Self-Custody vs Exchange Custody: Who Holds Your Keys
BrokerCue

Select your country to see eligible brokers

Account eligibility and broker availability depend on your country of residence. Setting this now allows us to hide brokers that do not accept clients from your country.

Crypto

Self-Custody vs Exchange Custody: Who Controls Your Keys

Jun 2, 2026

A guide to the control mechanisms and risk profiles of self-custody versus exchange custody for digital assets.

The Core Distinction: Key Control

The fundamental difference between self-custody and exchange custody lies in who holds the private keys. Private keys are cryptographic strings that grant access to and control over digital assets on a blockchain. In a self-custody arrangement, the user generates and stores these keys, typically on a hardware device, software wallet, or paper backup. This setup grants the individual full authority to move funds without seeking permission from a third party. Conversely, in exchange custody, the trading platform holds the private keys on behalf of the user. When a user buys an asset on an exchange, they are often purchasing a claim against the platform's internal ledger rather than direct ownership of the asset on the blockchain.

Responsibility and Operational Risk

Choosing self-custody shifts the entire burden of security and recovery to the individual. If a user loses their private key or forgets their recovery phrase, the assets are generally irretrievable. There is no customer support team to reset a password or restore access. This model requires a high degree of technical diligence, including secure storage practices and protection against phishing or malware. Exchange custody, by contrast, offloads these operational risks to the platform. Users benefit from standard account recovery processes, two-factor authentication managed by the provider, and the convenience of instant trading. However, this convenience introduces counterparty risk. If the exchange faces insolvency, operational failure, or a security breach, users may face delays or total loss of access to their funds, regardless of the underlying blockchain's security.

Regulatory Context and Investor Protection

The regulatory landscape for digital assets varies significantly by jurisdiction, and the level of protection differs between custody models. In regions with established frameworks, such as the EU under MiFID II or the UK under FCA rules, regulated exchanges may be required to segregate client assets or hold specific insurance coverage. These measures aim to protect users if the firm fails. Self-custody generally falls outside the scope of these financial compensation schemes. While the blockchain itself remains immutable and secure, the user has no recourse against a third party if they make an error. In the US, the distinction between securities and commodities further complicates the regulatory environment, but the principle remains: holding your own keys means you are your own bank, with no deposit insurance or regulatory safety net.

Security Threats and Mitigation

Both models face distinct security threats. Self-custody is primarily vulnerable to user error, device theft, and social engineering attacks targeting the individual. A compromised recovery phrase can lead to immediate and total loss of funds. Exchange custody is vulnerable to systemic risks, including large-scale hacks of the platform's hot wallets, internal fraud, or regulatory seizures. While exchanges invest heavily in security infrastructure, they remain high-value targets for attackers. Users must weigh the risk of their own potential mistakes against the risk of a centralized entity failing. Diversification strategies, such as keeping only trading capital on an exchange and the majority of holdings in self-custody, are common approaches to managing these competing risks.

Selecting a Broker or Platform

When evaluating a broker or trading platform, investors should examine the custody model as a primary factor. Look for clear disclosures on whether the platform holds assets in cold storage, if they offer proof of reserves, and how they handle user keys. Understand that using a service does not guarantee ownership of the underlying asset in the same way as holding a private key. The choice between self-custody and exchange custody depends on an individual's technical capability, risk tolerance, and need for liquidity. Regardless of the path chosen, understanding who controls the keys is essential for managing exposure and protecting digital wealth.

Featured in this guide

Crypto brokers related to this guide

Browse all brokers →
ACY Securities

ACY Securities

Investors seeking stocks, ETFs, forex and CFDs

ASIC FSCA
Stocks ETFs Forex CFDs Crypto

ACY Securities is an ASIC-regulated forex and CFD broker founded in Australia in 2011, offering 2,200-plus instruments across MT4, MT5 and its proprietary LogixTrader platform.

  • ASIC-regulated primary entity with segregated client funds
  • Raw spreads from 0.0 pips on ProZero and Bespoke accounts
  • Over 2,200 instruments including share CFDs, forex, indices, commodities and crypto
ADSS

ADSS

Investors seeking stocks, ETFs, futures and forex

SCA
Stocks ETFs Futures Forex CFDs Crypto

ADSS is a UAE-based multi-asset broker founded in 2011, offering CFDs on forex, indices, stocks, commodities, crypto and bonds via MetaTrader 4 and its proprietary ADSS platform.

  • Low $100 minimum deposit on Classic account
  • Commission-free trading on Classic and Elite accounts
  • Over 1,000 CFD instruments across multiple asset classes
ATC Brokers

ATC Brokers

Investors seeking forex, CFDs and crypto

FCA CIMA
Forex CFDs Crypto

ATC Brokers is an FCA- and CIMA-regulated ECN/STP broker founded in 2005, offering forex and CFDs via MetaTrader 4 with a proprietary MT Pro plugin.

  • Regulated by FCA and CIMA
  • FSCS protection up to £85,000 for UK clients
  • ECN/STP execution with no dealing desk