Skip to main content

Article

Navigating aggregation risk: A key concern for financial institutions venturing into the digital asset space

UK financial institutions are increasingly entering the digital asset sector, driven by advancements in the underlying technology, record-high cryptocurrency prices, and enhanced regulatory clarity. To enter the digital assets market quickly while potentially mitigating risk and conserving resources, these institutions are likely to collaborate with established service providers or custodians.

UK financial institutions are increasingly entering the digital asset sector, driven by advancements in the underlying technology, record-high cryptocurrency prices, and enhanced regulatory clarity. To enter the digital assets market quickly while potentially mitigating risk and conserving resources, these institutions are likely to collaborate with established service providers or custodians.

In this article, “service providers” refers to businesses that offer technology enabling financial institutions to take custody of their own or their customers' assets, while “custodians” denotes entities that hold assets on behalf of financial institutions.

Since insurers already offer coverage for these third parties, financial institutions must address and navigate aggregation risk issues when developing their insurance programmes.

Understanding aggregation risk in the digital assets space

Aggregation risk pertains to the potential for a single event or series of events to trigger multiple claims across a portfolio of insureds. This risk is particularly pronounced in the realm of digital assets due to the limited number of custodians, service providers, and insurers in the space. As financial institutions engage with third-party providers — many of whom are already insured — understanding how aggregation risk influences their insurance coverage is essential for effective risk management.

Options for managing digital assets

Financial institutions entering the crypto space have several options for handling digital assets.

They can develop their own custody solution from scratch. This approach grants financial institutions greater control over the custody process, instilling confidence, and allowing them to mould the solution to their needs.

They can partner with a digital asset service provider that offers a solution for self-custody of digital assets. This allows financial institutions to enter the digital asset space with a robust product, act as custodians themselves, and reduce counterparty risk without needing to make a significant investment in a proprietary solution.

Alternatively, they can outsource custody of digital assets entirely to a third-party custodian. There are many custodians with extensive experience, rigorous controls, and robust insurance programmes.

The importance of addressing residual risk

Utilising third-party services inherently carries the risk of significant breaches. These may arise from latent vulnerabilities in a service provider’s hardware or software, or from breaches at a third-party custodian. Such breaches could be perpetrated by employees of the service provider, custodian, or external parties.

When engaging a service provider, the financial institution typically has responsibility for key generation and storage. In these scenarios, institutions can build substantial insurance programmes, as insurers' aggregation risk is reduced. However, in the event of a direct loss of assets caused by a breach at a custodian, any insurance purchased by the custodian would be shared among all affected parties, meaning that the insurance coverage may not be proportional to an individual financial institution’s risk. Furthermore, a custodian’s policy is unlikely to respond if the financial institution's systems are compromised.

Therefore, it is crucial for financial institutions to understand that they continue to face risks, whether from underinsurance or residual exposure, when utilising custodians. However, securing adequate coverage can be challenging due to the limited availability of digital insurance in the market. Insurers may have already reached their maximum capacity with certain custodians, further complicating the process.

Strategies to navigate aggregation risk

As aggregation issues persist, financial institutions must adopt strategies to effectively navigate them.

To begin with, they need to choose the right custodian or service provider. Conducting thorough due diligence on third parties is essential to fully understand their controls and ensure that their procedures align with the institution’s needs.

Financial institutions must also understand what they are covered for (and not covered for) under a custodian or service provider’s insurance policy. They can then collaborate with a broker to design insurance programmes that take these coverages into account, either topping up their limit of liability or insuring against scenarios that are not covered under the custodian or service provider’s policies.

Marsh’s expertise in navigating aggregation issues

At Marsh, we recognise the complexities of the digital asset landscape and the aggregation challenges faced by insurers and financial institutions. By demonstrating a financial institution’s separation of risk to insurers, we can help alleviate concerns regarding aggregation risk and facilitate meaningful risk transfer.

Marsh’s tailored insurance programmes enable financial institutions to enter the digital asset space with increased confidence through:

  1. Market awareness:  Our extensive market share and digital asset expertise provide unique insights into potential aggregation issues. We leverage this knowledge and our relationships to assist clients in navigating the complexities of digital asset insurance.
  2. Innovative solutions: We offer specialised solutions designed to address the unique risks associated with digital assets.
  3. Bridging digital assets and insurance: Marsh serves as a bridge between the realms of digital assets and insurance, ensuring that financial institutions can effectively manage their risks while exploring new opportunities.

To discuss your specific circumstances and potential risk transfer options further, please contact your Marsh advisor.

Marsh financial services team

The focal point for the delivery of advisory, placement, and consulting services to the financial services sector.

Meet our authors

Dhiren Harji

Dhiren Harji

Digital Assets Client Executive, Financial Institutions

  • United Kingdom