A Crypto Review of the CFP® Curriculum: Risk Management and Insurance Planning (Part 3 of 8)
In regard to the Risk Management and Insurance knowledge domain, an interesting dichotomy is that many investors are attracted to cryptoassets due to the decentralized nature of the asset class (some due to a distrust of government, banks, etc.). At the same time, some of these same investors are concerned about asset loss due to unregulated criminal activity, their own ability to remember or store passwords, or the transfer of cryptoassets in their estate plan. This has led to a demand for secure password storage solutions, discussion of regulation around criminal behaviors, and insurance solutions to a system that was initially designed to be decentralized. Advisors will need to become more familiar with this new landscape and coach clients on the importance of protecting this asset class for generations.
When it comes to cryptoassets, many RIAs and their financial advisors identify regulatory clarity as the biggest area of concern. Registered Investment Advisors have a fiduciary responsibility to manage client assets with the utmost care and prudence. Being aware of the regulatory oversight and compliance requirements provides the baseline against which they make investment management and financial planning decisions.
While widely considered to be a grey area, the SEC has provided financial advisers with baseline information to prepare their practice for the future of wealth management, most notably through their February 2021 Risk Alert. The SEC outlined six main areas of risk they will be examining specific to financial advisors. These include portfolio management, books and records, custody, disclosures, pricing client portfolios, and registration issues. While this asset class has seemingly become top of mind for regulatory agencies such as the SEC and CFTC in recent years, there has not been definitive guidance provided on whether stablecoins and altcoins are securities, how various DeFi products and projects will be regulated, and which agencies will be responsible for oversight of different areas within the ecosystem.
With the above information in mind, it’s easy to see why many advisors might view the regulatory environment as opaque. Information on cryptoasset custody, investor protections, the future of DeFi regulation, exchange regulation, stablecoin regulation, and other areas of the crypto economy are subject to change and further regulatory scrutiny. That being said, there have been ongoing discussions amongst regulatory agencies regarding what the future of cryptoasset regulation might look like. As the landscape continues to evolve and more clarity is provided, financial advisors should remain informed of regulatory changes that could have a material impact on their clients and their business as they would with any other asset class.
Principles of Risk and Insurance
In traditional finance, the majority of entities that advisors and clients engage with are insured by government organizations and/or self-regulatory organizations. One of the most well known of these organizations is the Federal Deposit Insurance Corporation (FDIC). The FDIC insures deposits in member banks up to $250,000 per ownership category. In the investment category, The Securities Investor Protection Corp. (SIPC) guarantees up to $500,000 per brokerage account in securities, of which $250,000 can be cash holdings. Organizations such as the SEC, FINRA, and a handful of others maintain investor confidence in the investment industry by protecting against fraud and regulating member firms.
Large cryptoasset custodians have implemented solutions to help protect their customers from loss in a variety of ways. Coinbase, for example, carries crime insurance that protects a portion of cryptoassets held across their storage systems against losses from theft, including cybersecurity breaches. However, since cryptoassets are not considered “legal tender” they are not subject to FDIC or SIPC protections at this time. Cash accounts at these custodians tend to be treated differently than cryptoasset holdings; in Coinbase’s case, for example, they will combine U.S. customer funds in a pooled custodial account. These custodial accounts are held at one or more banks insured by the FDIC. This allows cash accounts to be “pass-through” protected by the FDIC.
A similar approach to the above has been put in place at Gemini. U.S. dollars in a Gemini account are eligible for FDIC insurance, using the “pass-through” method. Gemini also maintains commercial crime insurance for cryptoassets that they custody in “hot” wallets. This protects cryptoassets from a hack, fraudulent transfer, or employee theft.
At both Coinbase and Gemini, these insurance policies do not cover losses resulting from unauthorized access to a user account, including if a password is compromised. It is important to note that stolen cryptoassets, lost private keys, or cryptoasset being sent to the wrong address are generally not tax-deductible. This is due to tax law changes regarding casualty and theft with the passing of the Tax Cuts and Jobs Act in 2017.
It is vital for advisors and their clients to have an understanding of what is covered in the event of a security breach. There are many crypto custodians, exchanges, and wallets that offer no protection for cyber crime in any form. As cryptoassets and DeFi continue to evolve, this information is subject to change; financial advisors should make a concerted effort to remain abreast of changes in the aforementioned policies as the asset class matures.
As trusted fiduciaries, and to truly act in the best interest of clients, financial advisors should become well versed on the various methods of cryptoasset storage. There are a number of wallet applications and exchanges for storing keys. Given the importance of public and private keys, ensuring their proper storage is critical to protect against the loss or theft of cryptoassets. Wallets are either “hot,” meaning they are connected to the internet, or “cold,” meaning the cryptoassets are held offline. Within that framework, there are two main wallet categories: custodial and non-custodial.
Participation in the cryptoasset markets can be accomplished via cooperation with a third party made responsible for the safekeeping of your keys and, in turn, your assets. When purchasing and subsequently storing cryptoassets with a crypto exchange, investors are issued their public and private keys, with the private key typically being managed by the exchange; investors have the option to hold their assets on the exchange in hot storage or offline in cold storage, through the options below.
Crypto exchanges such as Coinbase, Gemini, Binance, and Kraken (these four all operate as exchanges, brokers, and custodians at the same time), provide investors with a simplified web-based solution for investing. Storage of keys can be managed through wallets installed on a computer or mobile device, i.e. in “hot storage” connected to the internet. Ease of accessibility via a computer or smartphone allows for swift transfer of funds; for this reason, software wallets are commonly used by investors who trade cryptoassets on a regular basis. Keeping private keys at the exchange is also convenient and relieves investors of the risk of losing their keys, but custodial software wallets are considered one of the least secure storage options available. If an exchange is hacked, or if a phone is hacked, your cryptoassets are susceptible. Many investors choose to overlook the shortcomings of custodial wallets in exchange for their convenience.
