As digital finance continues to mature, the role of digital asset custody is rapidly becoming a core layer of financial infrastructure. Custody now underpins key use cases such as stablecoin issuance, cross-border payments, and tokenized real-world assets. As adoption accelerates, enterprises need a custody solution that is secure, scalable, and compliant with evolving regulatory requirements.
All of this places greater scrutiny on custody as a foundational component of the digital asset ecosystem, which was the focus of the Ripple and Blockchain Association of Singapore (BAS) Custody Workshop earlier this month.
Why Digital Asset Custody Matters
Custody is the crucial entry point for institutions that want to engage in the digital asset economy. It provides the infrastructure needed to mitigate risk, ensure regulatory compliance, and enable new business models. Demand is rapidly increasing, driven by the projected growth of tokenized real-world assets, which are expected to reach nearly US$18.9 trillion by 2033, according to a recent report by Ripple and Boston Consulting Group (BCG).
Ripple’s 2025 New Value Report highlights growing institutional momentum around digital asset adoption. The report found that 71% of financial institutions and enterprises in APAC have grown more confident in digital assets over the past six months. While only 30% of firms currently use custody solutions, an additional 52% plan to adopt them within the next three years.
Five Key Takeaways from the Custody and Cybersecurity Workshop
To address emerging priorities in digital asset custody, Ripple and the Blockchain Association Singapore (BAS) recently co-hosted a workshop, “Custody & Cybersecurity: Institutional Best Practices for Stablecoins and Beyond”, which brought together industry leaders from across the digital asset ecosystem to deep dive into how today’s custody architecture is meeting the growing demands of regulatory scrutiny, interoperability, and institutional adoption.
Custody solutions for stablecoins generally align with broader digital asset custody models but differ in their emphasis on compliance, operational security, institutional-grade risk management, and the regulatory landscape around stablecoin adoption. Reflecting this focus, the workshop also marked the launch of the Best Practices for Custody and Security for Institutional Stablecoin Users report, developed by the BAS Stablecoin & CBDC, and Cybersecurity Sub-Committees. The report offers practical guidance for institutions looking to establish or improve their custody frameworks in line with enterprise demands and regulatory standards.
Let’s take a closer look at the developments discussed in the workshop that are shaping APAC’s digital asset ecosystem.
1. Adopt a compliance-by-design approach to custody infrastructure
Institutional stablecoin users need custody systems with regulatory compliance built in from the start. In Singapore, for example, Digital Payment Token (DPT) service providers regulated by the Monetary Authority of Singapore (MAS) are required to segregate customer assets, maintain robust documentation for asset recovery, and implement strong internal controls. Meeting these expectations often involves using dedicated ledgers, trust accounts, and clear asset recovery protocols, which together demonstrate that regulatory alignment begins with system architecture.
Participants broadly recognised compliance-by-design as a foundational principle for enabling secure stablecoin issuance, redemption, and institutional use.
2. Choose the right custody model for your business needs
There is no one-size-fits-all custody solution for enterprise users. Solutions need to be tailored to the operational needs, risk appetite, and maturity level of each institution, and this all starts with understanding the risk framework that enterprise users have.
The workshop highlighted a range of approaches, from fully outsourced third-party custody to hybrid models combining in-house cold storage with external support for hot wallet operations. The choice of model often depends on transaction volumes, internal security capabilities, and the complexity of workflows. Having a flexible approach is essential, and enterprise-grade custody platforms should offer institutions the ability to evolve their architecture as their use of digital assets grows.
Choosing a digital asset custody solution also requires understanding the associated trade-offs, such as how:
Self-custody models may offer greater control but typically require substantial investment in technical infrastructure, disaster recovery planning, and personnel training to support continuous operations and meet regulatory expectations.
Third-party custody solutions can provide scalability and established security frameworks but require thorough due diligence to ensure vendor practices align with institutional policies and risk management standards.
