TLDR:
- BitGo’s Deputy CISO says businesses must prioritize custody decisions before selecting any digital asset tools or wallets.
- Hot and cold wallet choices should align with a company’s liquidity needs and intended digital asset usage profiles.
- Governance frameworks covering people, process, and technology must be in place before any transactions begin.
- Business model alignment, not trend-chasing, should drive every company’s digital asset architecture and strategy decisions.
Digital assets security remains a top priority as businesses accelerate their move into the digital asset economy. BitGo Deputy CISO Manny Khan has outlined a structured approach for companies entering this space.
Writing in Forbes, Khan argues that businesses often get the process backwards. Most organizations start with tools rather than building the right foundation.
His framework centers on custody, governance, and architecture decisions tailored to each business model.
Custody and Wallet Architecture Must Come Before Anything Else
Custody is the first decision any business should make before entering the digital asset space. Khan stresses that organizations must honestly assess whether they are ready to hold digital assets internally.
Handing this responsibility to an IT team without proper preparation can lead to irreversible losses. History has shown that preventable mistakes in this area carry serious consequences.
For businesses handling meaningful value, partnering with a regulated, institutional-grade provider may be more appropriate. This does not mean all companies should follow the same path.
Each organization must weigh its internal maturity against external options realistically. Security and control are not mutually exclusive, but achieving both requires the right fiduciary relationships.
Wallet architecture decisions should also be driven by purpose, not convention. Hot wallets suit speed and operational availability, while cold wallets prioritize long-term asset protection.
Neither option is universally superior to the other. The right choice depends entirely on liquidity needs and intended usage.
Multi-sig and MPC technologies also carry real operational consequences. They affect accountability, transparency, and resilience across the organization.
Companies should categorize digital assets by usage and liquidity profiles. Forcing all use cases into one mold typically increases risk rather than reducing it.
Governance Frameworks and Business Model Alignment Drive Long-Term Success
Governance must be established before a company begins transacting in digital assets. Khan’s framework covers people, process, and technology, with disciplined vigilance at the center.
Teams need a clear understanding of the stakes involved at every level. Processes must define approvals, controls, and accountability from the start.
As Khan noted via BitGo’s official post: “Most businesses are approaching it backwards, starting with tools instead of building the right foundation first.” Digital asset readiness requires compliance, security, finance, and operational controls working together.
Treating it as a simple infrastructure project misses the real challenge entirely. Silos between departments create misalignment and increase exposure.
Business model alignment is equally critical when developing a digital asset strategy. A trading firm has different liquidity needs than a corporate treasury function.
A fintech business requires secure API integration, while a B2B2B provider may need shared-control models. Architecture decisions should always work backward from the customer profile and operating model.
Not every company requires the same level of urgency in adopting digital assets. Businesses operating locally or within narrow geographic footprints may not need immediate action.
However, cross-border activity and settlement friction are pushing global companies in this direction. Leaders must approach this space with clear eyes, sound controls, and architectures that fit their specific business.
