Payments Security

Keeping your bitcoin investment secure

Keeping your bitcoin investment secure. Image: Kevin O'Mara, CC0
Written by Tom Robinson

Elliptic’s Dr Tom Robinson looks at the key things organizations should consider when investing in bitcoin.

Bitcoin’s special cocktail of high volatility, unregulated markets and a global user base initially made it the wild child of asset classes. The total market capitalization of bitcoin is low ($5.5bn), but the trading volume is continuing to grow due to the ‘permission-less innovation’ enabled by bitcoin’s underlying technology, the blockchain.

Banks and governments are becoming increasingly positive about bitcoin and the underlying blockchain architecture. Many financial institutions have conducted research and produced detailed reports on the disruptive nature of bitcoin, while others such as Barclays and UBS have demonstrated positive interest by creating accelerator programs for bitcoin technology companies.

Venture capitalists such as Mark Andreessen draw parallels between bitcoin today and the internet in the early 1990s. Bitcoin’s infrastructure is young, the user experience is lacking, and its value today is based largely on its potential tomorrow. Yet, like the early internet, there is huge promise, and those who can understand that potential and can mitigate the risk are in a position to reap significant rewards.


The certainty and finality of bitcoin transfers is an advantage to many. It’s appreciated by merchants who are often subject to chargeback fraud. If this irreversibility is a concern, the smart contract functionality of bitcoin can be used to provide escrow mechanisms such that payments are not final until approved by a trusted third party.

However, the irreversibility of bitcoin payments also represents a significant risk for those investing in or using this asset. It has to be thought of in the same way as physical cash or gold: once it has gone, it’s almost impossible to recover, which means investors have to be extremely careful about how they keep it safe. There are three key things to consider:

  • storage
  • compliance
  • integration.

Holding bitcoin is all about safeguarding private keys, or passwords. Bitcoins can be thought of as digital bearer instruments or cash. Whoever possesses the private keys has the ability to spend the associated bitcoins, so anyone wishing to hold bitcoins should work with an audited, insured custodian. The best available provide a combination of secure physical locations, military strength encryption, controls and procedures certified to the same standard as a traditional custodian bank, plus comprehensive insurance against loss.

The second concern is AML, as it’s estimated that 5% of all bitcoins have at some point been lost or stolen. However, the transparency of bitcoin makes it tricky to hide stolen funds. Every bitcoin transaction is recorded on a public ledger known as the blockchain. Identities are not recorded here, but advanced data analysis techniques make it possible to assign identities and trace stolen funds through the bitcoin network. As these techniques become more effective, it will become easier to locate and retrieve stolen funds. Bitcoin custodians should provide appropriate due diligence and an audit function to give investors confidence that their assets are legitimate.

The third issue is how to integrate a new digital asset like bitcoin. This can mean onboarding your fund administrator, implementing appropriate controls, and integrating the asset into your account management software. It’s important to offset business risk by working with a bitcoin custodian with a proven track record in providing these services.

All of these issues are now being addressed by the ecosystem that’s rapidly developing to service institutions that wish to diversify into digital assets, including trading tools, trading platforms and custodian services. We can also expect increased intervention from governments and financial regulators, with regulation helping to foster trust in bitcoin and increase user adoption.

About the author

Tom Robinson

Dr Tom Robinson has responsibility for operations, finance and compliance at Elliptic. A founding board member of the UK Digital Currency Association, Tom has advised government and regulators on digital currencies. He previously worked for a leading global consultancy and an intellectual property business investing in technology companies before becoming chief executive of MOF Technologies.

Leave a Comment