Hybrid models allow institutions to retain control over secret keys while leveraging external support for functions such as liquidity management, though they may involve added coordination and integration considerations.
There is also a growing sophistication of wallet infrastructure, moving beyond binary categories of hot and cold wallets to a broader spectrum that includes warm wallets (e.g., time-gated or access-restricted wallets), funding wallets, and “deep cold” vaults. These varied wallet types can help institutions balance liquidity, security, and compliance in line with operational demands.
3. Operational resilience is critical to custody infrastructure
Operational resilience is a cornerstone of institutional-grade custody. As digital assets become more integrated into core financial operations, custody systems need to be capable of withstanding disruptions, managing risk, and supporting uninterrupted service.
Operational resilience in custody depends on designing workflows that can withstand disruption while maintaining control, visibility, and service continuity. This includes building in layered access controls, clear escalation paths, and robust monitoring and incident response capabilities. As custody operations increasingly span multiple time zones and jurisdictions, these elements are essential to ensuring secure and uninterrupted performance at scale.
Resilience also involves meeting jurisdictional standards for business continuity and risk mitigation. In regions like the European Union (EU), new regulations such as the Digital Operational Resilience Act (DORA) are setting clearer benchmarks for recovery timelines, control testing, and third-party risk management. Regardless of the underlying technologies used, custody providers must align with these expectations to maintain trust, regulatory compliance, and secure service delivery.
4. Strong governance is essential for institutional trust
Beyond technical safeguards, effective digital asset custody relies on sound governance. This includes clear segregation of duties, independent oversight, and structured reporting lines to reduce the risk of internal collusion or human error. Many regulatory frameworks already reflect these expectations.
Strong governance practices typically involve internal policies that separate custody operations from trading or finance functions, formal training procedures for asset handling, and comprehensive audit trails to ensure accountability across all transaction activity.
5. Custody is key to scaling stablecoin adoption
Stablecoins are increasingly deployed in real-world use cases such as trade finance, liquidity management, and cross-border payments. Enterprise-grade custody is critical to enabling these applications at scale. Custodians must offer integration with existing business systems through intuitive APIs, support for programmable features, and built-in compliance tools such as AML screening and documentation verification.
For example:
In trade finance, custody facilitates real-time collateral tracking, programmable settlement workflows, and transaction traceability.
In cross-border payments, it provides transparency, reduces counterparty risk, and ensures regulatory auditability.
Beyond asset safeguarding, custodians can evolve to support tokenized non-financial documents, including certificates of origin, environmental disclosures, and trade compliance attestations. This capability would be particularly valuable in trade finance, where limited interoperability between digital documents and payment systems remains a key barrier to scaling onchain settlement workflows.
As adoption grows, custody will remain a foundational layer of infrastructure for securing stablecoin activity and enabling digital finance to scale in a secure and responsible manner. A prime example of this regulation-first approach is Ripple USD (RLUSD), a stablecoin issued under a New York Trust Company Charter. This framework provides bank-level oversight, including requirements for reserve asset segregation, independent audits, and full backing by high-quality liquid assets to maintain a one-to-one peg with the U.S. dollar.
Looking Ahead
The workshop underlined the importance of digital asset custody as a cornerstone of institutional trust and digital asset adoption. As use cases expand and regulatory expectations grow, custody infrastructure will need to be resilient, transparent, and adaptable.
Solutions that meet these needs, whether through self-custody, third-party providers or hybrid models, will enable the next phase of stablecoin adoption, tokenized finance and cross-border settlement. Ripple Custody, for example, is designed to support institutions in securely managing tokenized assets while enabling regulatory compliance, operational flexibility, and enterprise-scale integration.
In the next phase, custody infrastructure will also need to integrate more deeply with smart contracts and tokenized documents tied to offchain conditions. This will be important not only for programmable payments but also for enabling full onchain execution of trade flows, conditional settlement, and automated compliance processes. These capabilities will help lay the foundation for a digital financial system that is scalable, interoperable and fit for the new era of finance.
