing events where large sums of money are lost. Even this week, we had a Balancer exploit with over a hundred million dollars hacked. There's a reputational risk looming. Experimental bugs on the smart contract side are dampening enthusiasm. How is the industry tackling risk inherent to these DeFi protocols?

Jason Allegrante (27:10):
It's a huge problem. The industry has been riddled with hacks for a long time. We have a perception problem: "What is crypto even good for? Isn't it just used for money laundering?" The hacks are a big part of that. Many hacks go into wallets owned by criminal organizations. I can describe Fireblocks' own history here. We offer a software solution that enables custody, so it's our job to keep customer assets secure. Not that long ago, when a competitor was impacted by a hack, we would have a "high-five party" because we thought it would bolster our brand and hurt theirs. We might not have been wrong, but it was an immature and shameful view. I'm proud of how we've grown up around this issue.

(28:15):
Today, we see any loss event of any magnitude as an assault on the integrity of the industry as a whole. We see it as our obligation to make sure we don't see loss events of this nature again. This is a market integrity issue. We cannot achieve a mature digital asset market if folks continue to have their assets stolen. We are acting on this. My legal department put together a "custody technology provider framework." We took Fireblocks as a starting point—because we believe we have the best tech and security protocols—and we looked around the market to see what else we could include. We've been shopping this framework to regulators all around the world. We've been saying to them, "we don't think you have a good answer to the question of what good custody looks like."

(30:13):
Many regulators will say "good custody" means digital assets on a hardware device in a locked room. That is neither the most secure way of holding assets nor the way to realize a fluid digital asset economy. We need to find a better way. We are proposing real solutions and working with governments and policymakers to try to achieve that outcome.

Zack Seward (30:48):
Brian, do you see a dampening effect when a protocol suffers an exploit? Do you get worried calls from customers asking if they're next? Has that been minimized in the last two years?

Brian Foster (31:10):
We spend a ton of time on client education. In addition to being a product platform, we view ourselves as advisors to many of our clients who want to understand our perspective. Coinbase is in a unique position because we serve so many segments. We have risk-seeking retail archetypes, but we also deal with the most conservative institutions in the world. We hold out a toolkit that allows each archetype to interface with the market in the way that works best for them. For a BlackRock or a PNC, the story looks very different than for a small family office. The solution to these exploits is what Scott said earlier: incredibly rigorous due diligence. We should take looking at frontier technology very seriously.

(32:15):
From a product perspective, there's a market emerging for curation in thoughtful ways. Conservative players say, "there's a lot of value in these DeFi protocols, but I'd like a safe way to navigate them." We colloquially call this the "DeFi Mullet"—business in the front, DeFi in the back. People want counterparty risk and exposure to Coinbase, but want help navigating the value happening on-chain. Our job is to shepherd each client type on the right path.

Zack Seward (33:33):
Scott, I want to put you on the spot. Regulatory guidance from international authorities might be overly cautious and impeding growth, like the Basel guidance. What's your take on current rules regarding crypto asset exposure for traditional institutions?

Scott Lucas (34:03):
There are two dimensions. There's the straight-up capital stuff around how Basel recommended the implementation of capital for risk-weighted assets. That is effectively a prohibitive number and a limitation on the role banks can play. There's only a certain number of resources we're prepared to allocate, and if the cost is prohibitive, that gets limited. Until that capital treatment is addressed, there are limitations on how far we can extend the opportunity for crypto and anything on a public blockchain, including stablecoins. We need to be prepared for a change in that and operationalize things in readiness for it.

(35:00):
The other side is when new rules bump into old rules. We've had stuff in Europe on a private permissioned blockchain that mobilizes collateral. It's fine unless everything's in Germany, because despite forward-thinking laws like MiCA, deep in the bowels of German regulation you still have to move the security at the depot regardless of how you transfer it. But that's only true if everything in the transaction is in Germany. If it's a French bank, you can do it. There are all these foibles a few layers below. As new regulation bumps into old, you've really got to do the work. The more permissive status in the US is starting to get others to think about that globally. It has set the tone for reconsideration of rules across jurisdictions. The conversation is evolving to be about risk and opportunity rather than just prohibiting because we aren't sure what could go wrong.

