Regulation

MiCA custody: building wallet infrastructure that satisfies both regulators and institutional investors.

Apr 2026 · 16 min read · By the Digital Assets Practice

The EU’s Markets in Crypto-Assets Regulation (MiCA) has moved digital asset custody from a lightly supervised activity to a fully regulated financial service. For institutions building or acquiring custody infrastructure, the regulatory bar is now as high as for traditional securities settlement — and in some areas, higher.

1. Key segregation and asset separation

MiCA mandates that custodians maintain client assets distinctly from the custodian’s own assets, and distinctly from the assets of other clients. In practice this means wallet architecture must enforce separation at the key-management layer, not merely at the ledger layer. Multi-party computation (MPC) and hardware security module (HSM) designs must be auditable to this standard.

2. Operational resilience for blockchain rails

Unlike traditional settlement, blockchain networks do not have a central operator to call during an outage. Custodians must demonstrate their own recovery procedures for lost keys, consensus failures, and smart-contract exploits. The PRA and BaFin have both signalled that they will treat these as first-order operational risks.

3. Institutional investor expectations

Institutional investors now expect insurance coverage, third-party attestation, and real-time proof-of-reserves. The infrastructure must support automated reporting, not just manual reconciliation. We have helped clients design systems where every wallet balance is provable on-chain and reconcilable off-chain within minutes.

What to prioritise

Start with the key-management architecture: it is the hardest to change later. Then build the reconciliation and reporting layers that regulators and institutional clients will audit first. Only then layer on the user-facing features.