Institutional Crypto Custody Platform with On-Prem Control
New custody platform keeps private keys, policy enforcement, and recovery on the client's own infrastructure – with threshold-based key protection, multi-operator approval workflows, and connectivity to 40+ blockchains and 2,000+ digital assets.
Nicosia, Cyprus, 05 May 2026 – FinHarbor has launched its Multi-Custody framework for institutional digital asset management, giving banks, brokers, asset managers, and corporate treasuries an on-premise platform where private keys, policy enforcement, and recovery all sit on the client's own infrastructure.
The framework is built on a self-custody architecture. Keys are generated, stored, and used exclusively on the client's hardware and never leave the client's premises. Policies live on the same hardware and are validated locally, with no external calls. For institutions whose regulation or operational policy requires a third-party custodian – or for hybrid setups – the same framework can run alongside external custody providers, or fully on top of them, with FinHarbor providing the operational and governance layer.
"Who owns the keys, owns the crypto," said Ilya Podoynitsyn, CEO of FinHarbor. "That principle has been understood in the industry for a decade, but in institutional infrastructure it has rarely been delivered without compromise. Our framework keeps key generation, storage, and policy enforcement entirely on the client's side. The institution does not ask a third party for permission to move its own assets, and there is no external dependency that can fail or be compromised. That is the standard institutional treasuries already apply to fiat. Digital assets should not be an exception."
Vault Unit: keys, policies, and signing on client hardware
At the core of the framework is the Vault Unit – on-premise software installed on the client side that runs ACL validation, signature validation, policy validation, and transaction signing in sequence. Private keys are protected by a threshold-based scheme in which the mnemonic is mathematically split into N shares; any M shares can recover it, while (M-1) shares reveal nothing. Compromised shares below the threshold are useless, lost shares can be tolerated up to (N-M), and new shares can be regenerated at any time. Recovery is custody-independent: institutions can self-recover without relying on any custody provider.
The framework is built on technologies already running in production at scale, with a track record of large institutional deployments behind it.
Role-based access control with multi-approval for transactions and policy updates
A built-in Role-Based Access Control layer maps the client's organisational structure onto custody operations. Treasury, compliance, risk, and operations teams are assigned distinct roles with separate transaction limits, signer thresholds, and approval workflows.
Both outbound transactions and policy updates – including changes to roles, signer sets, approval thresholds, and withdrawal address whitelists – are subject to multi-party approval, with cryptographic signing on each. Policy changes and transfer approvals are tracked separately in the audit log. The policy engine enforces withdrawals only to pre-approved whitelisted addresses, configurable transfer limits per period and per project, and fee limits that block high-cost transactions during volatility – removing the single-administrator dependencies that have historically been a vector for both error and fraud.
A typical transaction starts with the operator submitting a request through the application, which routes it to the Vault Unit for policy validation and signing before the signed transaction is passed to the custody service and broadcast to the blockchain, with every step cryptographically verified.
Crypto custody integrated with traditional fiat rails
The framework sits inside FinHarbor's modular infrastructure, where fiat and crypto are segregated at the infrastructure layer and unified at the user-experience layer. Institutions can operate fiat balances across traditional rails – including SEPA, SWIFT, and others – alongside self-custody crypto wallets, with a single reconciliation view across both flows and a unified operational perimeter for treasury, settlement, and compliance teams.
Broad market connectivity
The platform covers an estimated 98% of digital asset market cap, with 40+ blockchains supported – including Bitcoin, Ethereum, Tron, BSC, Polygon, Solana, Avalanche, Arbitrum, Optimism, and Cosmos – 2,000+ assets, multiple token standards (ERC-20, TRC-20, SPL, BEP-20), and pre-integrated connectivity to 15+ exchanges, including Binance, Bybit, OKX, Kraken, and Gate.io. DeFi and staking are built in, with native support for protocols including Compound, AAVE, and Lido.
A proprietary smart contract optimisation layer reduces network fees by up to 30%. Batch transfers consolidate multiple operations into a single on-chain transaction, and staking rewards can fully offset transfer fees. An automation engine handles day-to-day operations through triggers, thresholds, and scheduled actions for auto-collection, balance top-ups, scheduled sweeps, and gas-optimised collection.
Compliance built-in
The system exposes a structured audit trail covering custody movements, signer activity, key rotations, and policy changes, with dedicated read-only auditor roles for transparency without operational risk. Built-in compliance modules include KYT integration for risk-scoring deposits and flagging suspicious on-chain activity, Travel Rule support for transmitting originator and beneficiary information per applicable jurisdiction, and API access for downloading data into BI tools and real-time balance monitoring.
The infrastructure is delivered on a microservice architecture certified to ISO/IEC 27001 and PCI DSS, with hardware security module (HSM) protection layered on top of threshold-based key management.
About FinHarbor
FinHarbor is a technical platform provider for launching compliant, modular financial products – from wallets and neobanks to crypto ramps and OTC desks. Built on years of real-world fintech experience, the platform covers onboarding, compliance, wallets, transactions, cards, and reporting, delivered with a microservice-based architecture (ISO/PCI DSS-certified), a robust API layer, and on-premise or cloud-ready deployment. FinHarbor supports fiat-only, crypto-native, and hybrid business models across markets in Europe, MENA, and beyond.
Learn more: www.finharbor.com
Media Contact
press@finharbor.com