Infrastructure Requirements for On-Chain Settlement and Custody: An Institutional Readiness Guide

TL;DR

• Custody is the gateway decision: a qualified custodian, self-custody with MPC/HSM, or hybrid co-custody.
• Settlement on public chains can reach T+0 through atomic delivery-versus-payment (DvP), versus T+1 or T+2 in legacy markets.
• Validator uptime affects settlement finality whenever tokenized assets sit on Proof-of-Stake networks.
• Compliance tooling covers the FATF Travel Rule, sanctions screening, and AML monitoring.
• Everstake supplies the validator layer only, holding SOC 2 Type II, ISO 27001:2022, and NIST CSF 2.0, and integrates with custodians such as Taurus, Colossus Digital, Utila, and Paribu Custody.

Everstake is a non-custodial validator that has run Ethereum staking infrastructure since the Beacon Chain genesis, and it works with custodians evaluating on-chain settlement readiness. This guide maps the technical, operational, and security foundations an institution needs to participate in on-chain settlement infrastructure reliably.

The institutional on-chain settlement anatomy

On-chain settlement infrastructure for institutions is built from five components, each with distinct owners and controls. An asset manager, custodian, or bank digital-asset team should map every component before moving assets on-chain.

Component	Function	Typical owner	Key requirement
Custody	Holds keys and assets	Qualified custodian or self-custody desk	Key security, segregation
Settlement	Moves assets between parties	Smart contracts, settlement networks	Atomic DvP, finality
Validator	Secures PoS networks	Validator operator (e.g., Everstake)	Uptime, geographically redundant infrastructure
Compliance	Screens and reports transfers	Compliance team plus tooling	Travel Rule, AML, sanctions
Reporting	Audit, accounting, attestation	Transfer agent, audit tools	Reconciliation, attestations

The validator component is often overlooked, yet it touches settlement finality directly. Everstake operates this layer for custodians without taking custody of client assets in any way.

Custody models for institutions

Institutions choose among three custody models, differing in how much control they keep and how much operational load they carry. Crypto custody and digital asset custody decisions set the security posture for every layer above.

The three institutional custody models differ in who holds the keys and who carries operational responsibility:

1. Qualified custodian: a regulated third party (such as Anchorage Digital, BitGo, or Coinbase Custody) holds assets under a trust charter.
2. Self-custody with MPC/HSM: the institution holds keys directly using multi-party computation or hardware security modules.
3. Hybrid co-custody: keys are split between the institution and a partner, with policy controls on both sides.

Cold storage sits inside these models rather than beside them. Institutional cold storage keeps signing keys offline in HSM-backed vaults, with multi-person approval before any transaction is signed.

Qualified custodian rules

A qualified custodian is a regulated entity authorized to hold client assets under fiduciary standards. For institutional crypto custody, the term carries specific legal weight under several frameworks.

Regulators define qualified custodian status through distinct charter and licensing routes:

• SEC framework: registered advisers must hold client assets with a qualified custodian, typically a bank, trust company, or broker-dealer.
• State trust charters: entities chartered as trust companies, historically under South Dakota or New York law.
• National trust banks: the OCC has chartered Anchorage Digital Bank since January 2021, with BitGo, Fidelity Digital Assets, Paxos, Circle, and Ripple conditionally approved on December 12, 2025.
• New York DFS: the BitLicense and limited-purpose trust charter govern custody in New York.
• EU MiCA: Article 75 sets safekeeping and administration duties for crypto-asset service providers holding assets for clients.

These frameworks change frequently, so legal review is required before relying on any classification. Everstake is not a qualified custodian and provides validator infrastructure that qualified custodians integrate with.

MPC and HSM custody

MPC custody splits a private key into shares so no single party ever holds the whole key. Multi-party computation custody reduces the single point of failure that a complete key represents.

Multi-signature combines several distinct on-chain signatures, while MPC produces one signature from distributed key shares through threshold signing.

HSM custody wraps keys inside tamper-resistant hardware. Hardware security modules generate, store, and use keys without exposing them to the host system, and many institutions typically pair HSM key wrapping with MPC for extra control.

Each approach carries trade-offs:

• MPC: flexible signing policies and no on-chain footprint, but reliance on the vendor cryptographic library.
• HSM: strong physical key protection, but slower to reconfigure and tied to specific hardware.
• Multi-signature: transparent and auditable on-chain, but higher transaction cost and network-specific support.

Custody provider landscape

The institutional custody market splits between regulated custodians and the technology platforms that power them. Crypto custody providers fall into qualified custodians, technology vendors, and settlement networks.

