Broker-dealer obligations and risks in crypto asset custody and crypto-related activities

As crypto markets expand and traditional financial institutions seek to integrate crypto‑related services, the regulatory obligations for broker‑dealers are becoming more rigorous. The Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) have issued a series of statements, frequently-asked questions and guidance documents recently, clarifying how existing securities laws apply to crypto asset securities and non‑securities crypto assets. This article summarizes the current obligations and key risks facing broker-dealers involved in crypto asset custody and related activities. 

Customer protection rules 

Broker-dealer custody obligations under Rule 15c3-3 of the SEC Exchange Act of 1934 requires firms to maintain “physical possession or control” of customers’ fully paid and excess margin securities, with the intention of segregating customer assets from the broker-dealer’s holdings. 

In December 2025, the SEC staff issued a statement to clarify how “physical possession or control” applies to crypto asset securities, which is defined as any digital or blockchain-based asset that meets the definition of a security under the Securities Act of 1933 and Securities Exchange Act of 1934. The statement explains that a broker-dealer may be deemed to have possession if it can demonstrate access, transfer capability on the underlying blockchain and appropriate assessments of distributed ledger technology (DLT) risks. However, the customer protection rule does not apply to crypto assets that are not securities. 

Having issued these statements, FINRA and the SEC withdrew previous statements made in 2019, representing a significant shift away from earlier restrictive views, where there was no clear path of compliance with federal securities laws, in context of the digital asset space.