Why it matters
Bitcoin custody involves real risks: security breaches, insider theft, operational errors, and technical failures. Insurance provides a financial backstop when preventive controls fail. For institutional holders and high-net-worth individuals, insurance coverage is often a requirement for fiduciary compliance or risk management policy.
However, insurance is not a substitute for sound custody practices. It is the last line of defense, not the first.
Types of coverage
Crime/theft insurance: Covers losses from external hacking, social engineering, or employee dishonesty. This is the most common form of bitcoin custody insurance.
Errors and omissions: Covers losses resulting from operational mistakes or negligence in custody procedures.
Cold storage coverage: Specifically covers bitcoin held in offline storage, often with different terms than hot wallet coverage.
Directors and officers (D&O): Protects company leadership from personal liability related to custody failures.
What to evaluate
Coverage limits: Total amount the policy will pay. Many policies have limits far below total assets under custody.
Exclusions: What the policy does not cover. Common exclusions include acts of war, government seizure, and losses due to protocol vulnerabilities.
Proof requirements: What evidence is required to make a claim. Bitcoin losses can be difficult to document.
Counterparty strength: The financial stability and claims-paying history of the insurer. Specialized crypto insurers may have less capacity than traditional carriers.
Hot vs cold allocation: Some policies cover only cold storage or have different limits for hot wallet losses.
Limitations
Insurance cannot fully protect against all custody risks:
- Policy limits may be a fraction of total holdings
- Claims processes can be slow and contested
- Systemic events may overwhelm insurer capacity
- Some loss scenarios may fall into exclusions
- Insurance markets for bitcoin remain immature