The table below presents a factual snapshot as of Q1 2026:

Provider	Primary model	Regulatory status	Notable detail
Anchorage Digital	Qualified custodian	OCC national trust bank (2021)	First federally chartered crypto bank in the US
BitGo	Qualified custodian	OCC charter conditionally approved Dec 12, 2025	Multi-signature architecture, broad asset coverage
Fidelity Digital Assets	Qualified custodian	OCC charter conditionally approved Dec 12, 2025	Backed by a $4T+ parent
Coinbase Custody	Qualified custodian	NYDFS limited-purpose trust	Integrated with Coinbase Prime
Fireblocks	MPC technology platform	Technology vendor, not a custodian	MPC-CMP signing used by custodians and exchanges
Copper	Custody plus settlement	UK-based provider	ClearLoop off-exchange settlement network

Each provider integrates differently with validators and settlement networks. Everstake connects to several of these environments as the validator layer, without competing as a custodian.

On-chain settlement mechanics

On-chain settlement can be completed in a single atomic step, removing the delay built into legacy markets. Crypto settlement and blockchain settlement rely on smart contracts to enforce both sides of a trade at once.

Atomic DvP means delivery and payment settle together or not at all. A smart contract holds both legs of the trade and releases them in one transaction, so neither party carries open exposure to the other.

Settlement timing separates on-chain rails from traditional clearing:

Window	Meaning	Traditional context	On-chain context
T+0	Same-instant settlement	Rare in legacy markets	Standard via atomic DvP
T+1	Next business day	US equities since May 28, 2024	Used where off-chain steps remain
T+2	Two business days	Many global markets	Legacy benchmark being replaced

Smart contracts enforce settlement logic without a central clearing party. DLT settlement and delivery-versus-payment on blockchain let two institutions exchange a tokenized asset and a stablecoin in one confirmed block, across on-chain settlement rails whose finality depends on the validators confirming each block.

Validator infrastructure as a settlement requirement

Validator uptime becomes a settlement requirement once an institution holds tokenized assets on a public PoS chain. When settlement finality depends on block production, validator performance is part of settlement finality itself, not a separate concern.

Institutions evaluating staking as a service should treat validator selection as risk management. Three operational expectations define an enterprise staking provider:

• Uptime SLA: sustained availability so blocks are produced and finality is not delayed.
• Slashing prevention measures: double-sign prevention and key management that avoid penalties to staked assets.
• Independent attestation: third-party audits confirming controls operate over time.

Everstake addresses these expectations with 99.98% uptime and zero material slashing events on major networks since inception in 2018. Its compliant staking infrastructure carries SOC 2 Type II, ISO 27001:2022, and NIST CSF 2.0, the posture institutions require for institutional staking.

Tokenized asset custody specifics

Tokenized asset custody differs from native crypto custody because the token often carries embedded rules. A tokenized fund unit behaves differently from a bearer asset such as BTC, so blockchain custody requirements expand accordingly.

Tokenized funds usually require coordination with a transfer agent. The transfer agent maintains the authoritative record of holders, and on-chain balances must reconcile with that off-chain register.

Permissioned tokens add identity controls at the contract level. The ERC-3643 standard enforces an allowlist, so only verified addresses can hold or receive the token, and custody systems must manage that whitelisting alongside key security.

Travel rule and compliance tooling

The Travel Rule requires originating and receiving institutions to exchange identifying data for transfers above a threshold. Travel Rule crypto compliance applies to VASPs moving value across regulated venues.

Compliance tooling for on-chain transfers covers three functions:

• FATF Travel Rule messaging: counterparty data exchanged through standards such as IVMS101 and protocols including the TRP.
• Sanctions screening: wallet and counterparty checks against OFAC and equivalent lists before settlement.
• AML transaction monitoring: continuous analysis of on-chain activity to flag patterns for review.

This compliance component is mandatory for institutional validator infrastructure. Everstake documents its own controls under SOC 2 Type II and supports custodians who operate the screening and reporting workflows, as covered in enterprise staking as a service.

Prime brokerage and sub-custody

Crypto prime brokers give institutions a single relationship for trading, financing, and settlement across venues. A crypto prime broker such as FalconX or Hidden Road routes activity while custody remains with a separate qualified custodian.

Sub-custody describes a layered relationship between custodians. A primary custodian may appoint a sub-custodian to hold assets in a specific jurisdiction or network, extending coverage without the primary holding every asset directly.

These relationships keep trading and custody separate. Everstake operates beneath both, providing the validator layer that lets assets remain productive while a prime broker or sub-custodian manages settlement and safekeeping.

