TechFlow News, February 4: According to The Block, the Canadian Investment Regulatory Organization (CIRO) has released a digital asset custody framework designed to prevent losses arising from hacking, fraud, and inadequate governance. The framework classifies crypto custodians into four tiers, determining the proportion of client assets they may hold—top-tier custodians may hold up to 100% of client assets, while the lowest tier is limited to 40%; internal custody by dealer members is capped at 20%.
The framework also mandates robust governance policies covering key management, cybersecurity, incident response, and third-party risk, and requires mandatory insurance, independent audits, and security compliance reporting. CIRO stated that the framework adopts a risk-based and proportionate approach, aiming to balance investor protection with market innovation and competition—a critical step informed by lessons learned from the 2019 QuadrigaCX collapse.
