The Full Stack Custody Solution for Fund Management Companies

Posted on Dec 10, 2021 | BLOG


CYBAVO’s full-stack digital asset custody solution, developed by cybersecurity veterans, offers asset managers and funds a platform to achieve frictionless adoption of crypto assets with a focus on digital asset security and regulatory compliance.

The complete risk management measures for crypto assets 

When it comes to risk management, we are well aware that there are many aspects that need to be accounted for. Our experienced team has delivered a solution that has them all covered–from operational, to regulatory, to cybersecurity, to asset loss risks.

Operational risks:

CYBAVO’s platform implements strong authentication mechanisms to reduce phishing attacks and identity theft. To mitigate the risks of malicious operations, we also enforce wallet operation policies like transaction limits, segregated user roles and permissions, required whitelisting of outgoing addresses, and multi-level threshold signature mechanisms. Combined, these policies mitigate risks caused by human error and malicious behavior.

Regulatory risks:

CYBAVO VAULT offers different mechanisms to facilitate compliance requirements like:

  • Active AML/CFT monitoring and quarantining for deposits and withdrawals
  • Different user roles and permissions (including an auditor role)
  • Immutable transaction and access logs

Cybersecurity risks:

We address cybersecurity risks with a distributed responsibility key management model, using the most robust and tested cryptographic algorithms like RSA and technologies like MPC. Hosted in a zero-trust, secure-by-design platform, our platform also holds NIST cryptographic certification and ISO 27001 security certifications. 

Asset loss risks:

To deliver the most comprehensive solution, our platform is insured by a top-tier S&P AA-rated global re-insurance company, with a policy to cover asset theft caused by external cyber-attacks or other events. 

Active AML/CFT monitoring of Crypto assets 

Through our experience in working with VASPs, we understand that a main concern is to avoid becoming the trading platform of choice for hackers or dark web users. There must be rules and mechanisms in place to stop nefarious actors from transferring funds using your platform, since this might cause addresses within your own platform to be flagged or blocked as a suspicious source of funds. The situation may also arise that you have inadvertently helped transfer funds associated with illicit activities in the past, and are now being held accountable for the trouble.

CYBAVO’s solution offers active incoming and outgoing transaction risk monitoring. The AML/CFT analysis gathers the most up-to-date intelligence information from different sources such as OFAC, the FBI, and other intelligence partners, to detect addresses related to malware, mining software, ransomware, the dark web, money laundering and other fraudulent or terrorist activities.

Transactions flagged as suspicious or related to these crimes will be halted and quarantined by our solution, while platform operators are notified of the risk, allowing them to manually decide how to proceed. With this feature, VASPs can be fully aware of any suspicious activity happening on the platform, eliminating the possibility of becoming a safe haven for illicit transactions.

Secure your crypto assets from the bottom up

CYBAVO’s team of cybersecurity veterans has built a robust and secure solution from the base. 

From the encryption scheme used to protect private keys, to the OS on which the systems run, to identity management with MFA, CYBAVO’s defense-in-depth approach greatly reduces the risk of hacking attempts. 

In addition to running on a tailor-made hardened OS, our systems reside in a sandboxed environment to mitigate a potential DoS attack. IPS/IDS deployment also ensures that all layers are secured up to the transaction level.

The solution implements multi-factor authentication (MFA) via a mobile authentication app. The application leverages email, PIN code, and current mobile generation biometrics like fingerprint ID and facial recognition to ensure that no one can impersonate you.

CYBAVO has designed a unique encryption scheme to protect your private keys. By combining the most reliable encryption techniques with a robust decentralized architecture, it eliminates any single point of failure that could compromise your private keys. Your private keys can remain securely encrypted on your premises.