Firms such as Coinbase, Gemini, and Fidelity offer cold storage via standalone custody solutions. Cold storage eliminates the hacking risk that comes with holding assets directly on an exchange, as the cryptoassets are taken offline. By working with a third party to store assets offline, investors eliminate the risks that come with self custody – forgetting their passcode, thus risking the loss of their assets forever. While cold storage is a more secure option for investors, it is less convenient for transferability as the assets must be brought back online for any transactions. For this reason cold storage, whether done in cooperation with a custodian as stated above or done independently, is best suited for those who wish to buy and hold their cryptoassets for the long run rather than regular trading.
Non-Custodial wallets allow investors to self custody their cryptoassets, meaning that they cut out third parties and maintain self sovereignty by being in full control of their keys and their crypto. It is the responsibility of the investor to select their preferred method for secure storage, and remember their private key.
Investors can purchase a hardware wallet, which is a physical device for storing cryptoassets offline. Hardware wallets typically take the form of a USB stick lookalike, the most common brands being Ledger or Trezor. When purchasing a hardware wallet, an investor receives their public and private keys, giving them autonomy and responsibility over the crypotassets. Private hardware wallets also issue investors a seed phrase as a way to derive the private key. This seed phrase must not be lost because without it wallets, private keys, and ultimately cryptossets cannot be recovered and the investor risks losing their cryptoassets forever. It is recommended to store the seed phrase in a safe location such as a safe or safety deposit box, and to have a backup storage option. Hardware wallets provide investors with a high level of sovereignty, as wallet users have control over where their keys and assets are stored. Since hardware wallets are not internet-based, it removes susceptibility to internet hacks. When choosing self custody such as a hardware wallet or software wallet, keep in mind that there is traditionally no insurance nor customer support team to report to in this space if your assets are stolen. With increased security comes decreased convenience for investors who wish to move assets swiftly and frequently; hardware wallets are commonly used by investors who plan to hold their cryptoassets over a long time period.
Non-custodial software wallets differ from their custodial counterparts as they do not require participation of a third party responsible for safekeeping of your private key. Storage of keys can be managed through wallets installed on your computer or mobile device, such as Metamask, Phantom, or Exodus. As with hardware wallets, investors are independently responsible for the safekeeping of their private key and seed phrase. Since keys are stored on a device, software wallets are technically susceptible to hackers. However, the ease of accessibility via a computer or smartphone allows for swift transfer of funds should the need to do so ever arise. For this reason, software wallets are commonly used by investors who trade cryptoassets regularly. They offer the convenience of being online, without the added risks involved with having a third party manage your private key.
The storage method for cryptoassets is an extremely important decision for investors, and suitability should be determined on a case-by-case basis. Financial advisors investing on behalf of clients or providing guidance on held away assets must consider the pros and cons of each option including the level of security, compliance, and reputation of the digital wallet company or exchange. The added nuance within the cryptoasset space allows financial advisors to educate clients and prove themselves as a valuable resource when navigating this burgeoning asset class. Whether an advisor has clients who are currently invested in cryptoassets, or simply has clients who wish to invest in the future, staying well informed of the solutions available leaves them better equipped to serve the best interest of their clients.
Personal Insurance for Cryptoassets
As the crypto market grows, the need to insure these assets will grow alongside the industry. Most crypto investors are unaware of whether their cryptoassets are covered by any of their existing policies. This is an area in which advisors can assist their clients in understanding whether or not they are covered.
In 2018, an Ohio court ruled in favor of a crypto investor who had crypto stolen from a private online wallet. The case, Kimmelman vs. Wayne Insurance Group, led to discussion around what constitutes “property” in a traditional homeowner’s policy. Since the Internal Revenue Service classifies virtual currency as “property” the court allowed Kimmelman to claim the full $16,000 loss of cryptoassets that were stolen from his online account. Given the media attention the case received, it is likely that many homeowners policies specifically exclude cryptoassets. However, this is an area that advisors can examine on behalf of their clients to see if cryptoasset theft could be covered.
Separate from the traditional insurance world, a few startups are developing insurance solutions built on blockchain technology. One of these solutions is Nexus Mutual, which facilitates a form of pooled risk protection in relation to smart contracts. As a discretionary mutual company, Nexus Mutual doesn’t currently approve or reject claims according to conditions like a regular insurance company would. Instead, this is decided by members participating in the Claims Assessment process. Members can decide to pay claims as they wish, which typically includes members applying their discretion in a positive way. This could include paying claims that may be declined according to strict terms and conditions but where there is a genuine loss.
Platforms such as Naymes are designing digital contracts on the blockchain for crypto insurance. In the future, this could allow for an open market of insurance contracts across all areas of risk. The contracts would be issued on-chain, allowing the insurance contracts to be transparent and tradable between market participants. As personal insurance solutions are developed in the crypto space, advisors will need to be aware of what options are available to clients who hold substantial value in cryptoassets. Due to the important role of investment insurance, this is likely to be one of the fastest growing industries in crypto over the next decade.
Access the Full Report
Our full report is available for all Onramp Academy users. The intent of the report is to provide financial advisors with a resource to compare their current credentials with the potential credential curriculum of the future. The report is 55 pages in length and includes cryptoasset commentary on each of the eight sections of the CFP® exam (including the newly minted Psychology of Financial Planning section). In our opinion, it’s a must-read for every financial professional as the space evolves in the digital realm!
If you are not an Academy member, use the form below and we will email you the report.
As always, educate before you allocate!
With gratitude, Your Onramp family