Zack Seward (36:50):
Josh, do you see these rules being updated soon to represent present-day realities?

Josh Klayman (37:04):
Gaining clarity is going to be a continuous effort. Regardless of politics, the fact that our president has said he wants to make the US the crypto capital of the planet is opening a lot of doors. The change in enforcement strategy allows for innovation even in the absence of specific rule changes. Regarding the idea of a global harmonization of laws involving crypto, I don't think we're going to get common definitions anytime soon, let alone changes to make things flow easily across jurisdictions. But I do think a focus on bilateral recognition—across states in the US or jurisdiction by jurisdiction globally—is the way things are likely to move.

(38:20):
To respond to a few things mentioned earlier: people sometimes complain about the user interface in DeFi, but maybe that's a feature and not a bug. People looking for limited counterparty risk aren't going straight to DeFi. Regarding hacks and industry effects: every time there is a hack, I hope we get to the point where, like a bank robbery, we don't say, "oh no, why do we even have a banking system?" I hope we're getting to a point where people understand that there are bad actors in crypto just like there are in any other industry.

Zack Seward (39:41):
Well said. We have about a minute left. I have to get an audience question on the board. "Do you look at tokenized processes vastly differently than stablecoin processes?" Brian, is there a different backend system for tokenized assets versus stablecoins?

Brian Foster (40:19):
I love this question. It speaks to the heart of our strategy. From a technical perspective, it's all kind of the same, provided we're converging on a common set of protocols. From the perspective of a large financial institution, you need to be able to invest in and integrate an infrastructure once and get as much operating leverage technically and economically as possible. The beauty of things coming on-chain is that they're represented in the same token format. Whether that's a stablecoin, a tokenized deposit, an ETF, or a tokenized security, it doesn't matter. It should all be able to live on the same infrastructure and enable trading, tokenization, and payments. That's how we've thought about our product stack at Coinbase. Integrate this thing once and then use it scalably in many different ways.

Zack Seward (41:40):
Cool. We're going to wrap with rapid-fire predictions. Tweet-length. As it relates to custody, what should this audience know in terms of what's going to change over the next two years? Scott?

Scott Lucas (42:15):
As cash evolves from pure fiat into stablecoins, deposit tokens, and other mechanisms, custodians will have to develop selection and allocation methodologies for cash just as they have for securities. "How do I set the schedule for using fiat first, stablecoins second, CBDCs third?" Matching the right asset with the right cash source at the right time is something that needs to evolve on the custody side.

Zack Seward (43:07):
Josh, your prediction for custody or institutional on-chain activity?

Josh Klayman (43:17):
Big picture: it becomes like a phone where you don't know exactly what's happening, but someone does and you can just count on it to work. We're going to figure it out.

Zack Seward (43:31):
Brian, your turn.

Brian Foster (43:37):
Most growth to date has been about appreciation of crypto-native assets like Bitcoin and Ethereum. Now we have a huge horizontal growth factor called tokenization. With market structure crystallizing in the US and technology and financial institutions coming together, it is finally the right time for that to become a huge vector of growth alongside native crypto.

Zack Seward (44:18):
Jason, you get to close us out.

Jason Allegrante (44:22):
Custody is fundamental. The blockchain is the first thing, and the wallet is the thing that reads and writes to it. I'd like to see a real internalization of how fundamental the wallet is. It is the entryway and the departure point. There are two elements to that. There are institutional wallets—we need to see financial institutions become operational and prepared to use them. I'd love to see this trickle down to corporates; I'd love to see more companies start holding digital assets on their balance sheets. If corporates are going to accept payments, they'll need a custody solution. Then we need to see this trickle down to retail. Adoption will be driven by successful use cases like cross-border payments and stablecoins.

Zack Seward (46:19):
All right, good stuff. Scott, Josh, Brian, Jason, this has been wonderful. Thanks so much for your time. That's a wrap for this virtual event. Check out usecase.xyz if you have a second. Signing off. See you next time.