W3TS Recap: Securing Digital Assets— Trust in Custody Solutions

Why business viability matters as much as investor protection

How do you build custody infrastructure that's both secure enough for institutions and flexible enough for emerging use cases? 

We concluded the 2025 Summit with experts coming together to tackle this fundamental question. The discussion, moderated by Dea Markova (Director of Policy, Fireblocks), also featured:

• Giorgia Pelizzari (Chief Product Officer and Head of Custody, Hex Trust)
• Andrew Vranjes (Chief Revenue Officer, Blockdaemon)
• Eugene Cheung (Chief Commercial Officer, OSL) and
• Ethan Wang (CEO, Liquidity Tech),

Hong Kong has built robust custody frameworks, but the challenge isn't writing rules— it's writing rules that allow businesses to operate at scale while technology evolves.

The confidence equation

Talking about what institutions today seek the most, Giorgia Pelizzari of Hex Trust said,

“When people think about digital assets, it's easy to think about uncertainty, risk, and complexity. Hex Trust has been working to make institutions feel confident."

Confidence comes from technological security and regulatory clarity. But digital asset custody is fundamentally different from traditional custody. A token doesn't sit in a vault. It exists on-chain, can be staked for yield, used as collateral, deployed in smart contracts, or employed for governance voting.

This represents an inflection point for institutions who are venturing further into the space. Eugene Cheung of OSL reaffirmed this shift,

"We definitely see a lot more institutions coming. We've been involved in active conversations with security brokers and banks about crypto assets, blockchain as payment infrastructure and real-world assets (RWAs)."

The infrastructure is ready. Licensed players are prepared. But regulatory frameworks designed for static asset storage struggle with dynamic on-chain activity.

When protection becomes a constraint

Perhaps the panel's most important insight came from Giorgia's regulatory design philosophy:

"Why are we discussing digital assets? Because they're not going to go away. Regulation needs to enable businesses and allow them to actually operate in a way that's feasible. Business viability and investor protection are the two key factors to keep in mind when crafting regulation."

Eugene shared the operational reality:

"At the very beginning, around 98% of assets had to be held by Hardware Security Modules (HSM). The regulators are still not very comfortable with multi-party computation (MPC). We're working with staking providers—it's a long education process."

This reveals a circular dependency: licensed entities invest heavily in compliance infrastructure, but overly restrictive requirements can make the business economically unviable. The result? Innovation happens elsewhere, and Hong Kong's early regulatory leadership becomes a competitive disadvantage.

Stablecoins as the test case

Stablecoins have emerged as the proving ground for whether custody frameworks can accommodate real use cases. It isn’t just about payments; stablecoins are revamping the entire financial infrastructure. Out of all digital assets, stablecoins are best positioned to be the link between the financial system that we know today and the open blockchain financial system that will probably become the de facto system tomorrow.

Andrew Vranjes of Blockdaemon described the institutional demand for stablecoins:

"Our largest customers are asking for broader earn strategies. We acquired a DeFi connectivity company with 170-odd endpoints—partnerships with Aave, Morpho, Circle, Tether—offering institutions earn and yield in an extremely compliant framework."

But earning yield on stablecoins requires decentralized finance (DeFi) protocol interaction. Governance requires signing blockchain transactions. Settlement requires programmability. These aren't auxiliary features, but core value propositions.

Integrating custodians into governance by having them serve as independent third-party co-signers in stablecoin minting transactions can go a long way in enhancing trust and security. This added oversight ensures that every minting transaction undergoes thorough assessment, confirming that the amounts being minted are accurate and authorized. 

The technology neutrality imperative

Dea Markova of Fireblocks articulated the core principle behind technology neutrality:

"When you force a technology choice, you create false security because you focus on that choice and get your eye off other vulnerabilities."

Regulators want to mandate specific security technologies, be it HSMs or particular custody models. But digital assets evolve rapidly—MPC technology improves, new architectures emerge, and DeFi protocols create new patterns.

Rules that pick technological winners ossify around potentially inferior solutions and shift focus from outcomes (are assets secure?) to inputs (are you using approved technology?).

What coordination requires

Eugene suggested creating a special task force with the Hong Kong Monetary Authority (HKMA), Securities and Futures Commission (SFC), and various departments to address issues holistically rather than forcing businesses to navigate multiple regulatory siloes.

Ethan Wang of Liquidity Tech wished for regulated brokers to be allowed to share liquidity between Hong Kong and overseas pools, establishing DeFi regulatory clarity. This points to the coordination challenge across multiple panels.

Hong Kong built first-mover advantage through early regulatory clarity. Maintaining that advantage requires frameworks that enable rather than constrain business models, especially as use cases expand beyond simple custody into staking, DeFi, and programmable settlement.

Infrastructure is ready and the institutions are coming. The question is whether regulatory frameworks can evolve as fast as the technology they're securing.