How Everstake fits: the validator layer for custodians

Everstake is not a custodian and never holds client assets, keys, or funds. Everstake provides validator infrastructure that custodians integrate with, keeping the design non-custodial by default.

Custodians retain key control while delegating to Everstake validators. Co-managed validator setups let an institution stake assets through its existing custody and policy workflow, with private keys remaining inside the custodian environment.

Everstake integrations with custody and operations platforms include:

• Taurus: integration into the FINMA-regulated Taurus-PROTECT platform, announced December 2, 2025, covering SOL, NEAR, ADA, and XTZ.
• Colossus Digital: custody-controlled, policy-gated staking, announced October 2025.
• Utila: staking inside an MPC wallet platform used by 200+ institutions, starting with SOL and extending to ETH.
• Paribu Custody: institutional staking access in Turkey across ETH, SOL, ATOM, ADA, APT, and TIA.

Everstake brings a verifiable security posture to these integrations. The company has run 130+ PoS networks, has supported $7B in total staked assets, and holds SOC 2 Type II, ISO 27001:2022, NIST CSF 2.0, GDPR, and CCPA alignment, detailed in the Taurus and Everstake partnership and Colossus Digital custody-controlled staking announcements.

For custodians building a staking offering

Operational readiness checklist for institutions

Readiness comes down to deciding each layer of the stack and documenting how the layers connect. The checklist below gives an institution a structured path from custody choice to business continuity.

1. Custody choice: select a qualified custodian, MPC/HSM self-custody, or hybrid co-custody, and document segregation.
2. Settlement chain choice: confirm which PoS networks and settlement contracts the institution will use.
3. Validator selection: assess uptime, slashing prevention, and audit posture before delegating.
4. Compliance stack: implement Travel Rule messaging, sanctions screening, and AML monitoring.
5. Audit and reporting: connect transfer-agent records, accounting, and attestation tooling for reconciliation.
6. Business continuity: define failover, incident response, and recovery for every layer.

FAQ

What is a qualified custodian?

A qualified custodian is a regulated entity authorized to hold client assets under fiduciary standards. In the US, this is typically a bank, trust company, or broker-dealer, including OCC national trust banks such as Anchorage Digital since 2021. Everstake is not a qualified custodian and provides only validator infrastructure.

Does Everstake offer custody?

No. Everstake does not offer custody and never holds client assets, keys, or funds. Everstake provides non-custodial validator infrastructure that custodians and MPC platforms integrate with, as shown by its Taurus, Colossus Digital, Utila, and Paribu Custody integrations.

What is MPC custody?

MPC custody splits a private key into shares so no single party holds the complete key. Multi-party computation produces one signature from distributed shares through threshold signing, which differs from multi-signature that combines separate on-chain signatures. Everstake integrates with MPC platforms such as Utila without holding any key share.

How does atomic settlement work?

Atomic settlement completes both legs of a trade in one transaction or not at all. A smart contract holds the asset and the payment, then releases them together, which enables T+0 delivery-versus-payment on-chain. Everstake validators confirm the blocks that finalize these settlements on PoS networks.

What is the Travel Rule?

The Travel Rule requires institutions to exchange identifying data for transfers above a set threshold. Originating and receiving VASPs share counterparty information using standards such as IVMS101 and protocols including the TRP. Everstake supports custodians who run this screening while operating the validator layer.

Do tokenized assets need a special custodian?

Tokenized assets often require custody systems that handle embedded rules and identity controls. A tokenized fund must reconcile on-chain balances with a transfer agent, and permissioned tokens using ERC-3643 require allowlist management. Everstake provides validator infrastructure for the PoS networks these assets settle on, not custody of the assets.

How does validator uptime affect settlement?

Validator uptime affects settlement finality whenever assets sit on a public PoS chain. If validators stop producing blocks, finality is delayed, which is why uptime is part of settlement finality itself. Everstake sustains 99.98% uptime with zero material slashing events since 2018.

What is sub-custody?

Sub-custody is a layered arrangement where a primary custodian appoints another custodian to hold assets in a specific jurisdiction or network. This extends coverage without the primary custodian holding every asset directly. Everstake operates as the validator layer beneath these custody relationships rather than as a custodian.

Disclaimer

This article is for general informational purposes only and does not constitute legal, financial, investment, tax, regulatory, or other professional advice. Seek independent advice from qualified professionals before acting on it.

References to any third-party companies, platforms, or protocols are informational only and are not endorsements or recommendations. Facts such as regulatory status, certifications, and partnerships may change over time. Everstake provides non-custodial validator infrastructure only and does not hold client assets, keys, or funds, or offer investment advice.