Peter Hofmann, the CEO of Custodigit, a joint venture between Swisscom and Sygnum offering an investor-grade custody solution targeting regulated financial institutions.
Peter is also a Board observer at Metaco SA and a mentor to London & Partners. He has worked in a different senior position in the financial service industry for companies like Cap Gemini, KPMG, IBM, PostFinance and several startups before.
He has a long-lasting experience in the interception between financial services, technology and innovation in different roles.
Custodigit was founded by Swisscom and Sygnum in 2018. Could you begin by detailing who Swisscom and Sygnum are?
Swisscom AG is a major telecommunications provider in Switzerland with its headquarters located in Bern. 51% of Swisscom is owned by Swiss government. Swisscom actively supports the fintech space in Switzerland and believes that financial industry will change significantly in the next 10 years due to emergence of disruptive business models in fintech start-ups. Swisscom wholeheartedly believes that in the future financial sector will rely heavily on usage of artificial intelligence in combination with blockchain technology. Swisscom owns 75% of Custodigit.
Sygnum is the world’s first regulated Digital Asset bank headquartered in Switzerland and Singapore and operating globally. Sygnum has received its Swiss banking license in September of 2019 and the bank enables its clients to invest in digital assets in a secure and convenient way with a complete trust. The services provided by Sygnum include institutional-grade custody built by Custodigit, with a fiat-digital asset gateway, brokerage, B2B banking services and lombard loans. On 18th of September 2019, Sygnum’s first customer transactions were publicly recorded on the two most important blockchains, Bitcoin and Ethereum.
You’ve been a Senior Manager at Swisscom since 2009. Why did Swisscom believe that the time was right to enter the custody space and launch Custodigit?
Swisscom has been perusing the digital asset space already for several years. In 2017, we have all witnessed the rising demand in the crypto currency space, the ICO boom and stagnation of the market in the beginning of 2018. Even though, the space was not regulated, it has clearly depicted the capabilities of technology and how it could simplify our daily lives. Swisscom and us, we strongly believe that future lies within the digital asset space and by 2027 digital assets will represent a paramount chunk of global GDP. In addition, we see rising interest from financial institutions such as banks and asset managers who would like to enter the digital asset space. In Germany, BAFIN with its current regulatory initiatives acts as another trigger point for the market as well. As far as we heard more than 55 players expressed their interest in the new Crypto license. If we analyze the current digital asset financial market infrastructure we observed that there is a lack of institutional grade market infrastructure and inefficiency. Custodigit’s vision is to support the set-up of an institutional grade market infrastructure for crypto currencies as well as tokenized assets.
Custodigit provides secure access to and storage of digital assets through an institutional investor-grade custody solution. Why is this important for financial institutions?
Institutional investors continuously express their interest in digital asset space and several banks have started taking steps that would enable them to provide their clients with crypto offering. The custody and trading part has always been a challenge for financial service providers. Custodigit provides an institutional grade ‘Bank in Box’ platform to regulated financial service providers, so that they are able to offer Crypto Currencies as well as Digital Assets to their customers without high up-front investments and a short time to market. For financial institutions it’s important that they have the necessary functionality in order to run their business processes (e.g. Settlement) in an automated way to ensure efficient, secure and compliant business process. In order to reduce their supplier risks, financial institutions need an enterprise ready platform which is audited and provided and operated by a trustworthy and stable organization. This is exactly what Custodigit is providing together with Swisscom who is very experienced in operating highly security sensitive banking infrastructure.
Could you discuss some of the cybersecurity risks that currently exist for digital asset custody solutions?
There are various cybersecurity risks associated with digital assets and two of them are highly imperative to take into account.
- Storage of private keys: Numerous crypto enthusiasts store their private keys on their laptops. It is easy for hackers to access this information and once the key is stolen, it is impossible to get the funds back. Once you lose your key, you lose your investments permanently.
- Exchanges being hacked: Currently majority of crypto exchanges are not regulated and due to that they do not have same level of governmental oversight and auditability as traditional regulated institutions. During the past several years, numerous exchanges have made headlines because of security breaches. Coincheck had more than USD 550 million worth of crypto stolen by hackers. Bithub lost around USD 30 million of its clients digital asset holdings. Custodigit is working closely together with security and audit experts in order to provide an institutional grade Digital Asset platform and is using the proven infrastructure of Swisscom.
What are some of the measures that have been taken by Custodigit to protect clients from these cybersecurity risks?
At Custodigit, we take the matters related to security very seriously. Custodigit spared no time and energy to define an end-to-end security framework developing a holistic view on risks and systematically designing redundant countermeasures. Wherever possible, Custodigit adopted the highest security standards and went an extra step to have its procedures and infrastructure audited (ISAE certification). As a company, we are obliged to comply with Swisscom’s strict security framework. The policies we have in place ensure that no individual, team or organization is able to compromise the security of the assets: strict segregation of duties and responsibilities, minimum 4-eyes check for all critical activities, regular controls of personal activities and backgrounds, different cryptographic libraries for addressing risks associated to zero-day attacks.
Each transaction is approved by multiple individuals or groups of individuals.
Could you discuss some of the key core features that are currently available to Custodigit clients?
We would like to emphasise that our target market is regulated financial institutions such as banks, exchanges etc and our platform offers all the required business functionality to provide a digital asset market service offering. Our platform enables the clients to buy, sell, transfer in / out digital assets (end-to-end). It can be integrated with any core banking system. In addition, we support smart order routing to various liquidity providers such as brokers and exchanges. From security perspective, the security system is audited with ISAE 3402 and 3000 and ISO 27001 and 2000 certificates. Currently we support following digital assets – BTC, ETH, XRP, BCH, ERC20. Our platform can be white labeled with adaptable user interface and APIs or available as a SaaS service.
What are some of the clients or banks that you are able to discuss that currently use Custodigit custody solutions?
As you are aware, currently we have bank Sygnum as a client. They are using our full solution including custody and brokerage. We are currently in negotiations with other regulated financial institutions located in Europe. Unfortunately we cannot disclose names yet. We have also signed a deal with one of the biggest reinsurance companies for provision of insurance coverage for digital assets. Our goal is to solidify our base in Switzerland and Germany and expand globally.
Are there any types of restrictions on the type of digital assets that Custodigit offers custody services for?
Currently we support following digital assets: BTC, ETH, XRP, BCH, LTC, ERC20. We usually select digital assets based on our customer’s request. We do not have specific restrictions; however prior offering a digital asset on our platform, we do our due diligence. If we believe that the digital asset could in any form or shape harm our reputation within the market, we refuse to offer it. Based on our market observations those are relevant digital assets for financial institutions. Currently, Custodigit is expanding is platform in the direction of tokenized assets as well.
Is there anything else that you would like to share about Custodigit?
We are Swiss based company and we strongly adhere to Swiss banking industry practices. We strongly believe in importance of reputation and protection of clients’ funds. Since Swisscom is our major shareholder, we have to take security framework very seriously and ensure that our clients’ funds are stored safely. Safety and regulation are in Custodigit’s DNA.
Thank you for the great interview, readers who wish to learn more should visit Custodigit.