- SEC outlines how broker-dealers can prove custody of blockchain-based securities.
- New rules demand strong key controls and strict reviews of distributed ledgers.
- Guidance follows 2025 policy shifts, enabling broader institutional crypto adoption.
The SEC has released a fresh staff statement that attempts to settle a long-standing question for Wall Street firms edging toward digital-asset markets: What does “custody” actually mean when the security sits on a blockchain rather than in a vault or at a clearing agent?
SEC Issues New Rules for Broker-Dealer Crypto Custody (Source: X)
The announcement, shared publicly through the SEC’s channels, lands at a moment when interest in tokenized instruments is beginning to shift from pilot programs to production systems, and firms are pressing for boundaries they can rely on.
Clarifying the Customer Protection Rule for Crypto Securities
The update focuses on one slice of Rule 15c3-3, the portion requiring broker-dealers to keep full possession of a customer’s fully paid or excess-margin securities. However, the SEC’s new direction focuses narrowly on paragraph (b)(1) of the rule and explains how its requirements apply when the security exists on a blockchain rather than in a paper-based or traditional digital system.
According to the statement, firms may treat a crypto asset security as being in their possession if they can directly access and move it on the relevant network. Yet, to meet this threshold, the SEC states that firms must conduct meticulous assessments with a detailed expectation: broker-dealers must scrutinize the underlying distributed ledger, understand how it records transfers, and weigh whether the network’s structure introduces risks that could undermine customer protection.
If a review uncovers major weaknesses, such as compromised consensus mechanisms, network instability, or unmitigated security flaws, the SEC concludes that a broker-dealer cannot be deemed to have possession of the customer’s asset. The statement clarifies that only significant risks disqualify possession status, maintaining focus on factors that genuinely threaten operational integrity.
New Obligations Around Policies, Controls, and Private Keys
The statement then shifts into the operational demands that sit beneath that legal threshold. The SEC expects broker-dealers to maintain written policies tuned to the distributed ledger they rely on. These policies are not meant to operate as checklists but as active frameworks that can flag structural or security weaknesses early.
Additionally, private keys, long recognized as the heart of blockchain custody risk, receive pointed attention. The SEC underscores that broker-dealers must protect these keys with systems strong enough to shut out everyone, including customers and third parties. Control of the asset, under this framework, depends entirely on control of the keys.
The SEC also adds a layer that traditional custody rarely needed to consider: disruption planning. If a blockchain stalls, forks, or becomes inaccessible during a critical window, broker-dealers must still be able to secure and ultimately deliver customer assets. The agency expects detailed procedures for those scenarios, along with guidance for periods of operational distress, including bankruptcy situations.
Building on the Regulatory Reset of 2025
The statement did not emerge in isolation. The SEC and FINRA once held a firmer, more cautious stance on digital-asset custody, laid out in a 2019 joint bulletin that effectively froze broker-dealer involvement.
However, that earlier guidance was pulled back in 2025, opening the door for the agency’s more modern interpretation of how long-standing securities rules fit with distributed-ledger systems. Shortly after the withdrawal, the SEC issued a wide-ranging FAQ package addressing crypto asset activities.
Those materials made an important distinction: the Customer Protection Rule, for instance, applies only to crypto assets that qualify as securities, trimming away much of the ambiguity that had slowed industry momentum. The new statement extends that trajectory, shifting from definitional clarity to operational detail.
Implications for Broker-Dealers and Institutional Adoption
The industry has been waiting for a clearer path. Tokenization pilots have multiplied, yet many stalled when firms reached the custody question. With the SEC now outlining what possession looks like in practice, broker-dealers have a more workable framework for designing their systems.
Traditional firms and digital-asset specialists alike are expected to study the document closely in the coming weeks as they refine network assessments, custody controls, and key-management processes. The SEC’s direction does not reinvent the existing rulebook; instead, it bends decades-old investor-protection principles toward a technology that no longer resembles the markets the rules were built for.
